1*4882a593Smuzhiyun.. SPDX-License-Identifier: CC-BY-SA-2.0-UK 2*4882a593Smuzhiyun 3*4882a593SmuzhiyunRelease notes for Yocto-4.0.7 (Kirkstone) 4*4882a593Smuzhiyun----------------------------------------- 5*4882a593Smuzhiyun 6*4882a593SmuzhiyunSecurity Fixes in Yocto-4.0.7 7*4882a593Smuzhiyun~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8*4882a593Smuzhiyun 9*4882a593Smuzhiyun- binutils: Fix :cve:`2022-4285` 10*4882a593Smuzhiyun- curl: Fix :cve:`2022-43551` and `CVE-2022-43552 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43552>`__ 11*4882a593Smuzhiyun- ffmpeg: Fix :cve:`2022-3109` and :cve:`2022-3341` 12*4882a593Smuzhiyun- go: Fix :cve:`2022-41715` and :cve:`2022-41717` 13*4882a593Smuzhiyun- libX11: Fix :cve:`2022-3554` and :cve:`2022-3555` 14*4882a593Smuzhiyun- libarchive: Fix :cve:`2022-36227` 15*4882a593Smuzhiyun- libksba: Fix :cve:`2022-47629` 16*4882a593Smuzhiyun- libpng: Fix :cve:`2019-6129` 17*4882a593Smuzhiyun- libxml2: Fix :cve:`2022-40303` and :cve:`2022-40304` 18*4882a593Smuzhiyun- openssl: Fix :cve:`2022-3996` 19*4882a593Smuzhiyun- python3: Fix :cve:`2022-45061` 20*4882a593Smuzhiyun- python3-git: Fix :cve:`2022-24439` 21*4882a593Smuzhiyun- python3-setuptools: Fix :cve:`2022-40897` 22*4882a593Smuzhiyun- python3-wheel: Fix :cve:`2022-40898` 23*4882a593Smuzhiyun- qemu: Fix :cve:`2022-4144` 24*4882a593Smuzhiyun- sqlite: Fix :cve:`2022-46908` 25*4882a593Smuzhiyun- systemd: Fix :cve:`2022-45873` 26*4882a593Smuzhiyun- vim: Fix :cve:`2023-0049`, :cve:`2023-0051`, :cve:`2023-0054` and :cve:`2023-0088` 27*4882a593Smuzhiyun- webkitgtk: Fix :cve:`2022-32886`, `CVE-2022-32891 <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32891>`__ and :cve:`2022-32912` 28*4882a593Smuzhiyun 29*4882a593Smuzhiyun 30*4882a593SmuzhiyunFixes in Yocto-4.0.7 31*4882a593Smuzhiyun~~~~~~~~~~~~~~~~~~~~ 32*4882a593Smuzhiyun 33*4882a593Smuzhiyun- Revert "gstreamer1.0: disable flaky gstbin:test_watch_for_state_change test" 34*4882a593Smuzhiyun- at: Change when files are copied 35*4882a593Smuzhiyun- baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES 36*4882a593Smuzhiyun- base.bbclass: Fix way to check ccache path 37*4882a593Smuzhiyun- bc: extend to nativesdk 38*4882a593Smuzhiyun- bind: upgrade to 9.18.10 39*4882a593Smuzhiyun- busybox: always start do_compile with orig config files 40*4882a593Smuzhiyun- busybox: rm temporary files if do_compile was interrupted 41*4882a593Smuzhiyun- cairo: fix CVE patches assigned wrong CVE number 42*4882a593Smuzhiyun- cairo: update patch for :cve:`2019-6461` with upstream solution 43*4882a593Smuzhiyun- classes/create-spdx: Add SPDX_PRETTY option 44*4882a593Smuzhiyun- classes: image: Set empty weak default IMAGE_LINGUAS 45*4882a593Smuzhiyun- combo-layer: add sync-revs command 46*4882a593Smuzhiyun- combo-layer: dont use bb.utils.rename 47*4882a593Smuzhiyun- combo-layer: remove unused import 48*4882a593Smuzhiyun- curl: Correct LICENSE from MIT-open-group to curl 49*4882a593Smuzhiyun- cve-check: write the cve manifest to IMGDEPLOYDIR 50*4882a593Smuzhiyun- cve-update-db-native: avoid incomplete updates 51*4882a593Smuzhiyun- cve-update-db-native: show IP on failure 52*4882a593Smuzhiyun- dbus: Add missing CVE product name 53*4882a593Smuzhiyun- devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree 54*4882a593Smuzhiyun- devtool: process local files only for the main branch 55*4882a593Smuzhiyun- dhcpcd: backport two patches to fix runtime error 56*4882a593Smuzhiyun- docs: kernel-dev: faq: update tip on how to not include kernel in image 57*4882a593Smuzhiyun- docs: migration-4.0: specify variable name change for kernel inclusion in image recipe 58*4882a593Smuzhiyun- efibootmgr: update compilation with musl 59*4882a593Smuzhiyun- externalsrc: fix lookup for .gitmodules 60*4882a593Smuzhiyun- ffmpeg: refresh patches to apply cleanly 61*4882a593Smuzhiyun- freetype:update mirror site. 62*4882a593Smuzhiyun- gcc: Refactor linker patches and fix linker on arm with usrmerge 63*4882a593Smuzhiyun- glibc: stable 2.35 branch updates. 64*4882a593Smuzhiyun- go-crosssdk: avoid host contamination by GOCACHE 65*4882a593Smuzhiyun- gstreamer1.0: Fix race conditions in gstbin tests 66*4882a593Smuzhiyun- gstreamer1.0: upgrade to 1.20.5 67*4882a593Smuzhiyun- gtk-icon-cache: Fix GTKIC_CMD if-else condition 68*4882a593Smuzhiyun- harfbuzz: remove bindir only if it exists 69*4882a593Smuzhiyun- kernel-fitimage: Adjust order of dtb/dtbo files 70*4882a593Smuzhiyun- kernel-fitimage: Allow user to select dtb when multiple dtb exists 71*4882a593Smuzhiyun- kernel.bbclass: remove empty module directories to prevent QA issues 72*4882a593Smuzhiyun- lib/buildstats: fix parsing of trees with reduced_proc_pressure directories 73*4882a593Smuzhiyun- lib/oe/reproducible: Use git log without gpg signature 74*4882a593Smuzhiyun- libepoxy: remove upstreamed patch 75*4882a593Smuzhiyun- libnewt: update 0.52.21 -> 0.52.23 76*4882a593Smuzhiyun- libseccomp: fix typo in DESCRIPTION 77*4882a593Smuzhiyun- libxcrypt-compat: upgrade 4.4.30 -> 4.4.33 78*4882a593Smuzhiyun- libxml2: fix test data checksums 79*4882a593Smuzhiyun- linux-firmware: upgrade 20221109 -> 20221214 80*4882a593Smuzhiyun- linux-yocto/5.10: update to v5.10.152 81*4882a593Smuzhiyun- linux-yocto/5.10: update to v5.10.154 82*4882a593Smuzhiyun- linux-yocto/5.10: update to v5.10.160 83*4882a593Smuzhiyun- linux-yocto/5.15: fix perf build with clang 84*4882a593Smuzhiyun- linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off 85*4882a593Smuzhiyun- linux-yocto/5.15: ltp and squashfs fixes 86*4882a593Smuzhiyun- linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy 87*4882a593Smuzhiyun- linux-yocto/5.15: update to v5.15.84 88*4882a593Smuzhiyun- lsof: add update-alternatives logic 89*4882a593Smuzhiyun- lttng-modules: update 2.13.7 -> 2.13.8 90*4882a593Smuzhiyun- manuals: add 4.0.5 and 4.0.6 release notes 91*4882a593Smuzhiyun- manuals: document SPDX_PRETTY variable 92*4882a593Smuzhiyun- mpfr: upgrade 4.1.0 -> 4.1.1 93*4882a593Smuzhiyun- oeqa/concurrencytest: Add number of failures to summary output 94*4882a593Smuzhiyun- oeqa/rpm.py: Increase timeout and add debug output 95*4882a593Smuzhiyun- oeqa/selftest/externalsrc: add test for srctree_hash_files 96*4882a593Smuzhiyun- openssh: remove RRECOMMENDS to rng-tools for sshd package 97*4882a593Smuzhiyun- poky.conf: bump version for 4.0.7 98*4882a593Smuzhiyun- qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image 99*4882a593Smuzhiyun- rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively 100*4882a593Smuzhiyun- rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work 101*4882a593Smuzhiyun- ruby: merge .inc into .bb 102*4882a593Smuzhiyun- ruby: update 3.1.2 -> 3.1.3 103*4882a593Smuzhiyun- selftest/virgl: use pkg-config from the host 104*4882a593Smuzhiyun- tiff: Add packageconfig knob for webp 105*4882a593Smuzhiyun- toolchain-scripts: compatibility with unbound variable protection 106*4882a593Smuzhiyun- tzdata: update 2022d -> 2022g 107*4882a593Smuzhiyun- valgrind: skip the boost_thread test on arm 108*4882a593Smuzhiyun- xserver-xorg: upgrade 21.1.4 -> 21.1.6 109*4882a593Smuzhiyun- xwayland: libxshmfence is needed when dri3 is enabled 110*4882a593Smuzhiyun- xwayland: upgrade 22.1.5 -> 22.1.7 111*4882a593Smuzhiyun- yocto-check-layer: Allow OE-Core to be tested 112*4882a593Smuzhiyun 113*4882a593Smuzhiyun 114*4882a593SmuzhiyunKnown Issues in Yocto-4.0.7 115*4882a593Smuzhiyun~~~~~~~~~~~~~~~~~~~~~~~~~~~ 116*4882a593Smuzhiyun 117*4882a593Smuzhiyun- N/A 118*4882a593Smuzhiyun 119*4882a593Smuzhiyun 120*4882a593SmuzhiyunContributors to Yocto-4.0.7 121*4882a593Smuzhiyun~~~~~~~~~~~~~~~~~~~~~~~~~~~ 122*4882a593Smuzhiyun 123*4882a593Smuzhiyun- Alejandro Hernandez Samaniego 124*4882a593Smuzhiyun- Alex Kiernan 125*4882a593Smuzhiyun- Alex Stewart 126*4882a593Smuzhiyun- Alexander Kanavin 127*4882a593Smuzhiyun- Antonin Godard 128*4882a593Smuzhiyun- Benoît Mauduit 129*4882a593Smuzhiyun- Bhabu Bindu 130*4882a593Smuzhiyun- Bruce Ashfield 131*4882a593Smuzhiyun- Carlos Alberto Lopez Perez 132*4882a593Smuzhiyun- Changqing Li 133*4882a593Smuzhiyun- Chen Qi 134*4882a593Smuzhiyun- Daniel Gomez 135*4882a593Smuzhiyun- Florin Diaconescu 136*4882a593Smuzhiyun- He Zhe 137*4882a593Smuzhiyun- Hitendra Prajapati 138*4882a593Smuzhiyun- Jagadeesh Krishnanjanappa 139*4882a593Smuzhiyun- Jan Kircher 140*4882a593Smuzhiyun- Jermain Horsman 141*4882a593Smuzhiyun- Jose Quaresma 142*4882a593Smuzhiyun- Joshua Watt 143*4882a593Smuzhiyun- KARN JYE LAU 144*4882a593Smuzhiyun- Kai Kang 145*4882a593Smuzhiyun- Khem Raj 146*4882a593Smuzhiyun- Luis 147*4882a593Smuzhiyun- Marta Rybczynska 148*4882a593Smuzhiyun- Martin Jansa 149*4882a593Smuzhiyun- Mathieu Dubois-Briand 150*4882a593Smuzhiyun- Michael Opdenacker 151*4882a593Smuzhiyun- Narpat Mali 152*4882a593Smuzhiyun- Ovidiu Panait 153*4882a593Smuzhiyun- Pavel Zhukov 154*4882a593Smuzhiyun- Peter Marko 155*4882a593Smuzhiyun- Petr Kubizňák 156*4882a593Smuzhiyun- Quentin Schulz 157*4882a593Smuzhiyun- Randy MacLeod 158*4882a593Smuzhiyun- Ranjitsinh Rathod 159*4882a593Smuzhiyun- Richard Purdie 160*4882a593Smuzhiyun- Robert Andersson 161*4882a593Smuzhiyun- Ross Burton 162*4882a593Smuzhiyun- Sandeep Gundlupet Raju 163*4882a593Smuzhiyun- Saul Wold 164*4882a593Smuzhiyun- Steve Sakoman 165*4882a593Smuzhiyun- Vivek Kumbhar 166*4882a593Smuzhiyun- Wang Mingyu 167*4882a593Smuzhiyun- Xiangyu Chen 168*4882a593Smuzhiyun- Yash Shinde 169*4882a593Smuzhiyun- Yogita Urade 170*4882a593Smuzhiyun 171*4882a593Smuzhiyun 172*4882a593SmuzhiyunRepositories / Downloads for Yocto-4.0.7 173*4882a593Smuzhiyun~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 174*4882a593Smuzhiyun 175*4882a593Smuzhiyunpoky 176*4882a593Smuzhiyun 177*4882a593Smuzhiyun- Repository Location: :yocto_git:`/poky` 178*4882a593Smuzhiyun- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` 179*4882a593Smuzhiyun- Tag: :yocto_git:`yocto-4.0.7 </poky/log/?h=yocto-4.0.7>` 180*4882a593Smuzhiyun- Git Revision: :yocto_git:`65dafea22018052fe7b2e17e6e4d7eb754224d38 </poky/commit/?id=65dafea22018052fe7b2e17e6e4d7eb754224d38>` 181*4882a593Smuzhiyun- Release Artefact: poky-65dafea22018052fe7b2e17e6e4d7eb754224d38 182*4882a593Smuzhiyun- sha: 6b1b67600b84503e2d5d29bcd6038547339f4f9413b830cd2408df825eda642d 183*4882a593Smuzhiyun- Download Locations: 184*4882a593Smuzhiyun http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/poky-65dafea22018052fe7b2e17e6e4d7eb754224d38.tar.bz2 185*4882a593Smuzhiyun http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/poky-65dafea22018052fe7b2e17e6e4d7eb754224d38.tar.bz2 186*4882a593Smuzhiyun 187*4882a593Smuzhiyunopenembedded-core 188*4882a593Smuzhiyun 189*4882a593Smuzhiyun- Repository Location: :oe_git:`/openembedded-core` 190*4882a593Smuzhiyun- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` 191*4882a593Smuzhiyun- Tag: :oe_git:`yocto-4.0.7 </openembedded-core/log/?h=yocto-4.0.7>` 192*4882a593Smuzhiyun- Git Revision: :oe_git:`a8c82902384f7430519a31732a4bb631f21693ac </openembedded-core/commit/?id=a8c82902384f7430519a31732a4bb631f21693ac>` 193*4882a593Smuzhiyun- Release Artefact: oecore-a8c82902384f7430519a31732a4bb631f21693ac 194*4882a593Smuzhiyun- sha: 6f2dbc4ea1e388620ef77ac3a7bbb2b5956bb8bf9349b0c16cd7610e9996f5ea 195*4882a593Smuzhiyun- Download Locations: 196*4882a593Smuzhiyun http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/oecore-a8c82902384f7430519a31732a4bb631f21693ac.tar.bz2 197*4882a593Smuzhiyun http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/oecore-a8c82902384f7430519a31732a4bb631f21693ac.tar.bz2 198*4882a593Smuzhiyun 199*4882a593Smuzhiyunmeta-mingw 200*4882a593Smuzhiyun 201*4882a593Smuzhiyun- Repository Location: :yocto_git:`/meta-mingw` 202*4882a593Smuzhiyun- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` 203*4882a593Smuzhiyun- Tag: :yocto_git:`yocto-4.0.7 </meta-mingw/log/?h=yocto-4.0.7>` 204*4882a593Smuzhiyun- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` 205*4882a593Smuzhiyun- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 206*4882a593Smuzhiyun- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 207*4882a593Smuzhiyun- Download Locations: 208*4882a593Smuzhiyun http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 209*4882a593Smuzhiyun http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 210*4882a593Smuzhiyun 211*4882a593Smuzhiyunmeta-gplv2 212*4882a593Smuzhiyun 213*4882a593Smuzhiyun- Repository Location: :yocto_git:`/meta-gplv2` 214*4882a593Smuzhiyun- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` 215*4882a593Smuzhiyun- Tag: :yocto_git:`yocto-4.0.7 </meta-gplv2/log/?h=yocto-4.0.7>` 216*4882a593Smuzhiyun- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` 217*4882a593Smuzhiyun- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 218*4882a593Smuzhiyun- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d 219*4882a593Smuzhiyun- Download Locations: 220*4882a593Smuzhiyun http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 221*4882a593Smuzhiyun http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 222*4882a593Smuzhiyun 223*4882a593Smuzhiyunbitbake 224*4882a593Smuzhiyun 225*4882a593Smuzhiyun- Repository Location: :oe_git:`/bitbake` 226*4882a593Smuzhiyun- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` 227*4882a593Smuzhiyun- Tag: :oe_git:`yocto-4.0.7 </bitbake/log/?h=yocto-4.0.7>` 228*4882a593Smuzhiyun- Git Revision: :oe_git:`7e268c107bb0240d583d2c34e24a71e373382509 </bitbake/commit/?id=7e268c107bb0240d583d2c34e24a71e373382509>` 229*4882a593Smuzhiyun- Release Artefact: bitbake-7e268c107bb0240d583d2c34e24a71e373382509 230*4882a593Smuzhiyun- sha: c3e2899012358c95962c7a5c85cf98dc30c58eae0861c374124e96d9556bb901 231*4882a593Smuzhiyun- Download Locations: 232*4882a593Smuzhiyun http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/bitbake-7e268c107bb0240d583d2c34e24a71e373382509.tar.bz2 233*4882a593Smuzhiyun http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/bitbake-7e268c107bb0240d583d2c34e24a71e373382509.tar.bz2 234*4882a593Smuzhiyun 235*4882a593Smuzhiyunyocto-docs 236*4882a593Smuzhiyun 237*4882a593Smuzhiyun- Repository Location: :yocto_git:`/yocto-docs` 238*4882a593Smuzhiyun- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` 239*4882a593Smuzhiyun- Tag: :yocto_git:`yocto-4.0.7 </yocto-docs/log/?h=yocto-4.0.7>` 240*4882a593Smuzhiyun- Git Revision: :yocto_git:`5883e897c34f25401b358a597fb6e18d80f7f90b </yocto-docs/commit/?id=5883e897c34f25401b358a597fb6e18d80f7f90b>` 241*4882a593Smuzhiyun 242*4882a593Smuzhiyun 243