1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK 2 3Release notes for Yocto-4.0.9 (Kirkstone) 4----------------------------------------- 5 6Security Fixes in Yocto-4.0.9 7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 9- binutils: Fix :cve_nist:`2023-22608` 10- curl: Fix :cve_nist:`2023-23914`, :cve_nist:`2023-23915` and :cve_nist:`2023-23916` 11- epiphany: Fix :cve_nist:`2023-26081` 12- git: Ignore :cve_nist:`2023-22743` 13- glibc: Fix :cve_nist:`2023-0687` 14- gnutls: Fix :cve_nist:`2023-0361` 15- go: Fix :cve_nist:`2022-2879`, :cve_nist:`2022-41720` and :cve_nist:`2022-41723` 16- harfbuzz: Fix :cve_nist:`2023-25193` 17- less: Fix :cve_nist:`2022-46663` 18- libmicrohttpd: Fix :cve_nist:`2023-27371` 19- libsdl2: Fix :cve_nist:`2022-4743` 20- openssl: Fix :cve_nist:`2022-3996`, :cve_nist:`2023-0464`, :cve_nist:`2023-0465` and :cve_nist:`2023-0466` 21- pkgconf: Fix :cve_nist:`2023-24056` 22- python3: Fix :cve_nist:`2023-24329` 23- shadow: Ignore :cve_nist:`2016-15024` 24- systemd: Fix :cve_nist:`2022-4415` 25- tiff: Fix :cve_nist:`2023-0800`, :cve_nist:`2023-0801`, :cve_nist:`2023-0802`, :cve_nist:`2023-0803` and :cve_nist:`2023-0804` 26- vim: Fix :cve_nist:`2023-0433`, :cve_nist:`2023-0512`, :cve_nist:`2023-1127`, :cve_nist:`2023-1170`, :cve_nist:`2023-1175`, :cve_nist:`2023-1264` and :cve_nist:`2023-1355` 27- xserver-xorg: Fix :cve_nist:`2023-0494` 28- xwayland: Fix :cve_nist:`2023-0494` 29 30 31Fixes in Yocto-4.0.9 32~~~~~~~~~~~~~~~~~~~~ 33 34- base-files: Drop localhost.localdomain from hosts file 35- binutils: Fix nativesdk ld.so search 36- bitbake: cookerdata: Drop dubious exception handling code 37- bitbake: cookerdata: Improve early exception handling 38- bitbake: cookerdata: Remove incorrect SystemExit usage 39- bitbake: fetch/git: Fix local clone url to make it work with repo 40- bitbake: utils: Allow to_boolean to support int values 41- bmap-tools: switch to main branch 42- buildtools-tarball: Handle spaces within user $PATH 43- busybox: Fix depmod patch 44- cracklib: update github branch to 'main' 45- cups: add/fix web interface packaging 46- cups: check PACKAGECONFIG for pam feature 47- cups: use BUILDROOT instead of DESTDIR 48- curl: fix dependencies when building with ldap/ldaps 49- cve-check: Fix false negative version issue 50- dbus: upgrade to 1.14.6 51- devtool/upgrade: do not delete the workspace/recipes directory 52- dhcpcd: Fix install conflict when enable multilib. 53- dhcpcd: fix dhcpcd start failure on qemuppc64 54- gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch 55- glibc: Add missing binutils dependency 56- image_types: fix multiubi var init 57- iso-codes: upgrade to 4.13.0 58- json-c: Add ptest for json-c 59- kernel-yocto: fix kernel-meta data detection 60- lib/buildstats: handle tasks that never finished 61- lib/resulttool: fix typo breaking resulttool log --ptest 62- libjpeg-turbo: upgrade to 2.1.5.1 63- libmicrohttpd: upgrade to 0.9.76 64- libseccomp: fix for the ptest result format 65- libssh2: Clean up ptest patch/coverage 66- linux-firmware: add yamato fw files to qcom-adreno-a2xx package 67- linux-firmware: properly set license for all Qualcomm firmware 68- linux-firmware: upgrade to 20230210 69- linux-yocto-rt/5.15: update to -rt59 70- linux-yocto/5.10: upgrade to v5.10.175 71- linux-yocto/5.15: upgrade to v5.15.103 72- linux: inherit pkgconfig in kernel.bbclass 73- lttng-modules: fix for kernel 6.2+ 74- lttng-modules: upgrade to v2.13.9 75- lua: Fix install conflict when enable multilib. 76- mdadm: Fix raid0, 06wrmostly and 02lineargrow tests 77- meson: Fix wrapper handling of implicit setup command 78- migration-guides: add 4.0.8 release notes 79- nghttp2: never build python bindings 80- oeqa rtc.py: skip if read-only-rootfs 81- oeqa ssh.py: fix hangs in run() 82- oeqa/sdk: Improve Meson test 83- oeqa/selftest/prservice: Improve debug output for failure 84- oeqa/selftest/resulttooltests: fix minor typo 85- openssl: upgrade to 3.0.8 86- package.bbclase: Add check for /build in copydebugsources() 87- patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak 88- poky.conf: bump version for 4.0.9 89- populate_sdk_ext: Handle spaces within user $PATH 90- pybootchartui: Fix python syntax issue 91- python3-git: fix indent error 92- python3-setuptools-rust-native: Add direct dependency of native python3 modules 93- qemu: Revert "fix :cve_nist:`2021-3507`" as not applicable for qemu 6.2 94- rsync: Add missing prototypes to function declarations 95- rsync: Turn on -pedantic-errors at the end of 'configure' 96- runqemu: kill qemu if it hangs 97- scripts/lib/buildstats: handle top-level build_stats not being complete 98- selftest/recipetool: Stop test corrupting tinfoil class 99- selftest/runtime_test/virgl: Disable for all Rocky Linux 100- selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR 101- sstatesig: Improve output hash calculation 102- staging/multilib: Fix manifest corruption 103- staging: Separate out different multiconfig manifests 104- sudo: update 1.9.12p2 -> 1.9.13p3 105- systemd.bbclass: Add /usr/lib/systemd to searchpaths as well 106- systemd: add group sgx to udev package 107- systemd: fix wrong nobody-group assignment 108- timezone: use 'tz' subdir instead of ${WORKDIR} directly 109- toolchain-scripts: Handle spaces within user $PATH 110- tzcode-native: fix build with gcc-13 on host 111- tzdata: use separate B instead of WORKDIR for zic output 112- uninative: upgrade to 3.9 to include libgcc and glibc 2.37 113- vala: Fix install conflict when enable multilib. 114- vim: add missing pkgconfig inherit 115- vim: set modified-by to the recipe MAINTAINER 116- vim: upgrade to 9.0.1429 117- wic: Fix usage of fstype=none in wic 118- wireless-regdb: upgrade to 2023.02.13 119- xserver-xorg: upgrade to 21.1.7 120- xwayland: upgrade to 22.1.8 121 122 123Known Issues in Yocto-4.0.9 124~~~~~~~~~~~~~~~~~~~~~~~~~~~ 125 126- N/A 127 128 129Contributors to Yocto-4.0.9 130~~~~~~~~~~~~~~~~~~~~~~~~~~~ 131 132- Alexander Kanavin 133- Alexis Lothoré 134- Bruce Ashfield 135- Changqing Li 136- Chee Yang Lee 137- Dmitry Baryshkov 138- Federico Pellegrin 139- Geoffrey GIRY 140- Hitendra Prajapati 141- Hongxu Jia 142- Joe Slater 143- Kai Kang 144- Kenfe-Mickael Laventure 145- Khem Raj 146- Martin Jansa 147- Mateusz Marciniec 148- Michael Halstead 149- Michael Opdenacker 150- Mikko Rapeli 151- Ming Liu 152- Mingli Yu 153- Narpat Mali 154- Pavel Zhukov 155- Pawan Badganchi 156- Peter Marko 157- Piotr Łobacz 158- Poonam Jadhav 159- Randy MacLeod 160- Richard Purdie 161- Robert Yang 162- Romuald Jeanne 163- Ross Burton 164- Sakib Sajal 165- Saul Wold 166- Shubham Kulkarni 167- Siddharth Doshi 168- Simone Weiss 169- Steve Sakoman 170- Tim Orling 171- Tom Hochstein 172- Trevor Woerner 173- Ulrich Ölmann 174- Vivek Kumbhar 175- Wang Mingyu 176- Xiangyu Chen 177- Yash Shinde 178 179 180Repositories / Downloads for Yocto-4.0.9 181~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 182 183poky 184 185- Repository Location: :yocto_git:`/poky` 186- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` 187- Tag: :yocto_git:`yocto-4.0.9 </poky/log/?h=yocto-4.0.9>` 188- Git Revision: :yocto_git:`09def309f91929f47c6cce386016ccb777bd2cfc </poky/commit/?id=09def309f91929f47c6cce386016ccb777bd2cfc>` 189- Release Artefact: poky-09def309f91929f47c6cce386016ccb777bd2cfc 190- sha: 5c7ce209c8a6b37ec2898e5ca21858234d91999c11fa862880ba98e8bde62f63 191- Download Locations: 192 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/poky-09def309f91929f47c6cce386016ccb777bd2cfc.tar.bz2 193 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/poky-09def309f91929f47c6cce386016ccb777bd2cfc.tar.bz2 194 195openembedded-core 196 197- Repository Location: :oe_git:`/openembedded-core` 198- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` 199- Tag: :oe_git:`yocto-4.0.9 </openembedded-core/log/?h=yocto-4.0.9>` 200- Git Revision: :oe_git:`ff4b57ffff903a93b710284c7c7f916ddd74712f </openembedded-core/commit/?id=ff4b57ffff903a93b710284c7c7f916ddd74712f>` 201- Release Artefact: oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f 202- sha: 726778ffc291136db1704316b196de979f68df9f96476b785e1791957fbb66b3 203- Download Locations: 204 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f.tar.bz2 205 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f.tar.bz2 206 207meta-mingw 208 209- Repository Location: :yocto_git:`/meta-mingw` 210- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` 211- Tag: :yocto_git:`yocto-4.0.9 </meta-mingw/log/?h=yocto-4.0.9>` 212- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` 213- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 214- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 215- Download Locations: 216 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 217 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 218 219meta-gplv2 220 221- Repository Location: :yocto_git:`/meta-gplv2` 222- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` 223- Tag: :yocto_git:`yocto-4.0.9 </meta-gplv2/log/?h=yocto-4.0.9>` 224- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` 225- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 226- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d 227- Download Locations: 228 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 229 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 230 231bitbake 232 233- Repository Location: :oe_git:`/bitbake` 234- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` 235- Tag: :oe_git:`yocto-4.0.9 </bitbake/log/?h=yocto-4.0.9>` 236- Git Revision: :oe_git:`2802adb572eb73a3eb2725a74a9bbdaafc543fa7 </bitbake/commit/?id=2802adb572eb73a3eb2725a74a9bbdaafc543fa7>` 237- Release Artefact: bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7 238- sha: 5c6e713b5e26b3835c0773095c7a1bc1f8affa28316b33597220ed86f1f1b643 239- Download Locations: 240 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7.tar.bz2 241 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7.tar.bz2 242 243yocto-docs 244 245- Repository Location: :yocto_git:`/yocto-docs` 246- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` 247- Tag: :yocto_git:`yocto-4.0.9 </yocto-docs/log/?h=yocto-4.0.9>` 248- Git Revision: :yocto_git:`86d0b38a97941ad52b1af220c7b801a399d50e93 </yocto-docs/commit/?id=86d0b38a97941ad52b1af220c7b801a399d50e93>` 249 250