1Release notes for Yocto-4.0.4 (Kirkstone) 2----------------------------------------- 3 4Security Fixes in Yocto-4.0.4 5~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 6 7- binutils : fix :cve:`2022-38533` 8- curl: fix :cve:`2022-35252` 9- sqlite: fix :cve:`2022-35737` 10- grub2: fix :cve:`2021-3695`, :cve:`2021-3696`, :cve:`2021-3697`, :cve:`2022-28733`, :cve:`2022-28734` and :cve:`2022-28735` 11- u-boot: fix :cve:`2022-30552` and :cve:`2022-33967` 12- libxml2: Ignore :cve:`2016-3709` 13- libtiff: fix :cve:`2022-34526` 14- zlib: fix :cve:`2022-37434` 15- gnutls: fix :cve:`2022-2509` 16- u-boot: fix :cve:`2022-33103` 17- qemu: fix :cve:`2021-3507`, :cve:`2021-3929`, :cve:`2021-4158`, :cve:`2022-0216` and :cve:`2022-0358` 18 19 20Fixes in Yocto-4.0.4 21~~~~~~~~~~~~~~~~~~~~ 22 23- apr: Cache configure tests which use AC_TRY_RUN 24- apr: Use correct strerror_r implementation based on libc type 25- apt: fix nativesdk-apt build failure during the second time build 26- archiver.bbclass: remove unsed do_deploy_archives[dirs] 27- archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared source 28- autoconf: Fix strict prototype errors in generated tests 29- autoconf: Update K & R stype functions 30- bind: upgrade to 9.18.5 31- bitbake.conf: set BB_DEFAULT_UMASK using ??= 32- bitbake: ConfHandler/BBHandler: Improve comment error messages and add tests 33- bitbake: ConfHandler: Remove lingering close 34- bitbake: bb/utils: movefile: use the logger for printing 35- bitbake: bb/utils: remove: check the path again the expand python glob 36- bitbake: bitbake-user-manual: Correct description of the ??= operator 37- bitbake: bitbake-user-manual: npm fetcher: improve description of SRC_URI format 38- bitbake: bitbake: bitbake-user-manual: hashserv can be accessed on a dedicated domain 39- bitbake: bitbake: runqueue: add cpu/io pressure regulation 40- bitbake: bitbake: runqueue: add memory pressure regulation 41- bitbake: cooker: Drop sre_constants usage 42- bitbake: doc: bitbake-user-manual: add explicit target for crates fetcher 43- bitbake: doc: bitbake-user-manual: document npm and npmsw fetchers 44- bitbake: event.py: ignore exceptions from stdout and sterr operations in atexit 45- bitbake: fetch2: Ensure directory exists before creating symlink 46- bitbake: fetch2: gitsm: fix incorrect handling of git submodule relative urls 47- bitbake: runqueue: Change pressure file warning to a note 48- bitbake: runqueue: Fix unihash cache mismatch issues 49- bitbake: toaster: fix kirkstone version 50- bitbake: utils: Pass lock argument in fileslocked 51- bluez5: upgrade to 5.65 52- boost: fix install of fiber shared libraries 53- cairo: Adapt the license information based on what is being built 54- classes: cve-check: Get shared database lock 55- cmake: remove CMAKE_ASM_FLAGS variable in toolchain file 56- connman: Backports for security fixes 57- core-image.bbclass: Exclude openssh complementary packages 58- cracklib: Drop using register keyword 59- cracklib: upgrade to 2.9.8 60- create-spdx: Fix supplier field 61- create-spdx: handle links to inaccessible locations 62- create-spdx: ignore packing control files from ipk and deb 63- cve-check: Don't use f-strings 64- cve-check: close cursors as soon as possible 65- devtool/upgrade: catch bb.fetch2.decodeurl errors 66- devtool/upgrade: correctly clean up when recipe filename isn't yet known 67- devtool: error out when workspace is using old override syntax 68- ell: upgrade to 0.50 69- epiphany: upgrade to 42.4 70- externalsrc: Don't wipe out src dir when EXPORT_FUNCTIONS is used. 71- gcc-multilib-config: Fix i686 toolchain relocation issues 72- gcr: Define _GNU_SOURCE 73- gdk-pixbuf: upgrade to 2.42.9 74- glib-networking: upgrade to 2.72.2 75- go: upgrade to v1.17.13 76- insane.bbclass: Skip patches not in oe-core by full path 77- iso-codes: upgrade to 4.11.0 78- kernel-fitimage.bbclass: add padding algorithm property in config nodes 79- kernel-fitimage.bbclass: only package unique DTBs 80- kernel: Always set CC and LD for the kernel build 81- kernel: Use consistent make flags for menuconfig 82- lib:npm_registry: initial checkin 83- libatomic-ops: upgrade to 7.6.14 84- libcap: upgrade to 2.65 85- libjpeg-turbo: upgrade to 2.1.4 86- libpam: use /run instead of /var/run in systemd tmpfiles 87- libtasn1: upgrade to 4.19.0 88- liburcu: upgrade to 0.13.2 89- libwebp: upgrade to 1.2.4 90- libwpe: upgrade to 1.12.3 91- libxml2: Port gentest.py to Python-3 92- lighttpd: upgrade to 1.4.66 93- linux-yocto/5.10: update genericx86* machines to v5.10.135 94- linux-yocto/5.10: update to v5.10.137 95- linux-yocto/5.15: update genericx86* machines to v5.15.59 96- linux-yocto/5.15: update to v5.15.62 97- linux-yocto: Fix COMPATIBLE_MACHINE regex match 98- linux-yocto: prepend the the value with a space when append to KERNEL_EXTRA_ARGS 99- lttng-modules: fix 5.19+ build 100- lttng-modules: fix build against mips and v5.19 kernel 101- lttng-modules: fix build for kernel 5.10.137 102- lttng-modules: replace mips compaction fix with upstream change 103- lz4: upgrade to 1.9.4 104- maintainers: update opkg maintainer 105- meta: introduce UBOOT_MKIMAGE_KERNEL_TYPE 106- migration guides: add missing release notes 107- mobile-broadband-provider-info: upgrade to 20220725 108- nativesdk: Clear TUNE_FEATURES 109- npm: replace 'npm pack' call by 'tar czf' 110- npm: return content of 'package.json' in 'npm_pack' 111- npm: take 'version' directly from 'package.json' 112- npm: use npm_registry to cache package 113- oeqa/gotoolchain: put writable files in the Go module cache 114- oeqa/gotoolchain: set CGO_ENABLED=1 115- oeqa/parselogs: add qemuarmv5 arm-charlcd masking 116- oeqa/qemurunner: add run_serial() comment 117- oeqa/selftest: rename git.py to intercept.py 118- oeqa: qemurunner: Report UNIX Epoch timestamp on login 119- package_rpm: Do not replace square brackets in %files 120- packagegroup-self-hosted: update for strace 121- parselogs: Ignore xf86OpenConsole error 122- perf: Fix reproducibility issues with 5.19 onwards 123- pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses 124- poky.conf: add ubuntu-22.04 to tested distros 125- poky.conf: bump version for 4.0.4 126- pseudo: Update to include recent upstream minor fixes 127- python3-pip: Fix RDEPENDS after the update 128- ref-manual: add numa to machine features 129- relocate_sdk.py: ensure interpreter size error causes relocation to fail 130- rootfs-postcommands.bbclass: avoid moving ssh host keys if etc is writable 131- rootfs.py: dont try to list installed packages for baremetal images 132- rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils 133- ruby: drop capstone support 134- runqemu: Add missing space on default display option 135- runqemu: display host uptime when starting 136- sanity: add a comment to ensure CONNECTIVITY_CHECK_URIS is correct 137- scripts/oe-setup-builddir: make it known where configurations come from 138- scripts/runqemu.README: fix typos and trailing whitespaces 139- selftest/wic: Tweak test case to not depend on kernel size 140- shadow: Avoid nss warning/error with musl 141- shadow: Enable subid support 142- system-requirements.rst: Add Ubuntu 22.04 to list of supported distros 143- systemd: Add 'no-dns-fallback' PACKAGECONFIG option 144- systemd: Fix unwritable /var/lock when no sysvinit handling 145- sysvinit-inittab/start_getty: Fix respawn too fast 146- tcp-wrappers: Fix implicit-function-declaration warnings 147- tzdata: upgrade to 2022b 148- util-linux: Remove --enable-raw from EXTRA_OECONF 149- vala: upgrade to 0.56.3 150- vim: Upgrade to 9.0.0453 151- watchdog: Include needed system header for function decls 152- webkitgtk: upgrade to 2.36.5 153- weston: upgrade to 10.0.2 154- wic/bootimg-efi: use cross objcopy when building unified kernel image 155- wic: add target tools to PATH when executing native commands 156- wic: depend on cross-binutils 157- wireless-regdb: upgrade to 2022.08.12 158- wpebackend-fdo: upgrade to 1.12.1 159- xinetd: Pass missing -D_GNU_SOURCE 160- xz: update to 5.2.6 161 162 163Known Issues in Yocto-4.0.4 164~~~~~~~~~~~~~~~~~~~~~~~~~~~ 165 166- N/A 167 168 169Contributors to Yocto-4.0.4 170~~~~~~~~~~~~~~~~~~~~~~~~~~~ 171 172- Alejandro Hernandez Samaniego 173- Alex Stewart 174- Alexander Kanavin 175- Alexandre Belloni 176- Andrei Gherzan 177- Anuj Mittal 178- Aryaman Gupta 179- Awais Belal 180- Beniamin Sandu 181- Bertrand Marquis 182- Bruce Ashfield 183- Changqing Li 184- Chee Yang Lee 185- Daiane Angolini 186- Enrico Scholz 187- Ernst Sjöstrand 188- Gennaro Iorio 189- Hitendra Prajapati 190- Jacob Kroon 191- Jon Mason 192- Jose Quaresma 193- Joshua Watt 194- Kai Kang 195- Khem Raj 196- Kristian Amlie 197- LUIS ENRIQUEZ 198- Mark Hatle 199- Martin Beeger 200- Martin Jansa 201- Mateusz Marciniec 202- Michael Opdenacker 203- Mihai Lindner 204- Mikko Rapeli 205- Ming Liu 206- Niko Mauno 207- Ola x Nilsson 208- Otavio Salvador 209- Paul Eggleton 210- Pavel Zhukov 211- Peter Bergin 212- Peter Kjellerstedt 213- Peter Marko 214- Rajesh Dangi 215- Randy MacLeod 216- Rasmus Villemoes 217- Richard Purdie 218- Robert Joslyn 219- Roland Hieber 220- Ross Burton 221- Sakib Sajal 222- Shubham Kulkarni 223- Steve Sakoman 224- Ulrich Ölmann 225- Yang Xu 226- Yongxin Liu 227- ghassaneben 228- pgowda 229- wangmy 230 231Repositories / Downloads for Yocto-4.0.4 232~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 233 234poky 235 236- Repository Location: https://git.yoctoproject.org/git/poky 237- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` 238- Tag: :yocto_git:`yocto-4.0.4 </poky/log/?h=yocto-4.0.4>` 239- Git Revision: :yocto_git:`d64bef1c7d713b92a51228e5ade945835e5a94a4 </poky/commit/?id=d64bef1c7d713b92a51228e5ade945835e5a94a4>` 240- Release Artefact: poky-d64bef1c7d713b92a51228e5ade945835e5a94a4 241- sha: b5e92506b31f88445755bad2f45978b747ad1a5bea66ca897370542df5f1e7db 242- Download Locations: 243 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 244 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 245 246openembedded-core 247 248- Repository Location: https://git.openembedded.org/openembedded-core 249- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` 250- Tag: :oe_git:`yocto-4.0.4 </openembedded-core/log/?h=yocto-4.0.4>` 251- Git Revision: :oe_git:`f7766da462905ec67bf549d46b8017be36cd5b2a </openembedded-core/commit/?id=f7766da462905ec67bf549d46b8017be36cd5b2a>` 252- Release Artefact: oecore-f7766da462905ec67bf549d46b8017be36cd5b2a 253- sha: ce0ac011474db5e5f0bb1be3fb97f890a02e46252a719dbcac5813268e48ff16 254- Download Locations: 255 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 256 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 257 258meta-mingw 259 260- Repository Location: https://git.yoctoproject.org/git/meta-mingw 261- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` 262- Tag: :yocto_git:`yocto-4.0.4 </meta-mingw/log/?h=yocto-4.0.4>` 263- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` 264- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 265- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 266- Download Locations: 267 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 268 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 269 270meta-gplv2 271 272- Repository Location: https://git.yoctoproject.org/git/meta-gplv2 273- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` 274- Tag: :yocto_git:`yocto-4.0.4 </meta-gplv2/log/?h=yocto-4.0.4>` 275- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` 276- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 277- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d 278- Download Locations: 279 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 280 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 281 282bitbake 283 284- Repository Location: https://git.openembedded.org/bitbake 285- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` 286- Tag: :oe_git:`yocto-4.0.4 </bitbake/log/?h=yocto-4.0.4>` 287- Git Revision: :oe_git:`ac576d6fad6bba0cfea931883f25264ea83747ca </bitbake/commit/?id=ac576d6fad6bba0cfea931883f25264ea83747ca>` 288- Release Artefact: bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca 289- sha: 526c2768874eeda61ade8c9ddb3113c90d36ef44a026d6690f02de6f3dd0ea12 290- Download Locations: 291 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 292 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 293 294yocto-docs 295 296- Repository Location: https://git.yoctoproject.org/git/yocto-docs 297- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` 298- Tag: :yocto_git:`yocto-4.0.4 </yocto-docs/log/?h=yocto-4.0.4>` 299- Git Revision: :yocto_git:`f632dad24c39778f948014029e74db3c871d9d21 </yocto-docs/commit/?id=f632dad24c39778f948014029e74db3c871d9d21>` 300