1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
2
3Release notes for Yocto-4.0.3 (Kirkstone)
4-----------------------------------------
5
6Security Fixes in Yocto-4.0.3
7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8
9-  binutils: fix :cve:`2019-1010204`
10-  busybox: fix :cve:`2022-30065`
11-  cups: ignore :cve:`2022-26691`
12-  curl: Fix :cve:`2022-32205`, :cve:`2022-32206`, :cve:`2022-32207` and :cve:`2022-32208`
13-  dpkg: fix :cve:`2022-1664`
14-  ghostscript: fix :cve:`2022-2085`
15-  harfbuzz: fix :cve:`2022-33068`
16-  libtirpc: fix :cve:`2021-46828`
17-  lua: fix :cve:`2022-33099`
18-  nasm: ignore :cve:`2020-18974`
19-  qemu: fix :cve:`2022-35414`
20-  qemu: ignore :cve:`2021-20255` and :cve:`2019-12067`
21-  tiff: fix :cve:`2022-1354`, :cve:`2022-1355`, :cve:`2022-2056`, :cve:`2022-2057` and :cve:`2022-2058`
22-  u-boot: fix :cve:`2022-34835`
23-  unzip: fix :cve:`2022-0529` and :cve:`2022-0530`
24
25
26Fixes in Yocto-4.0.3
27~~~~~~~~~~~~~~~~~~~~
28
29-  alsa-state: correct license
30-  at: take tarballs from debian
31-  base.bbclass: Correct the test for obsolete license exceptions
32-  base/reproducible: Change Source Date Epoch generation methods
33-  bin_package: install into base_prefix
34-  bind: Remove legacy python3 :term:`PACKAGECONFIG` code
35-  bind: upgrade to 9.18.4
36-  binutils: stable 2.38 branch updates
37-  build-appliance-image: Update to kirkstone head revision
38-  cargo_common.bbclass: enable bitbake vendoring for externalsrc
39-  coreutils: Tweak packaging variable names for coreutils-dev
40-  curl: backport openssl fix CN check error code
41-  cve-check: hook cleanup to the BuildCompleted event, not CookerExit
42-  cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
43-  devtool: finish: handle patching when :term:`S` points to subdir of a git repo
44-  devtool: ignore pn- overrides when determining :term:`SRC_URI` overrides
45-  docs: BB_HASHSERVE_UPSTREAM: update to new host
46-  dropbear: break dependency on base package for -dev package
47-  efivar: fix import functionality
48-  encodings: update to 1.0.6
49-  epiphany: upgrade to 42.3
50-  externalsrc.bbclass: support crate fetcher on externalsrc
51-  font-util: update 1.3.2 -> 1.3.3
52-  gcc-runtime: Fix build when using gold
53-  gcc-runtime: Fix missing :term:`MLPREFIX` in debug mappings
54-  gcc-runtime: Pass -nostartfiles when building dummy libstdc++.so
55-  gcc: Backport a fix for gcc bug 105039
56-  git: upgrade to v2.35.4
57-  glib-2.0: upgrade to 2.72.3
58-  glib-networking: upgrade to 2.72.1
59-  glibc : stable 2.35 branch updates
60-  glibc-tests: Avoid reproducibility issues
61-  glibc-tests: not clear :term:`BBCLASSEXTEND`
62-  glibc: revert one upstream change to work around broken :term:`DEBUG_BUILD` build
63-  glibc: stable 2.35 branch updates
64-  gnupg: upgrade to 2.3.7
65-  go: upgrade to v1.17.12
66-  gobject-introspection-data: Disable cache for g-ir-scanner
67-  gperf: Add a patch to work around reproducibility issues
68-  gperf: Switch to upstream patch
69-  gst-devtools: upgrade to 1.20.3
70-  gstreamer1.0-libav: upgrade to 1.20.3
71-  gstreamer1.0-omx: upgrade to 1.20.3
72-  gstreamer1.0-plugins-bad: upgrade to 1.20.3
73-  gstreamer1.0-plugins-base: upgrade to 1.20.3
74-  gstreamer1.0-plugins-good: upgrade to 1.20.3
75-  gstreamer1.0-plugins-ugly: upgrade to 1.20.3
76-  gstreamer1.0-python: upgrade to 1.20.3
77-  gstreamer1.0-rtsp-server: upgrade to 1.20.3
78-  gstreamer1.0-vaapi: upgrade to 1.20.3
79-  gstreamer1.0: upgrade to 1.20.3
80-  gtk-doc: Remove hardcoded buildpath
81-  harfbuzz: Fix compilation with clang
82-  initramfs-framework: move storage mounts to actual rootfs
83-  initscripts: run umountnfs as a KILL script
84-  insane.bbclass: host-user-contaminated: Correct per package home path
85-  insane: Fix buildpaths test to work with special devices
86-  kernel-arch: Fix buildpaths leaking into external module compiles
87-  kernel-devsrc: fix reproducibility and buildpaths QA warning
88-  kernel-devsrc: ppc32: fix reproducibility
89-  kernel-uboot.bbclass: Use vmlinux.initramfs when :term:`INITRAMFS_IMAGE_BUNDLE` set
90-  kernel.bbclass: pass :term:`LD` also in savedefconfig
91-  libffi: fix native build being not portable
92-  libgcc: Fix standalone target builds with usrmerge distro feature
93-  libmodule-build-perl: Use env utility to find perl interpreter
94-  libsoup: upgrade to 3.0.7
95-  libuv: upgrade to 1.44.2
96-  linux-firmware: upgrade to 20220708
97-  linux-firwmare: restore WHENCE_CHKSUM variable
98-  linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge)
99-  linux-yocto/5.10: fix build_OID_registry/conmakehash buildpaths warning
100-  linux-yocto/5.10: fix buildpaths issue with gen-mach-types
101-  linux-yocto/5.10: fix buildpaths issue with pnmtologo
102-  linux-yocto/5.10: update to v5.10.135
103-  linux-yocto/5.15: drop obselete GPIO sysfs ABI
104-  linux-yocto/5.15: fix build_OID_registry buildpaths warning
105-  linux-yocto/5.15: fix buildpaths issue with gen-mach-types
106-  linux-yocto/5.15: fix buildpaths issue with pnmtologo
107-  linux-yocto/5.15: fix qemuppc buildpaths warning
108-  linux-yocto/5.15: fix reproducibility issues
109-  linux-yocto/5.15: update to v5.15.59
110-  log4cplus: upgrade to 2.0.8
111-  lttng-modules: Fix build failure for kernel v5.15.58
112-  lttng-modules: upgrade to 2.13.4
113-  lua: Fix multilib buildpath reproducibility issues
114-  mkfontscale: upgrade to 1.2.2
115-  oe-selftest-image: Ensure the image has sftp as well as dropbear
116-  oe-selftest: devtool: test modify git recipe building from a subdir
117-  oeqa/runtime/scp: Disable scp test for dropbear
118-  oeqa/runtime: add test that the kernel has CONFIG_PREEMPT_RT enabled
119-  oeqa/sdk: drop the nativesdk-python 2.x test
120-  openssh: Add openssh-sftp-server to openssh :term:`RDEPENDS`
121-  openssh: break dependency on base package for -dev package
122-  openssl: update to 3.0.5
123-  package.bbclass: Avoid stripping signed kernel modules in splitdebuginfo
124-  package.bbclass: Fix base directory for debugsource files when using externalsrc
125-  package.bbclass: Fix kernel source handling when not using externalsrc
126-  package_manager/ipk: do not pipe stderr to stdout
127-  packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
128-  patch: handle if :term:`S` points to a subdirectory of a git repo
129-  perf: fix reproducibility in 5.19+
130-  perf: fix reproduciblity in older releases of Linux
131-  perf: sort-pmuevents: really keep array terminators
132-  perl: don't install Makefile.old into perl-ptest
133-  poky.conf: bump version for 4.0.3
134-  pulseaudio: add m4-native to :term:`DEPENDS`
135-  python3: Backport patch to fix an issue in subinterpreters
136-  qemu: Add :term:`PACKAGECONFIG` for brlapi
137-  qemu: Avoid accidental librdmacm linkage
138-  qemu: Avoid accidental libvdeplug linkage
139-  qemu: Fix slirp determinism issue
140-  qemu: add :term:`PACKAGECONFIG` for capstone
141-  recipetool/devtool: Fix python egg whitespace issues in :term:`PACKAGECONFIG`
142-  ref-manual: variables: remove sphinx directive from literal block
143-  rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S}
144-  ruby: add :term:`PACKAGECONFIG` for capstone
145-  rust: fix issue building cross-canadian tools for aarch64 on x86_64
146-  sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity
147-  selftest/runtime_test/virgl: Disable for all almalinux
148-  sstatesig: Include all dependencies in SPDX task signatures
149-  strace: set :term:`COMPATIBLE_HOST` for riscv32
150-  systemd: Added base_bindir into pkg_postinst:udev-hwdb.
151-  udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist
152-  udev-extraconf/mount.sh: add LABELs to mountpoints
153-  udev-extraconf/mount.sh: ignore lvm in automount
154-  udev-extraconf/mount.sh: only mount devices on hotplug
155-  udev-extraconf/mount.sh: save mount name in our tmp filecache
156-  udev-extraconf: fix some systemd automount issues
157-  udev-extraconf: force systemd-udevd to use shared MountFlags
158-  udev-extraconf: let automount base directory configurable
159-  udev-extraconf:mount.sh: fix a umount issue
160-  udev-extraconf:mount.sh: fix path mismatching issues
161-  vala: Fix on target wrapper buildpaths issue
162-  vala: upgrade to 0.56.2
163-  vim: upgrade to 9.0.0063
164-  waffle: correctly request wayland-scanner executable
165-  webkitgtk: upgrade to 2.36.4
166-  weston: upgrade to 10.0.1
167-  wic/plugins/rootfs: Fix NameError for 'orig_path'
168-  wic: fix WicError message
169-  wireless-regdb: upgrade to 2022.06.06
170-  xdpyinfo: upgrade to 1.3.3
171-  xev: upgrade to 1.2.5
172-  xf86-input-synaptics: upgrade to 1.9.2
173-  xmodmap: upgrade to 1.0.11
174-  xorg-app: Tweak handling of compression changes in :term:`SRC_URI`
175-  xserver-xorg: upgrade to 21.1.4
176-  xwayland: upgrade to 22.1.3
177-  yocto-bsps/5.10: fix buildpaths issue with gen-mach-types
178-  yocto-bsps/5.10: fix buildpaths issue with pnmtologo
179-  yocto-bsps/5.15: fix buildpaths issue with gen-mach-types
180-  yocto-bsps/5.15: fix buildpaths issue with pnmtologo
181-  yocto-bsps: buildpaths fixes
182-  yocto-bsps: update to v5.10.130
183-  yocto-bsps: buildpaths fixes
184-  yocto-bsps: update to v5.15.54
185
186
187Known Issues in Yocto-4.0.3
188~~~~~~~~~~~~~~~~~~~~~~~~~~~
189
190- N/A
191
192
193Contributors to Yocto-4.0.3
194~~~~~~~~~~~~~~~~~~~~~~~~~~~
195
196-  Ahmed Hossam
197-  Alejandro Hernandez Samaniego
198-  Alex Kiernan
199-  Alexander Kanavin
200-  Bruce Ashfield
201-  Chanho Park
202-  Christoph Lauer
203-  David Bagonyi
204-  Dmitry Baryshkov
205-  He Zhe
206-  Hitendra Prajapati
207-  Jose Quaresma
208-  Joshua Watt
209-  Kai Kang
210-  Khem Raj
211-  Lee Chee Yang
212-  Lucas Stach
213-  Markus Volk
214-  Martin Jansa
215-  Maxime Roussin-Bélanger
216-  Michael Opdenacker
217-  Mihai Lindner
218-  Ming Liu
219-  Mingli Yu
220-  Muhammad Hamza
221-  Naveen
222-  Pascal Bach
223-  Paul Eggleton
224-  Pavel Zhukov
225-  Peter Bergin
226-  Peter Kjellerstedt
227-  Peter Marko
228-  Pgowda
229-  Raju Kumar Pothuraju
230-  Richard Purdie
231-  Robert Joslyn
232-  Ross Burton
233-  Sakib Sajal
234-  Shruthi Ravichandran
235-  Steve Sakoman
236-  Sundeep Kokkonda
237-  Thomas Roos
238-  Tom Hochstein
239-  Wentao Zhang
240-  Yi Zhao
241-  Yue Tao
242-  gr embeter
243-  leimaohui
244-  Wang Mingyu
245
246
247Repositories / Downloads for Yocto-4.0.3
248~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
249
250poky
251
252-  Repository Location: :yocto_git:`/poky`
253-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
254-  Tag:  :yocto_git:`yocto-4.0.3 </poky/log/?h=yocto-4.0.3>`
255-  Git Revision: :yocto_git:`387ab5f18b17c3af3e9e30dc58584641a70f359f </poky/commit/?id=387ab5f18b17c3af3e9e30dc58584641a70f359f>`
256-  Release Artefact: poky-387ab5f18b17c3af3e9e30dc58584641a70f359f
257-  sha: fe674186bdb0684313746caa9472134fc19e6f1443c274fe02c06cb1e675b404
258-  Download Locations:
259   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2
260   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2
261
262openembedded-core
263
264-  Repository Location: :oe_git:`/openembedded-core`
265-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
266-  Tag:  :oe_git:`yocto-4.0.3 </openembedded-core/log/?h=yocto-4.0.3>`
267-  Git Revision: :oe_git:`2cafa6ed5f0aa9df5a120b6353755d56c7c7800d </openembedded-core/commit/?id=2cafa6ed5f0aa9df5a120b6353755d56c7c7800d>`
268-  Release Artefact: oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d
269-  sha: 5181d3e8118c6112936637f01a07308b715e0e3d12c7eba338556747dfcabe92
270-  Download Locations:
271   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d.tar.bz2
272   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d.tar.bz2
273
274meta-mingw
275
276-  Repository Location: :yocto_git:`/meta-mingw`
277-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
278-  Tag:  :yocto_git:`yocto-4.0.3 </meta-mingw/log/?h=yocto-4.0.3>`
279-  Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>`
280-  Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1
281-  sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302
282-  Download Locations:
283   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
284   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
285
286meta-gplv2
287
288-  Repository Location: :yocto_git:`/meta-gplv2`
289-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
290-  Tag:  :yocto_git:`yocto-4.0.3 </meta-gplv2/log/?h=yocto-4.0.3>`
291-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
292-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
293-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
294-  Download Locations:
295   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
296   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
297
298bitbake
299
300-  Repository Location: :oe_git:`/bitbake`
301-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
302-  Tag:  :oe_git:`yocto-4.0.3 </bitbake/log/?h=yocto-4.0.3>`
303-  Git Revision: :oe_git:`b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 </bitbake/commit/?id=b8fd6f5d9959d27176ea016c249cf6d35ac8ba03>`
304-  Release Artefact: bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03
305-  sha: 373818b1dee2c502264edf654d6d8f857b558865437f080e02d5ba6bb9e72cc3
306-  Download Locations:
307   http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2
308   http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2
309
310yocto-docs
311
312-  Repository Location: :yocto_git:`/yocto-docs`
313-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
314-  Tag: :yocto_git:`yocto-4.0.3 </yocto-docs/log/?h=yocto-4.0.3>`
315-  Git Revision: :yocto_git:`d9b3dcf65ef25c06f552482aba460dd16862bf96 </yocto-docs/commit/?id=d9b3dcf65ef25c06f552482aba460dd16862bf96>`
316
317