1Release notes for 4.0.1 (kirkstone) 2----------------------------------- 3 4Security Fixes in 4.0.1 5~~~~~~~~~~~~~~~~~~~~~~~ 6 7- linux-yocto/5.15: fix :cve:`2022-28796` 8- python3: ignore :cve:`2015-20107` 9- e2fsprogs: fix :cve:`2022-1304` 10- lua: fix :cve:`2022-28805` 11- busybox: fix :cve:`2022-28391` 12 13Fixes in 4.0.1 14~~~~~~~~~~~~~~ 15 16- abi_version/sstate: Bump hashequiv and sstate versions due to git changes 17- apt: add apt selftest to test signed package feeds 18- apt: upgrade 2.4.4 -> 2.4.5 19- arch-armv8-2a.inc: fix a typo in TUNEVALID variable 20- babeltrace: Disable warnings as errors 21- base: Avoid circular references to our own scripts 22- base: Drop git intercept 23- build-appliance-image: Update to kirkstone head revision 24- build-appliance: Switch to kirkstone branch 25- buildtools-tarball: Only add cert envvars if certs are included 26- busybox: Use base_bindir instead of hardcoding /bin path 27- cases/buildepoxy.py: fix typo 28- create-spdx: delete virtual/kernel dependency to fix FreeRTOS build 29- create-spdx: fix error when symlink cannot be created 30- cve-check: add JSON format to summary output 31- cve-check: fix symlinks where link and output path are equal 32- cve-check: no need to depend on the fetch task 33- cve-update-db-native: let the user to drive the update interval 34- cve-update-db-native: update the CVE database once a day only 35- cve_check: skip remote patches that haven't been fetched when searching for CVE tags 36- dev-manual: add command used to add the signed-off-by line. 37- devshell.bbclass: Allow devshell & pydevshell to use the network 38- docs: conf.py: fix cve extlinks caption for sphinx <4.0 39- docs: migration-guides: migration-3.4: mention that hardcoded password are supported if hashed 40- docs: migration-guides: release-notes-4.0: fix risc-v typo 41- docs: migration-guides: release-notes-4.0: replace kernel placeholder with correct recipe name 42- docs: ref-manual: variables: add hashed password example in EXTRA_USERS_PARAMS 43- docs: set_versions.py: add information about obsolescence of a release 44- docs: set_versions.py: fix latest release of a branch being shown twice in switchers.js 45- docs: set_versions.py: fix latest version of an active release shown as obsolete 46- docs: set_versions.py: mark as obsolete only branches and old tags from obsolete releases 47- docs: sphinx-static: switchers.js.in: do not mark branches as outdated 48- docs: sphinx-static: switchers.js.in: fix broken switcher for branches 49- docs: sphinx-static: switchers.js.in: improve obsolete version detection 50- docs: sphinx-static: switchers.js.in: remove duplicate for outdated versions 51- docs: sphinx-static: switchers.js.in: rename all_versions to switcher_versions 52- docs: update Bitbake objects.inv location for master branch 53- documentation/brief-yoctoprojectqs: add directory for local.conf 54- gcompat: Fix build when usrmerge distro feature is enabled 55- git: correct license 56- git: upgrade 2.35.2 -> 2.35.3 57- glib: upgrade 2.72.0 -> 2.72.1 58- glibc: ptest: Fix glibc-tests package issue 59- gnupg: Disable FORTIFY_SOURCES on mips 60- go.bbclass: disable the use of the default configuration file 61- gstreamer1.0-plugins-bad: drop patch 62- gstreamer1.0-plugins-good: Fix libsoup dependency 63- gstreamer1.0: Minor documentation addition 64- install/devshell: Introduce git intercept script due to fakeroot issues 65- kernel-yocto.bbclass: Fixup do_kernel_configcheck usage of KMETA 66- libc-glibc: Use libxcrypt to provide virtual/crypt 67- libgit2: upgrade 1.4.2 -> 1.4.3 68- libsoup: upgrade 3.0.5 -> 3.0.6 69- libusb1: upgrade 1.0.25 -> 1.0.26 70- linux-firmware: correct license for ar3k firmware 71- linux-firmware: upgrade 20220310 -> 20220411 72- linux-yocto/5.10: base: enable kernel crypto userspace API 73- linux-yocto/5.10: update to v5.10.112 74- linux-yocto/5.15: arm: poky-tiny cleanup and fixes 75- linux-yocto/5.15: base: enable kernel crypto userspace API 76- linux-yocto/5.15: fix -standard kernel build issue 77- linux-yocto/5.15: fix ppc boot 78- linux-yocto/5.15: fix qemuarm graphical boot 79- linux-yocto/5.15: kasan: fix BUG: sleeping function called from invalid context 80- linux-yocto/5.15: netfilter: conntrack: avoid useless indirection during conntrack destruction 81- linux-yocto/5.15: update to v5.15.36 82- linux-yocto: enable powerpc-debug fragment 83- mdadm: Drop clang specific cflags 84- migration-3.4: add missing entry on EXTRA_USERS_PARAMS 85- migration-guides: add release notes for 4.0 86- migration-guides: complete migration guide for 4.0 87- migration-guides: release-notes-4.0: mention LTS release 88- migration-guides: release-notes-4.0: update 'Repositories / Downloads' section 89- migration-guides: stop including documents with ".. include" 90- musl: Fix build when usrmerge distro feature is enabled 91- ncurses: use COPYING file 92- neard: Switch SRC_URI to git repo 93- oeqa/selftest: add test for git working correctly inside pseudo 94- openssl: minor security upgrade 3.0.2 -> 3.0.3 95- package.bbclass: Prevent perform_packagecopy from removing /sysroot-only 96- package: Ensure we track whether PRSERV was active or not 97- package_manager: fix missing dependency on gnupg when signing deb package feeds 98- poky-tiny: enable qemuarmv5/qemuarm64 and cleanups 99- poky.conf: bump version for 4.0.1 release 100- qemu.bbclass: Extend ppc/ppc64 extra options 101- qemuarm64: use virtio pci interfaces 102- qemuarmv5: use arm-versatile-926ejs KMACHINE 103- ref-manual: Add XZ_THREADS and XZ_MEMLIMIT 104- ref-manual: add KERNEL_DEBUG_TIMESTAMPS 105- ref-manual: add ZSTD_THREADS 106- ref-manual: add a note about hard-coded passwords 107- ref-manual: add empty-dirs QA check and QA_EMPTY_DIRS* 108- ref-manual: add mention of vendor filtering to CVE_PRODUCT 109- ref-manual: mention wildcarding support in INCOMPATIBLE_LICENSE 110- releases: update for yocto 4.0 111- rootfs-postcommands: fix symlinks where link and output path are equal 112- ruby: upgrade 3.1.1 -> 3.1.2 113- sanity: skip make 4.2.1 warning for debian 114- scripts/git: Ensure we don't have circular references 115- scripts: Make git intercept global 116- seatd: Disable overflow warning as error on ppc64/musl 117- selftest/lic_checksum: Add test for filename containing space 118- set_versions: update for 4.0 release 119- staging: Ensure we filter out ourselves 120- strace: fix ptest failure in landlock 121- subversion: upgrade to 1.14.2 122- systemd-boot: remove outdated EFI_LD comment 123- systemtap: Fix build with gcc-12 124- terminal.py: Restore error output from Terminal 125- u-boot: Correct the SRC_URI 126- u-boot: Inherit pkgconfig 127- update_udev_hwdb: fix multilib issue with systemd 128- util-linux: Create u-a symlink for findfs utility 129- virgl: skip headless test on alma 8.6 130- webkitgtk: adjust patch status 131- wic: do not use PARTLABEL for msdos partition tables 132- wireless-regdb: upgrade 2022.02.18 -> 2022.04.08 133- xserver-xorg: Fix build with gcc12 134- yocto-bsps: update to v5.15.36 135 136Contributors to 4.0.1 137~~~~~~~~~~~~~~~~~~~~~ 138 139- Abongwa Amahnui Bonalais 140- Alexander Kanavin 141- Bruce Ashfield 142- Carlos Rafael Giani 143- Chen Qi 144- Davide Gardenal 145- Dmitry Baryshkov 146- Ferry Toth 147- Henning Schild 148- Jon Mason 149- Justin Bronder 150- Kai Kang 151- Khem Raj 152- Konrad Weihmann 153- Lee Chee Yang 154- Marta Rybczynska 155- Martin Jansa 156- Matt Madison 157- Michael Halstead 158- Michael Opdenacker 159- Naveen Saini 160- Nicolas Dechesne 161- Paul Eggleton 162- Paul Gortmaker 163- Paulo Neves 164- Peter Kjellerstedt 165- Peter Marko 166- Pgowda 167- Portia 168- Quentin Schulz 169- Rahul Kumar 170- Richard Purdie 171- Robert Joslyn 172- Robert Yang 173- Roland Hieber 174- Ross Burton 175- Russ Dill 176- Steve Sakoman 177- wangmy 178- zhengruoqin 179 180Repositories / Downloads for 4.0.1 181~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 182 183poky 184 185- Repository Location: https://git.yoctoproject.org/git/poky 186- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` 187- Tag: :yocto_git:`yocto-4.0.1 </poky/tag/?h=yocto-4.0.1>` 188- Git Revision: :yocto_git:`8c489602f218bcf21de0d3c9f8cf620ea5f06430 </poky/commit/?id=8c489602f218bcf21de0d3c9f8cf620ea5f06430>` 189- Release Artefact: poky-8c489602f218bcf21de0d3c9f8cf620ea5f06430 190- sha: 65c545a316bd8efb13ae1358eeccc8953543be908008103b51f7f90aed960d00 191- Download Locations: 192 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/poky-8c489602f218bcf21de0d3c9f8cf620ea5f06430.tar.bz2, 193 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/poky-8c489602f218bcf21de0d3c9f8cf620ea5f06430.tar.bz2 194 195openembedded-core 196 197- Repository Location: :oe_git:`/openembedded-core` 198- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` 199- Tag: :oe_git:`yocto-4.0.1 </openembedded-core/tag/?h=yocto-4.0>` 200- Git Revision: :oe_git:`cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee </openembedded-core/commit/?id=cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee>` 201- Release Artefact: oecore-cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee 202- sha: 43981b8fad82f601618a133dffbec839524f0d0a055efc3d8f808cbfd811ab17 203- Download Locations: 204 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/oecore-cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee.tar.bz2, 205 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/oecore-cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee.tar.bz2 206 207meta-mingw 208 209- Repository Location: https://git.yoctoproject.org/git/meta-mingw 210- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` 211- Tag: :yocto_git:`yocto-4.0.1 </meta-mingw/tag/?h=yocto-4.0.1>` 212- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` 213- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 214- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 215- Download Locations: 216 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 217 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 218 219meta-gplv2 220 221- Repository Location: https://git.yoctoproject.org/git/meta-gplv2 222- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` 223- Tag: :yocto_git:`yocto-4.0.1 </meta-gplv2/tag/?h=yocto-4.0.1>` 224- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-mingw/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` 225- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 226- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d 227- Download Locations: 228 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 229 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 230 231bitbake 232 233- Repository Location: :oe_git:`/bitbake` 234- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` 235- Tag: :oe_git:`yocto-4.0 </bitbake/tag/?h=yocto-4.0>` 236- Git Revision: :oe_git:`59c16ae6c55c607c56efd2287537a1b97ba2bf52 </bitbake/commit/?id=59c16ae6c55c607c56efd2287537a1b97ba2bf52>` 237- Release Artefact: bitbake-59c16ae6c55c607c56efd2287537a1b97ba2bf52 238- sha: 3ae466c31f738fc45c3d7c6f665952d59f01697f2667ea42f0544d4298dd6ef0 239- Download Locations: 240 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/bitbake-59c16ae6c55c607c56efd2287537a1b97ba2bf52.tar.bz2, 241 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/bitbake-59c16ae6c55c607c56efd2287537a1b97ba2bf52.tar.bz2 242 243yocto-docs 244 245- Repository Location: https://git.yoctoproject.org/git/yocto-docs 246- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` 247- Tag: :yocto_git:`yocto-4.0.1 </yocto-docs/tag/?h=yocto-4.0>` 248- Git Revision: :yocto_git:`4ec9df3336a425719a9a35532504731ce56984ca </yocto-docs/commit/?id=4ec9df3336a425719a9a35532504731ce56984ca>` 249