master: subtree updates oct 12 2023

poky: e444d2bed0..8d0ba08aa6:
  Alassane Yattara (1):
        bitbake: toaster: Monitoring - implement Django logging system

  Alexander Kanavin (1):
        nghttp2: update 1.56.0 -> 1.57.0

  Alexis Lothoré (2):
        oeqa/utils/gitarchive: fix tag pattern searching
        oeqa/utils/gitarchive: ensure tag matches regex before getting its fields

  Andreas Cord-Landwehr (1):
        wayland: consider pkgconfig sysroot for pkgdatadir

  André Draszik (1):
        wic: fix a typo in help output

  Archana Polampalli (1):
        gstreamer: upgrade 1.22.5 -> 1.22.6

  Bruce Ashfield (1):
        linux-yocto/6.5: integrate fixes for sanity issues

  Chris Laplante (1):
        recipetool/create_buildsys_python: use importlib instead of imp

  Daniel McGregor (2):
        meson: upgrade 1.2.1 -> 1.2.2
        libtirpc: conditionally enable gssapi

  Daniel Semkowicz (3):
        uboot-extlinux-config.bbclass: Remove repeated space character
        uboot-extlinux-config.bbclass: Uppercase "menu title" entry
        uboot-extlinux-config.bbclass: Add menu title configuration

  Fabio Estevam (1):
        u-boot: Upgrade to 2023.10

  Fahad Arslan (1):
        linux-firmware: create separate package for cirrus and cnm firmwares

  Jermain Horsman (1):
        scripts/oe-setup-layers: Update how to determine if directory is git repo

  Jose Quaresma (4):
        curl: 8.3.0 -> 8.4.0
        go: update 1.20.7 -> 1.20.8
        go: update 1.20.8 -> 1.20.9
        go: update 1.20.9 -> 1.20.10

  Joshua Watt (6):
        bitbake: hashserv: Add remove API
        bitbake: bitbake-hashclient: Add remove subcommand
        bitbake: hashserv: Extend get_outhash API to optionally include unihash
        bitbake: hashserv: Add API to clean unused entries
        bitbake: bitbake-hashclient: Add clean-unused subcommand
        overview: Add note about non-reproducibility side effects

  Julien Stephan (4):
        bitbake.conf: include bblock.conf
        sstatesig: add a new info level for SIGGEN_LOCKEDSIGS_TASKSIG_CHECK
        scripts/bblock: add a script to lock/unlock recipes
        oeqa/selftest/bblock: add self test for bblock tool

  Khem Raj (1):
        python3-docutils: Rename utilities to their canonical names

  Lee Chee Yang (1):
        migration-guides: add release notes for 4.0.13

  Marcus Flyckt (1):
        devtool/upgrade: check all git config locations

  Markus Volk (2):
        mesa: Upgrade 23.1.8 -> 23.2.1
        gtk: Upgrade 4.12.1 -> 4.12.3

  Marlon Rodriguez Garcia (1):
        bitbake: toaster: update selenium version and code syntax

  Martijn de Gouw (1):
        busybox: Set PATH in syslog initscript

  Michael Opdenacker (1):
        ref-manual: releases.svg: Scarthgap is now version 5.0

  Mikko Rapeli (2):
        qemurunner.py: detect login prompt without without utf-8 conversion
        openssh: drop sudo from ptest dependencies

  Peter Kjellerstedt (4):
        externalsrc.bbclass: Support specifying patterns in CONFIGURE_FILES
        autotools.bbclass: Add *.m4 to CONFIGURE_FILES
        packages.bbclass: Correct the check for conflicts with renamed packages
        cmake.bbclass: Add *.cmake to CONFIGURE_FILES

  Quentin Schulz (1):
        uboot-extlinux-config.bbclass: fix missed override syntax migration

  Randy MacLeod (1):
        strace: skip so_peerpidfd test

  Rasmus Villemoes (1):
        openssh: update sshd_check_keys script to make use of 'sshd -G'

  Richard Purdie (14):
        wic: Add console parameters to qemux86 canned-wks
        qemurunner: Skip conversion from/to binary data for logfile
        qemurunner: Use backslashreplace with utf8 to make invalid characters clear
        qemurunner: Log the second serial console as well as the first
        qemurunner: Show both the login console log and all logging upon failure
        oeqa/concurrencytest: Remove invalid buffering option
        bitbake: selftest/fetch: Ensure top level directory timestamp doesn't break test
        cryptodev: Update to latest git for 6.5 kernel fixes
        qemux86/qemuarm: Drop kernel version overrides
        oeqa/qemurunner: Add newlines serial workaround
        runqemu/qemurunner: Use nodelay with tcp serial connections
        oeqa/qemurunner: Add extra logging when console doesn't appear
        poky/poky-tiny: Switch to the 6.5 kernel
        oeqa/qemurunner: Ensure we retry after BrokenPipeError

  Ross Burton (12):
        python3-numpy: remove obsolete reproducible workaround
        libx11: upgrade to 1.8.7
        libxpm: upgrade to 3.5.17
        qemuboot: reduce default size of software I/O translation buffer
        sysvinit-initab: rewrite loop to generate inittab
        ttyrun: add new recipe
        sysvinit-inittab: use ttyrun to run getty only if the terminal exists
        busybox: use ttyrun to run getty only if the terminal exists
        oeqa/selftest: don't skip test_read_only_image on qemuarm64
        meta/conf/machine: remove SERIAL_CONSOLES_CHECK
        busybox-inittab: fix console handling
        oeqa/runtime/_qemutiny: rewrite test to be functional

  Sundeep KOKKONDA (1):
        rust: reproducibility issue fix

  Trevor Gamblin (1):
        dev-manual: fix testimage usage instructions

  Yogita Urade (1):
        qemu: fix CVE-2023-42467

meta-openembedded: ea42cec2ec..62039a2c33:
  Ahmad Fatoum (1):
        signing.bbclass: don't export OPENSSL environment variables globally

  Beniamin Sandu (1):
        libnet: upgrade version v1.2 -> v1.3

  Benjamin Bara (1):
        libvpx: upgrade 1.13.0 -> 1.13.1

  Chen Qi (1):
        libblockdev: fix QA error in case of multilib

  Christophe Vu-Brugier (3):
        libnvme: upgrade 1.5 -> 1.6
        nvme-cli: upgrade 2.5 -> 2.6
        libnvme: apply patch already upstream to fix build with musl

  Clément Péron (1):
        Revert "protobuf: stage protoc binary to sysroot"

  Daniel Klauer (1):
        graphviz: Fix build to not use $prefix as search dir

  Denys Zagorui (1):
        libbpf: add arm, powerpc and mips64 to COMPATIBLE_HOST

  Fabien Thomas (8):
        meta-filesystems/layer.conf : Add meta-networking dependency
        Add static-passwd and static-group files
        Add static-passwd and static-group files
        Add static-passwd and static-group files
        Add static-passwd and static-group files
        Add static-passwd and static-group files
        Add static-passwd and static-group files
        Add static-passwd and static-group files

  Gianfranco Costamagna (6):
        dlt-daemon: Make it work without systemd
        dlt-daemon: Enable experimental coredumphandler feature
        dlt-daemon: update patch 544.patch
        dlt-daemon: do not disable dlt-system build when systemd is set to off
        dlt-daemon: Add an additional fix for non-systemd builds
        cpprestsdk: fix typo in comment, tag is actually 2.0.18

  Jeffrey Pautler (1):
        bolt: change product name used for CVE checking

  Joe Slater (1):
        nginx: add configure option

  Johannes Kauffmann (1):
        open62541: add Backport status and link to patch

  Jörg Sommer (1):
        collectd: Use https in SRC_URI, add HOMEPAGE

  Khem Raj (16):
        python3-pyroute2: Add missing dependency on sqlite3 for ptests
        python3-pylint: Upgrade to 3.0.0
        python3-lz4: use python3-unittest-automake-output
        minicoredumber: Fix ptest reporting
        images: Inherit from core-image-base
        images: Delete layer specific base images
        images: Rename <layer>-image to <layer>-image-all
        images: Rename ptest images to rhyme with oe-core ptest images
        ptest-image: Switch to using core-image-minimal
        stressapptest: Upgrade to 1.0.11 release
        klibc: Upgrade to 2.0.13 release
        libnvme: Fix test builds on musl
        kernel-selftest: Build bpf tests again
        ptest-packagelists-meta-oe: Add kernel-selftest to x86/x86-64 images
        kernel-selftest: Copy the .config from kernel build
        kernel-selftest: Use clang options when clang is available

  Markus Volk (3):
        pugixml: Update 1.13 -> 1.14
        pipewire: Upgrade 0.3.80 -> 0.3.81
        gnome-control-center: Fix polkit gettext issue

  Martin Jansa (1):
        opencv: Fix build with protobuf v22 and dnn enabled

  Mickael RAMILISON (1):
        python3-rapidjson: add ptest

  Pawel Langowski (1):
        recipes-connectivity: Add tayga recipe

  Philip-Dylan Gleonec (1):
        cukinia: Fix license field

  Thomas Roos (1):
        python3-boto3, python3-botocore: remove recipes

  Tom Hochstein (1):
        libcamera: Avoid build break in signature recalculation

meta-arm: 95789365f7..e914891eee:
  Jon Mason (1):
        arm-bsp/u-boot: add recipe for 2023.07.02

meta-security: aca6d4a9e7..3f7d40b0fc:
  Rasmus Villemoes (3):
        fail2ban: add systemd support
        fail2ban: change sqlite3 dependency to python3-sqlite3
        fail2ban: add useful recommendations
Change-Id: I93672642f4e0392adc6223fdc4e073910b817bc9
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/poky/bitbake/bin/bitbake-hashclient b/poky/bitbake/bin/bitbake-hashclient
index 494f175..3f265e8 100755
--- a/poky/bitbake/bin/bitbake-hashclient
+++ b/poky/bitbake/bin/bitbake-hashclient
@@ -113,6 +113,19 @@
                     with lock:
                         pbar.update()
 
+    def handle_remove(args, client):
+        where = {k: v for k, v in args.where}
+        if where:
+            result = client.remove(where)
+            print("Removed %d row(s)" % (result["count"]))
+        else:
+            print("No query specified")
+
+    def handle_clean_unused(args, client):
+        result = client.clean_unused(args.max_age)
+        print("Removed %d rows" % (result["count"]))
+        return 0
+
     parser = argparse.ArgumentParser(description='Hash Equivalence Client')
     parser.add_argument('--address', default=DEFAULT_ADDRESS, help='Server address (default "%(default)s")')
     parser.add_argument('--log', default='WARNING', help='Set logging level')
@@ -137,6 +150,15 @@
                                help='Include string in outhash')
     stress_parser.set_defaults(func=handle_stress)
 
+    remove_parser = subparsers.add_parser('remove', help="Remove hash entries")
+    remove_parser.add_argument("--where", "-w", metavar="KEY VALUE", nargs=2, action="append", default=[],
+                               help="Remove entries from table where KEY == VALUE")
+    remove_parser.set_defaults(func=handle_remove)
+
+    clean_unused_parser = subparsers.add_parser('clean-unused', help="Remove unused database entries")
+    clean_unused_parser.add_argument("max_age", metavar="SECONDS", type=int, help="Remove unused entries older than SECONDS old")
+    clean_unused_parser.set_defaults(func=handle_clean_unused)
+
     args = parser.parse_args()
 
     logger = logging.getLogger('hashserv')
diff --git a/poky/bitbake/lib/bb/tests/fetch.py b/poky/bitbake/lib/bb/tests/fetch.py
index c5d15e9..eeb7a31 100644
--- a/poky/bitbake/lib/bb/tests/fetch.py
+++ b/poky/bitbake/lib/bb/tests/fetch.py
@@ -684,11 +684,13 @@
         archive = tarfile.open(os.path.join(self.dldir, self.recipe_tarball))
         self.assertNotEqual(len(archive.members), 0)
         for member in archive.members:
-            self.assertEqual(member.uname, 'oe')
-            self.assertEqual(member.uid, 0)
-            self.assertEqual(member.gname, 'oe')
-            self.assertEqual(member.gid, 0)
-            self.assertEqual(member.mtime, mtime)
+            if member.name == ".":
+                continue
+            self.assertEqual(member.uname, 'oe', "user name for %s differs" % member.name)
+            self.assertEqual(member.uid, 0, "uid for %s differs" % member.name)
+            self.assertEqual(member.gname, 'oe', "group name for %s differs" % member.name)
+            self.assertEqual(member.gid, 0, "gid for %s differs" % member.name)
+            self.assertEqual(member.mtime, mtime, "mtime for %s differs" % member.name)
 
 
 class FetcherLocalTest(FetcherTest):
diff --git a/poky/bitbake/lib/hashserv/client.py b/poky/bitbake/lib/hashserv/client.py
index b2aa102..f676d26 100644
--- a/poky/bitbake/lib/hashserv/client.py
+++ b/poky/bitbake/lib/hashserv/client.py
@@ -83,10 +83,10 @@
             {"get": {"taskhash": taskhash, "method": method, "all": all_properties}}
         )
 
-    async def get_outhash(self, method, outhash, taskhash):
+    async def get_outhash(self, method, outhash, taskhash, with_unihash=True):
         await self._set_mode(self.MODE_NORMAL)
         return await self.send_message(
-            {"get-outhash": {"outhash": outhash, "taskhash": taskhash, "method": method}}
+            {"get-outhash": {"outhash": outhash, "taskhash": taskhash, "method": method, "with_unihash": with_unihash}}
         )
 
     async def get_stats(self):
@@ -101,6 +101,14 @@
         await self._set_mode(self.MODE_NORMAL)
         return (await self.send_message({"backfill-wait": None}))["tasks"]
 
+    async def remove(self, where):
+        await self._set_mode(self.MODE_NORMAL)
+        return await self.send_message({"remove": {"where": where}})
+
+    async def clean_unused(self, max_age):
+        await self._set_mode(self.MODE_NORMAL)
+        return await self.send_message({"clean-unused": {"max_age_seconds": max_age}})
+
 
 class Client(bb.asyncrpc.Client):
     def __init__(self):
@@ -115,6 +123,8 @@
             "get_stats",
             "reset_stats",
             "backfill_wait",
+            "remove",
+            "clean_unused",
         )
 
     def _get_async_client(self):
diff --git a/poky/bitbake/lib/hashserv/server.py b/poky/bitbake/lib/hashserv/server.py
index d40a2ab..45bf476 100644
--- a/poky/bitbake/lib/hashserv/server.py
+++ b/poky/bitbake/lib/hashserv/server.py
@@ -4,7 +4,7 @@
 #
 
 from contextlib import closing, contextmanager
-from datetime import datetime
+from datetime import datetime, timedelta
 import enum
 import asyncio
 import logging
@@ -186,6 +186,8 @@
                 'report-equiv': self.handle_equivreport,
                 'reset-stats': self.handle_reset_stats,
                 'backfill-wait': self.handle_backfill_wait,
+                'remove': self.handle_remove,
+                'clean-unused': self.handle_clean_unused,
             })
 
     def validate_proto_version(self):
@@ -269,27 +271,42 @@
         method = request['method']
         outhash = request['outhash']
         taskhash = request['taskhash']
+        with_unihash = request.get("with_unihash", True)
 
         with closing(self.db.cursor()) as cursor:
-            d = await self.get_outhash(cursor, method, outhash, taskhash)
+            d = await self.get_outhash(cursor, method, outhash, taskhash, with_unihash)
 
         self.write_message(d)
 
-    async def get_outhash(self, cursor, method, outhash, taskhash):
+    async def get_outhash(self, cursor, method, outhash, taskhash, with_unihash=True):
         d = None
-        cursor.execute(
-            '''
-            SELECT *, unihashes_v2.unihash AS unihash FROM outhashes_v2
-            INNER JOIN unihashes_v2 ON unihashes_v2.method=outhashes_v2.method AND unihashes_v2.taskhash=outhashes_v2.taskhash
-            WHERE outhashes_v2.method=:method AND outhashes_v2.outhash=:outhash
-            ORDER BY outhashes_v2.created ASC
-            LIMIT 1
-            ''',
-            {
-                'method': method,
-                'outhash': outhash,
-            }
-        )
+        if with_unihash:
+            cursor.execute(
+                '''
+                SELECT *, unihashes_v2.unihash AS unihash FROM outhashes_v2
+                INNER JOIN unihashes_v2 ON unihashes_v2.method=outhashes_v2.method AND unihashes_v2.taskhash=outhashes_v2.taskhash
+                WHERE outhashes_v2.method=:method AND outhashes_v2.outhash=:outhash
+                ORDER BY outhashes_v2.created ASC
+                LIMIT 1
+                ''',
+                {
+                    'method': method,
+                    'outhash': outhash,
+                }
+            )
+        else:
+            cursor.execute(
+                """
+                SELECT * FROM outhashes_v2
+                WHERE outhashes_v2.method=:method AND outhashes_v2.outhash=:outhash
+                ORDER BY outhashes_v2.created ASC
+                LIMIT 1
+                """,
+                {
+                    'method': method,
+                    'outhash': outhash,
+                }
+            )
         row = cursor.fetchone()
 
         if row is not None:
@@ -499,6 +516,50 @@
         await self.backfill_queue.join()
         self.write_message(d)
 
+    async def handle_remove(self, request):
+        condition = request["where"]
+        if not isinstance(condition, dict):
+            raise TypeError("Bad condition type %s" % type(condition))
+
+        def do_remove(columns, table_name, cursor):
+            nonlocal condition
+            where = {}
+            for c in columns:
+                if c in condition and condition[c] is not None:
+                    where[c] = condition[c]
+
+            if where:
+                query = ('DELETE FROM %s WHERE ' % table_name) + ' AND '.join("%s=:%s" % (k, k) for k in where.keys())
+                cursor.execute(query, where)
+                return cursor.rowcount
+
+            return 0
+
+        count = 0
+        with closing(self.db.cursor()) as cursor:
+            count += do_remove(OUTHASH_TABLE_COLUMNS, "outhashes_v2", cursor)
+            count += do_remove(UNIHASH_TABLE_COLUMNS, "unihashes_v2", cursor)
+            self.db.commit()
+
+        self.write_message({"count": count})
+
+    async def handle_clean_unused(self, request):
+        max_age = request["max_age_seconds"]
+        with closing(self.db.cursor()) as cursor:
+            cursor.execute(
+                """
+                DELETE FROM outhashes_v2 WHERE created<:oldest AND NOT EXISTS (
+                    SELECT unihashes_v2.id FROM unihashes_v2 WHERE unihashes_v2.method=outhashes_v2.method AND unihashes_v2.taskhash=outhashes_v2.taskhash LIMIT 1
+                )
+                """,
+                {
+                    "oldest": datetime.now() - timedelta(seconds=-max_age)
+                }
+            )
+            count = cursor.rowcount
+
+        self.write_message({"count": count})
+
     def query_equivalent(self, cursor, method, taskhash):
         # This is part of the inner loop and must be as fast as possible
         cursor.execute(
diff --git a/poky/bitbake/lib/hashserv/tests.py b/poky/bitbake/lib/hashserv/tests.py
index f6b85ae..f343c58 100644
--- a/poky/bitbake/lib/hashserv/tests.py
+++ b/poky/bitbake/lib/hashserv/tests.py
@@ -84,6 +84,7 @@
 
         result = self.client.report_unihash(taskhash, self.METHOD, outhash, unihash)
         self.assertEqual(result['unihash'], unihash, 'Server returned bad unihash')
+        return taskhash, outhash, unihash
 
     def test_create_equivalent(self):
         # Tests that a second reported task with the same outhash will be
@@ -125,6 +126,57 @@
 
         self.assertClientGetHash(self.client, taskhash, unihash)
 
+    def test_remove_taskhash(self):
+        taskhash, outhash, unihash = self.test_create_hash()
+        result = self.client.remove({"taskhash": taskhash})
+        self.assertGreater(result["count"], 0)
+        self.assertClientGetHash(self.client, taskhash, None)
+
+        result_outhash = self.client.get_outhash(self.METHOD, outhash, taskhash)
+        self.assertIsNone(result_outhash)
+
+    def test_remove_unihash(self):
+        taskhash, outhash, unihash = self.test_create_hash()
+        result = self.client.remove({"unihash": unihash})
+        self.assertGreater(result["count"], 0)
+        self.assertClientGetHash(self.client, taskhash, None)
+
+    def test_remove_outhash(self):
+        taskhash, outhash, unihash = self.test_create_hash()
+        result = self.client.remove({"outhash": outhash})
+        self.assertGreater(result["count"], 0)
+
+        result_outhash = self.client.get_outhash(self.METHOD, outhash, taskhash)
+        self.assertIsNone(result_outhash)
+
+    def test_remove_method(self):
+        taskhash, outhash, unihash = self.test_create_hash()
+        result = self.client.remove({"method": self.METHOD})
+        self.assertGreater(result["count"], 0)
+        self.assertClientGetHash(self.client, taskhash, None)
+
+        result_outhash = self.client.get_outhash(self.METHOD, outhash, taskhash)
+        self.assertIsNone(result_outhash)
+
+    def test_clean_unused(self):
+        taskhash, outhash, unihash = self.test_create_hash()
+
+        # Clean the database, which should not remove anything because all hashes an in-use
+        result = self.client.clean_unused(0)
+        self.assertEqual(result["count"], 0)
+        self.assertClientGetHash(self.client, taskhash, unihash)
+
+        # Remove the unihash. The row in the outhash table should still be present
+        self.client.remove({"unihash": unihash})
+        result_outhash = self.client.get_outhash(self.METHOD, outhash, taskhash, False)
+        self.assertIsNotNone(result_outhash)
+
+        # Now clean with no minimum age which will remove the outhash
+        result = self.client.clean_unused(0)
+        self.assertEqual(result["count"], 1)
+        result_outhash = self.client.get_outhash(self.METHOD, outhash, taskhash, False)
+        self.assertIsNone(result_outhash)
+
     def test_huge_message(self):
         # Simple test that hashes can be created
         taskhash = 'c665584ee6817aa99edfc77a44dd853828279370'
diff --git a/poky/bitbake/lib/toaster/bldcollector/views.py b/poky/bitbake/lib/toaster/bldcollector/views.py
index 04cd8b3..bdf38ae 100644
--- a/poky/bitbake/lib/toaster/bldcollector/views.py
+++ b/poky/bitbake/lib/toaster/bldcollector/views.py
@@ -14,8 +14,11 @@
 import toastermain
 from django.views.decorators.csrf import csrf_exempt
 
+from toastermain.logs import log_view_mixin
+
 
 @csrf_exempt
+@log_view_mixin
 def eventfile(request):
     """ Receives a file by POST, and runs toaster-eventreply on this file """
     if request.method != "POST":
diff --git a/poky/bitbake/lib/toaster/logs/.gitignore b/poky/bitbake/lib/toaster/logs/.gitignore
new file mode 100644
index 0000000..e5ebf25
--- /dev/null
+++ b/poky/bitbake/lib/toaster/logs/.gitignore
@@ -0,0 +1 @@
+*.log*
diff --git a/poky/bitbake/lib/toaster/orm/models.py b/poky/bitbake/lib/toaster/orm/models.py
index f9fcf9e..0d503a5 100644
--- a/poky/bitbake/lib/toaster/orm/models.py
+++ b/poky/bitbake/lib/toaster/orm/models.py
@@ -1733,7 +1733,7 @@
         packages_conf += "\""
 
         base_recipe_path = self.get_base_recipe_file()
-        if base_recipe_path:
+        if base_recipe_path and os.path.isfile(base_recipe_path):
             base_recipe = open(base_recipe_path, 'r').read()
         else:
             # Pass back None to trigger error message to user
diff --git a/poky/bitbake/lib/toaster/tests/browser/selenium_helpers_base.py b/poky/bitbake/lib/toaster/tests/browser/selenium_helpers_base.py
index 644d45f..9a4e27a 100644
--- a/poky/bitbake/lib/toaster/tests/browser/selenium_helpers_base.py
+++ b/poky/bitbake/lib/toaster/tests/browser/selenium_helpers_base.py
@@ -21,6 +21,7 @@
 
 from selenium import webdriver
 from selenium.webdriver.support.ui import WebDriverWait
+from selenium.webdriver.common.by import By
 from selenium.webdriver.common.desired_capabilities import DesiredCapabilities
 from selenium.common.exceptions import NoSuchElementException, \
         StaleElementReferenceException, TimeoutException
@@ -32,9 +33,7 @@
         browser = env_browser
 
     if browser == 'chrome':
-        return webdriver.Chrome(
-            service_args=["--verbose", "--log-path=selenium.log"]
-        )
+        return webdriver.Chrome()
     elif browser == 'firefox':
         return webdriver.Firefox()
     elif browser == 'marionette':
@@ -153,11 +152,11 @@
 
     def find(self, selector):
         """ Find single element by CSS selector """
-        return self.driver.find_element_by_css_selector(selector)
+        return self.driver.find_element(By.CSS_SELECTOR, selector)
 
     def find_all(self, selector):
         """ Find all elements matching CSS selector """
-        return self.driver.find_elements_by_css_selector(selector)
+        return self.driver.find_elements(By.CSS_SELECTOR, selector)
 
     def element_exists(self, selector):
         """
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_all_builds_page.py b/poky/bitbake/lib/toaster/tests/browser/test_all_builds_page.py
index 8423d3d..d4312bb 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_all_builds_page.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_all_builds_page.py
@@ -7,7 +7,7 @@
 # SPDX-License-Identifier: GPL-2.0-only
 #
 
-import re
+import re, time
 
 from django.urls import reverse
 from django.utils import timezone
@@ -15,6 +15,8 @@
 
 from orm.models import BitbakeVersion, Release, Project, Build, Target
 
+from selenium.webdriver.common.by import By
+
 
 class TestAllBuildsPage(SeleniumTestCase):
     """ Tests for all builds page /builds/ """
@@ -91,7 +93,7 @@
         found_row = None
         for row in rows:
 
-            outcome_links = row.find_elements_by_css_selector(selector)
+            outcome_links = row.find_elements(By.CSS_SELECTOR, selector)
             if len(outcome_links) == 1:
                 found_row = row
                 break
@@ -131,17 +133,19 @@
         url = reverse('all-builds')
         self.get(url)
 
+        # should see a rebuild button for non-command-line builds
+        selector = 'div[data-latest-build-result="%s"] .rebuild-btn' % build1.id
+        time.sleep(2)
+        run_again_button = self.find_all(selector)
+        self.assertEqual(len(run_again_button), 1,
+                         'should see a rebuild button for non-cli builds')
+
         # shouldn't see a rebuild button for command-line builds
         selector = 'div[data-latest-build-result="%s"] .rebuild-btn' % default_build.id
         run_again_button = self.find_all(selector)
         self.assertEqual(len(run_again_button), 0,
                          'should not see a rebuild button for cli builds')
 
-        # should see a rebuild button for non-command-line builds
-        selector = 'div[data-latest-build-result="%s"] .rebuild-btn' % build1.id
-        run_again_button = self.find_all(selector)
-        self.assertEqual(len(run_again_button), 1,
-                         'should see a rebuild button for non-cli builds')
 
     def test_tooltips_on_project_name(self):
         """
@@ -198,24 +202,24 @@
 
         # test recent builds area for successful build
         element = self._get_build_time_element(build1)
-        links = element.find_elements_by_css_selector('a')
+        links = element.find_elements(By.CSS_SELECTOR, 'a')
         msg = 'should be a link on the build time for a successful recent build'
         self.assertEquals(len(links), 1, msg)
 
         # test recent builds area for failed build
         element = self._get_build_time_element(build2)
-        links = element.find_elements_by_css_selector('a')
+        links = element.find_elements(By.CSS_SELECTOR, 'a')
         msg = 'should not be a link on the build time for a failed recent build'
         self.assertEquals(len(links), 0, msg)
 
         # test the time column for successful build
         build1_row = self._get_row_for_build(build1)
-        links = build1_row.find_elements_by_css_selector('td.time a')
+        links = build1_row.find_elements(By.CSS_SELECTOR, 'td.time a')
         msg = 'should be a link on the build time for a successful build'
         self.assertEquals(len(links), 1, msg)
 
         # test the time column for failed build
         build2_row = self._get_row_for_build(build2)
-        links = build2_row.find_elements_by_css_selector('td.time a')
+        links = build2_row.find_elements(By.CSS_SELECTOR, 'td.time a')
         msg = 'should not be a link on the build time for a failed build'
         self.assertEquals(len(links), 0, msg)
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_all_projects_page.py b/poky/bitbake/lib/toaster/tests/browser/test_all_projects_page.py
index 15b0340..3389d32 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_all_projects_page.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_all_projects_page.py
@@ -16,6 +16,8 @@
 from orm.models import BitbakeVersion, Release, Project, Build
 from orm.models import ProjectVariable
 
+from selenium.webdriver.common.by import By
+
 class TestAllProjectsPage(SeleniumTestCase):
     """ Browser tests for projects page /projects/ """
 
@@ -117,7 +119,7 @@
 
         # check the release text for the default project
         selector = 'span[data-project-field="release"] span.text-muted'
-        element = default_project_row.find_element_by_css_selector(selector)
+        element = default_project_row.find_element(By.CSS_SELECTOR, selector)
         text = element.text.strip()
         self.assertEqual(text, 'Not applicable',
                          'release should be "not applicable" for default project')
@@ -127,7 +129,7 @@
 
         # check the link in the release cell for the other project
         selector = 'span[data-project-field="release"]'
-        element = other_project_row.find_element_by_css_selector(selector)
+        element = other_project_row.find_element(By.CSS_SELECTOR, selector)
         text = element.text.strip()
         self.assertEqual(text, self.release.name,
                          'release name should be shown for non-default project')
@@ -152,7 +154,7 @@
 
         # check the machine cell for the default project
         selector = 'span[data-project-field="machine"] span.text-muted'
-        element = default_project_row.find_element_by_css_selector(selector)
+        element = default_project_row.find_element(By.CSS_SELECTOR, selector)
         text = element.text.strip()
         self.assertEqual(text, 'Not applicable',
                          'machine should be not applicable for default project')
@@ -162,7 +164,7 @@
 
         # check the link in the machine cell for the other project
         selector = 'span[data-project-field="machine"]'
-        element = other_project_row.find_element_by_css_selector(selector)
+        element = other_project_row.find_element(By.CSS_SELECTOR, selector)
         text = element.text.strip()
         self.assertEqual(text, self.MACHINE_NAME,
                          'machine name should be shown for non-default project')
@@ -187,7 +189,7 @@
 
         # check the link on the name field
         selector = 'span[data-project-field="name"] a'
-        element = default_project_row.find_element_by_css_selector(selector)
+        element = default_project_row.find_element(By.CSS_SELECTOR, selector)
         link_url = element.get_attribute('href').strip()
         expected_url = reverse('projectbuilds', args=(self.default_project.id,))
         msg = 'link on default project name should point to builds but was %s' % link_url
@@ -198,7 +200,7 @@
 
         # check the link for the other project
         selector = 'span[data-project-field="name"] a'
-        element = other_project_row.find_element_by_css_selector(selector)
+        element = other_project_row.find_element(By.CSS_SELECTOR, selector)
         link_url = element.get_attribute('href').strip()
         expected_url = reverse('project', args=(self.project.id,))
         msg = 'link on project name should point to configuration but was %s' % link_url
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_builddashboard_page.py b/poky/bitbake/lib/toaster/tests/browser/test_builddashboard_page.py
index efcd89b..1afa4a4 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_builddashboard_page.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_builddashboard_page.py
@@ -15,6 +15,8 @@
 from orm.models import Project, Release, BitbakeVersion, Build, LogMessage
 from orm.models import Layer, Layer_Version, Recipe, CustomImageRecipe, Variable
 
+from selenium.webdriver.common.by import By
+
 class TestBuildDashboardPage(SeleniumTestCase):
     """ Tests for the build dashboard /build/X """
 
@@ -183,7 +185,7 @@
 
         found = False
         for element in message_elements:
-            log_message_text = element.find_element_by_tag_name('pre').text.strip()
+            log_message_text = element.find_element(By.TAG_NAME, 'pre').text.strip()
             text_matches = (log_message_text == expected_text)
 
             log_message_pk = element.get_attribute('data-log-message-id')
@@ -213,7 +215,7 @@
         the WebElement modal match the list of text values in expected
         """
         # labels containing the radio buttons we're testing for
-        labels = modal.find_elements_by_css_selector(".radio")
+        labels = modal.find_elements(By.CSS_SELECTOR,".radio")
 
         labels_text = [lab.text for lab in labels]
         self.assertEqual(len(labels_text), len(expected))
@@ -248,7 +250,7 @@
         selector = '[data-role="edit-custom-image-trigger"]'
         self.click(selector)
 
-        modal = self.driver.find_element_by_id('edit-custom-image-modal')
+        modal = self.driver.find_element(By.ID, 'edit-custom-image-modal')
         self.wait_until_visible("#edit-custom-image-modal")
 
         # recipes we expect to see in the edit custom image modal
@@ -270,7 +272,7 @@
         selector = '[data-role="new-custom-image-trigger"]'
         self.click(selector)
 
-        modal = self.driver.find_element_by_id('new-custom-image-modal')
+        modal = self.driver.find_element(By.ID,'new-custom-image-modal')
         self.wait_until_visible("#new-custom-image-modal")
 
         # recipes we expect to see in the new custom image modal
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_most_recent_builds_states.py b/poky/bitbake/lib/toaster/tests/browser/test_most_recent_builds_states.py
index 7844aaa..a34a092 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_most_recent_builds_states.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_most_recent_builds_states.py
@@ -6,7 +6,7 @@
 #
 # Copyright (C) 2013-2016 Intel Corporation
 #
-
+import time
 from django.urls import reverse
 from django.utils import timezone
 from tests.browser.selenium_helpers import SeleniumTestCase
@@ -14,6 +14,8 @@
 from orm.models import Project, Build, Task, Recipe, Layer, Layer_Version
 from bldcontrol.models import BuildRequest
 
+from selenium.webdriver.common.by import By
+
 class TestMostRecentBuildsStates(SeleniumTestCase):
     """ Test states update correctly in most recent builds area """
 
@@ -62,7 +64,7 @@
         element = self.wait_until_visible(selector)
 
         bar_selector = '#recipes-parsed-percentage-bar-%s' % build.id
-        bar_element = element.find_element_by_css_selector(bar_selector)
+        bar_element = element.find_element(By.CSS_SELECTOR, bar_selector)
         self.assertEqual(bar_element.value_of_css_property('width'), '0px',
             'recipe parse progress should be at 0')
 
@@ -73,7 +75,7 @@
         self.get(url)
 
         element = self.wait_until_visible(selector)
-        bar_element = element.find_element_by_css_selector(bar_selector)
+        bar_element = element.find_element(By.CSS_SELECTOR, bar_selector)
         recipe_bar_updated = lambda driver: \
             bar_element.get_attribute('style') == 'width: 50%;'
         msg = 'recipe parse progress bar should update to 50%'
@@ -107,7 +109,7 @@
         element = self.wait_until_visible(selector)
 
         bar_selector = '#build-pc-done-bar-%s' % build.id
-        bar_element = element.find_element_by_css_selector(bar_selector)
+        bar_element = element.find_element(By.CSS_SELECTOR, bar_selector)
 
         task_bar_updated = lambda driver: \
             bar_element.get_attribute('style') == 'width: 50%;'
@@ -121,7 +123,7 @@
         self.get(url)
 
         element = self.wait_until_visible(selector)
-        bar_element = element.find_element_by_css_selector(bar_selector)
+        bar_element = element.find_element(By.CSS_SELECTOR, bar_selector)
         task_bar_updated = lambda driver: \
             bar_element.get_attribute('style') == 'width: 100%;'
         msg = 'tasks progress bar should update to 100%'
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_new_custom_image_page.py b/poky/bitbake/lib/toaster/tests/browser/test_new_custom_image_page.py
index 9906ae4..6361f40 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_new_custom_image_page.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_new_custom_image_page.py
@@ -6,6 +6,7 @@
 #
 # SPDX-License-Identifier: GPL-2.0-only
 #
+from bldcontrol.models import BuildEnvironment
 
 from django.urls import reverse
 from tests.browser.selenium_helpers import SeleniumTestCase
@@ -18,6 +19,9 @@
     CUSTOM_IMAGE_NAME = 'roopa-doopa'
 
     def setUp(self):
+        BuildEnvironment.objects.get_or_create(
+            betype=BuildEnvironment.TYPE_LOCAL,
+        )
         release = Release.objects.create(
             name='baz',
             bitbake_version=BitbakeVersion.objects.create(name='v1')
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_new_project_page.py b/poky/bitbake/lib/toaster/tests/browser/test_new_project_page.py
index e20a1f6..f4b2708 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_new_project_page.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_new_project_page.py
@@ -6,11 +6,13 @@
 #
 # SPDX-License-Identifier: GPL-2.0-only
 #
+import time
 
 from django.urls import reverse
 from tests.browser.selenium_helpers import SeleniumTestCase
 from selenium.webdriver.support.ui import Select
 from selenium.common.exceptions import InvalidElementStateException
+from selenium.webdriver.common.by import By
 
 from orm.models import Project, Release, BitbakeVersion
 
@@ -47,13 +49,14 @@
 
         url = reverse('newproject')
         self.get(url)
-
         self.enter_text('#new-project-name', project_name)
 
         select = Select(self.find('#projectversion'))
         select.select_by_value(str(self.release.pk))
 
+        time.sleep(1)
         self.click("#create-project-button")
+        time.sleep(2)
 
         # We should get redirected to the new project's page with the
         # notification at the top
@@ -84,6 +87,12 @@
         select = Select(self.find('#projectversion'))
         select.select_by_value(str(self.release.pk))
 
+        radio = self.driver.find_element(By.ID, 'type-new')
+        radio.click()
+
+        self.click("#create-project-button")
+        time.sleep(2)
+
         element = self.wait_until_visible('#hint-error-project-name')
 
         self.assertTrue(("Project names must be unique" in element.text),
@@ -96,6 +105,7 @@
         except InvalidElementStateException:
             pass
 
+        time.sleep(2)
         self.assertTrue(
             (Project.objects.filter(name=project_name).count() == 1),
             "New project not found in database")
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_project_config_page.py b/poky/bitbake/lib/toaster/tests/browser/test_project_config_page.py
index 944bcb2..7b21460 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_project_config_page.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_project_config_page.py
@@ -11,6 +11,7 @@
 from tests.browser.selenium_helpers import SeleniumTestCase
 
 from orm.models import BitbakeVersion, Release, Project, ProjectVariable
+from selenium.webdriver.common.by import By
 
 class TestProjectConfigsPage(SeleniumTestCase):
     """ Test data at /project/X/builds is displayed correctly """
@@ -66,7 +67,7 @@
 
         self.enter_text('#new-imagefs_types', imagefs_type)
 
-        checkboxes = self.driver.find_elements_by_xpath("//input[@class='fs-checkbox-fstypes']")
+        checkboxes = self.driver.find_elements(By.XPATH, "//input[@class='fs-checkbox-fstypes']")
 
         for checkbox in checkboxes:
             if checkbox.get_attribute("value") == "btrfs":
@@ -95,7 +96,7 @@
         for checkbox in checkboxes:
             if checkbox.get_attribute("value") == "cpio":
                checkbox.click()
-               element = self.driver.find_element_by_id('new-imagefs_types')
+               element = self.driver.find_element(By.ID, 'new-imagefs_types')
 
                self.wait_until_visible('#new-imagefs_types')
 
@@ -129,7 +130,7 @@
         self.assertTrue((self.INVALID_PATH_START_TEXT in element.text), msg)
 
         # downloads dir path has a space
-        self.driver.find_element_by_id('new-dl_dir').clear()
+        self.driver.find_element(By.ID, 'new-dl_dir').clear()
         self.enter_text('#new-dl_dir', '/foo/bar a')
 
         element = self.wait_until_visible('#hintError-dl_dir')
@@ -137,7 +138,7 @@
         self.assertTrue((self.INVALID_PATH_CHAR_TEXT in element.text), msg)
 
         # downloads dir path starts with ${...} but has a space
-        self.driver.find_element_by_id('new-dl_dir').clear()
+        self.driver.find_element(By.ID,'new-dl_dir').clear()
         self.enter_text('#new-dl_dir', '${TOPDIR}/down foo')
 
         element = self.wait_until_visible('#hintError-dl_dir')
@@ -145,18 +146,18 @@
         self.assertTrue((self.INVALID_PATH_CHAR_TEXT in element.text), msg)
 
         # downloads dir path starts with /
-        self.driver.find_element_by_id('new-dl_dir').clear()
+        self.driver.find_element(By.ID,'new-dl_dir').clear()
         self.enter_text('#new-dl_dir', '/bar/foo')
 
-        hidden_element = self.driver.find_element_by_id('hintError-dl_dir')
+        hidden_element = self.driver.find_element(By.ID,'hintError-dl_dir')
         self.assertEqual(hidden_element.is_displayed(), False,
             'downloads directory path valid but treated as invalid')
 
         # downloads dir path starts with ${...}
-        self.driver.find_element_by_id('new-dl_dir').clear()
+        self.driver.find_element(By.ID,'new-dl_dir').clear()
         self.enter_text('#new-dl_dir', '${TOPDIR}/down')
 
-        hidden_element = self.driver.find_element_by_id('hintError-dl_dir')
+        hidden_element = self.driver.find_element(By.ID,'hintError-dl_dir')
         self.assertEqual(hidden_element.is_displayed(), False,
             'downloads directory path valid but treated as invalid')
 
@@ -184,7 +185,7 @@
         self.assertTrue((self.INVALID_PATH_START_TEXT in element.text), msg)
 
         # path has a space
-        self.driver.find_element_by_id('new-sstate_dir').clear()
+        self.driver.find_element(By.ID, 'new-sstate_dir').clear()
         self.enter_text('#new-sstate_dir', '/foo/bar a')
 
         element = self.wait_until_visible('#hintError-sstate_dir')
@@ -192,7 +193,7 @@
         self.assertTrue((self.INVALID_PATH_CHAR_TEXT in element.text), msg)
 
         # path starts with ${...} but has a space
-        self.driver.find_element_by_id('new-sstate_dir').clear()
+        self.driver.find_element(By.ID,'new-sstate_dir').clear()
         self.enter_text('#new-sstate_dir', '${TOPDIR}/down foo')
 
         element = self.wait_until_visible('#hintError-sstate_dir')
@@ -200,18 +201,18 @@
         self.assertTrue((self.INVALID_PATH_CHAR_TEXT in element.text), msg)
 
         # path starts with /
-        self.driver.find_element_by_id('new-sstate_dir').clear()
+        self.driver.find_element(By.ID,'new-sstate_dir').clear()
         self.enter_text('#new-sstate_dir', '/bar/foo')
 
-        hidden_element = self.driver.find_element_by_id('hintError-sstate_dir')
+        hidden_element = self.driver.find_element(By.ID, 'hintError-sstate_dir')
         self.assertEqual(hidden_element.is_displayed(), False,
             'sstate directory path valid but treated as invalid')
 
         # paths starts with ${...}
-        self.driver.find_element_by_id('new-sstate_dir').clear()
+        self.driver.find_element(By.ID, 'new-sstate_dir').clear()
         self.enter_text('#new-sstate_dir', '${TOPDIR}/down')
 
-        hidden_element = self.driver.find_element_by_id('hintError-sstate_dir')
+        hidden_element = self.driver.find_element(By.ID, 'hintError-sstate_dir')
         self.assertEqual(hidden_element.is_displayed(), False,
             'sstate directory path valid but treated as invalid')
 
diff --git a/poky/bitbake/lib/toaster/tests/browser/test_toastertable_ui.py b/poky/bitbake/lib/toaster/tests/browser/test_toastertable_ui.py
index e82d5ec..e00c30a 100644
--- a/poky/bitbake/lib/toaster/tests/browser/test_toastertable_ui.py
+++ b/poky/bitbake/lib/toaster/tests/browser/test_toastertable_ui.py
@@ -13,6 +13,7 @@
 from django.utils import timezone
 from tests.browser.selenium_helpers import SeleniumTestCase
 from orm.models import BitbakeVersion, Release, Project, Build
+from selenium.webdriver.common.by import By
 
 class TestToasterTableUI(SeleniumTestCase):
     """
@@ -33,7 +34,7 @@
         table: WebElement for a ToasterTable
         """
         selector = 'thead a.sorted'
-        heading = table.find_element_by_css_selector(selector)
+        heading = table.find_element(By.CSS_SELECTOR, selector)
         return heading.get_attribute('innerHTML').strip()
 
     def _get_datetime_from_cell(self, row, selector):
@@ -45,7 +46,7 @@
         selector: CSS selector to use to find the cell containing the date time
         string
         """
-        cell = row.find_element_by_css_selector(selector)
+        cell = row.find_element(By.CSS_SELECTOR, selector)
         cell_text = cell.get_attribute('innerHTML').strip()
         return datetime.strptime(cell_text, '%d/%m/%y %H:%M')
 
@@ -105,7 +106,7 @@
         self.click('#checkbox-started_on')
 
         # sort by started_on column
-        links = table.find_elements_by_css_selector('th.started_on a')
+        links = table.find_elements(By.CSS_SELECTOR, 'th.started_on a')
         for link in links:
             if link.get_attribute('innerHTML').strip() == 'Started on':
                 link.click()
diff --git a/poky/bitbake/lib/toaster/tests/builds/test_core_image_min.py b/poky/bitbake/lib/toaster/tests/builds/test_core_image_min.py
index 44b6cbe..9cdaa15 100644
--- a/poky/bitbake/lib/toaster/tests/builds/test_core_image_min.py
+++ b/poky/bitbake/lib/toaster/tests/builds/test_core_image_min.py
@@ -26,6 +26,7 @@
 
     def setUp(self):
         self.completed_build = self.build("core-image-minimal")
+        self.built = self.target_already_built("core-image-minimal")
 
     # Check if build name is unique - tc_id=795
     def test_Build_Unique_Name(self):
diff --git a/poky/bitbake/lib/toaster/tests/functional/functional_helpers.py b/poky/bitbake/lib/toaster/tests/functional/functional_helpers.py
index 5c4ea71..c3191f6 100644
--- a/poky/bitbake/lib/toaster/tests/functional/functional_helpers.py
+++ b/poky/bitbake/lib/toaster/tests/functional/functional_helpers.py
@@ -16,6 +16,9 @@
 
 from tests.browser.selenium_helpers_base import SeleniumTestCaseBase
 from tests.builds.buildtest import load_build_environment
+from bldcontrol.models import BuildEnvironment
+from selenium.webdriver.common.by import By
+from selenium.common.exceptions import NoSuchElementException
 
 logger = logging.getLogger("toaster")
 
@@ -30,6 +33,8 @@
             raise RuntimeError("Please initialise django with the tests settings:  " \
                 "DJANGO_SETTINGS_MODULE='toastermain.settings_test'")
 
+        if BuildEnvironment.objects.count() == 0:
+            BuildEnvironment.objects.create(betype=BuildEnvironment.TYPE_LOCAL)
         load_build_environment()
 
         # start toaster
@@ -74,8 +79,8 @@
         """
         try:
             table_element = self.get_table_element(table_id)
-            element = table_element.find_element_by_link_text(link_text)
-        except self.NoSuchElementException:
+            element = table_element.find_element(By.LINK_TEXT, link_text)
+        except NoSuchElementException:
             print('no element found')
             raise
         return element
@@ -85,8 +90,8 @@
 #return whole-table element
             element_xpath = "//*[@id='" + table_id + "']"
             try:
-                element = self.driver.find_element_by_xpath(element_xpath)
-            except self.NoSuchElementException:
+                element = self.driver.find_element(By.XPATH, element_xpath)
+            except NoSuchElementException:
                 raise
             return element
         row = coordinate[0]
@@ -95,8 +100,8 @@
 #return whole-row element
             element_xpath = "//*[@id='" + table_id + "']/tbody/tr[" + str(row) + "]"
             try:
-                element = self.driver.find_element_by_xpath(element_xpath)
-            except self.NoSuchElementException:
+                element = self.driver.find_element(By.XPATH, element_xpath)
+            except NoSuchElementException:
                 return False
             return element
 #now we are looking for an element with specified X and Y
@@ -104,7 +109,7 @@
 
         element_xpath = "//*[@id='" + table_id + "']/tbody/tr[" + str(row) + "]/td[" + str(column) + "]"
         try:
-            element = self.driver.find_element_by_xpath(element_xpath)
-        except self.NoSuchElementException:
+            element = self.driver.find_element(By.XPATH, element_xpath)
+        except NoSuchElementException:
             return False
         return element
diff --git a/poky/bitbake/lib/toaster/tests/functional/test_functional_basic.py b/poky/bitbake/lib/toaster/tests/functional/test_functional_basic.py
index 5683e38..067ad99 100644
--- a/poky/bitbake/lib/toaster/tests/functional/test_functional_basic.py
+++ b/poky/bitbake/lib/toaster/tests/functional/test_functional_basic.py
@@ -10,6 +10,7 @@
 import re
 from tests.functional.functional_helpers import SeleniumFunctionalTestCase
 from orm.models import Project
+from selenium.webdriver.common.by import By
 
 class FuntionalTestBasic(SeleniumFunctionalTestCase):
 
@@ -17,10 +18,10 @@
     def test_create_slenium_project(self):
         project_name = 'selenium-project'
         self.get('')
-        self.driver.find_element_by_link_text("To start building, create your first Toaster project").click()
-        self.driver.find_element_by_id("new-project-name").send_keys(project_name)
-        self.driver.find_element_by_id('projectversion').click()
-        self.driver.find_element_by_id("create-project-button").click()
+        self.driver.find_element(By.LINK_TEXT, "To start building, create your first Toaster project").click()
+        self.driver.find_element(By.ID, "new-project-name").send_keys(project_name)
+        self.driver.find_element(By.ID, 'projectversion').click()
+        self.driver.find_element(By.ID, "create-project-button").click()
         element = self.wait_until_visible('#project-created-notification')
         self.assertTrue(self.element_exists('#project-created-notification'),'Project creation notification not shown')
         self.assertTrue(project_name in element.text,
@@ -35,77 +36,77 @@
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
         self.assertTrue(self.element_exists('#config-nav'),'Configuration Tab does not exist')
         project_URL=self.get_URL()
-        self.driver.find_element_by_xpath('//a[@href="'+project_URL+'"]').click()
+        self.driver.find_element(By.XPATH, '//a[@href="'+project_URL+'"]').click()
 
         try:
-            self.driver.find_element_by_xpath("//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'customimages/"'+"]").click()
-            self.assertTrue(re.search("Custom images",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'Custom images information is not loading properly')
+            self.driver.find_element(By.XPATH, "//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'customimages/"'+"]").click()
+            self.assertTrue(re.search("Custom images",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'Custom images information is not loading properly')
         except:
             self.fail(msg='No Custom images tab available')
 
         try:
-            self.driver.find_element_by_xpath("//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'images/"'+"]").click()
-            self.assertTrue(re.search("Compatible image recipes",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'The Compatible image recipes information is not loading properly')
+            self.driver.find_element(By.XPATH, "//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'images/"'+"]").click()
+            self.assertTrue(re.search("Compatible image recipes",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'The Compatible image recipes information is not loading properly')
         except:
             self.fail(msg='No Compatible image tab available')
 
         try:
-            self.driver.find_element_by_xpath("//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'softwarerecipes/"'+"]").click()
-            self.assertTrue(re.search("Compatible software recipes",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'The Compatible software recipe information is not loading properly')
+            self.driver.find_element(By.XPATH, "//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'softwarerecipes/"'+"]").click()
+            self.assertTrue(re.search("Compatible software recipes",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'The Compatible software recipe information is not loading properly')
         except:
             self.fail(msg='No Compatible software recipe tab available')
 
         try:
-            self.driver.find_element_by_xpath("//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'machines/"'+"]").click()
-            self.assertTrue(re.search("Compatible machines",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'The Compatible machine information is not loading properly')
+            self.driver.find_element(By.XPATH, "//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'machines/"'+"]").click()
+            self.assertTrue(re.search("Compatible machines",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'The Compatible machine information is not loading properly')
         except:
             self.fail(msg='No Compatible machines tab available')
 
         try:
-            self.driver.find_element_by_xpath("//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'layers/"'+"]").click()
-            self.assertTrue(re.search("Compatible layers",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'The Compatible layer information is not loading properly')
+            self.driver.find_element(By.XPATH, "//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'layers/"'+"]").click()
+            self.assertTrue(re.search("Compatible layers",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'The Compatible layer information is not loading properly')
         except:
             self.fail(msg='No Compatible layers tab available')
 
         try:
-            self.driver.find_element_by_xpath("//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'configuration"'+"]").click()
-            self.assertTrue(re.search("Bitbake variables",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'The Bitbake variables information is not loading properly')
+            self.driver.find_element(By.XPATH, "//*[@id='config-nav']/ul/li/a[@href="+'"'+project_URL+'configuration"'+"]").click()
+            self.assertTrue(re.search("Bitbake variables",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'The Bitbake variables information is not loading properly')
         except:
             self.fail(msg='No Bitbake variables tab available')
 
 #   testcase (1516)
     def test_review_configuration_information(self):
         self.get('')
-        self.driver.find_element_by_xpath("//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+        self.driver.find_element(By.XPATH, "//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
         self.wait_until_visible('#projectstable')
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
         project_URL=self.get_URL()
 
         try:
            self.assertTrue(self.element_exists('#machine-section'),'Machine section for the project configuration page does not exist')
-           self.assertTrue(re.search("qemux86",self.driver.find_element_by_xpath("//span[@id='project-machine-name']").text),'The machine type is not assigned')
-           self.driver.find_element_by_xpath("//span[@id='change-machine-toggle']").click()
+           self.assertTrue(re.search("qemux86",self.driver.find_element(By.XPATH, "//span[@id='project-machine-name']").text),'The machine type is not assigned')
+           self.driver.find_element(By.XPATH, "//span[@id='change-machine-toggle']").click()
            self.wait_until_visible('#select-machine-form')
            self.wait_until_visible('#cancel-machine-change')
-           self.driver.find_element_by_xpath("//form[@id='select-machine-form']/a[@id='cancel-machine-change']").click()
+           self.driver.find_element(By.XPATH, "//form[@id='select-machine-form']/a[@id='cancel-machine-change']").click()
         except:
            self.fail(msg='The machine information is wrong in the configuration page')
 
         try:
-           self.driver.find_element_by_id('no-most-built')
+           self.driver.find_element(By.ID, 'no-most-built')
         except:
            self.fail(msg='No Most built information in project detail page')
 
         try:
-           self.assertTrue(re.search("Yocto Project master",self.driver.find_element_by_xpath("//span[@id='project-release-title']").text),'The project release is not defined')
+           self.assertTrue(re.search("Yocto Project master",self.driver.find_element(By.XPATH, "//span[@id='project-release-title']").text),'The project release is not defined')
         except:
            self.fail(msg='No project release title information in project detail page')
 
         try:
-           self.driver.find_element_by_xpath("//div[@id='layer-container']")
-           self.assertTrue(re.search("3",self.driver.find_element_by_id("project-layers-count").text),'There should be 3 layers listed in the layer count')
-           layer_list = self.driver.find_element_by_id("layers-in-project-list")
-           layers = layer_list.find_elements_by_tag_name("li")
+           self.driver.find_element(By.XPATH, "//div[@id='layer-container']")
+           self.assertTrue(re.search("3",self.driver.find_element(By.ID, "project-layers-count").text),'There should be 3 layers listed in the layer count')
+           layer_list = self.driver.find_element(By.ID, "layers-in-project-list")
+           layers = layer_list.find_elements(By.TAG_NAME, "li")
            for layer in layers:
                if re.match ("openembedded-core",layer.text):
                     print ("openembedded-core layer is a default layer in the project configuration")
@@ -121,60 +122,61 @@
 #   testcase (1517)
     def test_verify_machine_information(self):
         self.get('')
-        self.driver.find_element_by_xpath("//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+        self.driver.find_element(By.XPATH, "//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
         self.wait_until_visible('#projectstable')
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
 
         try:
             self.assertTrue(self.element_exists('#machine-section'),'Machine section for the project configuration page does not exist')
-            self.assertTrue(re.search("qemux86",self.driver.find_element_by_id("project-machine-name").text),'The machine type is not assigned')
-            self.driver.find_element_by_id("change-machine-toggle").click()
+            self.assertTrue(re.search("qemux86",self.driver.find_element(By.ID, "project-machine-name").text),'The machine type is not assigned')
+            self.driver.find_element(By.ID, "change-machine-toggle").click()
             self.wait_until_visible('#select-machine-form')
             self.wait_until_visible('#cancel-machine-change')
-            self.driver.find_element_by_id("cancel-machine-change").click()
+            self.driver.find_element(By.ID, "cancel-machine-change").click()
         except:
             self.fail(msg='The machine information is wrong in the configuration page')
 
 #   testcase (1518)
     def test_verify_most_built_recipes_information(self):
         self.get('')
-        self.driver.find_element_by_xpath("//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+        self.driver.find_element(By.XPATH, "//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+
         self.wait_until_visible('#projectstable')
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
         project_URL=self.get_URL()
 
         try:
-            self.assertTrue(re.search("You haven't built any recipes yet",self.driver.find_element_by_id("no-most-built").text),'Default message of no builds is not present')
-            self.driver.find_element_by_xpath("//div[@id='no-most-built']/p/a[@href="+'"'+project_URL+'images/"'+"]").click()
-            self.assertTrue(re.search("Compatible image recipes",self.driver.find_element_by_xpath("//div[@class='col-md-10']").text),'The Choose a recipe to build link  is not working  properly')
+            self.assertTrue(re.search("You haven't built any recipes yet",self.driver.find_element(By.ID, "no-most-built").text),'Default message of no builds is not present')
+            self.driver.find_element(By.XPATH, "//div[@id='no-most-built']/p/a[@href="+'"'+project_URL+'images/"'+"]").click()
+            self.assertTrue(re.search("Compatible image recipes",self.driver.find_element(By.XPATH, "//div[@class='col-md-10']").text),'The Choose a recipe to build link  is not working  properly')
         except:
             self.fail(msg='No Most built information in project detail page')
 
 #   testcase (1519)
     def test_verify_project_release_information(self):
         self.get('')
-        self.driver.find_element_by_xpath("//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+        self.driver.find_element(By.XPATH, "//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
         self.wait_until_visible('#projectstable')
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
 
         try:
-            self.assertTrue(re.search("Yocto Project master",self.driver.find_element_by_id("project-release-title").text),'The project release is not defined')
+            self.assertTrue(re.search("Yocto Project master",self.driver.find_element(By.ID, "project-release-title").text),'The project release is not defined')
         except:
             self.fail(msg='No project release title information in project detail page')
 
 #   testcase (1520)
     def test_verify_layer_information(self):
         self.get('')
-        self.driver.find_element_by_xpath("//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+        self.driver.find_element(By.XPATH, "//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
         self.wait_until_visible('#projectstable')
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
         project_URL=self.get_URL()
 
         try:
-           self.driver.find_element_by_xpath("//div[@id='layer-container']")
-           self.assertTrue(re.search("3",self.driver.find_element_by_id("project-layers-count").text),'There should be 3 layers listed in the layer count')
-           layer_list = self.driver.find_element_by_id("layers-in-project-list")
-           layers = layer_list.find_elements_by_tag_name("li")
+           self.driver.find_element(By.XPATH, "//div[@id='layer-container']")
+           self.assertTrue(re.search("3",self.driver.find_element(By.ID, "project-layers-count").text),'There should be 3 layers listed in the layer count')
+           layer_list = self.driver.find_element(By.ID, "layers-in-project-list")
+           layers = layer_list.find_element(By.TAG_NAME, "li")
 
            for layer in layers:
                if re.match ("openembedded-core",layer.text):
@@ -186,43 +188,43 @@
                else:
                   self.fail(msg='default layers are missing from the project configuration')
 
-           self.driver.find_element_by_xpath("//input[@id='layer-add-input']")
-           self.driver.find_element_by_xpath("//button[@id='add-layer-btn']")
-           self.driver.find_element_by_xpath("//div[@id='layer-container']/form[@class='form-inline']/p/a[@id='view-compatible-layers']")
-           self.driver.find_element_by_xpath("//div[@id='layer-container']/form[@class='form-inline']/p/a[@href="+'"'+project_URL+'importlayer"'+"]")
+           self.driver.find_element(By.XPATH, "//input[@id='layer-add-input']")
+           self.driver.find_element(By.XPATH, "//button[@id='add-layer-btn']")
+           self.driver.find_element(By.XPATH, "//div[@id='layer-container']/form[@class='form-inline']/p/a[@id='view-compatible-layers']")
+           self.driver.find_element(By.XPATH, "//div[@id='layer-container']/form[@class='form-inline']/p/a[@href="+'"'+project_URL+'importlayer"'+"]")
         except:
             self.fail(msg='No Layer information in project detail page')
 
 #   testcase (1521)
     def test_verify_project_detail_links(self):
         self.get('')
-        self.driver.find_element_by_xpath("//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
+        self.driver.find_element(By.XPATH, "//div[@id='global-nav']/ul/li/a[@href="+'"'+'/toastergui/projects/'+'"'+"]").click()
         self.wait_until_visible('#projectstable')
         self.find_element_by_link_text_in_table('projectstable', 'selenium-project').click()
         project_URL=self.get_URL()
 
-        self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li[@id='topbar-configuration-tab']/a[@href="+'"'+project_URL+'"'+"]").click()
-        self.assertTrue(re.search("Configuration",self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li[@id='topbar-configuration-tab']/a[@href="+'"'+project_URL+'"'+"]").text), 'Configuration tab in project topbar is misspelled')
+        self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li[@id='topbar-configuration-tab']/a[@href="+'"'+project_URL+'"'+"]").click()
+        self.assertTrue(re.search("Configuration",self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li[@id='topbar-configuration-tab']/a[@href="+'"'+project_URL+'"'+"]").text), 'Configuration tab in project topbar is misspelled')
 
         try:
-            self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'builds/"'+"]").click()
-            self.assertTrue(re.search("Builds",self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'builds/"'+"]").text), 'Builds tab in project topbar is misspelled')
-            self.driver.find_element_by_xpath("//div[@id='empty-state-projectbuildstable']")
+            self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'builds/"'+"]").click()
+            self.assertTrue(re.search("Builds",self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'builds/"'+"]").text), 'Builds tab in project topbar is misspelled')
+            self.driver.find_element(By.XPATH, "//div[@id='empty-state-projectbuildstable']")
         except:
             self.fail(msg='Builds tab information is not present')
 
         try:
-            self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'importlayer"'+"]").click()
-            self.assertTrue(re.search("Import layer",self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'importlayer"'+"]").text), 'Import layer tab in project topbar is misspelled')
-            self.driver.find_element_by_xpath("//fieldset[@id='repo-select']")
-            self.driver.find_element_by_xpath("//fieldset[@id='git-repo']")
+            self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'importlayer"'+"]").click()
+            self.assertTrue(re.search("Import layer",self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'importlayer"'+"]").text), 'Import layer tab in project topbar is misspelled')
+            self.driver.find_element(By.XPATH, "//fieldset[@id='repo-select']")
+            self.driver.find_element(By.XPATH, "//fieldset[@id='git-repo']")
         except:
             self.fail(msg='Import layer tab not loading properly')
 
         try:
-            self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'newcustomimage/"'+"]").click()
-            self.assertTrue(re.search("New custom image",self.driver.find_element_by_xpath("//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'newcustomimage/"'+"]").text), 'New custom image tab in project topbar is misspelled')
-            self.assertTrue(re.search("Select the image recipe you want to customise",self.driver.find_element_by_xpath("//div[@class='col-md-12']/h2").text),'The new custom image tab is not loading correctly')
+            self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'newcustomimage/"'+"]").click()
+            self.assertTrue(re.search("New custom image",self.driver.find_element(By.XPATH, "//div[@id='project-topbar']/ul[@class='nav nav-tabs']/li/a[@href="+'"'+project_URL+'newcustomimage/"'+"]").text), 'New custom image tab in project topbar is misspelled')
+            self.assertTrue(re.search("Select the image recipe you want to customise",self.driver.find_element(By.XPATH, "//div[@class='col-md-12']/h2").text),'The new custom image tab is not loading correctly')
         except:
             self.fail(msg='New custom image tab not loading properly')
 
diff --git a/poky/bitbake/lib/toaster/tests/toaster-tests-requirements.txt b/poky/bitbake/lib/toaster/tests/toaster-tests-requirements.txt
index 4f9fcc4..f30ac07 100644
--- a/poky/bitbake/lib/toaster/tests/toaster-tests-requirements.txt
+++ b/poky/bitbake/lib/toaster/tests/toaster-tests-requirements.txt
@@ -1 +1 @@
-selenium==2.49.2
+selenium>=4.13.0
diff --git a/poky/bitbake/lib/toaster/tests/views/test_views.py b/poky/bitbake/lib/toaster/tests/views/test_views.py
index 735d596..f962e76 100644
--- a/poky/bitbake/lib/toaster/tests/views/test_views.py
+++ b/poky/bitbake/lib/toaster/tests/views/test_views.py
@@ -19,6 +19,7 @@
 from orm.models import CustomImageRecipe
 from orm.models import CustomImagePackage
 
+from bldcontrol.models import BuildEnvironment
 import inspect
 import toastergui
 
@@ -45,6 +46,9 @@
         self.cust_package = CustomImagePackage.objects.first()
         self.package = Package.objects.first()
         self.lver = Layer_Version.objects.first()
+        if BuildEnvironment.objects.count() == 0:
+            BuildEnvironment.objects.create(betype=BuildEnvironment.TYPE_LOCAL)
+
 
     def test_get_base_call_returns_html(self):
         """Basic test for all-projects view"""
diff --git a/poky/bitbake/lib/toaster/toastergui/views.py b/poky/bitbake/lib/toaster/toastergui/views.py
index 552ff16..cc8517b 100644
--- a/poky/bitbake/lib/toaster/toastergui/views.py
+++ b/poky/bitbake/lib/toaster/toastergui/views.py
@@ -34,6 +34,8 @@
 
 import logging
 
+from toastermain.logs import log_view_mixin
+
 logger = logging.getLogger("toaster")
 
 # Project creation and managed build enable
@@ -56,6 +58,7 @@
         return guessed_type
 
 # single point to add global values into the context before rendering
+@log_view_mixin
 def toaster_render(request, page, context):
     context['project_enable'] = project_enable
     context['project_specific'] = is_project_specific
@@ -665,6 +668,7 @@
     return response
 
 from django.http import HttpResponse
+@log_view_mixin
 def xhr_dirinfo(request, build_id, target_id):
     top = request.GET.get('start', '/')
     return HttpResponse(_get_dir_entries(build_id, target_id, top), content_type = "application/json")
@@ -1612,6 +1616,7 @@
 
     from django.views.decorators.csrf import csrf_exempt
     @csrf_exempt
+    @log_view_mixin
     def xhr_testreleasechange(request, pid):
         def response(data):
             return HttpResponse(jsonfilter(data),
@@ -1648,6 +1653,7 @@
         except Exception as e:
             return response({"error": str(e) })
 
+    @log_view_mixin
     def xhr_configvaredit(request, pid):
         try:
             prj = Project.objects.get(id = pid)
@@ -1726,6 +1732,7 @@
             return HttpResponse(json.dumps({"error":str(e) + "\n" + traceback.format_exc()}), content_type = "application/json")
 
 
+    @log_view_mixin
     def customrecipe_download(request, pid, recipe_id):
         recipe = get_object_or_404(CustomImageRecipe, pk=recipe_id)
 
diff --git a/poky/bitbake/lib/toaster/toastergui/widgets.py b/poky/bitbake/lib/toaster/toastergui/widgets.py
index 5369691..b32abf4 100644
--- a/poky/bitbake/lib/toaster/toastergui/widgets.py
+++ b/poky/bitbake/lib/toaster/toastergui/widgets.py
@@ -32,6 +32,7 @@
 import os
 
 from toastergui.tablefilter import TableFilterMap
+from toastermain.logs import log_view_mixin
 
 try:
     from urllib import unquote_plus
@@ -84,6 +85,7 @@
 
         return context
 
+    @log_view_mixin
     def get(self, request, *args, **kwargs):
         if request.GET.get('format', None) == 'json':
 
@@ -305,6 +307,7 @@
 
         self.setup_columns(**kwargs)
 
+        self.apply_orderby('pk')
         if search:
             self.apply_search(search)
         if filters:
@@ -414,6 +417,7 @@
     def __init__(self, *args, **kwargs):
         super(ToasterTypeAhead, self).__init__()
 
+    @log_view_mixin
     def get(self, request, *args, **kwargs):
         def response(data):
             return HttpResponse(json.dumps(data,
@@ -469,6 +473,7 @@
 
         return False
 
+    @log_view_mixin
     def get(self, request, *args, **kwargs):
         """
         Returns a list of builds in JSON format.
diff --git a/poky/bitbake/lib/toaster/toastermain/logs.py b/poky/bitbake/lib/toaster/toastermain/logs.py
new file mode 100644
index 0000000..f995398
--- /dev/null
+++ b/poky/bitbake/lib/toaster/toastermain/logs.py
@@ -0,0 +1,153 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+
+import logging
+import json
+from pathlib import Path
+from django.http import HttpRequest
+
+BASE_DIR = Path(__file__).resolve(strict=True).parent.parent
+
+
+def log_api_request(request, response, view, logger_name='api'):
+    """Helper function for LogAPIMixin"""
+
+    repjson = {
+        'view': view,
+        'path': request.path,
+        'method': request.method,
+        'status': response.status_code
+    }
+
+    logger = logging.getLogger(logger_name)
+    logger.info(
+        json.dumps(repjson, indent=4, separators=(", ", " : "))
+    )
+
+
+def log_view_mixin(view):
+    def log_view_request(*args, **kwargs):
+        # get request from args else kwargs
+        request = None
+        if len(args) > 0:
+            for req in args:
+                if isinstance(req, HttpRequest):
+                    request = req
+                    break 
+        elif request is None:
+            request = kwargs.get('request')
+
+        response = view(*args, **kwargs)
+        log_api_request(
+            request, response, request.resolver_match.view_name, 'toaster')
+        return response
+    return log_view_request
+
+
+
+class LogAPIMixin:
+    """Logs API requests
+
+    tested with:
+        - APIView
+        - ModelViewSet
+        - ReadOnlyModelViewSet
+        - GenericAPIView
+
+    Note: you can set `view_name` attribute in View to override get_view_name()
+    """
+
+    def get_view_name(self):
+        if hasattr(self, 'view_name'):
+            return self.view_name
+        return super().get_view_name()
+
+    def finalize_response(self, request, response, *args, **kwargs):
+        log_api_request(request, response, self.get_view_name())
+        return super().finalize_response(request, response, *args, **kwargs)
+
+
+LOGGING_SETTINGS = {
+    'version': 1,
+    'disable_existing_loggers': False,
+    'filters': {
+        'require_debug_false': {
+            '()': 'django.utils.log.RequireDebugFalse'
+        }
+    },
+    'formatters': {
+        'datetime': {
+            'format': '%(asctime)s %(levelname)s %(message)s'
+        },
+        'verbose': {
+            'format': '{levelname} {asctime} {module} {name}.{funcName} {process:d} {thread:d} {message}',
+            'datefmt': "%d/%b/%Y %H:%M:%S",
+            'style': '{',
+        },
+        'api': {
+            'format': '\n{levelname} {asctime} {name}.{funcName}:\n{message}',
+            'style': '{'
+        }
+    },
+    'handlers': {
+        'mail_admins': {
+            'level': 'ERROR',
+            'filters': ['require_debug_false'],
+            'class': 'django.utils.log.AdminEmailHandler'
+        },
+        'console': {
+            'level': 'DEBUG',
+            'class': 'logging.StreamHandler',
+            'formatter': 'datetime',
+        },
+        'file_django': {
+            'level': 'INFO',
+            'class': 'logging.handlers.TimedRotatingFileHandler',
+            'filename': BASE_DIR / 'logs/django.log',
+            'when': 'D',  # interval type
+            'interval': 1,  # defaults to 1
+            'backupCount': 10,  # how many files to keep
+            'formatter': 'verbose',
+        },
+        'file_api': {
+            'level': 'INFO',
+            'class': 'logging.handlers.TimedRotatingFileHandler',
+            'filename': BASE_DIR / 'logs/api.log',
+            'when': 'D',
+            'interval': 1,
+            'backupCount': 10,
+            'formatter': 'verbose',
+        },
+        'file_toaster': {
+            'level': 'INFO',
+            'class': 'logging.handlers.TimedRotatingFileHandler',
+            'filename': BASE_DIR / 'logs/toaster.log',
+            'when': 'D',
+            'interval': 1,
+            'backupCount': 10,
+            'formatter': 'verbose',
+        },
+    },
+    'loggers': {
+        'django.request': {
+            'handlers': ['file_django', 'console'],
+            'level': 'WARN',
+            'propagate': True,
+        },
+        'django': {
+            'handlers': ['file_django', 'console'],
+            'level': 'WARNING',
+            'propogate': True,
+        },
+        'toaster': {
+            'handlers': ['file_toaster'],
+            'level': 'INFO',
+            'propagate': False,
+        },
+        'api': {
+            'handlers': ['file_api'],
+            'level': 'INFO',
+            'propagate': False,
+        }
+    }
+}
diff --git a/poky/bitbake/lib/toaster/toastermain/settings.py b/poky/bitbake/lib/toaster/toastermain/settings.py
index 609c85d..b083cf5 100644
--- a/poky/bitbake/lib/toaster/toastermain/settings.py
+++ b/poky/bitbake/lib/toaster/toastermain/settings.py
@@ -9,6 +9,8 @@
 # Django settings for Toaster project.
 
 import os
+from pathlib import Path
+from toastermain.logs import LOGGING_SETTINGS
 
 DEBUG = True
 
@@ -186,7 +188,13 @@
                 'django.template.loaders.app_directories.Loader',
                 #'django.template.loaders.eggs.Loader',
             ],
-            'string_if_invalid': InvalidString("%s"),
+            # https://docs.djangoproject.com/en/4.2/ref/templates/api/#how-invalid-variables-are-handled
+            # Generally, string_if_invalid should only be enabled in order to debug
+            # a specific template problem, then cleared once debugging is complete.
+            # If you assign a value other than '' to string_if_invalid,
+            # you will experience rendering problems with these templates and sites.
+            #  'string_if_invalid': InvalidString("%s"),
+            'string_if_invalid': "",
             'debug': DEBUG,
         },
     },
@@ -242,6 +250,9 @@
     'django.contrib.humanize',
     'bldcollector',
     'toastermain',
+
+    # 3rd-lib
+    "log_viewer",
 )
 
 
@@ -302,43 +313,22 @@
 # the site admins on every HTTP 500 error when DEBUG=False.
 # See http://docs.djangoproject.com/en/dev/topics/logging for
 # more details on how to customize your logging configuration.
-LOGGING = {
-    'version': 1,
-    'disable_existing_loggers': False,
-    'filters': {
-        'require_debug_false': {
-            '()': 'django.utils.log.RequireDebugFalse'
-        }
-    },
-    'formatters': {
-        'datetime': {
-            'format': '%(asctime)s %(levelname)s %(message)s'
-        }
-    },
-    'handlers': {
-        'mail_admins': {
-            'level': 'ERROR',
-            'filters': ['require_debug_false'],
-            'class': 'django.utils.log.AdminEmailHandler'
-        },
-        'console': {
-            'level': 'DEBUG',
-            'class': 'logging.StreamHandler',
-            'formatter': 'datetime',
-        }
-    },
-    'loggers': {
-        'toaster' : {
-            'handlers': ['console'],
-            'level': 'DEBUG',
-        },
-        'django.request': {
-            'handlers': ['console'],
-            'level': 'WARN',
-            'propagate': True,
-        },
-    }
-}
+LOGGING = LOGGING_SETTINGS
+
+# Build paths inside the project like this: BASE_DIR / 'subdir'.
+BASE_DIR = Path(__file__).resolve(strict=True).parent.parent
+
+# LOG VIEWER
+# https://pypi.org/project/django-log-viewer/
+LOG_VIEWER_FILES_PATTERN = '*.log*'
+LOG_VIEWER_FILES_DIR = os.path.join(BASE_DIR, 'logs')
+LOG_VIEWER_PAGE_LENGTH = 25      # total log lines per-page
+LOG_VIEWER_MAX_READ_LINES = 100000  # total log lines will be read
+LOG_VIEWER_PATTERNS = ['INFO', 'DEBUG', 'WARNING', 'ERROR', 'CRITICAL']
+
+# Optionally you can set the next variables in order to customize the admin:
+LOG_VIEWER_FILE_LIST_TITLE = "Logs list"
+
 
 if DEBUG and SQL_DEBUG:
     LOGGING['loggers']['django.db.backends'] = {
diff --git a/poky/bitbake/lib/toaster/toastermain/urls.py b/poky/bitbake/lib/toaster/toastermain/urls.py
index 0360302..3be46fc 100644
--- a/poky/bitbake/lib/toaster/toastermain/urls.py
+++ b/poky/bitbake/lib/toaster/toastermain/urls.py
@@ -28,6 +28,8 @@
     # url(r'^admin/doc/', include('django.contrib.admindocs.urls')),
 
 
+    url(r'^logs/', include('log_viewer.urls')),
+
     # This is here to maintain backward compatibility and will be deprecated
     # in the future.
     url(r'^orm/eventfile$', bldcollector.views.eventfile),
diff --git a/poky/documentation/dev-manual/runtime-testing.rst b/poky/documentation/dev-manual/runtime-testing.rst
index c5c5653..af3fe2c 100644
--- a/poky/documentation/dev-manual/runtime-testing.rst
+++ b/poky/documentation/dev-manual/runtime-testing.rst
@@ -229,7 +229,7 @@
    statements in your ``local.conf`` file::
 
       IMAGE_FSTYPES += "tar.gz"
-      INHERIT += "testimage"
+      IMAGE_CLASSES += "testimage"
       TEST_TARGET = "SystemdbootTarget"
       TEST_TARGET_IP = "192.168.2.3"
 
@@ -335,7 +335,7 @@
    inherit the :ref:`ref-classes-testimage` class by editing your
    ``local.conf`` file::
 
-      INHERIT += "testimage"
+      IMAGE_CLASSES += "testimage"
 
    Next, use BitBake to run the tests::
 
diff --git a/poky/documentation/dev-manual/upgrading-recipes.rst b/poky/documentation/dev-manual/upgrading-recipes.rst
index 947ef13..4fac78b 100644
--- a/poky/documentation/dev-manual/upgrading-recipes.rst
+++ b/poky/documentation/dev-manual/upgrading-recipes.rst
@@ -117,7 +117,7 @@
       class, which is optional, you need to have the following set in
       your ``conf/local.conf`` file::
 
-         INHERIT += "testimage"
+         IMAGE_CLASSES += "testimage"
 
       .. note::
 
diff --git a/poky/documentation/migration-guides/release-4.0.rst b/poky/documentation/migration-guides/release-4.0.rst
index 688ea7a..adff55d 100644
--- a/poky/documentation/migration-guides/release-4.0.rst
+++ b/poky/documentation/migration-guides/release-4.0.rst
@@ -19,3 +19,4 @@
    release-notes-4.0.10
    release-notes-4.0.11
    release-notes-4.0.12
+   release-notes-4.0.13
diff --git a/poky/documentation/migration-guides/release-notes-4.0.13.rst b/poky/documentation/migration-guides/release-notes-4.0.13.rst
new file mode 100644
index 0000000..3c096c3
--- /dev/null
+++ b/poky/documentation/migration-guides/release-notes-4.0.13.rst
@@ -0,0 +1,271 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-4.0.13 (Kirkstone)
+------------------------------------------
+
+Security Fixes in Yocto-4.0.13
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  bind: Fix :cve:`2023-2829`
+-  binutils: Fix :cve:`2022-48065`
+-  busybox: Fix :cve:`2022-48174`
+-  cups: Fix :cve:`2023-32360`
+-  curl: Fix :cve:`2023-32001`
+-  dmidecode: Fix :cve:`2023-30630`
+-  dropbear: Fix :cve:`2023-36328`
+-  ffmpeg: Ignored :cve:`2023-39018`
+-  file: Fix :cve:`2022-48554`
+-  flac: Fix :cve:`2020-22219`
+-  gcc: Fix :cve:`2023-4039`
+-  gdb: Fix :cve:`2023-39128`
+-  ghostscript: Fix :cve:`2023-38559`
+-  glib-2.0: Fix :cve:`2023-29499`, :cve:`2023-32611`, :cve:`2023-32636`, :cve:`2023-32643` and :cve:`2023-32665`
+-  go: Fix :cve:`2023-29409` and :cve:`2023-39319`
+-  gstreamer1.0-plugins-bad: Fix :cve_mitre:`2023-37329`
+-  gstreamer1.0-plugins-base: Fix :cve_mitre:`2023-37328`
+-  gstreamer1.0-plugins-good: Fix :cve_mitre:`2023-37327`
+-  inetutils: Fix :cve:`2023-40303`
+-  json-c: Fix :cve:`2021-32292`
+-  librsvg: Fix :cve:`2023-38633`
+-  libssh2: Fix :cve:`2020-22218`
+-  libtiff: Fix :cve:`2023-26966`
+-  libxml2: Fix :cve:`2023-39615`
+-  linux-yocto/5.15: Ignore :cve:`2003-1604`, :cve:`2004-0230`, :cve:`2006-3635`, :cve:`2006-5331`, :cve:`2006-6128`, :cve:`2007-4774`, :cve:`2007-6761`, :cve:`2007-6762`, :cve:`2008-7316`, :cve:`2009-2692`, :cve:`2010-0008`, :cve:`2010-3432`, :cve:`2010-4648`, :cve:`2010-5313`, :cve:`2010-5328`, :cve:`2010-5329`, :cve:`2010-5331`, :cve:`2010-5332`, :cve:`2011-4098`, :cve:`2011-4131`, :cve:`2011-4915`, :cve:`2011-5321`, :cve:`2011-5327`, :cve:`2012-0957`, :cve:`2012-2119`, :cve:`2012-2136`, :cve:`2012-2137`, :cve:`2012-2313`, :cve:`2012-2319`, :cve:`2012-2372`, :cve:`2012-2375`, :cve:`2012-2390`, :cve:`2012-2669`, :cve:`2012-2744`, :cve:`2012-2745`, :cve:`2012-3364`, :cve:`2012-3375`, :cve:`2012-3400`, :cve:`2012-3412`, :cve:`2012-3430`, :cve:`2012-3510`, :cve:`2012-3511`, :cve:`2012-3520`, :cve:`2012-3552`, :cve:`2012-4398`, :cve:`2012-4444`, :cve:`2012-4461`, :cve:`2012-4467`, :cve:`2012-4508`, :cve:`2012-4530`, :cve:`2012-4565`, :cve:`2012-5374`, :cve:`2012-5375`, :cve:`2012-5517`, :cve:`2012-6536`, :cve:`2012-6537`, :cve:`2012-6538`, :cve:`2012-6539`, :cve:`2012-6540`, :cve:`2012-6541`, :cve:`2012-6542`, :cve:`2012-6543`, :cve:`2012-6544`, :cve:`2012-6545`, :cve:`2012-6546`, :cve:`2012-6547`, :cve:`2012-6548`, :cve:`2012-6549`, :cve:`2012-6638`, :cve:`2012-6647`, :cve:`2012-6657`, :cve:`2012-6689`, :cve:`2012-6701`, :cve:`2012-6703`, :cve:`2012-6704`, :cve:`2012-6712`, :cve:`2013-0160`, :cve:`2013-0190`, :cve:`2013-0216`, :cve:`2013-0217`, :cve:`2013-0228`, :cve:`2013-0231`, :cve:`2013-0268`, :cve:`2013-0290`, :cve:`2013-0309`, :cve:`2013-0310`, :cve:`2013-0311`, :cve:`2013-0313`, :cve:`2013-0343`, :cve:`2013-0349`, :cve:`2013-0871`, :cve:`2013-0913`, :cve:`2013-0914`, :cve:`2013-1059`, :cve:`2013-1763`, :cve:`2013-1767`, :cve:`2013-1772`, :cve:`2013-1773`, :cve:`2013-1774`, :cve:`2013-1792`, :cve:`2013-1796`, :cve:`2013-1797`, :cve:`2013-1798`, :cve:`2013-1819`, :cve:`2013-1826`, :cve:`2013-1827`, :cve:`2013-1828`, :cve:`2013-1848`, :cve:`2013-1858`, :cve:`2013-1860`, :cve:`2013-1928`, :cve:`2013-1929`, :cve:`2013-1943`, :cve:`2013-1956`, :cve:`2013-1957`, :cve:`2013-1958`, :cve:`2013-1959`, :cve:`2013-1979`, :cve:`2013-2015`, :cve:`2013-2017`, :cve:`2013-2058`, :cve:`2013-2094`, :cve:`2013-2128`, :cve:`2013-2140`, :cve:`2013-2141`, :cve:`2013-2146`, :cve:`2013-2147`, :cve:`2013-2148`, :cve:`2013-2164`, :cve:`2013-2206`, :cve:`2013-2232`, :cve:`2013-2234`, :cve:`2013-2237`, :cve:`2013-2546`, :cve:`2013-2547`, :cve:`2013-2548`, :cve:`2013-2596`, :cve:`2013-2634`, :cve:`2013-2635`, :cve:`2013-2636`, :cve:`2013-2850`, :cve:`2013-2851`, :cve:`2013-2852`, :cve:`2013-2888`, :cve:`2013-2889`, :cve:`2013-2890`, :cve:`2013-2891`, :cve:`2013-2892`, :cve:`2013-2893`, :cve:`2013-2894`, :cve:`2013-2895`, :cve:`2013-2896`, :cve:`2013-2897`, :cve:`2013-2898`, :cve:`2013-2899`, :cve:`2013-2929`, :cve:`2013-2930`, :cve:`2013-3076`, :cve:`2013-3222`, :cve:`2013-3223`, :cve:`2013-3224`, :cve:`2013-3225`, :cve:`2013-3226`, :cve:`2013-3227`, :cve:`2013-3228`, :cve:`2013-3229`, :cve:`2013-3230`, :cve:`2013-3231`, :cve:`2013-3232`, :cve:`2013-3233`, :cve:`2013-3234`, :cve:`2013-3235`, :cve:`2013-3236`, :cve:`2013-3237`, :cve:`2013-3301`, :cve:`2013-3302`, :cve:`2013-4125`, :cve:`2013-4127`, :cve:`2013-4129`, :cve:`2013-4162`, :cve:`2013-4163`, :cve:`2013-4205`, :cve:`2013-4220`, :cve:`2013-4247`, :cve:`2013-4254`, :cve:`2013-4270`, :cve:`2013-4299`, :cve:`2013-4300`, :cve:`2013-4312`, :cve:`2013-4343`, :cve:`2013-4345`, :cve:`2013-4348`, :cve:`2013-4350`, :cve:`2013-4387`, :cve:`2013-4470`, :cve:`2013-4483`, :cve:`2013-4511`, :cve:`2013-4512`, :cve:`2013-4513`, :cve:`2013-4514`, :cve:`2013-4515`, :cve:`2013-4516`, :cve:`2013-4563`, :cve:`2013-4579`, :cve:`2013-4587`, :cve:`2013-4588`, :cve:`2013-4591`, :cve:`2013-4592`, :cve:`2013-5634`, :cve:`2013-6282`, :cve:`2013-6367`, :cve:`2013-6368`, :cve:`2013-6376`, :cve:`2013-6378`, :cve:`2013-6380`, :cve:`2013-6381`, :cve:`2013-6382`, :cve:`2013-6383`, :cve:`2013-6431`, :cve:`2013-6432`, :cve:`2013-6885`, :cve:`2013-7026`, :cve:`2013-7027`, :cve:`2013-7263`, :cve:`2013-7264`, :cve:`2013-7265`, :cve:`2013-7266`, :cve:`2013-7267`, :cve:`2013-7268`, :cve:`2013-7269`, :cve:`2013-7270`, :cve:`2013-7271`, :cve:`2013-7281`, :cve:`2013-7339`, :cve:`2013-7348`, :cve:`2013-7421`, :cve:`2013-7446`, :cve:`2013-7470`, :cve:`2014-0038`, :cve:`2014-0049`, :cve:`2014-0055`, :cve:`2014-0069`, :cve:`2014-0077`, :cve:`2014-0100`, :cve:`2014-0101`, :cve:`2014-0102`, :cve:`2014-0131`, :cve:`2014-0155`, :cve:`2014-0181`, :cve:`2014-0196`, :cve:`2014-0203`, :cve:`2014-0205`, :cve:`2014-0206`, :cve:`2014-1438`, :cve:`2014-1444`, :cve:`2014-1445`, :cve:`2014-1446`, :cve:`2014-1690`, :cve:`2014-1737`, :cve:`2014-1738`, :cve:`2014-1739`, :cve:`2014-1874`, :cve:`2014-2038`, :cve:`2014-2039`, :cve:`2014-2309`, :cve:`2014-2523`, :cve:`2014-2568`, :cve:`2014-2580`, :cve:`2014-2672`, :cve:`2014-2673`, :cve:`2014-2678`, :cve:`2014-2706`, :cve:`2014-2739`, :cve:`2014-2851`, :cve:`2014-2889`, :cve:`2014-3122`, :cve:`2014-3144`, :cve:`2014-3145`, :cve:`2014-3153`, :cve:`2014-3180`, :cve:`2014-3181`, :cve:`2014-3182`, :cve:`2014-3183`, :cve:`2014-3184`, :cve:`2014-3185`, :cve:`2014-3186`, :cve:`2014-3534`, :cve:`2014-3535`, :cve:`2014-3601`, :cve:`2014-3610`, :cve:`2014-3611`, :cve:`2014-3631`, :cve:`2014-3645`, :cve:`2014-3646`, :cve:`2014-3647`, :cve:`2014-3673`, :cve:`2014-3687`, :cve:`2014-3688`, :cve:`2014-3690`, :cve:`2014-3917`, :cve:`2014-3940`, :cve:`2014-4014`, :cve:`2014-4027`, :cve:`2014-4157`, :cve:`2014-4171`, :cve:`2014-4508`, :cve:`2014-4608`, :cve:`2014-4611`, :cve:`2014-4652`, :cve:`2014-4653`, :cve:`2014-4654`, :cve:`2014-4655`, :cve:`2014-4656`, :cve:`2014-4667`, :cve:`2014-4699`, :cve:`2014-4943`, :cve:`2014-5045`, :cve:`2014-5077`, :cve:`2014-5206`, :cve:`2014-5207`, :cve:`2014-5471`, :cve:`2014-5472`, :cve:`2014-6410`, :cve:`2014-6416`, :cve:`2014-6417`, :cve:`2014-6418`, :cve:`2014-7145`, :cve:`2014-7283`, :cve:`2014-7284`, :cve:`2014-7822`, :cve:`2014-7825`, :cve:`2014-7826`, :cve:`2014-7841`, :cve:`2014-7842`, :cve:`2014-7843`, :cve:`2014-7970`, :cve:`2014-7975`, :cve:`2014-8086`, :cve:`2014-8133`, :cve:`2014-8134`, :cve:`2014-8159`, :cve:`2014-8160`, :cve:`2014-8171`, :cve:`2014-8172`, :cve:`2014-8173`, :cve:`2014-8369`, :cve:`2014-8480`, :cve:`2014-8481`, :cve:`2014-8559`, :cve:`2014-8709`, :cve:`2014-8884`, :cve:`2014-8989`, :cve:`2014-9090`, :cve:`2014-9322`, :cve:`2014-9419`, :cve:`2014-9420`, :cve:`2014-9428`, :cve:`2014-9529`, :cve:`2014-9584`, :cve:`2014-9585`, :cve:`2014-9644`, :cve:`2014-9683`, :cve:`2014-9710`, :cve:`2014-9715`, :cve:`2014-9717`, :cve:`2014-9728`, :cve:`2014-9729`, :cve:`2014-9730`, :cve:`2014-9731`, :cve:`2014-9803`, :cve:`2014-9870`, :cve:`2014-9888`, :cve:`2014-9895`, :cve:`2014-9903`, :cve:`2014-9904`, :cve:`2014-9914`, :cve:`2014-9922`, :cve:`2014-9940`, :cve:`2015-0239`, :cve:`2015-0274`, :cve:`2015-0275`, :cve:`2015-1333`, :cve:`2015-1339`, :cve:`2015-1350`, :cve:`2015-1420`, :cve:`2015-1421`, :cve:`2015-1465`, :cve:`2015-1573`, :cve:`2015-1593`, :cve:`2015-1805`, :cve:`2015-2041`, :cve:`2015-2042`, :cve:`2015-2150`, :cve:`2015-2666`, :cve:`2015-2672`, :cve:`2015-2686`, :cve:`2015-2830`, :cve:`2015-2922`, :cve:`2015-2925`, :cve:`2015-3212`, :cve:`2015-3214`, :cve:`2015-3288`, :cve:`2015-3290`, :cve:`2015-3291`, :cve:`2015-3331`, :cve:`2015-3339`, :cve:`2015-3636`, :cve:`2015-4001`, :cve:`2015-4002`, :cve:`2015-4003`, :cve:`2015-4004`, :cve:`2015-4036`, :cve:`2015-4167`, :cve:`2015-4170`, :cve:`2015-4176`, :cve:`2015-4177`, :cve:`2015-4178`, :cve:`2015-4692`, :cve:`2015-4700`, :cve:`2015-5156`, :cve:`2015-5157`, :cve:`2015-5257`, :cve:`2015-5283`, :cve:`2015-5307`, :cve:`2015-5327`, :cve:`2015-5364`, :cve:`2015-5366`, :cve:`2015-5697`, :cve:`2015-5706`, :cve:`2015-5707`, :cve:`2015-6252`, :cve:`2015-6526`, :cve:`2015-6937`, :cve:`2015-7509`, :cve:`2015-7513`, :cve:`2015-7515`, :cve:`2015-7550`, :cve:`2015-7566`, :cve:`2015-7613`, :cve:`2015-7799`, :cve:`2015-7833`, :cve:`2015-7872`, :cve:`2015-7884`, :cve:`2015-7885`, :cve:`2015-7990`, :cve:`2015-8104`, :cve:`2015-8215`, :cve:`2015-8324`, :cve:`2015-8374`, :cve:`2015-8539`, :cve:`2015-8543`, :cve:`2015-8550`, :cve:`2015-8551`, :cve:`2015-8552`, :cve:`2015-8553`, :cve:`2015-8569`, :cve:`2015-8575`, :cve:`2015-8660`, :cve:`2015-8709`, :cve:`2015-8746`, :cve:`2015-8767`, :cve:`2015-8785`, :cve:`2015-8787`, :cve:`2015-8812`, :cve:`2015-8816`, :cve:`2015-8830`, :cve:`2015-8839`, :cve:`2015-8844`, :cve:`2015-8845`, :cve:`2015-8950`, :cve:`2015-8952`, :cve:`2015-8953`, :cve:`2015-8955`, :cve:`2015-8956`, :cve:`2015-8961`, :cve:`2015-8962`, :cve:`2015-8963`, :cve:`2015-8964`, :cve:`2015-8966`, :cve:`2015-8967`, :cve:`2015-8970`, :cve:`2015-9004`, :cve:`2015-9016`, :cve:`2015-9289`, :cve:`2016-0617`, :cve:`2016-0723`, :cve:`2016-0728`, :cve:`2016-0758`, :cve:`2016-0821`, :cve:`2016-0823`, :cve:`2016-10044`, :cve:`2016-10088`, :cve:`2016-10147`, :cve:`2016-10150`, :cve:`2016-10153`, :cve:`2016-10154`, :cve:`2016-10200`, :cve:`2016-10208`, :cve:`2016-10229`, :cve:`2016-10318`, :cve:`2016-10723`, :cve:`2016-10741`, :cve:`2016-10764`, :cve:`2016-10905`, :cve:`2016-10906`, :cve:`2016-10907`, :cve:`2016-1237`, :cve:`2016-1575`, :cve:`2016-1576`, :cve:`2016-1583`, :cve:`2016-2053`, :cve:`2016-2069`, :cve:`2016-2070`, :cve:`2016-2085`, :cve:`2016-2117`, :cve:`2016-2143`, :cve:`2016-2184`, :cve:`2016-2185`, :cve:`2016-2186`, :cve:`2016-2187`, :cve:`2016-2188`, :cve:`2016-2383`, :cve:`2016-2384`, :cve:`2016-2543`, :cve:`2016-2544`, :cve:`2016-2545`, :cve:`2016-2546`, :cve:`2016-2547`, :cve:`2016-2548`, :cve:`2016-2549`, :cve:`2016-2550`, :cve:`2016-2782`, :cve:`2016-2847`, :cve:`2016-3044`, :cve:`2016-3070`, :cve:`2016-3134`, :cve:`2016-3135`, :cve:`2016-3136`, :cve:`2016-3137`, :cve:`2016-3138`, :cve:`2016-3139`, :cve:`2016-3140`, :cve:`2016-3156`, :cve:`2016-3157`, :cve:`2016-3672`, :cve:`2016-3689`, :cve:`2016-3713`, :cve:`2016-3841`, :cve:`2016-3857`, :cve:`2016-3951`, :cve:`2016-3955`, :cve:`2016-3961`, :cve:`2016-4440`, :cve:`2016-4470`, :cve:`2016-4482`, :cve:`2016-4485`, :cve:`2016-4486`, :cve:`2016-4557`, :cve:`2016-4558`, :cve:`2016-4565`, :cve:`2016-4568`, :cve:`2016-4569`, :cve:`2016-4578`, :cve:`2016-4580`, :cve:`2016-4581`, :cve:`2016-4794`, :cve:`2016-4805`, :cve:`2016-4913`, :cve:`2016-4951`, :cve:`2016-4997`, :cve:`2016-4998`, :cve:`2016-5195`, :cve:`2016-5243`, :cve:`2016-5244`, :cve:`2016-5400`, :cve:`2016-5412`, :cve:`2016-5696`, :cve:`2016-5728`, :cve:`2016-5828`, :cve:`2016-5829`, :cve:`2016-6130`, :cve:`2016-6136`, :cve:`2016-6156`, :cve:`2016-6162`, :cve:`2016-6187`, :cve:`2016-6197`, :cve:`2016-6198`, :cve:`2016-6213`, :cve:`2016-6327`, :cve:`2016-6480`, :cve:`2016-6516`, :cve:`2016-6786`, :cve:`2016-6787`, :cve:`2016-6828`, :cve:`2016-7039`, :cve:`2016-7042`, :cve:`2016-7097`, :cve:`2016-7117`, :cve:`2016-7425`, :cve:`2016-7910`, :cve:`2016-7911`, :cve:`2016-7912`, :cve:`2016-7913`, :cve:`2016-7914`, :cve:`2016-7915`, :cve:`2016-7916`, :cve:`2016-7917`, :cve:`2016-8399`, :cve:`2016-8405`, :cve:`2016-8630`, :cve:`2016-8632`, :cve:`2016-8633`, :cve:`2016-8636`, :cve:`2016-8645`, :cve:`2016-8646`, :cve:`2016-8650`, :cve:`2016-8655`, :cve:`2016-8658`, :cve:`2016-8666`, :cve:`2016-9083`, :cve:`2016-9084`, :cve:`2016-9120`, :cve:`2016-9178`, :cve:`2016-9191`, :cve:`2016-9313`, :cve:`2016-9555`, :cve:`2016-9576`, :cve:`2016-9588`, :cve:`2016-9604`, :cve:`2016-9685`, :cve:`2016-9754`, :cve:`2016-9755`, :cve:`2016-9756`, :cve:`2016-9777`, :cve:`2016-9793`, :cve:`2016-9794`, :cve:`2016-9806`, :cve:`2016-9919`, :cve:`2017-0605`, :cve:`2017-0627`, :cve:`2017-0750`, :cve:`2017-0786`, :cve:`2017-0861`, :cve:`2017-1000`, :cve:`2017-1000111`, :cve:`2017-1000112`, :cve:`2017-1000251`, :cve:`2017-1000252`, :cve:`2017-1000253`, :cve:`2017-1000255`, :cve:`2017-1000363`, :cve:`2017-1000364`, :cve:`2017-1000365`, :cve:`2017-1000370`, :cve:`2017-1000371`, :cve:`2017-1000379`, :cve:`2017-1000380`, :cve:`2017-1000405`, :cve:`2017-1000407`, :cve:`2017-1000410`, :cve:`2017-10661`, :cve:`2017-10662`, :cve:`2017-10663`, :cve:`2017-10810`, :cve:`2017-10911`, :cve:`2017-11089`, :cve:`2017-11176`, :cve:`2017-11472`, :cve:`2017-11473`, :cve:`2017-11600`, :cve:`2017-12134`, :cve:`2017-12146`, :cve:`2017-12153`, :cve:`2017-12154`, :cve:`2017-12168`, :cve:`2017-12188`, :cve:`2017-12190`, :cve:`2017-12192`, :cve:`2017-12193`, :cve:`2017-12762`, :cve:`2017-13080`, :cve:`2017-13166`, :cve:`2017-13167`, :cve:`2017-13168`, :cve:`2017-13215`, :cve:`2017-13216`, :cve:`2017-13220`, :cve:`2017-13305`, :cve:`2017-13686`, :cve:`2017-13695`, :cve:`2017-13715`, :cve:`2017-14051`, :cve:`2017-14106`, :cve:`2017-14140`, :cve:`2017-14156`, :cve:`2017-14340`, :cve:`2017-14489`, :cve:`2017-14497`, :cve:`2017-14954`, :cve:`2017-14991`, :cve:`2017-15102`, :cve:`2017-15115`, :cve:`2017-15116`, :cve:`2017-15121`, :cve:`2017-15126`, :cve:`2017-15127`, :cve:`2017-15128`, :cve:`2017-15129`, :cve:`2017-15265`, :cve:`2017-15274`, :cve:`2017-15299`, :cve:`2017-15306`, :cve:`2017-15537`, :cve:`2017-15649`, :cve:`2017-15868`, :cve:`2017-15951`, :cve:`2017-16525`, :cve:`2017-16526`, :cve:`2017-16527`, :cve:`2017-16528`, :cve:`2017-16529`, :cve:`2017-16530`, :cve:`2017-16531`, :cve:`2017-16532`, :cve:`2017-16533`, :cve:`2017-16534`, :cve:`2017-16535`, :cve:`2017-16536`, :cve:`2017-16537`, :cve:`2017-16538`, :cve:`2017-16643`, :cve:`2017-16644`, :cve:`2017-16645`, :cve:`2017-16646`, :cve:`2017-16647`, :cve:`2017-16648`, :cve:`2017-16649`, :cve:`2017-16650`, :cve:`2017-16911`, :cve:`2017-16912`, :cve:`2017-16913`, :cve:`2017-16914`, :cve:`2017-16939`, :cve:`2017-16994`, :cve:`2017-16995`, :cve:`2017-16996`, :cve:`2017-17052`, :cve:`2017-17053`, :cve:`2017-17448`, :cve:`2017-17449`, :cve:`2017-17450`, :cve:`2017-17558`, :cve:`2017-17712`, :cve:`2017-17741`, :cve:`2017-17805`, :cve:`2017-17806`, :cve:`2017-17807`, :cve:`2017-17852`, :cve:`2017-17853`, :cve:`2017-17854`, :cve:`2017-17855`, :cve:`2017-17856`, :cve:`2017-17857`, :cve:`2017-17862`, :cve:`2017-17863`, :cve:`2017-17864`, :cve:`2017-17975`, :cve:`2017-18017`, :cve:`2017-18075`, :cve:`2017-18079`, :cve:`2017-18174`, :cve:`2017-18193`, :cve:`2017-18200`, :cve:`2017-18202`, :cve:`2017-18203`, :cve:`2017-18204`, :cve:`2017-18208`, :cve:`2017-18216`, :cve:`2017-18218`, :cve:`2017-18221`, :cve:`2017-18222`, :cve:`2017-18224`, :cve:`2017-18232`, :cve:`2017-18241`, :cve:`2017-18249`, :cve:`2017-18255`, :cve:`2017-18257`, :cve:`2017-18261`, :cve:`2017-18270`, :cve:`2017-18344`, :cve:`2017-18360`, :cve:`2017-18379`, :cve:`2017-18509`, :cve:`2017-18549`, :cve:`2017-18550`, :cve:`2017-18551`, :cve:`2017-18552`, :cve:`2017-18595`, :cve:`2017-2583`, :cve:`2017-2584`, :cve:`2017-2596`, :cve:`2017-2618`, :cve:`2017-2634`, :cve:`2017-2636`, :cve:`2017-2647`, :cve:`2017-2671`, :cve:`2017-5123`, :cve:`2017-5546`, :cve:`2017-5547`, :cve:`2017-5548`, :cve:`2017-5549`, :cve:`2017-5550`, :cve:`2017-5551`, :cve:`2017-5576`, :cve:`2017-5577`, :cve:`2017-5669`, :cve:`2017-5715`, :cve:`2017-5753`, :cve:`2017-5754`, :cve:`2017-5897`, :cve:`2017-5967`, :cve:`2017-5970`, :cve:`2017-5972`, :cve:`2017-5986`, :cve:`2017-6001`, :cve:`2017-6074`, :cve:`2017-6214`, :cve:`2017-6345`, :cve:`2017-6346`, :cve:`2017-6347`, :cve:`2017-6348`, :cve:`2017-6353`, :cve:`2017-6874`, :cve:`2017-6951`, :cve:`2017-7184`, :cve:`2017-7187`, :cve:`2017-7261`, :cve:`2017-7273`, :cve:`2017-7277`, :cve:`2017-7294`, :cve:`2017-7308`, :cve:`2017-7346`, :cve:`2017-7374`, :cve:`2017-7472`, :cve:`2017-7477`, :cve:`2017-7482`, :cve:`2017-7487`, :cve:`2017-7495`, :cve:`2017-7518`, :cve:`2017-7533`, :cve:`2017-7541`, :cve:`2017-7542`, :cve:`2017-7558`, :cve:`2017-7616`, :cve:`2017-7618`, :cve:`2017-7645`, :cve:`2017-7889`, :cve:`2017-7895`, :cve:`2017-7979`, :cve:`2017-8061`, :cve:`2017-8062`, :cve:`2017-8063`, :cve:`2017-8064`, :cve:`2017-8065`, :cve:`2017-8066`, :cve:`2017-8067`, :cve:`2017-8068`, :cve:`2017-8069`, :cve:`2017-8070`, :cve:`2017-8071`, :cve:`2017-8072`, :cve:`2017-8106`, :cve:`2017-8240`, :cve:`2017-8797`, :cve:`2017-8824`, :cve:`2017-8831`, :cve:`2017-8890`, :cve:`2017-8924`, :cve:`2017-8925`, :cve:`2017-9059`, :cve:`2017-9074`, :cve:`2017-9075`, :cve:`2017-9076`, :cve:`2017-9077`, :cve:`2017-9150`, :cve:`2017-9211`, :cve:`2017-9242`, :cve:`2017-9605`, :cve:`2017-9725`, :cve:`2017-9984`, :cve:`2017-9985`, :cve:`2017-9986`, :cve:`2018-1000004`, :cve:`2018-1000026`, :cve:`2018-1000028`, :cve:`2018-1000199`, :cve:`2018-1000200`, :cve:`2018-1000204`, :cve:`2018-10021`, :cve:`2018-10074`, :cve:`2018-10087`, :cve:`2018-10124`, :cve:`2018-10322`, :cve:`2018-10323`, :cve:`2018-1065`, :cve:`2018-1066`, :cve:`2018-10675`, :cve:`2018-1068`, :cve:`2018-10840`, :cve:`2018-10853`, :cve:`2018-1087`, :cve:`2018-10876`, :cve:`2018-10877`, :cve:`2018-10878`, :cve:`2018-10879`, :cve:`2018-10880`, :cve:`2018-10881`, :cve:`2018-10882`, :cve:`2018-10883`, :cve:`2018-10901`, :cve:`2018-10902`, :cve:`2018-1091`, :cve:`2018-1092`, :cve:`2018-1093`, :cve:`2018-10938`, :cve:`2018-1094`, :cve:`2018-10940`, :cve:`2018-1095`, :cve:`2018-1108`, :cve:`2018-1118`, :cve:`2018-1120`, :cve:`2018-11232`, :cve:`2018-1128`, :cve:`2018-1129`, :cve:`2018-1130`, :cve:`2018-11412`, :cve:`2018-11506`, :cve:`2018-11508`, :cve:`2018-12126`, :cve:`2018-12127`, :cve:`2018-12130`, :cve:`2018-12207`, :cve:`2018-12232`, :cve:`2018-12233`, :cve:`2018-12633`, :cve:`2018-12714`, :cve:`2018-12896`, :cve:`2018-12904`, :cve:`2018-13053`, :cve:`2018-13093`, :cve:`2018-13094`, :cve:`2018-13095`, :cve:`2018-13096`, :cve:`2018-13097`, :cve:`2018-13098`, :cve:`2018-13099`, :cve:`2018-13100`, :cve:`2018-13405`, :cve:`2018-13406`, :cve:`2018-14609`, :cve:`2018-14610`, :cve:`2018-14611`, :cve:`2018-14612`, :cve:`2018-14613`, :cve:`2018-14614`, :cve:`2018-14615`, :cve:`2018-14616`, :cve:`2018-14617`, :cve:`2018-14619`, :cve:`2018-14625`, :cve:`2018-14633`, :cve:`2018-14634`, :cve:`2018-14641`, :cve:`2018-14646`, :cve:`2018-14656`, :cve:`2018-14678`, :cve:`2018-14734`, :cve:`2018-15471`, :cve:`2018-15572`, :cve:`2018-15594`, :cve:`2018-16276`, :cve:`2018-16597`, :cve:`2018-16658`, :cve:`2018-16862`, :cve:`2018-16871`, :cve:`2018-16880`, :cve:`2018-16882`, :cve:`2018-16884`, :cve:`2018-17182`, :cve:`2018-17972`, :cve:`2018-18021`, :cve:`2018-18281`, :cve:`2018-18386`, :cve:`2018-18397`, :cve:`2018-18445`, :cve:`2018-18559`, :cve:`2018-18690`, :cve:`2018-18710`, :cve:`2018-18955`, :cve:`2018-19406`, :cve:`2018-19407`, :cve:`2018-19824`, :cve:`2018-19854`, :cve:`2018-19985`, :cve:`2018-20169`, :cve:`2018-20449`, :cve:`2018-20509`, :cve:`2018-20510`, :cve:`2018-20511`, :cve:`2018-20669`, :cve:`2018-20784`, :cve:`2018-20836`, :cve:`2018-20854`, :cve:`2018-20855`, :cve:`2018-20856`, :cve:`2018-20961`, :cve:`2018-20976`, :cve:`2018-21008`, :cve:`2018-25015`, :cve:`2018-25020`, :cve:`2018-3620`, :cve:`2018-3639`, :cve:`2018-3646`, :cve:`2018-3665`, :cve:`2018-3693`, :cve:`2018-5332`, :cve:`2018-5333`, :cve:`2018-5344`, :cve:`2018-5390`, :cve:`2018-5391`, :cve:`2018-5703`, :cve:`2018-5750`, :cve:`2018-5803`, :cve:`2018-5814`, :cve:`2018-5848`, :cve:`2018-5873`, :cve:`2018-5953`, :cve:`2018-5995`, :cve:`2018-6412`, :cve:`2018-6554`, :cve:`2018-6555`, :cve:`2018-6927`, :cve:`2018-7191`, :cve:`2018-7273`, :cve:`2018-7480`, :cve:`2018-7492`, :cve:`2018-7566`, :cve:`2018-7740`, :cve:`2018-7754`, :cve:`2018-7755`, :cve:`2018-7757`, :cve:`2018-7995`, :cve:`2018-8043`, :cve:`2018-8087`, :cve:`2018-8781`, :cve:`2018-8822`, :cve:`2018-8897`, :cve:`2018-9363`, :cve:`2018-9385`, :cve:`2018-9415`, :cve:`2018-9422`, :cve:`2018-9465`, :cve:`2018-9516`, :cve:`2018-9517`, :cve:`2018-9518`, :cve:`2018-9568`, :cve:`2019-0136`, :cve:`2019-0145`, :cve:`2019-0146`, :cve:`2019-0147`, :cve:`2019-0148`, :cve:`2019-0149`, :cve:`2019-0154`, :cve:`2019-0155`, :cve:`2019-10124`, :cve:`2019-10125`, :cve:`2019-10126`, :cve:`2019-10142`, :cve:`2019-10207`, :cve:`2019-10220`, :cve:`2019-10638`, :cve:`2019-10639`, :cve:`2019-11085`, :cve:`2019-11091`, :cve:`2019-11135`, :cve:`2019-11190`, :cve:`2019-11191`, :cve:`2019-1125`, :cve:`2019-11477`, :cve:`2019-11478`, :cve:`2019-11479`, :cve:`2019-11486`, :cve:`2019-11487`, :cve:`2019-11599`, :cve:`2019-11683`, :cve:`2019-11810`, :cve:`2019-11811`, :cve:`2019-11815`, :cve:`2019-11833`, :cve:`2019-11884`, :cve:`2019-12378`, :cve:`2019-12379`, :cve:`2019-12380`, :cve:`2019-12381`, :cve:`2019-12382`, :cve:`2019-12454`, :cve:`2019-12455`, :cve:`2019-12614`, :cve:`2019-12615`, :cve:`2019-12817`, :cve:`2019-12818`, :cve:`2019-12819`, :cve:`2019-12881`, :cve:`2019-12984`, :cve:`2019-13233`, :cve:`2019-13272`, :cve:`2019-13631`, :cve:`2019-13648`, :cve:`2019-14283`, :cve:`2019-14284`, :cve:`2019-14615`, :cve:`2019-14763`, :cve:`2019-14814`, :cve:`2019-14815`, :cve:`2019-14816`, :cve:`2019-14821`, :cve:`2019-14835`, :cve:`2019-14895`, :cve:`2019-14896`, :cve:`2019-14897`, :cve:`2019-14901`, :cve:`2019-15030`, :cve:`2019-15031`, :cve:`2019-15090`, :cve:`2019-15098`, :cve:`2019-15099`, :cve:`2019-15117`, :cve:`2019-15118`, :cve:`2019-15211`, :cve:`2019-15212`, :cve:`2019-15213`, :cve:`2019-15214`, :cve:`2019-15215`, :cve:`2019-15216`, :cve:`2019-15217`, :cve:`2019-15218`, :cve:`2019-15219`, :cve:`2019-15220`, :cve:`2019-15221`, :cve:`2019-15222`, :cve:`2019-15223`, :cve:`2019-15291`, :cve:`2019-15292`, :cve:`2019-15504`, :cve:`2019-15505`, :cve:`2019-15538`, :cve:`2019-15666`, :cve:`2019-15794`, :cve:`2019-15807`, :cve:`2019-15916`, :cve:`2019-15917`, :cve:`2019-15918`, :cve:`2019-15919`, :cve:`2019-15920`, :cve:`2019-15921`, :cve:`2019-15922`, :cve:`2019-15923`, :cve:`2019-15924`, :cve:`2019-15925`, :cve:`2019-15926`, :cve:`2019-15927`, :cve:`2019-16229`, :cve:`2019-16230`, :cve:`2019-16231`, :cve:`2019-16232`, :cve:`2019-16233`, :cve:`2019-16234`, :cve:`2019-16413`, :cve:`2019-16714`, :cve:`2019-16746`, :cve:`2019-16921`, :cve:`2019-16994`, :cve:`2019-16995`, :cve:`2019-17052`, :cve:`2019-17053`, :cve:`2019-17054`, :cve:`2019-17055`, :cve:`2019-17056`, :cve:`2019-17075`, :cve:`2019-17133`, :cve:`2019-17351`, :cve:`2019-17666`, :cve:`2019-18198`, :cve:`2019-18282`, :cve:`2019-18660`, :cve:`2019-18675`, :cve:`2019-18683`, :cve:`2019-18786`, :cve:`2019-18805`, :cve:`2019-18806`, :cve:`2019-18807`, :cve:`2019-18808`, :cve:`2019-18809`, :cve:`2019-18810`, :cve:`2019-18811`, :cve:`2019-18812`, :cve:`2019-18813`, :cve:`2019-18814`, :cve:`2019-18885`, :cve:`2019-19036`, :cve:`2019-19037`, :cve:`2019-19039`, :cve:`2019-19043`, :cve:`2019-19044`, :cve:`2019-19045`, :cve:`2019-19046`, :cve:`2019-19047`, :cve:`2019-19048`, :cve:`2019-19049`, :cve:`2019-19050`, :cve:`2019-19051`, :cve:`2019-19052`, :cve:`2019-19053`, :cve:`2019-19054`, :cve:`2019-19055`, :cve:`2019-19056`, :cve:`2019-19057`, :cve:`2019-19058`, :cve:`2019-19059`, :cve:`2019-19060`, :cve:`2019-19061`, :cve:`2019-19062`, :cve:`2019-19063`, :cve:`2019-19064`, :cve:`2019-19065`, :cve:`2019-19066`, :cve:`2019-19067`, :cve:`2019-19068`, :cve:`2019-19069`, :cve:`2019-19070`, :cve:`2019-19071`, :cve:`2019-19072`, :cve:`2019-19073`, :cve:`2019-19074`, :cve:`2019-19075`, :cve:`2019-19076`, :cve:`2019-19077`, :cve:`2019-19078`, :cve:`2019-19079`, :cve:`2019-19080`, :cve:`2019-19081`, :cve:`2019-19082`, :cve:`2019-19083`, :cve:`2019-19227`, :cve:`2019-19241`, :cve:`2019-19252`, :cve:`2019-19318`, :cve:`2019-19319`, :cve:`2019-19332`, :cve:`2019-19338`, :cve:`2019-19377`, :cve:`2019-19447`, :cve:`2019-19448`, :cve:`2019-19449`, :cve:`2019-19462`, :cve:`2019-19523`, :cve:`2019-19524`, :cve:`2019-19525`, :cve:`2019-19526`, :cve:`2019-19527`, :cve:`2019-19528`, :cve:`2019-19529`, :cve:`2019-19530`, :cve:`2019-19531`, :cve:`2019-19532`, :cve:`2019-19533`, :cve:`2019-19534`, :cve:`2019-19535`, :cve:`2019-19536`, :cve:`2019-19537`, :cve:`2019-19543`, :cve:`2019-19602`, :cve:`2019-19767`, :cve:`2019-19768`, :cve:`2019-19769`, :cve:`2019-19770`, :cve:`2019-19807`, :cve:`2019-19813`, :cve:`2019-19815`, :cve:`2019-19816`, :cve:`2019-19922`, :cve:`2019-19927`, :cve:`2019-19947`, :cve:`2019-19965` and :cve:`2019-1999`
+-  nasm: Fix :cve:`2020-21528`
+-  ncurses: Fix :cve:`2023-29491`
+-  nghttp2: Fix :cve:`2023-35945`
+-  procps: Fix :cve:`2023-4016`
+-  python3-certifi: Fix :cve:`2023-37920`
+-  python3-git: Fix :cve:`2022-24439` and :cve:`2023-40267`
+-  python3-pygments: Fix :cve:`2022-40896`
+-  python3: Fix :cve:`2023-40217`
+-  qemu: Fix :cve:`2020-14394`, :cve:`2021-3638`, :cve_mitre:`2023-2861`, :cve:`2023-3180` and :cve:`2023-3354`
+-  tiff: fix :cve:`2023-2908`, :cve:`2023-3316` and :cve:`2023-3618`
+-  vim: Fix :cve:`2023-3896`, :cve:`2023-4733`, :cve:`2023-4734`, :cve:`2023-4735`, :cve:`2023-4736`, :cve:`2023-4738`, :cve:`2023-4750` and :cve:`2023-4752`
+-  webkitgtk: fix :cve:`2022-48503` and :cve:`2023-23529`
+
+
+
+Fixes in Yocto-4.0.13
+~~~~~~~~~~~~~~~~~~~~~
+
+-  acl/attr: ptest fixes and improvements
+-  automake: fix buildtest patch
+-  bind: Upgrade to 9.18.17
+-  binutils: stable 2.38 branch updates
+-  build-appliance-image: Update to kirkstone head revision
+-  build-sysroots: Add :term:`SUMMARY` field
+-  cargo.bbclass: set up cargo environment in common do_compile
+-  contributor-guide: recipe-style-guide: add Upstream-Status
+-  dbus: Specify runstatedir configure option
+-  dev-manual: common-tasks: mention faster "find" command to trim sstate cache
+-  dev-manual: disk-space: improve wording for obsolete sstate cache files
+-  dev-manual: licenses: mention :term:`SPDX` for license compliance
+-  dev-manual: licenses: update license manifest location
+-  dev-manual: new-recipe.rst fix inconsistency with contributor guide
+-  dev-manual: split common-tasks.rst
+-  dev-manual: wic.rst: Update native tools build command
+-  documentation/README: align with master
+-  efivar: backport 5 patches to fix build with gold
+-  externalsrc: fix dependency chain issues
+-  glibc-locale: use stricter matching for metapackages' runtime dependencies
+-  glibc/check-test-wrapper: don't emit warnings from ssh
+-  glibc: stable 2.35 branch updates
+-  gst-devtools: Upgrade to 1.20.7
+-  gstreamer1.0-libav: Upgrade to 1.20.7
+-  gstreamer1.0-omx: Upgrade to 1.20.7
+-  gstreamer1.0-plugins-bad: Upgrade to 1.20.7
+-  gstreamer1.0-plugins-base: Upgrade to 1.20.7
+-  gstreamer1.0-plugins-good: Upgrade to 1.20.7
+-  gstreamer1.0-plugins-ugly: Upgrade to 1.20.7
+-  gstreamer1.0-python: Upgrade to 1.20.7
+-  gstreamer1.0-rtsp-server: Upgrade to 1.20.7
+-  gstreamer1.0-vaapi: Upgrade to 1.20.7
+-  gstreamer1.0: Upgrade to 1.20.7
+-  kernel: Fix path comparison in kernel staging dir symlinking
+-  lib/package_manager: Improve repo artefact filtering
+-  libdnf: resolve cstdint inclusion for newer gcc versions
+-  libnss-nis: Upgrade to 3.2
+-  librsvg: Upgrade to 2.52.10
+-  libxcrypt: update :term:`PV` to match :term:`SRCREV`
+-  linux-firmware : Add firmware of RTL8822 serie
+-  linux-firmware: Fix mediatek mt7601u firmware path
+-  linux-firmware: package firmware for Dragonboard 410c
+-  linux-firmware: split platform-specific Adreno shaders to separate packages
+-  linux-firmware: Upgrade to 20230625
+-  linux-yocto/5.10: update to v5.10.188
+-  linux-yocto/5.15: update to v5.15.124
+-  linux-yocto: add script to generate kernel :term:`CVE_CHECK_IGNORE` entries
+-  linux/cve-exclusion: add generated CVE_CHECK_IGNORES.
+-  linux/cve-exclusion: remove obsolete manual entries
+-  manuals: add new contributor guide
+-  manuals: document "mime-xdg" class and :term:`MIME_XDG_PACKAGES`
+-  manuals: update former references to dev-manual/common-tasks
+-  mdadm: add util-linux-blockdev ptest dependency
+-  migration-guides: add release notes for 4.0.12
+-  npm.bbclass: avoid DeprecationWarning with new python
+-  oeqa/runtime/ltp: Increase ltp test output timeout
+-  oeqa/ssh: Further improve process exit handling
+-  oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
+-  oeqa/utils/nfs: allow requesting non-udp ports
+-  pixman: Remove duplication of license MIT
+-  poky.conf: bump version for 4.0.13
+-  poky.conf: update :term:`SANITY_TESTED_DISTROS` to match autobuilder
+-  pseudo: Fix to work with glibc 2.38
+-  python3-git: Upgrade to 3.1.32
+-  python3: upgrade to 3.10.13
+-  ref-manual: add Initramfs term
+-  ref-manual: add meson class and variables
+-  ref-manual: add new variables
+-  ref-manual: qa-checks: align with master
+-  ref-manual: system-requirements: update supported distros
+-  resulttool/report: Avoid divide by zero
+-  resulttool/resultutils: allow index generation despite corrupt json
+-  rootfs: Add debugfs package db file copy and cleanup
+-  rpm2cpio.sh: update to the last 4.x version
+-  rpm: Pick debugfs package db files/dirs explicitly
+-  scripts/create-pull-request: update URLs to git repositories
+-  scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2
+-  sdk-manual: extensible.rst: align with master branch
+-  selftest/cases/glibc.py: fix the override syntax
+-  selftest/cases/glibc.py: increase the memory for testing
+-  selftest/cases/glibc.py: switch to using NFS over TCP
+-  shadow-sysroot: add license information
+-  sysklogd: fix integration with systemd-journald
+-  tar: Upgrade to 1.35
+-  target/ssh: Ensure exit code set for commands
+-  tcl: prevent installing another copy of tzdata
+-  template: fix typo in section header
+-  vim: Upgrade to 9.0.1894
+-  vim: update obsolete comment
+-  wic: fix wrong attempt to create file system in unpartitioned regions
+-  yocto-uninative: Update to 4.2 for glibc 2.38
+-  yocto-uninative: Update to 4.3
+
+
+Known Issues in Yocto-4.0.13
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+
+Contributors to Yocto-4.0.13
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Abe Kohandel
+-  Adrian Freihofer
+-  Alberto Planas
+-  Alex Kiernan
+-  Alexander Kanavin
+-  Alexis Lothoré
+-  Anuj Mittal
+-  Archana Polampalli
+-  Ashish Sharma
+-  BELOUARGA Mohamed
+-  Bruce Ashfield
+-  Changqing Li
+-  Dmitry Baryshkov
+-  Enrico Scholz
+-  Etienne Cordonnier
+-  Hitendra Prajapati
+-  Julien Stephan
+-  Kai Kang
+-  Khem Raj
+-  Lee Chee Yang
+-  Marek Vasut
+-  Markus Niebel
+-  Martin Jansa
+-  Meenali Gupta
+-  Michael Halstead
+-  Michael Opdenacker
+-  Narpat Mali
+-  Ovidiu Panait
+-  Pavel Zhukov
+-  Peter Marko
+-  Peter Suti
+-  Poonam Jadhav
+-  Richard Purdie
+-  Roland Hieber
+-  Ross Burton
+-  Sanjana
+-  Siddharth Doshi
+-  Soumya Sambu
+-  Staffan Rydén
+-  Steve Sakoman
+-  Trevor Gamblin
+-  Vijay Anusuri
+-  Vivek Kumbhar
+-  Wang Mingyu
+-  Yogita Urade
+
+
+Repositories / Downloads for Yocto-4.0.13
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.13 </poky/log/?h=yocto-4.0.13>`
+-  Git Revision: :yocto_git:`e51bf557f596c4da38789a948a3228ba11455e3c </poky/commit/?id=e51bf557f596c4da38789a948a3228ba11455e3c>`
+-  Release Artefact: poky-e51bf557f596c4da38789a948a3228ba11455e3c
+-  sha: afddadb367a90154751f04993077bceffdc1413f9ba9b8c03acb487d0437286e
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/poky-e51bf557f596c4da38789a948a3228ba11455e3c.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/poky-e51bf557f596c4da38789a948a3228ba11455e3c.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
+-  Tag:  :oe_git:`yocto-4.0.13 </openembedded-core/log/?h=yocto-4.0.13>`
+-  Git Revision: :oe_git:`d90e4d5e3cca9cffe8f60841afc63667a9ac39fa </openembedded-core/commit/?id=d90e4d5e3cca9cffe8f60841afc63667a9ac39fa>`
+-  Release Artefact: oecore-d90e4d5e3cca9cffe8f60841afc63667a9ac39fa
+-  sha: 56e3bdac81b3628e74dfef2132a54be4db7d87373139a00ed64f5c9a354d716a
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/oecore-d90e4d5e3cca9cffe8f60841afc63667a9ac39fa.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/oecore-d90e4d5e3cca9cffe8f60841afc63667a9ac39fa.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.13 </meta-mingw/log/?h=yocto-4.0.13>`
+-  Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>`
+-  Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1
+-  sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
+
+meta-gplv2
+
+-  Repository Location: :yocto_git:`/meta-gplv2`
+-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.13 </meta-gplv2/log/?h=yocto-4.0.13>`
+-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
+-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
+-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
+-  Tag:  :oe_git:`yocto-4.0.13 </bitbake/log/?h=yocto-4.0.13>`
+-  Git Revision: :oe_git:`41b6684489d0261753344956042be2cc4adb0159 </bitbake/commit/?id=41b6684489d0261753344956042be2cc4adb0159>`
+-  Release Artefact: bitbake-41b6684489d0261753344956042be2cc4adb0159
+-  sha: efa2b1c4d0be115ed3960750d1e4ed958771b2db6d7baee2d13ad386589376e8
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.13 </yocto-docs/log/?h=yocto-4.0.13>`
+-  Git Revision: :yocto_git:`8f02741de867125f11a37822b2d206be180d4ee3 </yocto-docs/commit/?id=8f02741de867125f11a37822b2d206be180d4ee3>`
+
diff --git a/poky/documentation/overview-manual/concepts.rst b/poky/documentation/overview-manual/concepts.rst
index af825a9..4e3f642 100644
--- a/poky/documentation/overview-manual/concepts.rst
+++ b/poky/documentation/overview-manual/concepts.rst
@@ -1963,6 +1963,15 @@
    the stability of the task's output hash. Therefore, the effectiveness
    of Hash Equivalence strongly depends on it.
 
+   Recipes that are not reproducible may have undesired behavior if hash
+   equivalence is enabled, since the non-reproducible diverging output maybe be
+   remapped to an older sstate object in the cache by the server. If a recipe
+   is non-reproducible in trivial ways, such as different timestamps, this is
+   likely not a problem. However recipes that have more dramatic changes (such
+   as completely different file names) will likely outright fail since the
+   downstream sstate objects are not actually equivalent to what was just
+   built.
+
 This applies to multiple scenarios:
 
 -  A "trivial" change to a recipe that doesn't impact its generated output,
diff --git a/poky/documentation/ref-manual/svg/releases.svg b/poky/documentation/ref-manual/svg/releases.svg
index e7d5c6d..5333498 100644
--- a/poky/documentation/ref-manual/svg/releases.svg
+++ b/poky/documentation/ref-manual/svg/releases.svg
@@ -718,7 +718,7 @@
          x="1373.233"
          y="-247.33261"
          style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5">4.4</tspan></text>
+         id="tspan10317-2-9-1-4-6-5">5.0</tspan></text>
     <rect
        style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
        id="rect917-0-0-4-4-9-9"
diff --git a/poky/meta-poky/conf/distro/poky-tiny.conf b/poky/meta-poky/conf/distro/poky-tiny.conf
index 7b04b35..32c2ec3 100644
--- a/poky/meta-poky/conf/distro/poky-tiny.conf
+++ b/poky/meta-poky/conf/distro/poky-tiny.conf
@@ -44,7 +44,7 @@
 # Distro config is evaluated after the machine config, so we have to explicitly
 # set the kernel provider to override a machine config.
 PREFERRED_PROVIDER_virtual/kernel = "linux-yocto-tiny"
-PREFERRED_VERSION_linux-yocto-tiny ?= "6.4%"
+PREFERRED_VERSION_linux-yocto-tiny ?= "6.5%"
 
 # We can use packagegroup-core-boot, but in the future we may need a new packagegroup-core-tiny
 #POKY_DEFAULT_EXTRA_RDEPENDS += "packagegroup-core-boot"
diff --git a/poky/meta-poky/conf/distro/poky.conf b/poky/meta-poky/conf/distro/poky.conf
index 3bc7bff..f290a15 100644
--- a/poky/meta-poky/conf/distro/poky.conf
+++ b/poky/meta-poky/conf/distro/poky.conf
@@ -19,8 +19,8 @@
 
 DISTRO_FEATURES ?= "${DISTRO_FEATURES_DEFAULT} ${POKY_DEFAULT_DISTRO_FEATURES}"
 
-PREFERRED_VERSION_linux-yocto ?= "6.4%"
-PREFERRED_VERSION_linux-yocto-rt ?= "6.4%"
+PREFERRED_VERSION_linux-yocto ?= "6.5%"
+PREFERRED_VERSION_linux-yocto-rt ?= "6.5%"
 
 SDK_NAME = "${DISTRO}-${TCLIBC}-${SDKMACHINE}-${IMAGE_BASENAME}-${TUNE_PKGARCH}-${MACHINE}"
 SDKPATHINSTALL = "/opt/${DISTRO}/${SDK_VERSION}"
diff --git a/poky/meta/classes-global/package.bbclass b/poky/meta/classes-global/package.bbclass
index 0338a5c..7787042 100644
--- a/poky/meta/classes-global/package.bbclass
+++ b/poky/meta/classes-global/package.bbclass
@@ -508,11 +508,9 @@
     # Check for conflict between renamed packages and existing ones
     # for each package in PACKAGES, check if it will be renamed to an existing one
     for p in packages:
-        localdata = bb.data.createCopy(d)
-        localdata.setVar('OVERRIDES', p)
-        rename = localdata.getVar('PKG')
-        if (rename != None) and rename in packages:
-            bb.fatal('package "%s" is renamed to "%s" using PKG:%s, but package name already exists'%(p,rename,p))
+        rename = d.getVar('PKG:%s' % p)
+        if rename and rename in packages:
+            bb.fatal('package "%s" is renamed to "%s" using PKG:%s, but package name already exists' % (p, rename, p))
 
     ###########################################################################
     # Optimisations
diff --git a/poky/meta/classes-recipe/autotools.bbclass b/poky/meta/classes-recipe/autotools.bbclass
index a4c1c4b..5ed21a3 100644
--- a/poky/meta/classes-recipe/autotools.bbclass
+++ b/poky/meta/classes-recipe/autotools.bbclass
@@ -157,7 +157,7 @@
 
 do_configure[file-checksums] += "${@' '.join(siteinfo_get_files(d, sysrootcache=False)[1])}"
 
-CONFIGURE_FILES = "${S}/configure.in ${S}/configure.ac ${S}/config.h.in ${S}/acinclude.m4 Makefile.am"
+CONFIGURE_FILES = "${S}/configure.in ${S}/configure.ac ${S}/config.h.in *.m4 Makefile.am"
 
 autotools_do_configure() {
 	# WARNING: gross hack follows:
diff --git a/poky/meta/classes-recipe/cmake.bbclass b/poky/meta/classes-recipe/cmake.bbclass
index 41748b0..d978b88 100644
--- a/poky/meta/classes-recipe/cmake.bbclass
+++ b/poky/meta/classes-recipe/cmake.bbclass
@@ -156,7 +156,7 @@
 
 addtask generate_toolchain_file after do_patch before do_configure
 
-CONFIGURE_FILES = "CMakeLists.txt"
+CONFIGURE_FILES = "CMakeLists.txt *.cmake"
 
 do_configure[cleandirs] = "${@d.getVar('B') if d.getVar('S') != d.getVar('B') else ''}"
 
diff --git a/poky/meta/classes-recipe/qemuboot.bbclass b/poky/meta/classes-recipe/qemuboot.bbclass
index e30b380..5c4bbd6 100644
--- a/poky/meta/classes-recipe/qemuboot.bbclass
+++ b/poky/meta/classes-recipe/qemuboot.bbclass
@@ -107,6 +107,13 @@
 QB_GRAPHICS ?= ""
 QB_NFSROOTFS_EXTRA_OPT ?= ""
 
+# With 6.5+ (specifically, if DMA_BOUNCE_UNALIGNED_KMALLOC is set) the SW IO TLB
+# is used, and it defaults to 64MB. This is too much when there's only 256MB of
+# RAM, so request 0 slabs and lets the kernel round up to the appropriate minimum
+# (1MB, typically). In virtual hardware there's very little need for these bounce
+# buffers, so the 64MB would be mostly wasted.
+QB_KERNEL_CMDLINE_APPEND:append = " swiotlb=0"
+
 # This should be kept align with ROOT_VM
 QB_DRIVE_TYPE ?= "/dev/sd"
 
diff --git a/poky/meta/classes-recipe/uboot-extlinux-config.bbclass b/poky/meta/classes-recipe/uboot-extlinux-config.bbclass
index f752c16..0413e76 100644
--- a/poky/meta/classes-recipe/uboot-extlinux-config.bbclass
+++ b/poky/meta/classes-recipe/uboot-extlinux-config.bbclass
@@ -23,6 +23,8 @@
 #                                    Measured in 1/10 of a second.
 # UBOOT_EXTLINUX_DEFAULT_LABEL     - Target to be selected by default after
 #                                    the timeout period.
+# UBOOT_EXTLINUX_MENU_TITLE        - Menu title. If empty, MENU TITLE entry
+#                                    will not be added to the output file.
 # UBOOT_EXTLINUX_CONFIG            - Output file.
 #
 # If there's only one label system will boot automatically and menu won't be
@@ -68,6 +70,7 @@
 UBOOT_EXTLINUX_KERNEL_IMAGE ??= "../${KERNEL_IMAGETYPE}"
 UBOOT_EXTLINUX_KERNEL_ARGS ??= "rootwait rw"
 UBOOT_EXTLINUX_MENU_DESCRIPTION:linux ??= "${DISTRO_NAME}"
+UBOOT_EXTLINUX_MENU_TITLE ??= "Select the boot mode"
 
 UBOOT_EXTLINUX_CONFIG = "${B}/extlinux.conf"
 
@@ -95,10 +98,11 @@
         with open(cfile, 'w') as cfgfile:
             cfgfile.write('# Generic Distro Configuration file generated by OpenEmbedded\n')
 
-            if len(labels.split()) > 1:
-                cfgfile.write('menu title Select the boot mode\n')
+            menu_title = localdata.getVar('UBOOT_EXTLINUX_MENU_TITLE')
+            if len(labels.split()) > 1 and menu_title:
+                cfgfile.write('MENU TITLE %s\n' % (menu_title))
 
-            timeout =  localdata.getVar('UBOOT_EXTLINUX_TIMEOUT')
+            timeout = localdata.getVar('UBOOT_EXTLINUX_TIMEOUT')
             if timeout:
                 cfgfile.write('TIMEOUT %s\n' % (timeout))
 
@@ -155,7 +159,7 @@
         bb.fatal('Unable to open %s' % (cfile))
 }
 UBOOT_EXTLINUX_VARS = "CONSOLE MENU_DESCRIPTION ROOT KERNEL_IMAGE FDTDIR FDT KERNEL_ARGS INITRD"
-do_create_extlinux_config[vardeps] += "${@' '.join(['UBOOT_EXTLINUX_%s_%s' % (v, l) for v in d.getVar('UBOOT_EXTLINUX_VARS').split() for l in d.getVar('UBOOT_EXTLINUX_LABELS').split()])}"
+do_create_extlinux_config[vardeps] += "${@' '.join(['UBOOT_EXTLINUX_%s:%s' % (v, l) for v in d.getVar('UBOOT_EXTLINUX_VARS').split() for l in d.getVar('UBOOT_EXTLINUX_LABELS').split()])}"
 do_create_extlinux_config[vardepsexclude] += "OVERRIDES"
 
 addtask create_extlinux_config before do_install do_deploy after do_compile
diff --git a/poky/meta/classes/externalsrc.bbclass b/poky/meta/classes/externalsrc.bbclass
index cba80bb..a54f316 100644
--- a/poky/meta/classes/externalsrc.bbclass
+++ b/poky/meta/classes/externalsrc.bbclass
@@ -252,6 +252,8 @@
     Get the list of files that should trigger do_configure to re-execute,
     based on the value of CONFIGURE_FILES
     """
+    import fnmatch
+
     in_files = (d.getVar('CONFIGURE_FILES') or '').split()
     out_items = []
     search_files = []
@@ -263,8 +265,8 @@
     if search_files:
         s_dir = d.getVar('EXTERNALSRC')
         for root, _, files in os.walk(s_dir):
-            for f in files:
-                if f in search_files:
+            for p in search_files:
+                for f in fnmatch.filter(files, p):
                     out_items.append('%s:True' % os.path.join(root, f))
     return ' '.join(out_items)
 
diff --git a/poky/meta/conf/bitbake.conf b/poky/meta/conf/bitbake.conf
index 21d6c8b..77ff494 100644
--- a/poky/meta/conf/bitbake.conf
+++ b/poky/meta/conf/bitbake.conf
@@ -829,6 +829,7 @@
 include conf/licenses.conf
 require conf/sanity.conf
 require conf/cve-check-map.conf
+include conf/bblock.conf
 
 ##################################################################
 # Weak variables (usually to retain backwards compatibility)
diff --git a/poky/meta/conf/distro/include/maintainers.inc b/poky/meta/conf/distro/include/maintainers.inc
index dcc507b..b2579fc 100644
--- a/poky/meta/conf/distro/include/maintainers.inc
+++ b/poky/meta/conf/distro/include/maintainers.inc
@@ -810,6 +810,7 @@
 RECIPE_MAINTAINER:pn-tiff = "Alexander Kanavin <alex.kanavin@gmail.com>"
 RECIPE_MAINTAINER:pn-time = "Robert Yang <liezhi.yang@windriver.com>"
 RECIPE_MAINTAINER:pn-ttf-bitstream-vera = "Anuj Mittal <anuj.mittal@intel.com>"
+RECIPE_MAINTAINER:pn-ttyrun = "Ross Burton <ross.burton@arm.com>"
 RECIPE_MAINTAINER:pn-tzcode-native = "Unassigned <unassigned@yoctoproject.org>"
 RECIPE_MAINTAINER:pn-tzdata = "Unassigned <unassigned@yoctoproject.org>"
 RECIPE_MAINTAINER:pn-u-boot = "Marek Vasut <marek.vasut@gmail.com>"
diff --git a/poky/meta/conf/machine/include/loongarch/qemuloongarch.inc b/poky/meta/conf/machine/include/loongarch/qemuloongarch.inc
index 30f5605..e1bcfab 100644
--- a/poky/meta/conf/machine/include/loongarch/qemuloongarch.inc
+++ b/poky/meta/conf/machine/include/loongarch/qemuloongarch.inc
@@ -30,6 +30,6 @@
 QB_NETWORK_DEVICE = "-device virtio-net-device,netdev=net0,mac=@MAC@"
 QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-device,drive=disk0"
 QB_SERIAL_OPT = "-device virtio-serial-pci -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
-QB_TCPSERIAL_OPT = " -device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
+QB_TCPSERIAL_OPT = " -device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1,nodelay=on -device virtconsole,chardev=virtcon"
 # Add the 'virtio-rng-pci' device otherwise the guest may run out of entropy
 QB_OPT_APPEND = " -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-device,rng=rng0"
diff --git a/poky/meta/conf/machine/include/riscv/qemuriscv.inc b/poky/meta/conf/machine/include/riscv/qemuriscv.inc
index c977a26..46ae66b 100644
--- a/poky/meta/conf/machine/include/riscv/qemuriscv.inc
+++ b/poky/meta/conf/machine/include/riscv/qemuriscv.inc
@@ -10,7 +10,6 @@
 KEEPUIMAGE = "no"
 
 SERIAL_CONSOLES ?= "115200;ttyS0 115200;hvc0"
-SERIAL_CONSOLES_CHECK = "${SERIAL_CONSOLES}"
 
 IMAGE_FSTYPES += "ext4 wic.qcow2"
 
@@ -34,6 +33,6 @@
 QB_NETWORK_DEVICE = "-device virtio-net-device,netdev=net0,mac=@MAC@"
 QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-device,drive=disk0"
 QB_SERIAL_OPT = "-device virtio-serial-device -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
-QB_TCPSERIAL_OPT = " -device virtio-serial-device -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
+QB_TCPSERIAL_OPT = " -device virtio-serial-device -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1,nodelay=on -device virtconsole,chardev=virtcon"
 QB_GRAPHICS = "-device bochs-display"
 QB_OPT_APPEND = "-device virtio-tablet-pci -device virtio-keyboard-pci"
diff --git a/poky/meta/conf/machine/include/x86/x86-base.inc b/poky/meta/conf/machine/include/x86/x86-base.inc
index 050c20a..fc6c391 100644
--- a/poky/meta/conf/machine/include/x86/x86-base.inc
+++ b/poky/meta/conf/machine/include/x86/x86-base.inc
@@ -18,7 +18,6 @@
 # kernel-related variables
 #
 PREFERRED_PROVIDER_virtual/kernel ??= "linux-yocto"
-PREFERRED_VERSION_linux-yocto ??= "6.4%"
 
 #
 # XSERVER subcomponents, used to build the XSERVER variable
diff --git a/poky/meta/conf/machine/qemuarm.conf b/poky/meta/conf/machine/qemuarm.conf
index 75cfbaf..943ce7c 100644
--- a/poky/meta/conf/machine/qemuarm.conf
+++ b/poky/meta/conf/machine/qemuarm.conf
@@ -10,7 +10,6 @@
 UBOOT_MACHINE ?= "qemu_arm_defconfig"
 
 SERIAL_CONSOLES ?= "115200;ttyAMA0 115200;hvc0"
-SERIAL_CONSOLES_CHECK = "${SERIAL_CONSOLES}"
 
 # For runqemu
 QB_SYSTEM_NAME = "qemu-system-arm"
@@ -27,10 +26,6 @@
 QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-device,drive=disk0"
 # Virtio serial console
 QB_SERIAL_OPT = "-device virtio-serial-device -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
-QB_TCPSERIAL_OPT = "-device virtio-serial-device -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
-
-# 6.4 causes Xorg to fail to read the virtio framebuffer so stick with 6.1 until
-# that is resolved.
-PREFERRED_VERSION_linux-yocto ??= "6.1%"
+QB_TCPSERIAL_OPT = "-device virtio-serial-device -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1,nodelay=on -device virtconsole,chardev=virtcon"
 
 KMACHINE:qemuarm = "qemuarma15"
diff --git a/poky/meta/conf/machine/qemuarm64.conf b/poky/meta/conf/machine/qemuarm64.conf
index 2f0f0e4..a096d96 100644
--- a/poky/meta/conf/machine/qemuarm64.conf
+++ b/poky/meta/conf/machine/qemuarm64.conf
@@ -10,7 +10,6 @@
 UBOOT_MACHINE ?= "qemu_arm64_defconfig"
 
 SERIAL_CONSOLES ?= "115200;ttyAMA0 115200;hvc0"
-SERIAL_CONSOLES_CHECK = "${SERIAL_CONSOLES}"
 
 # For runqemu
 QB_SYSTEM_NAME = "qemu-system-aarch64"
@@ -28,4 +27,4 @@
 QB_ROOTFS_OPT = "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-pci,drive=disk0"
 # Virtio serial console
 QB_SERIAL_OPT = "-device virtio-serial-pci -chardev null,id=virtcon -device virtconsole,chardev=virtcon"
-QB_TCPSERIAL_OPT = "-device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon"
+QB_TCPSERIAL_OPT = "-device virtio-serial-pci -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1,nodelay=on -device virtconsole,chardev=virtcon"
diff --git a/poky/meta/conf/machine/qemuarmv5.conf b/poky/meta/conf/machine/qemuarmv5.conf
index deb4869..f0a86f1 100644
--- a/poky/meta/conf/machine/qemuarmv5.conf
+++ b/poky/meta/conf/machine/qemuarmv5.conf
@@ -16,5 +16,4 @@
 QB_OPT_APPEND = "-device qemu-xhci -device usb-tablet -device usb-kbd"
 QB_DTB = "${@oe.utils.version_less_or_equal('PREFERRED_VERSION_linux-yocto', '4.7', '', 'zImage-versatile-pb.dtb', d)}"
 
-PREFERRED_VERSION_linux-yocto ??= "6.4%"
 KMACHINE:qemuarmv5 = "arm-versatile-926ejs"
diff --git a/poky/meta/lib/oe/sstatesig.py b/poky/meta/lib/oe/sstatesig.py
index 633a0fd..5bf1697 100644
--- a/poky/meta/lib/oe/sstatesig.py
+++ b/poky/meta/lib/oe/sstatesig.py
@@ -104,6 +104,8 @@
         self.lockedhashfn = {}
         self.machine = data.getVar("MACHINE")
         self.mismatch_msgs = []
+        self.mismatch_number = 0
+        self.lockedsigs_msgs = ""
         self.unlockedrecipes = (data.getVar("SIGGEN_UNLOCKED_RECIPES") or
                                 "").split()
         self.unlockedrecipes = { k: "" for k in self.unlockedrecipes }
@@ -187,6 +189,7 @@
                 #bb.warn("Using %s %s %s" % (recipename, task, h))
 
                 if h != h_locked and h_locked != unihash:
+                    self.mismatch_number += 1
                     self.mismatch_msgs.append('The %s:%s sig is computed to be %s, but the sig is locked to %s in %s'
                                           % (recipename, task, h, h_locked, var))
 
@@ -267,6 +270,15 @@
         warn_msgs = []
         error_msgs = []
         sstate_missing_msgs = []
+        info_msgs = None
+
+        if self.lockedsigs:
+            if len(self.lockedsigs) > 10:
+                self.lockedsigs_msgs = "There are %s recipes with locked tasks (%s task(s) have non matching signature)" % (len(self.lockedsigs), self.mismatch_number)
+            else:
+                self.lockedsigs_msgs = "The following recipes have locked tasks:"
+                for pn in self.lockedsigs:
+                    self.lockedsigs_msgs += " %s" % (pn)
 
         for tid in sq_data['hash']:
             if tid not in found:
@@ -279,7 +291,9 @@
                                                % (pn, taskname, sq_data['hash'][tid]))
 
         checklevel = d.getVar("SIGGEN_LOCKEDSIGS_TASKSIG_CHECK")
-        if checklevel == 'warn':
+        if checklevel == 'info':
+            info_msgs = self.lockedsigs_msgs
+        if checklevel == 'warn' or checklevel == 'info':
             warn_msgs += self.mismatch_msgs
         elif checklevel == 'error':
             error_msgs += self.mismatch_msgs
@@ -290,6 +304,8 @@
         elif checklevel == 'error':
             error_msgs += sstate_missing_msgs
 
+        if info_msgs:
+            bb.note(info_msgs)
         if warn_msgs:
             bb.warn("\n".join(warn_msgs))
         if error_msgs:
diff --git a/poky/meta/lib/oeqa/core/utils/concurrencytest.py b/poky/meta/lib/oeqa/core/utils/concurrencytest.py
index 5e20b0e..d10f8f7 100644
--- a/poky/meta/lib/oeqa/core/utils/concurrencytest.py
+++ b/poky/meta/lib/oeqa/core/utils/concurrencytest.py
@@ -264,7 +264,7 @@
             ourpid = os.getpid()
             try:
                 newbuilddir = None
-                stream = os.fdopen(c2pwrite, 'wb', 1)
+                stream = os.fdopen(c2pwrite, 'wb')
                 os.close(c2pread)
 
                 (builddir, newbuilddir) = suite.setupfunc("-st-" + str(ourpid), selftestdir, process_suite)
@@ -309,7 +309,7 @@
             os._exit(0)
         else:
             os.close(c2pwrite)
-            stream = os.fdopen(c2pread, 'rb', 1)
+            stream = os.fdopen(c2pread, 'rb')
             # Collect stdout/stderr into an io buffer
             output = io.BytesIO()
             testserver = ProtocolTestCase(stream, passthrough=output)
diff --git a/poky/meta/lib/oeqa/runtime/cases/_qemutiny.py b/poky/meta/lib/oeqa/runtime/cases/_qemutiny.py
index 14ff8b9..816fd4a 100644
--- a/poky/meta/lib/oeqa/runtime/cases/_qemutiny.py
+++ b/poky/meta/lib/oeqa/runtime/cases/_qemutiny.py
@@ -5,10 +5,15 @@
 #
 
 from oeqa.runtime.case import OERuntimeTestCase
+from oeqa.core.target.qemu import OEQemuTarget
 
 class QemuTinyTest(OERuntimeTestCase):
 
     def test_boot_tiny(self):
-        status, output = self.target.run_serial('uname -a')
-        msg = "Cannot detect poky tiny boot!"
-        self.assertTrue("yocto-tiny" in output, msg)
+        # Until the target has explicit run_serial support, check that the
+        # target is the qemu runner
+        if isinstance(self.target, OEQemuTarget):
+            status, output = self.target.runner.run_serial('uname -a')
+            self.assertIn("Linux", output)
+        else:
+            self.skipTest("Target %s is not OEQemuTarget" % self.target)
diff --git a/poky/meta/lib/oeqa/selftest/cases/bblock.py b/poky/meta/lib/oeqa/selftest/cases/bblock.py
new file mode 100644
index 0000000..2b62d2a
--- /dev/null
+++ b/poky/meta/lib/oeqa/selftest/cases/bblock.py
@@ -0,0 +1,203 @@
+#
+# Copyright (c) 2023 BayLibre, SAS
+# Author: Julien Stepahn <jstephan@baylibre.com>
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import os
+import re
+import bb.tinfoil
+
+import oeqa.utils.ftools as ftools
+from oeqa.utils.commands import runCmd, get_bb_var, get_bb_vars, bitbake
+
+from oeqa.selftest.case import OESelftestTestCase
+
+
+class BBLock(OESelftestTestCase):
+    @classmethod
+    def setUpClass(cls):
+        super(BBLock, cls).setUpClass()
+        cls.lockfile = cls.builddir + "/conf/bblock.conf"
+
+    def unlock_recipes(self, recipes=None, tasks=None):
+        cmd = "bblock -r "
+        if recipes:
+            cmd += " ".join(recipes)
+        if tasks:
+            cmd += " -t " + ",".join(tasks)
+        result = runCmd(cmd)
+
+        if recipes:
+            # ensure all signatures are removed from lockfile
+            contents = ftools.read_file(self.lockfile)
+            for recipe in recipes:
+                for task in tasks:
+                    find_in_contents = re.search(
+                        'SIGGEN_LOCKEDSIGS_.+\s\+=\s"%s:%s:.*"' % (recipe, task),
+                        contents,
+                    )
+                    self.assertFalse(
+                        find_in_contents,
+                        msg="%s:%s should not be present into bblock.conf anymore"
+                        % (recipe, task),
+                    )
+                self.assertExists(self.lockfile)
+        else:
+            self.assertNotExists(self.lockfile)
+
+    def lock_recipes(self, recipes, tasks=None):
+        cmd = "bblock " + " ".join(recipes)
+        if tasks:
+            cmd += " -t " + ",".join(tasks)
+
+        result = runCmd(cmd)
+
+        self.assertExists(self.lockfile)
+
+        # ensure all signatures are added to lockfile
+        contents = ftools.read_file(self.lockfile)
+        for recipe in recipes:
+            if tasks:
+                for task in tasks:
+                    find_in_contents = re.search(
+                        'SIGGEN_LOCKEDSIGS_.+\s\+=\s"%s:%s:.*"' % (recipe, task),
+                        contents,
+                    )
+                    self.assertTrue(
+                        find_in_contents,
+                        msg="%s:%s was not added into bblock.conf. bblock output: %s"
+                        % (recipe, task, result.output),
+                    )
+
+    def modify_tasks(self, recipes, tasks):
+        task_append = ""
+        for recipe in recipes:
+            bb_vars = get_bb_vars(["PV"], recipe)
+            recipe_pv = bb_vars["PV"]
+            recipe_append_file = recipe + "_" + recipe_pv + ".bbappend"
+
+            os.mkdir(os.path.join(self.testlayer_path, "recipes-test", recipe))
+            recipe_append_path = os.path.join(
+                self.testlayer_path, "recipes-test", recipe, recipe_append_file
+            )
+
+            for task in tasks:
+                task_append += "%s:append() {\n#modify task hash \n}\n" % task
+            ftools.write_file(recipe_append_path, task_append)
+            self.add_command_to_tearDown(
+                "rm -rf %s" % os.path.join(self.testlayer_path, "recipes-test", recipe)
+            )
+
+    def test_lock_single_recipe_single_task(self):
+        recipes = ["quilt"]
+        tasks = ["do_compile"]
+        self._run_test(recipes, tasks)
+
+    def test_lock_single_recipe_multiple_tasks(self):
+        recipes = ["quilt"]
+        tasks = ["do_compile", "do_install"]
+        self._run_test(recipes, tasks)
+
+    def test_lock_single_recipe_all_tasks(self):
+        recipes = ["quilt"]
+        self._run_test(recipes, None)
+
+    def test_lock_multiple_recipe_single_task(self):
+        recipes = ["quilt", "bc"]
+        tasks = ["do_compile"]
+        self._run_test(recipes, tasks)
+
+    def test_lock_architecture_specific(self):
+        # unlock all recipes and ensure no bblock.conf file exist
+        self.unlock_recipes()
+
+        recipes = ["quilt"]
+        tasks = ["do_compile"]
+
+        # lock quilt's do_compile task for another machine
+        if self.td["MACHINE"] == "qemux86-64":
+            machine = "qemuarm"
+        else:
+            machine = "qemux86-64"
+
+        self.write_config('MACHINE = "%s"\n' % machine)
+
+        self.lock_recipes(recipes, tasks)
+
+        self.write_config('MACHINE = "%s"\n' % self.td["MACHINE"])
+        # modify quilt's do_compile task
+        self.modify_tasks(recipes, tasks)
+
+        # build quilt using the default machine
+        # No Note/Warning should be emitted since sig is locked for another machine
+        # (quilt package is architecture dependant)
+        info_message = "NOTE: The following recipes have locked tasks: " + recipes[0]
+        warn_message = "The %s:%s sig is computed to be" % (recipes[0], tasks[0])
+        result = bitbake(recipes[0] + " -n")
+        self.assertNotIn(info_message, result.output)
+        self.assertNotIn(warn_message, result.output)
+
+        # unlock all recipes
+        self.unlock_recipes()
+
+    def _run_test(self, recipes, tasks=None):
+        # unlock all recipes and ensure no bblock.conf file exist
+        self.unlock_recipes()
+
+        self.write_config('BB_SIGNATURE_HANDLER = "OEBasicHash"')
+
+        # lock tasks for recipes
+        result = self.lock_recipes(recipes, tasks)
+
+        if not tasks:
+            tasks = []
+            result = bitbake("-c listtasks " + recipes[0])
+            with bb.tinfoil.Tinfoil() as tinfoil:
+                tinfoil.prepare(config_only=False, quiet=2)
+                d = tinfoil.parse_recipe(recipes[0])
+
+                for line in result.output.splitlines():
+                    if line.startswith("do_"):
+                        task = line.split()[0]
+                        if "setscene" in task:
+                            continue
+                        if d.getVarFlag(task, "nostamp"):
+                            continue
+                        tasks.append(task)
+
+        # build recipes. At this stage we should have a Note about recipes
+        # having locked task's sig, but no warning since sig still match
+        info_message = "NOTE: The following recipes have locked tasks: " + " ".join(
+            recipes
+        )
+        for recipe in recipes:
+            result = bitbake(recipe + " -n")
+            self.assertIn(info_message, result.output)
+            for task in tasks:
+                warn_message = "The %s:%s sig is computed to be" % (recipe, task)
+                self.assertNotIn(warn_message, result.output)
+
+        # modify all tasks that are locked to trigger a sig change then build the recipes
+        # at this stage we should have a Note as before, but also a Warning for all
+        # locked tasks indicating the sig mismatch
+        self.modify_tasks(recipes, tasks)
+        for recipe in recipes:
+            result = bitbake(recipe + " -n")
+            self.assertIn(info_message, result.output)
+            for task in tasks:
+                warn_message = "The %s:%s sig is computed to be" % (recipe, task)
+                self.assertIn(warn_message, result.output)
+
+        # unlock all tasks and rebuild, no more Note/Warning should remain
+        self.unlock_recipes(recipes, tasks)
+        for recipe in recipes:
+            result = bitbake(recipe + " -n")
+            self.assertNotIn(info_message, result.output)
+            for task in tasks:
+                warn_message = "The %s:%s sig is computed to be" % (recipe, task)
+                self.assertNotIn(warn_message, result.output)
+
+        # unlock all recipes
+        self.unlock_recipes()
diff --git a/poky/meta/lib/oeqa/selftest/cases/buildoptions.py b/poky/meta/lib/oeqa/selftest/cases/buildoptions.py
index 01ea4dc..1044484 100644
--- a/poky/meta/lib/oeqa/selftest/cases/buildoptions.py
+++ b/poky/meta/lib/oeqa/selftest/cases/buildoptions.py
@@ -50,8 +50,6 @@
             loglines = "".join(f.readlines())
         self.assertIn("ccache", loglines, msg="No match for ccache in %s log.do_compile. For further details: %s" % (recipe , log_compile))
 
-    # https://bugzilla.yoctoproject.org/show_bug.cgi?id=14962
-    @skipIfMachine("qemuarm64", "fails on qemuarm64 (uses SERIAL_CONSOLES_CHECK)")
     def test_read_only_image(self):
         distro_features = get_bb_var('DISTRO_FEATURES')
         if not ('x11' in distro_features and 'opengl' in distro_features):
diff --git a/poky/meta/lib/oeqa/selftest/cases/reproducible.py b/poky/meta/lib/oeqa/selftest/cases/reproducible.py
index 84c6c3a..9b4a088 100644
--- a/poky/meta/lib/oeqa/selftest/cases/reproducible.py
+++ b/poky/meta/lib/oeqa/selftest/cases/reproducible.py
@@ -16,8 +16,6 @@
 import datetime
 
 exclude_packages = [
-	'rust',
-	'rust-dbg'
 	]
 
 def is_excluded(package):
diff --git a/poky/meta/lib/oeqa/utils/gitarchive.py b/poky/meta/lib/oeqa/utils/gitarchive.py
index f9c1526..10cb267 100644
--- a/poky/meta/lib/oeqa/utils/gitarchive.py
+++ b/poky/meta/lib/oeqa/utils/gitarchive.py
@@ -113,7 +113,7 @@
     # First try to fetch tags from repository configured remote
     cmd.append('origin')
     if pattern:
-        cmd.append(pattern)
+        cmd.append("refs/tags/"+pattern)
     try:
         tags_refs = repo.run_cmd(cmd)
         tags = ["".join(d.split()[1].split('/', 2)[2:]) for d in tags_refs.splitlines()]
@@ -235,6 +235,8 @@
     revs = []
     for tag in tags:
         m = tag_re.match(tag)
+        if not m:
+            continue
         groups = m.groupdict()
         revs.append([groups[f] for f in undef_fields] + [tag])
 
diff --git a/poky/meta/lib/oeqa/utils/qemurunner.py b/poky/meta/lib/oeqa/utils/qemurunner.py
index 22cf258..a52fa41 100644
--- a/poky/meta/lib/oeqa/utils/qemurunner.py
+++ b/poky/meta/lib/oeqa/utils/qemurunner.py
@@ -97,6 +97,7 @@
         try:
             sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
             sock.setblocking(0)
+            sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
             sock.bind(("127.0.0.1",0))
             sock.listen(2)
             port = sock.getsockname()[1]
@@ -109,16 +110,15 @@
 
     def decode_qemulog(self, todecode):
         # Sanitize the data received from qemu as it may contain control characters
-        msg = todecode.decode("utf-8", errors='ignore')
+        msg = todecode.decode("utf-8", errors='backslashreplace')
         msg = re_control_char.sub('', msg)
         return msg
 
-    def log(self, msg):
+    def log(self, msg, extension=""):
         if self.logfile:
-            msg = self.decode_qemulog(msg)
-            self.msg += msg
-            with codecs.open(self.logfile, "a", encoding="utf-8") as f:
-                f.write("%s" % msg)
+            with codecs.open(self.logfile + extension, "ab") as f:
+                f.write(msg)
+        self.msg += self.decode_qemulog(msg)
 
     def getOutput(self, o):
         import fcntl
@@ -445,9 +445,11 @@
         self.logger.debug("Waiting at most %d seconds for login banner (%s)" %
                           (self.boottime, time.strftime("%D %H:%M:%S")))
         endtime = time.time() + self.boottime
+        newlinetime = time.time() + 120
         filelist = [self.server_socket, self.runqemu.stdout]
         reachedlogin = False
         stopread = False
+        sentnewlines = False
         qemusock = None
         bootlog = b''
         data = b''
@@ -456,6 +458,16 @@
                 sread, swrite, serror = select.select(filelist, [], [], 5)
             except InterruptedError:
                 continue
+            # With the 6.5 kernel, the serial port getty sometimes fails to appear, the data
+            # appears lost in some buffer somewhere. Wait two minutes, then if we've not had a login,
+            # try and provoke one. This is a workaround until we can work out the root cause.
+            if time.time() > newlinetime and not sentnewlines:
+                self.logger.warning('Probing the serial port to wake it up!')
+                try:
+                    self.server_socket.sendall(bytes("\n\n", "utf-8"))
+                    sentnewlines = True
+                except BrokenPipeError as e:
+                    self.logger.debug('Probe failed %s' % repr(e))
             for file in sread:
                 if file is self.server_socket:
                     qemusock, addr = self.server_socket.accept()
@@ -474,18 +486,14 @@
                         self.logger.error('Invalid file type: %s\n%s' % (file))
                         read = b''
 
-                    self.logger.debug2('Partial boot log:\n%s' % (read.decode('utf-8', errors='ignore')))
+                    self.logger.debug2('Partial boot log:\n%s' % (read.decode('utf-8', errors='backslashreplace')))
                     data = data + read
                     if data:
                         bootlog += data
-                        if self.serial_ports < 2:
-                            # this file has mixed console/kernel data, log it to logfile
-                            self.log(data)
-
+                        self.log(data, extension = ".2")
                         data = b''
 
-                        decodedlog = self.decode_qemulog(bootlog)
-                        if self.boot_patterns['search_reached_prompt'] in decodedlog:
+                        if bytes(self.boot_patterns['search_reached_prompt'], 'utf-8') in bootlog:
                             self.server_socket.close()
                             self.server_socket = qemusock
                             stopread = True
@@ -507,11 +515,20 @@
                                   (self.boottime, time.strftime("%D %H:%M:%S")))
             tail = lambda l: "\n".join(l.splitlines()[-25:])
             bootlog = self.decode_qemulog(bootlog)
-            # in case bootlog is empty, use tail qemu log store at self.msg
-            lines = tail(bootlog if bootlog else self.msg)
-            self.logger.warning("Last 25 lines of text (%d):\n%s" % (len(bootlog), lines))
+            self.logger.warning("Last 25 lines of login console (%d):\n%s" % (len(bootlog), tail(bootlog)))
+            self.logger.warning("Last 25 lines of all logging (%d):\n%s" % (len(self.msg), tail(self.msg)))
             self.logger.warning("Check full boot log: %s" % self.logfile)
             self.stop()
+            data = True
+            while data:
+                try:
+                    time.sleep(1)
+                    data = qemusock.recv(1024)
+                    self.log(data, extension = ".2")
+                    self.logger.warning('Extra log data read: %s\n' % (data.decode('utf-8', errors='backslashreplace')))
+                except Exception as e:
+                    self.logger.warning('Extra log data exception %s' % repr(e))
+                    data = None
             return False
 
         # If we are not able to login the tests can continue
diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc
index 1119148..c7190d5 100644
--- a/poky/meta/recipes-bsp/u-boot/u-boot-common.inc
+++ b/poky/meta/recipes-bsp/u-boot/u-boot-common.inc
@@ -12,9 +12,9 @@
 
 # We use the revision in order to avoid having to fetch it from the
 # repo during parse
-SRCREV = "83cdab8b2c6ea0fc0860f8444d083353b47f1d5c"
+SRCREV = "4459ed60cb1e0562bc5b40405e2b4b9bbf766d57"
 
-SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=u-boot-2023.07.y"
+SRC_URI = "git://source.denx.de/u-boot/u-boot.git;protocol=https;branch=master"
 
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/build"
diff --git a/poky/meta/recipes-bsp/u-boot/u-boot-tools_2023.07.02.bb b/poky/meta/recipes-bsp/u-boot/u-boot-tools_2023.10.bb
similarity index 100%
rename from poky/meta/recipes-bsp/u-boot/u-boot-tools_2023.07.02.bb
rename to poky/meta/recipes-bsp/u-boot/u-boot-tools_2023.10.bb
diff --git a/poky/meta/recipes-bsp/u-boot/u-boot_2023.07.02.bb b/poky/meta/recipes-bsp/u-boot/u-boot_2023.10.bb
similarity index 100%
rename from poky/meta/recipes-bsp/u-boot/u-boot_2023.07.02.bb
rename to poky/meta/recipes-bsp/u-boot/u-boot_2023.10.bb
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/run-ptest b/poky/meta/recipes-connectivity/openssh/openssh/run-ptest
index 1e6eec5..b2244d7 100755
--- a/poky/meta/recipes-connectivity/openssh/openssh/run-ptest
+++ b/poky/meta/recipes-connectivity/openssh/openssh/run-ptest
@@ -19,7 +19,7 @@
 trap output_failed_logs 0
 
 sed -i "/\t\tagent-ptrace /d" Makefile
-make -k BUILDDIR=`pwd`/.. .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="sudo" tests \
+make -k BUILDDIR=`pwd`/.. .OBJDIR=`pwd` .CURDIR=`pwd` SUDO="" tests \
         | sed -u -e 's/^skipped/SKIP: /g' -e 's/^ok /PASS: /g' -e 's/^failed/FAIL: /g'
 
 SSHAGENT=`which ssh-agent`
diff --git a/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
index ef117de..606d189 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
+++ b/poky/meta/recipes-connectivity/openssh/openssh/sshd_check_keys
@@ -57,8 +57,7 @@
     esac
 done
 
-HOST_KEYS=$(sed -n 's/^[ \t]*HostKey[ \t]\+\(.*\)/\1/p' "${sshd_config}")
-[ -z "${HOST_KEYS}" ] && HOST_KEYS="$SYSCONFDIR/ssh_host_rsa_key $SYSCONFDIR/ssh_host_ecdsa_key $SYSCONFDIR/ssh_host_ed25519_key"
+HOST_KEYS=$(sshd -G -f "${sshd_config}" | grep -i '^hostkey ' | cut -f2 -d' ')
 
 for key in ${HOST_KEYS} ; do
     [ -f $key ] && continue
diff --git a/poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb b/poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb
index a38d9c2..e2508aa 100644
--- a/poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb
+++ b/poky/meta/recipes-connectivity/openssh/openssh_9.4p1.bb
@@ -158,7 +158,7 @@
 RDEPENDS:${PN} += "${PN}-scp ${PN}-ssh ${PN}-sshd ${PN}-keygen ${PN}-sftp-server"
 RDEPENDS:${PN}-sshd += "${PN}-keygen ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'pam-plugin-keyinit pam-plugin-loginuid', '', d)}"
 # gdb would make attach-ptrace test pass rather than skip but not worth the build dependencies
-RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed sudo coreutils openssl-bin"
+RDEPENDS:${PN}-ptest += "${PN}-sftp ${PN}-misc ${PN}-sftp-server make sed coreutils openssl-bin"
 
 RPROVIDES:${PN}-ssh = "ssh"
 RPROVIDES:${PN}-sshd = "sshd"
diff --git a/poky/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb b/poky/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
index 868d7a2..8ee88b6 100644
--- a/poky/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
+++ b/poky/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
@@ -15,14 +15,17 @@
 do_install() {
 	install -d ${D}${sysconfdir}
 	install -D -m 0644 ${WORKDIR}/inittab ${D}${sysconfdir}/inittab
-	tmp="${SERIAL_CONSOLES}"
-	[ -n "$tmp" ] && echo >> ${D}${sysconfdir}/inittab
-	for i in $tmp
-	do
-		j=`echo ${i} | sed s/\;/\ /g`
-		id=`echo ${i} | sed -e 's/^.*;//' -e 's/;.*//'`
-		echo "$id::respawn:${base_sbindir}/getty ${j}" >> ${D}${sysconfdir}/inittab
-	done
+
+    CONSOLES="${SERIAL_CONSOLES}"
+    for s in $CONSOLES
+    do
+        speed=$(echo $s | cut -d\; -f 1)
+        device=$(echo $s | cut -d\; -f 2)
+        label=$(echo $device | sed -e 's/tty//' | tail --bytes=5)
+
+        echo "::respawn:${sbindir}/ttyrun $device ${base_sbindir}/getty $speed $device" >> ${D}${sysconfdir}/inittab
+    done
+
 	if [ "${USE_VT}" = "1" ]; then
 		cat <<EOF >>${D}${sysconfdir}/inittab
 # ${base_sbindir}/getty invocations for the runlevels.
@@ -45,32 +48,6 @@
 
 }
 
-pkg_postinst:${PN} () {
-# run this on host and on target
-if [ "${SERIAL_CONSOLES_CHECK}" = "" ]; then
-       exit 0
-fi
-}
-
-pkg_postinst_ontarget:${PN} () {
-# run this on the target
-if [ -e /proc/consoles ]; then
-        tmp="${SERIAL_CONSOLES_CHECK}"
-        for i in $tmp
-        do
-                j=`echo ${i} | sed -e s/^.*\;//g -e s/\:.*//g`
-                k=`echo ${i} | sed s/^.*\://g`
-                if [ -z "`grep ${j} /proc/consoles`" ]; then
-                        if [ -z "${k}" ] || [ -z "`grep ${k} /proc/consoles`" ] || [ ! -e /dev/${j} ]; then
-                                sed -i -e /^.*${j}\ /d -e /^.*${j}$/d /etc/inittab
-                        fi
-                fi
-        done
-        kill -HUP 1
-else
-        exit 1
-fi
-}
 
 # SERIAL_CONSOLES is generally defined by the MACHINE .conf.
 # Set PACKAGE_ARCH appropriately.
@@ -79,6 +56,7 @@
 FILES:${PN} = "${sysconfdir}/inittab"
 CONFFILES:${PN} = "${sysconfdir}/inittab"
 
+RDEPENDS:${PN} = "ttyrun"
 RCONFLICTS:${PN} = "sysvinit-inittab"
 
 USE_VT ?= "1"
diff --git a/poky/meta/recipes-core/busybox/files/syslog b/poky/meta/recipes-core/busybox/files/syslog
index 2208613..a4fea30 100644
--- a/poky/meta/recipes-core/busybox/files/syslog
+++ b/poky/meta/recipes-core/busybox/files/syslog
@@ -10,6 +10,8 @@
 
 set -e
 
+PATH="/bin:/usr/bin:/sbin:/usr/sbin"
+
 if [ -f /etc/syslog-startup.conf ]; then
 	. /etc/syslog-startup.conf
 	LOG_LOCAL=0
diff --git a/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty b/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty
index f60409e..f5671ee 100644
--- a/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty
+++ b/poky/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty
@@ -1,5 +1,9 @@
 #!/bin/sh
 
+SPEED=$1
+DEVICE=$2
+TERM=$3
+
 # busybox' getty does this itself, util-linux' agetty needs extra help
 getty="/sbin/getty"
 case $(readlink -f "${getty}") in
@@ -13,9 +17,4 @@
         ;;
 esac
 
-if [ -e /sys/class/tty/$2 -a -c /dev/$2 ]; then
-	${setsid:-} ${getty} ${options:-} -L $1 $2 $3
-else
-    # Prevent respawning to fast error if /dev entry does not exist
-    sleep 1000
-fi
+${setsid:-} ${getty} ${options:-} -L $SPEED $DEVICE $TERM
diff --git a/poky/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb b/poky/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
index b1f9cb4..6bbe517 100644
--- a/poky/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
+++ b/poky/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
@@ -21,14 +21,14 @@
     install -m 0755 ${WORKDIR}/start_getty ${D}${base_bindir}/start_getty
     sed -e 's,/usr/bin,${bindir},g' -i ${D}${base_bindir}/start_getty
 
-    set -x
-    tmp="${SERIAL_CONSOLES}"
-    for i in $tmp
+    CONSOLES="${SERIAL_CONSOLES}"
+    for s in $CONSOLES
     do
-	j=`echo ${i} | sed s/\;/\ /g`
-	l=`echo ${i} | sed -e 's/tty//' -e 's/^.*;//' -e 's/;.*//'`
-	label=`echo $l | sed 's/.*\(....\)/\1/'`
-	echo "$label:12345:respawn:${base_bindir}/start_getty ${j} vt102" >> ${D}${sysconfdir}/inittab
+        speed=$(echo $s | cut -d\; -f 1)
+        device=$(echo $s | cut -d\; -f 2)
+        label=$(echo $device | sed -e 's/tty//' | tail --bytes=5)
+
+        echo "$label:12345:respawn:${sbindir}/ttyrun $device ${base_bindir}/start_getty $speed $device vt102" >> ${D}${sysconfdir}/inittab
     done
 
     if [ "${USE_VT}" = "1" ]; then
@@ -52,33 +52,6 @@
     fi
 }
 
-pkg_postinst:${PN} () {
-# run this on host and on target
-if [ "${SERIAL_CONSOLES_CHECK}" = "" ]; then
-       exit 0
-fi
-}
-
-pkg_postinst_ontarget:${PN} () {
-# run this on the target
-if [ -e /proc/consoles ]; then
-	tmp="${SERIAL_CONSOLES_CHECK}"
-	for i in $tmp
-	do
-		j=`echo ${i} | sed -e s/^.*\;//g -e s/\:.*//g`
-		k=`echo ${i} | sed s/^.*\://g`
-		if [ -z "`grep ${j} /proc/consoles`" ]; then
-			if [ -z "${k}" ] || [ -z "`grep ${k} /proc/consoles`" ] || [ ! -e /dev/${j} ]; then
-				sed -i -e /^.*${j}\ /d -e /^.*${j}$/d /etc/inittab
-			fi
-		fi
-	done
-	kill -HUP 1
-else
-	exit 1
-fi
-}
-
 # USE_VT and SERIAL_CONSOLES are generally defined by the MACHINE .conf.
 # Set PACKAGE_ARCH appropriately.
 PACKAGE_ARCH = "${MACHINE_ARCH}"
@@ -89,4 +62,5 @@
 USE_VT ?= "1"
 SYSVINIT_ENABLED_GETTYS ?= "1"
 
+RDEPENDS:${PN} = "ttyrun"
 RCONFLICTS:${PN} = "busybox-inittab"
diff --git a/poky/meta/recipes-core/ttyrun/ttyrun_2.29.0.bb b/poky/meta/recipes-core/ttyrun/ttyrun_2.29.0.bb
new file mode 100644
index 0000000..e0956b9
--- /dev/null
+++ b/poky/meta/recipes-core/ttyrun/ttyrun_2.29.0.bb
@@ -0,0 +1,33 @@
+SUMMARY = "Start the program if the specified terminal device is available."
+DESCRIPTION = "ttyrun is typically used to prevent a respawn through the \
+init(8) program when a terminal is not available."
+HOMEPAGE = "https://github.com/ibm-s390-linux/s390-tools"
+
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=f5118f167b055bfd7c3450803f1847af"
+
+SRC_URI = "git://github.com/ibm-s390-linux/s390-tools;protocol=https;branch=master"
+SRCREV = "d9ce54dee3ac3827e76624352293a83eb05c727e"
+
+S = "${WORKDIR}/git"
+
+EXTRA_OEMAKE = "\
+    V=1 \
+    CC="${CC}" \
+    DISTRELEASE=${PR} \
+    "
+
+# We just want ttyrun and not the rest of s390-utils
+
+do_configure() {
+    oe_runmake -C ${S}/iucvterm/src clean
+}
+
+do_compile() {
+    oe_runmake -C ${S}/iucvterm/src ttyrun
+}
+
+do_install() {
+    install -d ${D}${sbindir}
+    install ${S}/iucvterm/src/ttyrun ${D}${sbindir}
+}
diff --git a/poky/meta/recipes-devtools/go/go-1.20.7.inc b/poky/meta/recipes-devtools/go/go-1.20.10.inc
similarity index 89%
rename from poky/meta/recipes-devtools/go/go-1.20.7.inc
rename to poky/meta/recipes-devtools/go/go-1.20.10.inc
index f797436..39509ed 100644
--- a/poky/meta/recipes-devtools/go/go-1.20.7.inc
+++ b/poky/meta/recipes-devtools/go/go-1.20.10.inc
@@ -15,4 +15,4 @@
     file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
     file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \
 "
-SRC_URI[main.sha256sum] = "2c5ee9c9ec1e733b0dbbc2bdfed3f62306e51d8172bf38f4f4e542b27520f597"
+SRC_URI[main.sha256sum] = "72d2f51805c47150066c103754c75fddb2c19d48c9219fa33d1e46696c841dbb"
diff --git a/poky/meta/recipes-devtools/go/go-binary-native_1.20.7.bb b/poky/meta/recipes-devtools/go/go-binary-native_1.20.10.bb
similarity index 78%
rename from poky/meta/recipes-devtools/go/go-binary-native_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go-binary-native_1.20.10.bb
index 3decde1..691670c 100644
--- a/poky/meta/recipes-devtools/go/go-binary-native_1.20.7.bb
+++ b/poky/meta/recipes-devtools/go/go-binary-native_1.20.10.bb
@@ -9,9 +9,9 @@
 
 # Checksums available at https://go.dev/dl/
 SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "f0a87f1bcae91c4b69f8dc2bc6d7e6bfcd7524fceec130af525058c0c17b1b44"
-SRC_URI[go_linux_arm64.sha256sum] = "44781ae3b153c3b07651d93b6bc554e835a36e2d72a696281c1e4dad9efffe43"
-SRC_URI[go_linux_ppc64le.sha256sum] = "6318a1db307c12b8afe68808bd6fae4fba1e558a85b958216096869ed506dcb3"
+SRC_URI[go_linux_amd64.sha256sum] = "80d34f1fd74e382d86c2d6102e0e60d4318461a7c2f457ec1efc4042752d4248"
+SRC_URI[go_linux_arm64.sha256sum] = "fb3c7e15fc4413c5b81eb9f26dbd7cd4faedd5c720b30fa8e2ff77457f74cab6"
+SRC_URI[go_linux_ppc64le.sha256sum] = "ebac6e713810174f9ffd7f48c17c373fbf359d50d8e6233b1dfbbdebd524fd1c"
 
 UPSTREAM_CHECK_URI = "https://golang.org/dl/"
 UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/poky/meta/recipes-devtools/go/go-cross-canadian_1.20.7.bb b/poky/meta/recipes-devtools/go/go-cross-canadian_1.20.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-cross-canadian_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go-cross-canadian_1.20.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-cross_1.20.7.bb b/poky/meta/recipes-devtools/go/go-cross_1.20.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-cross_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go-cross_1.20.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-crosssdk_1.20.7.bb b/poky/meta/recipes-devtools/go/go-crosssdk_1.20.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-crosssdk_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go-crosssdk_1.20.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-native_1.20.7.bb b/poky/meta/recipes-devtools/go/go-native_1.20.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-native_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go-native_1.20.10.bb
diff --git a/poky/meta/recipes-devtools/go/go-runtime_1.20.7.bb b/poky/meta/recipes-devtools/go/go-runtime_1.20.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go-runtime_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go-runtime_1.20.10.bb
diff --git a/poky/meta/recipes-devtools/go/go/0001-cmd-go-make-content-based-hash-generation-less-pedan.patch b/poky/meta/recipes-devtools/go/go/0001-cmd-go-make-content-based-hash-generation-less-pedan.patch
index 56487e3..9a25510 100644
--- a/poky/meta/recipes-devtools/go/go/0001-cmd-go-make-content-based-hash-generation-less-pedan.patch
+++ b/poky/meta/recipes-devtools/go/go/0001-cmd-go-make-content-based-hash-generation-less-pedan.patch
@@ -44,7 +44,7 @@
  		// Should not happen - b.CFlags was given an empty package.
  		fmt.Fprintf(os.Stderr, "go: invalid cflags: %v\n", err)
 diff --git a/src/cmd/go/internal/work/exec.go b/src/cmd/go/internal/work/exec.go
-index d6fa847..7e4fcb3 100644
+index 67d1193..62e1774 100644
 --- a/src/cmd/go/internal/work/exec.go
 +++ b/src/cmd/go/internal/work/exec.go
 @@ -223,6 +223,8 @@ func (b *Builder) Do(ctx context.Context, root *Action) {
@@ -103,7 +103,7 @@
  	}
  
  	// Configuration specific to compiler toolchain.
-@@ -2970,8 +2972,25 @@ func envList(key, def string) []string {
+@@ -2989,8 +2991,25 @@ func envList(key, def string) []string {
  	return args
  }
  
@@ -130,7 +130,7 @@
  	if cppflags, err = buildFlags("CPPFLAGS", "", p.CgoCPPFLAGS, checkCompilerFlags); err != nil {
  		return
  	}
-@@ -2987,6 +3006,13 @@ func (b *Builder) CFlags(p *load.Package) (cppflags, cflags, cxxflags, fflags, l
+@@ -3006,6 +3025,13 @@ func (b *Builder) CFlags(p *load.Package) (cppflags, cflags, cxxflags, fflags, l
  	if ldflags, err = buildFlags("LDFLAGS", defaultCFlags, p.CgoLDFLAGS, checkLinkerFlags); err != nil {
  		return
  	}
@@ -144,7 +144,7 @@
  
  	return
  }
-@@ -3002,7 +3028,7 @@ var cgoRe = lazyregexp.New(`[/\\:]`)
+@@ -3021,7 +3047,7 @@ var cgoRe = lazyregexp.New(`[/\\:]`)
  
  func (b *Builder) cgo(a *Action, cgoExe, objdir string, pcCFLAGS, pcLDFLAGS, cgofiles, gccfiles, gxxfiles, mfiles, ffiles []string) (outGo, outObj []string, err error) {
  	p := a.Package
@@ -153,7 +153,7 @@
  	if err != nil {
  		return nil, nil, err
  	}
-@@ -3510,7 +3536,7 @@ func (b *Builder) swigIntSize(objdir string) (intsize string, err error) {
+@@ -3577,7 +3603,7 @@ func (b *Builder) swigIntSize(objdir string) (intsize string, err error) {
  
  // Run SWIG on one SWIG input file.
  func (b *Builder) swigOne(a *Action, p *load.Package, file, objdir string, pcCFLAGS []string, cxx bool, intgosize string) (outGo, outC string, err error) {
diff --git a/poky/meta/recipes-devtools/go/go/0003-ld-add-soname-to-shareable-objects.patch b/poky/meta/recipes-devtools/go/go/0003-ld-add-soname-to-shareable-objects.patch
index 2bc7d19..ced0be1 100644
--- a/poky/meta/recipes-devtools/go/go/0003-ld-add-soname-to-shareable-objects.patch
+++ b/poky/meta/recipes-devtools/go/go/0003-ld-add-soname-to-shareable-objects.patch
@@ -18,10 +18,10 @@
  1 file changed, 3 insertions(+)
 
 diff --git a/src/cmd/link/internal/ld/lib.go b/src/cmd/link/internal/ld/lib.go
-index c073017..e60d39a 100644
+index 03b9f11..e91c92f 100644
 --- a/src/cmd/link/internal/ld/lib.go
 +++ b/src/cmd/link/internal/ld/lib.go
-@@ -1491,6 +1491,7 @@ func (ctxt *Link) hostlink() {
+@@ -1504,6 +1504,7 @@ func (ctxt *Link) hostlink() {
  				argv = append(argv, "-Wl,-z,relro")
  			}
  			argv = append(argv, "-shared")
@@ -29,7 +29,7 @@
  			if ctxt.HeadType == objabi.Hwindows {
  				argv = addASLRargs(argv, *flagAslr)
  			} else {
-@@ -1506,6 +1507,7 @@ func (ctxt *Link) hostlink() {
+@@ -1519,6 +1520,7 @@ func (ctxt *Link) hostlink() {
  			argv = append(argv, "-Wl,-z,relro")
  		}
  		argv = append(argv, "-shared")
@@ -37,7 +37,7 @@
  	case BuildModePlugin:
  		if ctxt.HeadType == objabi.Hdarwin {
  			argv = append(argv, "-dynamiclib")
-@@ -1514,6 +1516,7 @@ func (ctxt *Link) hostlink() {
+@@ -1527,6 +1529,7 @@ func (ctxt *Link) hostlink() {
  				argv = append(argv, "-Wl,-z,relro")
  			}
  			argv = append(argv, "-shared")
diff --git a/poky/meta/recipes-devtools/go/go/0006-cmd-go-make-GOROOT-precious-by-default.patch b/poky/meta/recipes-devtools/go/go/0006-cmd-go-make-GOROOT-precious-by-default.patch
index 38b28b9..520e41d 100644
--- a/poky/meta/recipes-devtools/go/go/0006-cmd-go-make-GOROOT-precious-by-default.patch
+++ b/poky/meta/recipes-devtools/go/go/0006-cmd-go-make-GOROOT-precious-by-default.patch
@@ -66,11 +66,11 @@
  
  // Note that flags consulted by other parts of the code
 diff --git a/src/cmd/go/internal/work/exec.go b/src/cmd/go/internal/work/exec.go
-index 7e4fcb3..d83b31b 100644
+index 62e1774..cde867b 100644
 --- a/src/cmd/go/internal/work/exec.go
 +++ b/src/cmd/go/internal/work/exec.go
-@@ -527,6 +527,23 @@ func (b *Builder) build(ctx context.Context, a *Action) (err error) {
- 		return errors.New("binary-only packages are no longer supported")
+@@ -546,6 +546,23 @@ func (b *Builder) build(ctx context.Context, a *Action) (err error) {
+ 		return errors.New("cannot compile Go " + p.Module.GoVersion + " code")
  	}
  
 +	if goRootPrecious && (a.Package.Standard || a.Package.Goroot) {
@@ -93,7 +93,7 @@
  	if err := b.Mkdir(a.Objdir); err != nil {
  		return err
  	}
-@@ -1624,6 +1641,14 @@ func (b *Builder) linkShared(ctx context.Context, a *Action) (err error) {
+@@ -1643,6 +1660,14 @@ func (b *Builder) linkShared(ctx context.Context, a *Action) (err error) {
  		return err
  	}
  
diff --git a/poky/meta/recipes-devtools/go/go/0007-exec.go-do-not-write-linker-flags-into-buildids.patch b/poky/meta/recipes-devtools/go/go/0007-exec.go-do-not-write-linker-flags-into-buildids.patch
index a821cf0..7d9869b 100644
--- a/poky/meta/recipes-devtools/go/go/0007-exec.go-do-not-write-linker-flags-into-buildids.patch
+++ b/poky/meta/recipes-devtools/go/go/0007-exec.go-do-not-write-linker-flags-into-buildids.patch
@@ -15,10 +15,10 @@
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/src/cmd/go/internal/work/exec.go b/src/cmd/go/internal/work/exec.go
-index d83b31b..a646fbb 100644
+index cde867b..5cb1812 100644
 --- a/src/cmd/go/internal/work/exec.go
 +++ b/src/cmd/go/internal/work/exec.go
-@@ -1312,7 +1312,7 @@ func (b *Builder) linkActionID(a *Action) cache.ActionID {
+@@ -1331,7 +1331,7 @@ func (b *Builder) linkActionID(a *Action) cache.ActionID {
  	}
  
  	// Toolchain-dependent configuration, shared with b.linkSharedActionID.
@@ -27,7 +27,7 @@
  
  	// Input files.
  	for _, a1 := range a.Deps {
-@@ -1607,7 +1607,7 @@ func (b *Builder) linkSharedActionID(a *Action) cache.ActionID {
+@@ -1626,7 +1626,7 @@ func (b *Builder) linkSharedActionID(a *Action) cache.ActionID {
  	fmt.Fprintf(h, "goos %s goarch %s\n", cfg.Goos, cfg.Goarch)
  
  	// Toolchain-dependent configuration, shared with b.linkActionID.
diff --git a/poky/meta/recipes-devtools/go/go/0009-go-Filter-build-paths-on-staticly-linked-arches.patch b/poky/meta/recipes-devtools/go/go/0009-go-Filter-build-paths-on-staticly-linked-arches.patch
index 705c922..49da5f6 100644
--- a/poky/meta/recipes-devtools/go/go/0009-go-Filter-build-paths-on-staticly-linked-arches.patch
+++ b/poky/meta/recipes-devtools/go/go/0009-go-Filter-build-paths-on-staticly-linked-arches.patch
@@ -16,10 +16,10 @@
  1 file changed, 13 insertions(+), 2 deletions(-)
 
 diff --git a/src/cmd/go/internal/load/pkg.go b/src/cmd/go/internal/load/pkg.go
-index 56a4e5e..22edbdb 100644
+index f427e29..6d6dc4e 100644
 --- a/src/cmd/go/internal/load/pkg.go
 +++ b/src/cmd/go/internal/load/pkg.go
-@@ -2266,6 +2266,17 @@ func (p *Package) collectDeps() {
+@@ -2270,6 +2270,17 @@ func (p *Package) collectDeps() {
  // to their VCS information (vcsStatusError).
  var vcsStatusCache par.Cache
  
@@ -37,7 +37,7 @@
  // setBuildInfo gathers build information, formats it as a string to be
  // embedded in the binary, then sets p.Internal.BuildInfo to that string.
  // setBuildInfo should only be called on a main package with no errors.
-@@ -2372,7 +2383,7 @@ func (p *Package) setBuildInfo(autoVCS bool) {
+@@ -2376,7 +2387,7 @@ func (p *Package) setBuildInfo(autoVCS bool) {
  	if gcflags := BuildGcflags.String(); gcflags != "" && cfg.BuildContext.Compiler == "gc" {
  		appendSetting("-gcflags", gcflags)
  	}
@@ -46,7 +46,7 @@
  		// https://go.dev/issue/52372: only include ldflags if -trimpath is not set,
  		// since it can include system paths through various linker flags (notably
  		// -extar, -extld, and -extldflags).
-@@ -2418,7 +2429,7 @@ func (p *Package) setBuildInfo(autoVCS bool) {
+@@ -2422,7 +2433,7 @@ func (p *Package) setBuildInfo(autoVCS bool) {
  	// subset of flags that are known not to be paths?
  	if cfg.BuildContext.CgoEnabled && !cfg.BuildTrimpath {
  		for _, name := range []string{"CGO_CFLAGS", "CGO_CPPFLAGS", "CGO_CXXFLAGS", "CGO_LDFLAGS"} {
diff --git a/poky/meta/recipes-devtools/go/go_1.20.7.bb b/poky/meta/recipes-devtools/go/go_1.20.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/go/go_1.20.7.bb
rename to poky/meta/recipes-devtools/go/go_1.20.10.bb
diff --git a/poky/meta/recipes-devtools/meson/meson_1.2.1.bb b/poky/meta/recipes-devtools/meson/meson_1.2.2.bb
similarity index 98%
rename from poky/meta/recipes-devtools/meson/meson_1.2.1.bb
rename to poky/meta/recipes-devtools/meson/meson_1.2.2.bb
index fe45266..6a07168 100644
--- a/poky/meta/recipes-devtools/meson/meson_1.2.1.bb
+++ b/poky/meta/recipes-devtools/meson/meson_1.2.2.bb
@@ -15,7 +15,7 @@
            file://0001-Make-CPU-family-warnings-fatal.patch \
            file://0002-Support-building-allarch-recipes-again.patch \
            "
-SRC_URI[sha256sum] = "b1db3a153087549497ee52b1c938d2134e0338214fe14f7efd16fecd57b639f5"
+SRC_URI[sha256sum] = "4a0f04de331fbc7af3b802a844fc8838f4ccd1ded1e792ba4f8f2faf8c5fe4d6"
 
 inherit python_setuptools_build_meta github-releases
 
diff --git a/poky/meta/recipes-devtools/python/python3-docutils_0.20.1.bb b/poky/meta/recipes-devtools/python/python3-docutils_0.20.1.bb
index 65ca55e..6038732 100644
--- a/poky/meta/recipes-devtools/python/python3-docutils_0.20.1.bb
+++ b/poky/meta/recipes-devtools/python/python3-docutils_0.20.1.bb
@@ -8,4 +8,13 @@
 
 inherit pypi setuptools3
 
+do_install:append() {
+    for f in rst2html rst2html4 rst2html5 rst2latex rst2man \
+	           rst2odt rst2odt_prepstyles rst2pseudoxml rst2s5 rst2xetex rst2xml \
+	           rstpep2html
+    do
+        mv ${D}${bindir}/$f.py ${D}${bindir}/$f;
+    done
+}
+
 BBCLASSEXTEND = "native nativesdk"
diff --git a/poky/meta/recipes-devtools/python/python3-numpy_1.26.0.bb b/poky/meta/recipes-devtools/python/python3-numpy_1.26.0.bb
index 4e1e34e..3ae40a3 100644
--- a/poky/meta/recipes-devtools/python/python3-numpy_1.26.0.bb
+++ b/poky/meta/recipes-devtools/python/python3-numpy_1.26.0.bb
@@ -30,15 +30,6 @@
     export NPY_DISABLE_SVML=1
 }
 
-# Unfortunately the following pyc files are non-deterministc due to 'frozenset'
-# being written without strict ordering, even with PYTHONHASHSEED = 0
-# Upstream is discussing ways to solve the issue properly, until then let's
-# just not install the problematic files.
-# More info: http://benno.id.au/blog/2013/01/15/python-determinism
-do_install:append() {
-	rm ${D}${PYTHON_SITEPACKAGES_DIR}/numpy/typing/tests/data/pass/__pycache__/literal.cpython*
-}
-
 FILES:${PN}-staticdev += "${PYTHON_SITEPACKAGES_DIR}/numpy/core/lib/*.a ${PYTHON_SITEPACKAGES_DIR}/numpy/random/lib/*.a"
 
 # install what is needed for numpy.test()
diff --git a/poky/meta/recipes-devtools/qemu/qemu.inc b/poky/meta/recipes-devtools/qemu/qemu.inc
index 9664b74..b331f87 100644
--- a/poky/meta/recipes-devtools/qemu/qemu.inc
+++ b/poky/meta/recipes-devtools/qemu/qemu.inc
@@ -35,6 +35,7 @@
            file://fixmips.patch \
            file://qemu-guest-agent.init \
            file://qemu-guest-agent.udev \
+	   file://CVE-2023-42467.patch \
            "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 
diff --git a/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-42467.patch b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-42467.patch
new file mode 100644
index 0000000..86ab7cf
--- /dev/null
+++ b/poky/meta/recipes-devtools/qemu/qemu/CVE-2023-42467.patch
@@ -0,0 +1,49 @@
+From 7cfcc79b0ab800959716738aff9419f53fc68c9c Mon Sep 17 00:00:00 2001
+From: Thomas Huth <thuth@redhat.com>
+Date: Thu, 5 Oct 2023 06:01:10 +0000
+Subject: [PATCH] hw/scsi/scsi-disk: Disallow block sizes smaller than 512
+ [CVE-2023-42467]
+
+We are doing things like
+
+    nb_sectors /= (s->qdev.blocksize / BDRV_SECTOR_SIZE);
+
+in the code here (e.g. in scsi_disk_emulate_mode_sense()), so if
+the blocksize is smaller than BDRV_SECTOR_SIZE (=512), this crashes
+with a division by 0 exception. Thus disallow block sizes of 256
+bytes to avoid this situation.
+
+Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1813
+CVE: 2023-42467
+Signed-off-by: Thomas Huth <thuth@redhat.com>
+Message-ID: <20230925091854.49198-1-thuth@redhat.com>
+Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
+
+CVE: CVE-2023-42467
+
+Upstream-Status: Backport [https://gitlab.com/qemu-project/qemu/-/commit/7cfcc79b0ab800959716738aff9419f53fc68c9c]
+
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ hw/scsi/scsi-disk.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c
+index e0d79c796..477ee2bcd 100644
+--- a/hw/scsi/scsi-disk.c
++++ b/hw/scsi/scsi-disk.c
+@@ -1628,9 +1628,10 @@ static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
+          * Since the existing code only checks/updates bits 8-15 of the block
+          * size, restrict ourselves to the same requirement for now to ensure
+          * that a block size set by a block descriptor and then read back by
+-         * a subsequent SCSI command will be the same
++         * a subsequent SCSI command will be the same. Also disallow a block
++         * size of 256 since we cannot handle anything below BDRV_SECTOR_SIZE.
+          */
+-        if (bs && !(bs & ~0xff00) && bs != s->qdev.blocksize) {
++        if (bs && !(bs & ~0xfe00) && bs != s->qdev.blocksize) {
+             s->qdev.blocksize = bs;
+             trace_scsi_disk_mode_select_set_blocksize(s->qdev.blocksize);
+         }
+--
+2.40.0
diff --git a/poky/meta/recipes-devtools/rust/rust_1.70.0.bb b/poky/meta/recipes-devtools/rust/rust_1.70.0.bb
index 3b9c05a..16d4339 100644
--- a/poky/meta/recipes-devtools/rust/rust_1.70.0.bb
+++ b/poky/meta/recipes-devtools/rust/rust_1.70.0.bb
@@ -130,6 +130,7 @@
     # [rust]
     config.add_section("rust")
     config.set("rust", "rpath", e(True))
+    config.set("rust", "remap-debuginfo", e(True))
     config.set("rust", "channel", e(d.expand("${RUST_CHANNEL}")))
 
     # Whether or not to optimize the compiler and standard library
diff --git a/poky/meta/recipes-devtools/strace/strace/skip-test-so_peerpidfd.gen.test.patch b/poky/meta/recipes-devtools/strace/strace/skip-test-so_peerpidfd.gen.test.patch
new file mode 100644
index 0000000..5c73e1f
--- /dev/null
+++ b/poky/meta/recipes-devtools/strace/strace/skip-test-so_peerpidfd.gen.test.patch
@@ -0,0 +1,25 @@
+From 002d9f2512245536dfc8d62db429d97e2216ec3a Mon Sep 17 00:00:00 2001
+From: Randy MacLeod <Randy.MacLeod@windriver.com>
+Date: Fri, 6 Oct 2023 12:08:23 -0700
+Subject: [PATCH] skip tests/so_peerpidfd.gen.test
+
+Upstream-Status: Inappropriate
+
+Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
+---
+ tests/so_peerpidfd.gen.test | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tests/so_peerpidfd.gen.test b/tests/so_peerpidfd.gen.test
+index 64ad3a2..f89da9f 100755
+--- a/tests/so_peerpidfd.gen.test
++++ b/tests/so_peerpidfd.gen.test
+@@ -1,4 +1,5 @@
+ #!/bin/sh -efu
+ # Generated by ./tests/gen_tests.sh from ./tests/gen_tests.in (so_peerpidfd --trace=getsockopt -y); do not edit.
+ . "${srcdir=.}/init.sh"
++skip_ "Test fails due to apparently trivial log format differences"
+ run_strace_match_diff --trace=getsockopt -y
+-- 
+2.39.0
+
diff --git a/poky/meta/recipes-devtools/strace/strace_6.5.bb b/poky/meta/recipes-devtools/strace/strace_6.5.bb
index 8f90c35..d6475e8 100644
--- a/poky/meta/recipes-devtools/strace/strace_6.5.bb
+++ b/poky/meta/recipes-devtools/strace/strace_6.5.bb
@@ -14,6 +14,7 @@
            file://skip-load.patch \
            file://0001-configure-Use-autoconf-macro-to-detect-largefile-sup.patch \
            file://0002-tests-Replace-off64_t-with-off_t.patch \
+           file://skip-test-so_peerpidfd.gen.test.patch \
            "
 SRC_URI[sha256sum] = "dfb051702389e1979a151892b5901afc9e93bbc1c70d84c906ade3224ca91980"
 
diff --git a/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb b/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb
index d466905..b27c302 100644
--- a/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb
+++ b/poky/meta/recipes-extended/libtirpc/libtirpc_1.3.3.bb
@@ -18,7 +18,8 @@
 
 inherit autotools pkgconfig
 
-EXTRA_OECONF = "--disable-gssapi"
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[gssapi] = "--enable-gssapi,--disable-gssapi,krb5"
 
 do_install:append() {
 	test -e ${D}${sysconfdir}/netconfig && chown root:root ${D}${sysconfdir}/netconfig
diff --git a/poky/meta/recipes-gnome/gtk+/gtk4_4.12.1.bb b/poky/meta/recipes-gnome/gtk+/gtk4_4.12.3.bb
similarity index 97%
rename from poky/meta/recipes-gnome/gtk+/gtk4_4.12.1.bb
rename to poky/meta/recipes-gnome/gtk+/gtk4_4.12.3.bb
index aa7115b..a547db8 100644
--- a/poky/meta/recipes-gnome/gtk+/gtk4_4.12.1.bb
+++ b/poky/meta/recipes-gnome/gtk+/gtk4_4.12.3.bb
@@ -37,7 +37,7 @@
 UPSTREAM_CHECK_REGEX = "gtk-(?P<pver>\d+\.(\d*[02468])+(\.\d+)+)\.tar.xz"
 
 SRC_URI = "http://ftp.gnome.org/pub/gnome/sources/gtk/${MAJ_VER}/gtk-${PV}.tar.xz"
-SRC_URI[sha256sum] = "b8b61d6cf94fac64bf3a0bfc7af137c9dd2f8360033fdeb0cfe9612b77a99a72"
+SRC_URI[sha256sum] = "148ce262f6c86487455fb1d9793c3f58bc3e1da477a29617fadb0420f5870a89"
 
 S = "${WORKDIR}/gtk-${PV}"
 
diff --git a/poky/meta/recipes-graphics/mesa/files/0001-gallium-Fix-build-with-llvm-17.patch b/poky/meta/recipes-graphics/mesa/files/0001-gallium-Fix-build-with-llvm-17.patch
index 1657081..237f940 100644
--- a/poky/meta/recipes-graphics/mesa/files/0001-gallium-Fix-build-with-llvm-17.patch
+++ b/poky/meta/recipes-graphics/mesa/files/0001-gallium-Fix-build-with-llvm-17.patch
@@ -1,4 +1,4 @@
-From c8e9776abc3dfd3f2411797a90a03e7fa16263ef Mon Sep 17 00:00:00 2001
+From 6d07f6aa7f92f40d78a2db645f16f0f3e7d3c2e8 Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Fri, 23 Jun 2023 01:20:38 -0700
 Subject: [PATCH] gallium: Fix build with llvm 17
@@ -9,16 +9,19 @@
 
 Upstream-Status: Submitted [https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/23827]
 Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- src/gallium/auxiliary/gallivm/lp_bld_init.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
 
+---
+ src/gallium/auxiliary/gallivm/lp_bld_init.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/src/gallium/auxiliary/gallivm/lp_bld_init.c b/src/gallium/auxiliary/gallivm/lp_bld_init.c
+index cd2108f..b1a4d03 100644
 --- a/src/gallium/auxiliary/gallivm/lp_bld_init.c
 +++ b/src/gallium/auxiliary/gallivm/lp_bld_init.c
-@@ -42,8 +42,10 @@
- 
- #include <llvm/Config/llvm-config.h>
- #include <llvm-c/Analysis.h>
+@@ -46,15 +46,19 @@
+ #if GALLIVM_USE_NEW_PASS == 1
+ #include <llvm-c/Transforms/PassBuilder.h>
+ #elif GALLIVM_HAVE_CORO == 1
 +#if LLVM_VERSION_MAJOR < 17
  #include <llvm-c/Transforms/Scalar.h>
 -#if LLVM_VERSION_MAJOR >= 7
@@ -26,8 +29,6 @@
 +#if LLVM_VERSION_MAJOR >= 7 && LLVM_VERSION_MAJOR < 17
  #include <llvm-c/Transforms/Utils.h>
  #endif
- #include <llvm-c/BitWriter.h>
-@@ -53,8 +55,10 @@
  #if LLVM_VERSION_MAJOR <= 8 && (DETECT_ARCH_AARCH64 || DETECT_ARCH_ARM || DETECT_ARCH_S390 || DETECT_ARCH_MIPS64)
  #include <llvm-c/Transforms/IPO.h>
  #endif
diff --git a/poky/meta/recipes-graphics/mesa/files/0001-intel-Allow-using-intel_clc-from-the-system.patch b/poky/meta/recipes-graphics/mesa/files/0001-intel-Allow-using-intel_clc-from-the-system.patch
deleted file mode 100644
index 5eefd02..0000000
--- a/poky/meta/recipes-graphics/mesa/files/0001-intel-Allow-using-intel_clc-from-the-system.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From ac503f5d7bf36f021c576029a64ac1a3199f6b5a Mon Sep 17 00:00:00 2001
-From: Matt Turner <mattst88@gmail.com>
-Date: Thu, 31 Aug 2023 13:16:29 -0400
-Subject: [PATCH] intel: Allow using intel_clc from the system
-
-With -Dintel-clc=system, the build system will search for an `intel_clc`
-binary and use it instead of building `intel_clc` itself.
-
-This allows Intel Vulkan ray tracing support to be built when cross
-compiling without terrible hacks (that would otherwise be necessary due
-to `intel_clc`'s dependence on SPIRV-LLVM-Translator, libclc, clang, and
-LLVM).
-
-Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/24983>
-
-Upstream-Status: Backport [https://gitlab.freedesktop.org/mesa/mesa/-/commit/28c1053c07c177854520f6283fa665f17618adb5]
-
----
- meson.build                      | 6 +++---
- meson_options.txt                | 5 ++++-
- src/intel/compiler/meson.build   | 6 +++++-
- src/intel/vulkan/grl/meson.build | 2 +-
- 4 files changed, 13 insertions(+), 6 deletions(-)
-
-diff --git a/meson.build b/meson.build
-index 16e86ec..00a6953 100644
---- a/meson.build
-+++ b/meson.build
-@@ -259,12 +259,12 @@ endif
- 
- with_microsoft_clc = get_option('microsoft-clc').enabled()
- if ['x86_64'].contains(host_machine.cpu_family())
--  with_intel_clc = get_option('intel-clc').enabled()
--  with_intel_vk_rt = with_intel_vk and with_intel_clc
-+  with_intel_clc = get_option('intel-clc') == 'enabled'
- else
-   with_intel_clc = false
--  with_intel_vk_rt = false
- endif
-+with_intel_vk_rt = with_intel_vk and get_option('intel-clc') != 'disabled'
-+
- with_clc = with_microsoft_clc or with_intel_clc
- with_libclc = with_clc
- with_spirv_to_dxil = get_option('spirv-to-dxil')
-diff --git a/meson_options.txt b/meson_options.txt
-index 379aea3..9800531 100644
---- a/meson_options.txt
-+++ b/meson_options.txt
-@@ -607,9 +607,12 @@ option(
- 
- option(
-   'intel-clc',
--  type : 'feature',
-+  type : 'combo',
-   deprecated: {'true': 'enabled', 'false': 'disabled'},
-   value : 'disabled',
-+  choices : [
-+    'enabled', 'disabled', 'system',
-+  ],
-   description : 'Build the intel-clc compiler (enables Vulkan Intel ' +
-                 'Ray Tracing on supported hardware).'
- )
-diff --git a/src/intel/compiler/meson.build b/src/intel/compiler/meson.build
-index 9a03d37..774e955 100644
---- a/src/intel/compiler/meson.build
-+++ b/src/intel/compiler/meson.build
-@@ -168,7 +168,10 @@ libintel_compiler = static_library(
- )
- 
- # For now this tool is only going to be used by Anv
--if with_intel_clc
-+if get_option('intel-clc') == 'system'
-+  prog_intel_clc = find_program('intel_clc', native : true)
-+  dep_prog_intel_clc = []
-+elif with_intel_clc
-   prog_intel_clc = executable(
-     'intel_clc',
-     ['intel_clc.c'],
-@@ -181,6 +184,7 @@ if with_intel_clc
-     dependencies : [idep_nir, idep_clc, idep_mesautil, idep_intel_dev],
-     native : true,
-   )
-+  dep_prog_intel_clc = [prog_intel_clc]
- endif
- 
- if with_tests
-diff --git a/src/intel/vulkan/grl/meson.build b/src/intel/vulkan/grl/meson.build
-index c0056b3..02a72f5 100644
---- a/src/intel/vulkan/grl/meson.build
-+++ b/src/intel/vulkan/grl/meson.build
-@@ -143,7 +143,7 @@ foreach t : [['125', 'gfx125', 'dg2']]
-                                    # if fixed there
-       ],
-       env: ['MESA_SHADER_CACHE_DISABLE=true'],
--      depends : [prog_intel_clc]
-+      depends : dep_prog_intel_clc
-     )
-   endforeach
- 
diff --git a/poky/meta/recipes-graphics/mesa/mesa-gl_23.1.8.bb b/poky/meta/recipes-graphics/mesa/mesa-gl_23.2.1.bb
similarity index 100%
rename from poky/meta/recipes-graphics/mesa/mesa-gl_23.1.8.bb
rename to poky/meta/recipes-graphics/mesa/mesa-gl_23.2.1.bb
diff --git a/poky/meta/recipes-graphics/mesa/mesa.inc b/poky/meta/recipes-graphics/mesa/mesa.inc
index 4e82450..e5c405a 100644
--- a/poky/meta/recipes-graphics/mesa/mesa.inc
+++ b/poky/meta/recipes-graphics/mesa/mesa.inc
@@ -18,11 +18,10 @@
            file://0001-meson.build-check-for-all-linux-host_os-combinations.patch \
            file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \
            file://0001-gallium-Fix-build-with-llvm-17.patch \
-           file://0001-intel-Allow-using-intel_clc-from-the-system.patch \
            file://0001-meson-Disable-cmake-dependency-detector-for-llvm.patch \
-           "
+"
 
-SRC_URI[sha256sum] = "45434ff91a709844130a3174d9c0ef39c6b50725b2bb0c13e736f36134db14ad"
+SRC_URI[sha256sum] = "64de0616fc2d801f929ab1ac2a4f16b3e2783c4309a724c8a259b20df8bbc1cc"
 
 UPSTREAM_CHECK_GITTAGREGEX = "mesa-(?P<pver>\d+(\.\d+)+)"
 
diff --git a/poky/meta/recipes-graphics/mesa/mesa_23.1.8.bb b/poky/meta/recipes-graphics/mesa/mesa_23.2.1.bb
similarity index 100%
rename from poky/meta/recipes-graphics/mesa/mesa_23.1.8.bb
rename to poky/meta/recipes-graphics/mesa/mesa_23.2.1.bb
diff --git a/poky/meta/recipes-graphics/wayland/wayland/0002-Consider-pkgconfig-sysroot-for-pkgdatadir.patch b/poky/meta/recipes-graphics/wayland/wayland/0002-Consider-pkgconfig-sysroot-for-pkgdatadir.patch
new file mode 100644
index 0000000..4573bb6
--- /dev/null
+++ b/poky/meta/recipes-graphics/wayland/wayland/0002-Consider-pkgconfig-sysroot-for-pkgdatadir.patch
@@ -0,0 +1,46 @@
+From ff8ecbe8891d592e645927659318720f9e190054 Mon Sep 17 00:00:00 2001
+From: Andreas Cord-Landwehr <cordlandwehr@kde.org>
+Date: Sun, 6 Feb 2022 17:23:46 +0100
+Subject: [PATCH] Consider pkgconfig sysroot for pkgdatadir
+
+For libs/cflags this is done automatically, but not for manually accessed
+variables. This matches what wayland-protocols does.
+
+Upstream-Status: Submitted [https://gitlab.freedesktop.org/wayland/wayland/-/merge_requests/272]
+---
+ src/meson.build | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/meson.build b/src/meson.build
+index a8a1d2b..721e151 100644
+--- a/src/meson.build
++++ b/src/meson.build
+@@ -65,7 +65,7 @@ if get_option('scanner')
+ 		version: meson.project_version(),
+ 		variables: [
+ 			'datarootdir=' + join_paths('${prefix}', get_option('datadir')),
+-			'pkgdatadir=' + join_paths('${datarootdir}', meson.project_name()),
++			'pkgdatadir=' + join_paths('${pc_sysrootdir}${datarootdir}', meson.project_name()),
+ 			'bindir=' + join_paths('${prefix}', get_option('bindir')),
+ 			'wayland_scanner=${bindir}/wayland-scanner'
+ 		],
+@@ -211,7 +211,7 @@ if get_option('libraries')
+ 		filebase: 'wayland-server',
+ 		variables: [
+ 			'datarootdir=' + join_paths('${prefix}', get_option('datadir')),
+-			'pkgdatadir=' + join_paths('${datarootdir}', meson.project_name())
++			'pkgdatadir=' + join_paths('${pc_sysrootdir}${datarootdir}', meson.project_name())
+ 		]
+ 	)
+
+@@ -250,7 +250,7 @@ if get_option('libraries')
+ 		filebase: 'wayland-client',
+ 		variables: [
+ 			'datarootdir=' + join_paths('${prefix}', get_option('datadir')),
+-			'pkgdatadir=' + join_paths('${datarootdir}', meson.project_name())
++			'pkgdatadir=' + join_paths('${pc_sysrootdir}${datarootdir}', meson.project_name())
+ 		]
+ 	)
+
+--
+2.37.2
diff --git a/poky/meta/recipes-graphics/wayland/wayland_1.22.0.bb b/poky/meta/recipes-graphics/wayland/wayland_1.22.0.bb
index 26bad58..17e4a0c 100644
--- a/poky/meta/recipes-graphics/wayland/wayland_1.22.0.bb
+++ b/poky/meta/recipes-graphics/wayland/wayland_1.22.0.bb
@@ -15,6 +15,7 @@
 SRC_URI = "https://gitlab.freedesktop.org/wayland/wayland/-/releases/${PV}/downloads/${BPN}-${PV}.tar.xz \
            file://run-ptest \
            file://0001-build-Fix-strndup-detection-on-MinGW.patch \
+           file://0002-Consider-pkgconfig-sysroot-for-pkgdatadir.patch \
            "
 SRC_URI[sha256sum] = "1540af1ea698a471c2d8e9d288332c7e0fd360c8f1d12936ebb7e7cbc2425842"
 
diff --git a/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.6.bb b/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.7.bb
similarity index 92%
rename from poky/meta/recipes-graphics/xorg-lib/libx11_1.8.6.bb
rename to poky/meta/recipes-graphics/xorg-lib/libx11_1.8.7.bb
index 1cfa56b..5f14e62 100644
--- a/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.6.bb
+++ b/poky/meta/recipes-graphics/xorg-lib/libx11_1.8.7.bb
@@ -24,7 +24,7 @@
 
 SRC_URI += "file://disable_tests.patch"
 
-SRC_URI[sha256sum] = "59535b7cc6989ba806a022f7e8533b28c4397b9d86e9d07b6df0c0703fa25cc9"
+SRC_URI[sha256sum] = "05f267468e3c851ae2b5c830bcf74251a90f63f04dd7c709ca94dc155b7e99ee"
 
 inherit gettext
 
diff --git a/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb b/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.17.bb
similarity index 88%
rename from poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb
rename to poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.17.bb
index c3d01f1..8e15ecc 100644
--- a/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.16.bb
+++ b/poky/meta/recipes-graphics/xorg-lib/libxpm_3.5.17.bb
@@ -22,6 +22,6 @@
 FILES:cxpm = "${bindir}/cxpm"
 FILES:sxpm = "${bindir}/sxpm"
 
-SRC_URI[sha256sum] = "e6bc5da7a69dbd9bcc67e87c93d4904fe2f5177a0711c56e71fa2f6eff649f51"
+SRC_URI[sha256sum] = "64b31f81019e7d388c822b0b28af8d51c4622b83f1f0cb6fa3fc95e271226e43"
 
 BBCLASSEXTEND = "native"
diff --git a/poky/meta/recipes-kernel/cryptodev/cryptodev.inc b/poky/meta/recipes-kernel/cryptodev/cryptodev.inc
index 61c688f..64a9c29 100644
--- a/poky/meta/recipes-kernel/cryptodev/cryptodev.inc
+++ b/poky/meta/recipes-kernel/cryptodev/cryptodev.inc
@@ -10,7 +10,8 @@
 
 SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux;branch=master;protocol=https \
            "
-SRCREV = "795f5fda1485d447cdbad342e8304be317d4f7e8"
+SRCREV = "bb8bc7cf60d2c0b097c8b3b0e807f805b577a53f"
+PV = "1.13+git${SRCPV}"
 
 S = "${WORKDIR}/git"
 
diff --git a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230804.bb b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230804.bb
index ee14630..1dbe837 100644
--- a/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230804.bb
+++ b/poky/meta/recipes-kernel/linux-firmware/linux-firmware_20230804.bb
@@ -18,6 +18,8 @@
     & Firmware-ca0132 \
     & Firmware-cavium \
     & Firmware-chelsio_firmware \
+    & Firmware-cirrus \
+    & Firmware-cnm \
     & Firmware-cw1200 \
     & Firmware-cypress \
     & Firmware-dib0700 \
@@ -83,6 +85,8 @@
                     file://LICENCE.cadence;md5=009f46816f6956cfb75ede13d3e1cee0 \
                     file://LICENCE.cavium;md5=c37aaffb1ebe5939b2580d073a95daea \
                     file://LICENCE.chelsio_firmware;md5=819aa8c3fa453f1b258ed8d168a9d903 \
+                    file://LICENSE.cirrus;md5=bb18d943382abf8e8232a9407bfdafe0 \
+                    file://LICENCE.cnm;md5=93b67e6bac7f8fec22b96b8ad0a1a9d0 \
                     file://LICENCE.cw1200;md5=f0f770864e7a8444a5c5aa9d12a3a7ed \
                     file://LICENCE.cypress;md5=48cd9436c763bf873961f9ed7b5c147b \
                     file://LICENSE.dib0700;md5=f7411825c8a555a1a3e5eab9ca773431 \
@@ -155,6 +159,8 @@
 NO_GENERIC_LICENSE[Firmware-cadence] = "LICENCE.cadence"
 NO_GENERIC_LICENSE[Firmware-cavium] = "LICENCE.cavium"
 NO_GENERIC_LICENSE[Firmware-chelsio_firmware] = "LICENCE.chelsio_firmware"
+NO_GENERIC_LICENSE[Firmware-cirrus] = "LICENSE.cirrus"
+NO_GENERIC_LICENSE[Firmware-cnm] = "LICENCE.cnm"
 NO_GENERIC_LICENSE[Firmware-cw1200] = "LICENCE.cw1200"
 NO_GENERIC_LICENSE[Firmware-cypress] = "LICENCE.cypress"
 NO_GENERIC_LICENSE[Firmware-dib0700] = "LICENSE.dib0700"
@@ -283,6 +289,8 @@
              ${PN}-bcm4373 \
              ${PN}-bcm43xx \
              ${PN}-bcm43xx-hdr \
+             ${PN}-cirrus-license ${PN}-cirrus \
+             ${PN}-cnm-license ${PN}-cnm \
              ${PN}-atheros-license ${PN}-ar9170 ${PN}-ath6k ${PN}-ath9k ${PN}-ath3k \
              ${PN}-gplv2-license ${PN}-carl9170 \
              ${PN}-ar3k-license ${PN}-ar3k ${PN}-ath10k-license ${PN}-ath10k ${PN}-ath11k ${PN}-qca \
@@ -879,6 +887,24 @@
 
 RDEPENDS:${PN}-bnx2-mips += "${PN}-whence-license"
 
+# For cirrus
+LICENSE:${PN}-cirrus = "Firmware-cirrus"
+LICENSE:${PN}-cirrus-license = "Firmware-cirrus"
+
+FILES:${PN}-cirrus = "${nonarch_base_libdir}/firmware/cirrus/*"
+FILES:${PN}-cirrus-license = "${nonarch_base_libdir}/firmware/LICENSE.cirrus"
+
+RDEPENDS:${PN}-cirrus += "${PN}-cirrus-license"
+
+# For cnm
+LICENSE:${PN}-cnm = "Firmware-cnm"
+LICENSE:${PN}-cnm-license = "Firmware-cnm"
+
+FILES:${PN}-cnm = "${nonarch_base_libdir}/firmware/cnm/wave521c_k3_codec_fw.bin"
+FILES:${PN}-cnm-license = "${nonarch_base_libdir}/firmware/LICENCE.cnm"
+
+RDEPENDS:${PN}-cnm += "${PN}-cnm-license"
+
 # For imx-sdma
 LICENSE:${PN}-imx-sdma-imx6q       = "Firmware-imx-sdma_firmware"
 LICENSE:${PN}-imx-sdma-imx7d       = "Firmware-imx-sdma_firmware"
@@ -1167,6 +1193,8 @@
     & Firmware-ca0132 \
     & Firmware-cavium \
     & Firmware-chelsio_firmware \
+    & Firmware-cirrus \
+    & Firmware-cnm \
     & Firmware-cw1200 \
     & Firmware-dib0700 \
     & Firmware-e100 \
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb
index 9b09bae..f70d77e 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb
@@ -14,7 +14,7 @@
         raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it")
 }
 
-SRCREV_machine ?= "6efddc0f385fb758e7eef43d9de133b1677eb72c"
+SRCREV_machine ?= "712b8fb1342bf829c9ca1e649adc9d112b9c209f"
 SRCREV_meta ?= "06cf3d8830fda41ff271eec7da6e3c8425df790f"
 
 SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb
index 5325fba..716c922 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb
@@ -17,7 +17,7 @@
 KMETA = "kernel-meta"
 KCONF_BSP_AUDIT_LEVEL = "2"
 
-SRCREV_machine ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
+SRCREV_machine ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
 SRCREV_meta ?= "06cf3d8830fda41ff271eec7da6e3c8425df790f"
 
 PV = "${LINUX_VERSION}+git"
diff --git a/poky/meta/recipes-kernel/linux/linux-yocto_6.5.bb b/poky/meta/recipes-kernel/linux/linux-yocto_6.5.bb
index b9ed4be..64399e1 100644
--- a/poky/meta/recipes-kernel/linux/linux-yocto_6.5.bb
+++ b/poky/meta/recipes-kernel/linux/linux-yocto_6.5.bb
@@ -18,17 +18,17 @@
 KBRANCH:qemuloongarch64  ?= "v6.5/standard/base"
 KBRANCH:qemumips64 ?= "v6.5/standard/mti-malta64"
 
-SRCREV_machine:qemuarm ?= "619d7b434792c35b501914d481eb3178d87b9f60"
-SRCREV_machine:qemuarm64 ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemuloongarch64 ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemumips ?= "622b9a83a51276528ddd38ec9c239b7ef7eac1ee"
-SRCREV_machine:qemuppc ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemuriscv64 ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemuriscv32 ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemux86 ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemux86-64 ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
-SRCREV_machine:qemumips64 ?= "72909f2a89c5bcd4e8ab9aaab280eb961b4e1282"
-SRCREV_machine ?= "5b2595c3e0dce2912b32ef69aaaacd52cd0e720c"
+SRCREV_machine:qemuarm ?= "ff312905898c587e8c8e1b82b59c01b6933c6339"
+SRCREV_machine:qemuarm64 ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemuloongarch64 ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemumips ?= "889d009f6f39c91fedb8c7431c2ce649f05a04a9"
+SRCREV_machine:qemuppc ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemuriscv64 ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemuriscv32 ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemux86 ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemux86-64 ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
+SRCREV_machine:qemumips64 ?= "97c93107649bc6f7fafdf6c3a8b3521f4bfe2246"
+SRCREV_machine ?= "49e3d8448aeaecd8e2bb6b481f26b76514dbe0f5"
 SRCREV_meta ?= "06cf3d8830fda41ff271eec7da6e3c8425df790f"
 
 # set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
diff --git a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.6.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.6.bb
index 3e02939..90bbd9c 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gst-devtools_1.22.6.bb
@@ -12,7 +12,7 @@
            file://0001-connect-has-a-different-signature-on-musl.patch \
            "
 
-SRC_URI[sha256sum] = "2add1519aa6eeb01d544cb94293688ee3bc2079f6bca6075bf5c23d00a0921be"
+SRC_URI[sha256sum] = "8928560efaf16137c30285e718708e5d0bab0777eb4ef8127e0274e120d3d86b"
 
 DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base"
 RRECOMMENDS:${PN} = "git"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.6.bb
similarity index 91%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.6.bb
index af9dc5d..8906556 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.22.6.bb
@@ -12,7 +12,7 @@
                     "
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz"
-SRC_URI[sha256sum] = "8583f0c1f4fcb01eed11fa1e3c21126543a8bd739ed4fc1db31f756a5ab01d9a"
+SRC_URI[sha256sum] = "7789e6408388a25f23cbf948cfc5c6230d735bbcd8b7f37f4a01c9e348a1e3a7"
 
 S = "${WORKDIR}/gst-libav-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.6.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.6.bb
index 5d99810..2579aa3 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.22.6.bb
@@ -10,7 +10,7 @@
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "cf0cb9c4de06c5d62eef77cb31238bbaf257dc88802010072eedd1c168f136a4"
+SRC_URI[sha256sum] = "223833c42518ad7eb1923bb4dd3726809f59a66d6e9aaaa69cb29ad0750c8758"
 
 S = "${WORKDIR}/gst-omx-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.6.bb
similarity index 98%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.6.bb
index ec65ec2..3db7ddf 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.22.6.bb
@@ -10,7 +10,7 @@
            file://0002-avoid-including-sys-poll.h-directly.patch \
            file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \
            "
-SRC_URI[sha256sum] = "e64e75cdafd7ff2fc7fc34e855b06b1e3ed227cc06fa378d17bbcd76780c338c"
+SRC_URI[sha256sum] = "b4029cd2908a089c55f1d902a565d007495c95b1442d838485dc47fb12df7137"
 
 S = "${WORKDIR}/gst-plugins-bad-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.6.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.6.bb
index 88ec756..1f67ca3 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.6.bb
@@ -11,7 +11,7 @@
            file://0003-viv-fb-Make-sure-config.h-is-included.patch \
            file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \
            "
-SRC_URI[sha256sum] = "edd4338b45c26a9af28c0d35aab964a024c3884ba6f520d8428df04212c8c93a"
+SRC_URI[sha256sum] = "50f2b4d17c02eefe430bbefa8c5cd134b1be78a53c0f60e951136d96cf49fd4b"
 
 S = "${WORKDIR}/gst-plugins-base-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.6.bb
similarity index 97%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.6.bb
index 93f0e76..6b76ba9 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.22.6.bb
@@ -8,7 +8,7 @@
            file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \
            file://0001-v4l2-Define-ioctl_req_t-for-posix-linux-case.patch"
 
-SRC_URI[sha256sum] = "b67b31313a54c6929b82969d41d3cfdf2f58db573fb5f491e6bba5d84aea0778"
+SRC_URI[sha256sum] = "b3b07fe3f1ce7fe93aa9be7217866044548f35c4a7792280eec7e108a32f9817"
 
 S = "${WORKDIR}/gst-plugins-good-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.6.bb
similarity index 94%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.6.bb
index 29d705a..77f79a6 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.22.6.bb
@@ -14,7 +14,7 @@
 SRC_URI = " \
             https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \
             "
-SRC_URI[sha256sum] = "2680473b218158f18467cac3e1c50291b7ff4e0710dd350a59eaacbc29c09a54"
+SRC_URI[sha256sum] = "3e31454c98cb2f7f6d2d355eceb933a892fa0f1dc09bc36c9abc930d8e29ca48"
 
 S = "${WORKDIR}/gst-plugins-ugly-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.6.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.6.bb
index be817bf..addf12c 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.22.6.bb
@@ -8,7 +8,7 @@
 LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740"
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
-SRC_URI[sha256sum] = "bf05232415cf6018142ae51dd3b897bb73432687b5ce1786bf46edc6298ce5b0"
+SRC_URI[sha256sum] = "51de2d6d13b12ce095eac97c0b94ee59c2aeba3712bb7462b78c4d57dde176c5"
 
 DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
 RDEPENDS:${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.6.bb
similarity index 90%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.6.bb
index 84c51e8..fd79fe4 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.22.6.bb
@@ -10,7 +10,7 @@
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "f343eb54964ebd4d8c071be5eecad586f28feb0156e036e06b148d0e7febb1c0"
+SRC_URI[sha256sum] = "0ae33a8b50443b62f11581a9181e906b41cd3877b2d799dbea72912c3eda4bb3"
 
 S = "${WORKDIR}/${PNREAL}-${PV}"
 
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.6.bb
similarity index 95%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.6.bb
index 231d252..bf4c105 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.22.6.bb
@@ -11,7 +11,7 @@
 
 SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz"
 
-SRC_URI[sha256sum] = "a9a550267c9584df0e8c70434d30476e8fd0018b733c1c1ee33deaf422bdb24b"
+SRC_URI[sha256sum] = "d9ba2fc26bef98c78e982c599f585d46bbb65fe122da89c2d7ab41f468a52c7b"
 
 S = "${WORKDIR}/${REALPN}-${PV}"
 DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad"
diff --git a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.5.bb b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.6.bb
similarity index 96%
rename from poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.5.bb
rename to poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.6.bb
index 2dacf03..a898464 100644
--- a/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.5.bb
+++ b/poky/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.22.6.bb
@@ -22,7 +22,7 @@
            file://0003-tests-use-a-dictionaries-for-environment.patch;striplevel=3 \
            file://0004-tests-add-helper-script-to-run-the-installed_tests.patch;striplevel=3 \
            "
-SRC_URI[sha256sum] = "4408d7930f381809e85917acc19712f173261ba85bdf20c5567b2a21b1193b61"
+SRC_URI[sha256sum] = "f500e6cfddff55908f937711fc26a0840de28a1e9ec49621c0b6f1adbd8f818e"
 
 PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \
                    check \
diff --git a/poky/meta/recipes-support/curl/curl_8.3.0.bb b/poky/meta/recipes-support/curl/curl_8.4.0.bb
similarity index 98%
rename from poky/meta/recipes-support/curl/curl_8.3.0.bb
rename to poky/meta/recipes-support/curl/curl_8.4.0.bb
index 646ac01..5f97730 100644
--- a/poky/meta/recipes-support/curl/curl_8.3.0.bb
+++ b/poky/meta/recipes-support/curl/curl_8.4.0.bb
@@ -14,7 +14,7 @@
     file://run-ptest \
     file://disable-tests \
 "
-SRC_URI[sha256sum] = "376d627767d6c4f05105ab6d497b0d9aba7111770dd9d995225478209c37ea63"
+SRC_URI[sha256sum] = "16c62a9c4af0f703d28bda6d7bbf37ba47055ad3414d70dec63e2e6336f2a82d"
 
 # Curl has used many names over the years...
 CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl"
diff --git a/poky/meta/recipes-support/nghttp2/nghttp2_1.56.0.bb b/poky/meta/recipes-support/nghttp2/nghttp2_1.57.0.bb
similarity index 91%
rename from poky/meta/recipes-support/nghttp2/nghttp2_1.56.0.bb
rename to poky/meta/recipes-support/nghttp2/nghttp2_1.57.0.bb
index a011bd4..0cf1e3e 100644
--- a/poky/meta/recipes-support/nghttp2/nghttp2_1.56.0.bb
+++ b/poky/meta/recipes-support/nghttp2/nghttp2_1.57.0.bb
@@ -8,7 +8,7 @@
     ${GITHUB_BASE_URI}/download/v${PV}/nghttp2-${PV}.tar.xz \
     file://0001-fetch-ocsp-response-use-python3.patch \
 "
-SRC_URI[sha256sum] = "65eee8021e9d3620589a4a4e91ce9983d802b5229f78f3313770e13f4d2720e9"
+SRC_URI[sha256sum] = "9210b0113109f43be526ac5835d58a701411821a4d39e155c40d67c40f47a958"
 
 inherit cmake manpages python3native github-releases
 PACKAGECONFIG[manpages] = ""
diff --git a/poky/scripts/bblock b/poky/scripts/bblock
new file mode 100755
index 0000000..0082059
--- /dev/null
+++ b/poky/scripts/bblock
@@ -0,0 +1,184 @@
+#!/usr/bin/env python3
+# bblock
+# lock/unlock task to latest signature
+#
+# Copyright (c) 2023 BayLibre, SAS
+# Author: Julien Stepahn <jstephan@baylibre.com>
+#
+# SPDX-License-Identifier: GPL-2.0-only
+#
+
+import os
+import sys
+import logging
+
+scripts_path = os.path.dirname(os.path.realpath(__file__))
+lib_path = scripts_path + "/lib"
+sys.path = sys.path + [lib_path]
+
+import scriptpath
+
+scriptpath.add_bitbake_lib_path()
+
+import bb.tinfoil
+import bb.msg
+
+import argparse_oe
+
+myname = os.path.basename(sys.argv[0])
+logger = bb.msg.logger_create(myname)
+
+
+def getTaskSignatures(tinfoil, pn, tasks):
+    tinfoil.set_event_mask(
+        [
+            "bb.event.GetTaskSignatureResult",
+            "logging.LogRecord",
+            "bb.command.CommandCompleted",
+            "bb.command.CommandFailed",
+        ]
+    )
+    ret = tinfoil.run_command("getTaskSignatures", pn, tasks)
+    if ret:
+        while True:
+            event = tinfoil.wait_event(1)
+            if event:
+                if isinstance(event, bb.command.CommandCompleted):
+                    break
+                elif isinstance(event, bb.command.CommandFailed):
+                    logger.error(str(event))
+                    sys.exit(2)
+                elif isinstance(event, bb.event.GetTaskSignatureResult):
+                    sig = event.sig
+                elif isinstance(event, logging.LogRecord):
+                    logger.handle(event)
+    else:
+        logger.error("No result returned from getTaskSignatures command")
+        sys.exit(2)
+    return sig
+
+
+def parseRecipe(tinfoil, recipe):
+    try:
+        tinfoil.parse_recipes()
+        d = tinfoil.parse_recipe(recipe)
+    except Exception:
+        logger.error("Failed to get recipe info for: %s" % recipe)
+        sys.exit(1)
+    return d
+
+
+def bblockDump(lockfile):
+    try:
+        with open(lockfile, "r") as lockfile:
+            for line in lockfile:
+                print(line.strip())
+    except IOError:
+        return 1
+    return 0
+
+
+def bblockReset(lockfile, pns, package_archs, tasks):
+    if not pns:
+        logger.info("Unlocking all recipes")
+        try:
+            os.remove(lockfile)
+        except FileNotFoundError:
+            pass
+    else:
+        logger.info("Unlocking {pns}".format(pns=pns))
+        tmp_lockfile = lockfile + ".tmp"
+        with open(lockfile, "r") as infile, open(tmp_lockfile, "w") as outfile:
+            for line in infile:
+                if not (
+                    any(element in line for element in pns)
+                    and any(element in line for element in package_archs.split())
+                ):
+                    outfile.write(line)
+                else:
+                    if tasks and not any(element in line for element in tasks):
+                        outfile.write(line)
+        os.remove(lockfile)
+        os.rename(tmp_lockfile, lockfile)
+
+
+def main():
+    parser = argparse_oe.ArgumentParser(description="Lock and unlock a recipe")
+    parser.add_argument("pn", nargs="*", help="Space separated list of recipe to lock")
+    parser.add_argument(
+        "-t",
+        "--tasks",
+        help="Comma separated list of tasks",
+        type=lambda s: [
+            task if task.startswith("do_") else "do_" + task for task in s.split(",")
+        ],
+    )
+    parser.add_argument(
+        "-r",
+        "--reset",
+        action="store_true",
+        help="Unlock pn recipes, or all recipes if pn is empty",
+    )
+    parser.add_argument(
+        "-d",
+        "--dump",
+        action="store_true",
+        help="Dump generated bblock.conf file",
+    )
+
+    global_args, unparsed_args = parser.parse_known_args()
+
+    with bb.tinfoil.Tinfoil() as tinfoil:
+        tinfoil.prepare(config_only=True)
+
+        package_archs = tinfoil.config_data.getVar("PACKAGE_ARCHS")
+        builddir = tinfoil.config_data.getVar("TOPDIR")
+        lockfile = "{builddir}/conf/bblock.conf".format(builddir=builddir)
+
+        if global_args.dump:
+            bblockDump(lockfile)
+            return 0
+
+        if global_args.reset:
+            bblockReset(lockfile, global_args.pn, package_archs, global_args.tasks)
+            return 0
+
+        with open(lockfile, "a") as lockfile:
+            s = ""
+            if lockfile.tell() == 0:
+                s = "# Generated by bblock\n"
+                s += 'SIGGEN_LOCKEDSIGS_TASKSIG_CHECK = "info"\n'
+                s += 'SIGGEN_LOCKEDSIGS_TYPES += "${PACKAGE_ARCHS}"\n'
+                s += "\n"
+
+            for pn in global_args.pn:
+                d = parseRecipe(tinfoil, pn)
+                package_arch = d.getVar("PACKAGE_ARCH")
+                siggen_locked_sigs_package_arch = d.getVar(
+                    "SIGGEN_LOCKEDSIGS_{package_arch}".format(package_arch=package_arch)
+                )
+                sigs = getTaskSignatures(tinfoil, [pn], global_args.tasks)
+                for sig in sigs:
+                    new_entry = "{pn}:{taskname}:{sig}".format(
+                        pn=sig[0], taskname=sig[1], sig=sig[2]
+                    )
+                    if (
+                        siggen_locked_sigs_package_arch
+                        and not new_entry in siggen_locked_sigs_package_arch
+                    ) or not siggen_locked_sigs_package_arch:
+                        s += 'SIGGEN_LOCKEDSIGS_{package_arch} += "{new_entry}"\n'.format(
+                            package_arch=package_arch, new_entry=new_entry
+                        )
+            lockfile.write(s)
+    return 0
+
+
+if __name__ == "__main__":
+    try:
+        ret = main()
+    except Exception:
+        ret = 1
+        import traceback
+
+        traceback.print_exc()
+    sys.exit(ret)
diff --git a/poky/scripts/lib/devtool/upgrade.py b/poky/scripts/lib/devtool/upgrade.py
index 4873089..9cd50be 100644
--- a/poky/scripts/lib/devtool/upgrade.py
+++ b/poky/scripts/lib/devtool/upgrade.py
@@ -442,7 +442,7 @@
 def _check_git_config():
     def getconfig(name):
         try:
-            value = bb.process.run('git config --global %s' % name)[0].strip()
+            value = bb.process.run('git config %s' % name)[0].strip()
         except bb.process.ExecutionError as e:
             if e.exitcode == 1:
                 value = None
diff --git a/poky/scripts/lib/recipetool/create_buildsys_python.py b/poky/scripts/lib/recipetool/create_buildsys_python.py
index 4675cc6..92468b2 100644
--- a/poky/scripts/lib/recipetool/create_buildsys_python.py
+++ b/poky/scripts/lib/recipetool/create_buildsys_python.py
@@ -10,7 +10,7 @@
 import collections
 import setuptools.command.build_py
 import email
-import imp
+import importlib
 import glob
 import itertools
 import logging
@@ -561,7 +561,6 @@
         return deps
 
     def parse_pkgdata_for_python_packages(self):
-        suffixes = [t[0] for t in imp.get_suffixes()]
         pkgdata_dir = tinfoil.config_data.getVar('PKGDATA_DIR')
 
         ldata = tinfoil.config_data.createCopy()
@@ -585,7 +584,7 @@
                     continue
 
             for fn in files_info:
-                for suffix in suffixes:
+                for suffix in importlib.machinery.all_suffixes():
                     if fn.endswith(suffix):
                         break
                 else:
diff --git a/poky/scripts/lib/wic/canned-wks/qemux86-directdisk.wks b/poky/scripts/lib/wic/canned-wks/qemux86-directdisk.wks
index 22b4521..8089976 100644
--- a/poky/scripts/lib/wic/canned-wks/qemux86-directdisk.wks
+++ b/poky/scripts/lib/wic/canned-wks/qemux86-directdisk.wks
@@ -4,5 +4,5 @@
 
 include common.wks.inc
 
-bootloader  --timeout=0  --append="rw oprofile.timer=1 rootfstype=ext4 "
+bootloader  --timeout=0  --append="rw oprofile.timer=1 rootfstype=ext4 console=tty console=ttyS0 "
 
diff --git a/poky/scripts/lib/wic/help.py b/poky/scripts/lib/wic/help.py
index 73e3380..163535e 100644
--- a/poky/scripts/lib/wic/help.py
+++ b/poky/scripts/lib/wic/help.py
@@ -1118,7 +1118,7 @@
 TOPIC:
     overview  - Presents an overall overview of Wic
     plugins   - Presents an overview and API for Wic plugins
-    kickstart - Presents a Wic kicstart file reference
+    kickstart - Presents a Wic kickstart file reference
 
 
 Examples:
diff --git a/poky/scripts/oe-setup-layers b/poky/scripts/oe-setup-layers
index c8012fa..6d49688 100755
--- a/poky/scripts/oe-setup-layers
+++ b/poky/scripts/oe-setup-layers
@@ -20,13 +20,13 @@
 import subprocess
 
 def _is_repo_git_repo(repodir):
-    git_dir = os.path.join(repodir, ".git")
-    if not os.access(git_dir, os.R_OK):
-        return False
     try:
-        return subprocess.check_output("git -C %s rev-parse --is-inside-git-dir" % git_dir, shell=True, stderr=subprocess.DEVNULL)
+        curr_toplevel = subprocess.check_output("git -C %s rev-parse --show-toplevel" % repodir, shell=True, stderr=subprocess.DEVNULL)
+        if curr_toplevel.strip().decode("utf-8") == repodir:
+            return True
     except subprocess.CalledProcessError:
-        return False
+        pass
+    return False
 
 def _is_repo_at_rev(repodir, rev):
     try:
diff --git a/poky/scripts/runqemu b/poky/scripts/runqemu
index 0668e12..6fca743 100755
--- a/poky/scripts/runqemu
+++ b/poky/scripts/runqemu
@@ -842,11 +842,11 @@
             if self.get('QB_TCPSERIAL_OPT'):
                 self.qemu_opt_script += ' ' + self.get('QB_TCPSERIAL_OPT').replace('@PORT@', port)
             else:
-                self.qemu_opt_script += ' -serial tcp:127.0.0.1:%s' % port
+                self.qemu_opt_script += ' -serial tcp:127.0.0.1:%s,nodelay=on' % port
 
             if len(ports) > 1:
                 for port in ports[1:]:
-                    self.qemu_opt_script += ' -serial tcp:127.0.0.1:%s' % port
+                    self.qemu_opt_script += ' -serial tcp:127.0.0.1:%s,nodelay=on' % port
 
     def check_and_set(self):
         """Check configs sanity and set when needed"""