1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK 2 3Release notes for Yocto-4.1.2 (Langdale) 4---------------------------------------- 5 6Security Fixes in Yocto-4.1.2 7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 9- sudo: Fix :cve:`2022-43995` 10- binutils: Fix :cve:`2022-4285` 11- cairo: update patch for :cve:`2019-6461` with upstream solution 12- expat: Fix :cve:`2022-43680` 13- ffmpeg: Fix :cve:`2022-3964` and :cve:`2022-3965` 14- grub: Fix :cve:`2022-28736` 15- libarchive: Fix :cve:`2022-36227` 16- libpam: Fix :cve:`2022-28321` 17- libpng: Fix :cve:`2019-6129` 18- ruby: Fix :cve:`2022-28738` and :cve:`2022-28739` 19- tiff: Fix :cve:`2022-3970` 20- vim: Fix :cve:`2022-4141` 21 22 23Fixes in Yocto-4.1.2 24~~~~~~~~~~~~~~~~~~~~ 25 26- Expand create-spdx class documentation 27- Expand cve-check class documentation 28- archiver: avoid using machine variable as it breaks multiconfig 29- babeltrace: Upgrade to 1.5.11 30- backport SPDX documentation and vulnerability improvements 31- baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES 32- bc: extend to nativesdk 33- bind: Upgrade to 9.18.9 34- bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK 35- bitbake: gitsm: Fix regression in gitsm submodule path parsing 36- bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse 37- bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware 38- build-appliance-image: Update to langdale head revision 39- cargo_common.bbclass: Fix typos 40- classes: make TOOLCHAIN more permissive for kernel 41- cmake: Upgrade to 3.24.2 42- combo-layer: add sync-revs command 43- combo-layer: dont use bb.utils.rename 44- combo-layer: remove unused import 45- common-tasks.rst: fix oeqa runtime test path 46- create-spdx: default share_src for shared sources 47- curl: Correct LICENSE from MIT-open-group to curl 48- dbus: Add missing CVE product name 49- devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree 50- dhcpcd: fix to work with systemd 51- docs: kernel-dev: faq: update tip on how to not include kernel in image 52- docs: migration-4.0: specify variable name change for kernel inclusion in image recipe 53- expat: upgrade to 2.5.0 54- externalsrc: fix lookup for .gitmodules 55- ffmpeg: Upgrade to 5.1.2 56- gcc-shared-source: Fix source date epoch handling 57- gcc-source: Drop gengtype manipulation 58- gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change 59- gcc-source: Fix gengtypes race 60- gdk-pixbuf: Upgrade to 2.42.10 61- get_module_deps3.py: Check attribute '__file__' 62- glibc-tests: correctly pull in the actual tests when installing -ptest package 63- gnomebase.bbclass: return the whole version for tarball directory if it is a number 64- go-crosssdk: avoid host contamination by GOCACHE 65- go: Update reproducibility patch to fix panic errors 66- go: submit patch upstream 67- go: Upgrade to 1.19.3 68- gptfdisk: remove warning message from target system 69- groff: submit patches upstream 70- gstreamer1.0: Upgrade to 1.20.5 71- help2man: Upgrade to 1.49.3 72- insane: add codeload.github.com to src-uri-bad checkz 73- inetutils: Upgrade to 2.4 74- iso-codes: Upgrade to 4.12.0 75- kbd: Don't build tests 76- kea: submit patch upstream 77- kern-tools: integrate ZFS speedup patch 78- kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR 79- kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild 80- kernel.bbclass: remove empty module directories to prevent QA issues 81- lib/buildstats: fix parsing of trees with reduced_proc_pressure directories 82- libdrm: Remove libdrm-kms package 83- libepoxy: convert to git 84- libepoxy: remove upstreamed patch 85- libepoxy: Upgrade to 1.5.10 86- libffi: submit patch upstream 87- libffi: Upgrade to 3.4.4 88- libical: Upgrade to 3.0.16 89- libnewt: Upgrade to 0.52.23 90- libsdl2: Upgrade to 2.24.2 91- libpng: Upgrade to 1.6.39 92- libuv: fixup SRC_URI 93- libxcrypt-compat: Upgrade to 4.4.33 94- libxcrypt: Upgrade to 4.4.30 95- libxml2: fix test data checksums 96- linux-firmware: add new fw file to ${PN}-qcom-adreno-a530 97- linux-firmware: don't put the firmware into the sysroot 98- linux-firmware: Upgrade to 20221109 99- linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings 100- linux-yocto/5.15: update genericx86* machines to v5.15.72 101- linux-yocto/5.15: Upgrade to v5.15.78 102- linux-yocto/5.19: cfg: intel and vesa updates 103- linux-yocto/5.19: fix CONFIG_CRYPTO_CCM mismatch warnings 104- linux-yocto/5.19: fix elfutils run-backtrace-native-core ptest failure 105- linux-yocto/5.19: security.cfg: remove configs which have been dropped 106- linux-yocto/5.19: update genericx86* machines to v5.19.14 107- linux-yocto/5.19: Upgrade to v5.19.17 108- lsof: add update-alternatives logic 109- lttng-modules: Upgrade to 2.13.7 110- lttng-tools: submit determinism.patch upstream 111- manuals: add 4.0.5 and 4.0.6 release notes 112- mesa: do not rely on native llvm-config in target sysroot 113- mesa: Upgrade to 22.2.3 114- meta-selftest/staticids: add render group for systemd 115- mirrors.bbclass: update CPAN_MIRROR 116- mobile-broadband-provider-info: Upgrade to 20221107 117- mpfr: Upgrade to 4.1.1 118- mtd-utils: Upgrade to 2.1.5 119- oeqa/concurrencytest: Add number of failures to summary output 120- oeqa/runtime/dnf: rewrite test_dnf_installroot_usrmerge 121- oeqa/selftest/externalsrc: add test for srctree_hash_files 122- oeqa/selftest/lic_checksum: Cleanup changes to emptytest include 123- openssh: remove RRECOMMENDS to rng-tools for sshd package 124- opkg: Set correct info_dir and status_file in opkg.conf 125- opkg: Upgrade to 0.6.1 126- ovmf: correct patches status 127- package: Fix handling of minidebuginfo with newer binutils 128- pango: Make it build with ptest disabled 129- pango: replace a recipe fix with an upstream submitted patch 130- pango: Upgrade to 1.50.11 131- poky.conf: bump version for 4.1.2 132- psplash: consider the situation of psplash not exist for systemd 133- python3-mako: Upgrade to 1.2.3 134- qemu-helper-native: Correctly pass program name as argv[0] 135- qemu-helper-native: Re-write bridge helper as C program 136- qemu: Ensure libpng dependency is deterministic 137- qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image 138- resolvconf: make it work 139- rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work 140- rm_work: exclude the SSTATETASKS from the rm_work tasks sinature 141- ruby: merge .inc into .bb 142- ruby: Upgrade to 3.1.3 143- rust: submit a rewritten version of crossbeam_atomic.patch upstream 144- sanity: Drop data finalize call 145- scripts: convert-overrides: Allow command-line customizations 146- selftest: add a copy of previous mtd-utils version to meta-selftest 147- socat: Upgrade to 1.7.4.4 148- sstate: Allow optimisation of do_deploy_archives task dependencies 149- sstatesig: emit more helpful error message when not finding sstate manifest 150- sstatesig: skip the rm_work task signature 151- sudo: Upgrade to 1.9.12p1 152- sysstat: Upgrade to 12.6.1 153- systemd: Consider PACKAGECONFIG in RRECOMMENDS 154- systemd: Make importd depend on glib-2.0 again 155- systemd: add group render to udev package 156- systemd: Upgrade to 251.8 157- tcl: correct patch status 158- tzdata: Upgrade to 2022g 159- vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that 160- valgrind: skip the boost_thread test on arm 161- vim: Upgrade to 9.0.0947 162- wic: make ext2/3/4 images reproducible 163- xwayland: libxshmfence is needed when dri3 is enabled 164- xwayland: Upgrade to 22.1.5 165- yocto-check-layer: Allow OE-Core to be tested 166 167 168Known Issues in Yocto-4.1.2 169~~~~~~~~~~~~~~~~~~~~~~~~~~~ 170 171- N/A 172 173 174Contributors to Yocto-4.1.2 175~~~~~~~~~~~~~~~~~~~~~~~~~~~ 176 177- Alejandro Hernandez Samaniego 178- Alex Kiernan 179- Alex Stewart 180- Alexander Kanavin 181- Alexey Smirnov 182- Bruce Ashfield 183- Carlos Alberto Lopez Perez 184- Chen Qi 185- Diego Sueiro 186- Dmitry Baryshkov 187- Enrico Jörns 188- Harald Seiler 189- Hitendra Prajapati 190- Jagadeesh Krishnanjanappa 191- Jose Quaresma 192- Joshua Watt 193- Kai Kang 194- Konrad Weihmann 195- Leon Anavi 196- Marek Vasut 197- Martin Jansa 198- Mathieu Dubois-Briand 199- Michael Opdenacker 200- Mikko Rapeli 201- Narpat Mali 202- Nathan Rossi 203- Niko Mauno 204- Ola x Nilsson 205- Ovidiu Panait 206- Pavel Zhukov 207- Peter Bergin 208- Peter Kjellerstedt 209- Peter Marko 210- Polampalli, Archana 211- Qiu, Zheng 212- Quentin Schulz 213- Randy MacLeod 214- Ranjitsinh Rathod 215- Ravula Adhitya Siddartha 216- Richard Purdie 217- Robert Andersson 218- Ross Burton 219- Ryan Eatmon 220- Sakib Sajal 221- Sandeep Gundlupet Raju 222- Sergei Zhmylev 223- Steve Sakoman 224- Tim Orling 225- Wang Mingyu 226- Xiangyu Chen 227- pgowda 228 229Repositories / Downloads for Yocto-4.1.2 230~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 231 232poky 233 234- Repository Location: :yocto_git:`/poky` 235- Branch: :yocto_git:`langdale </poky/log/?h=langdale>` 236- Tag: :yocto_git:`yocto-4.1.2 </poky/log/?h=yocto-4.1.2>` 237- Git Revision: :yocto_git:`74c92e38c701e268406bb656b45ccd68471c217e </poky/commit/?id=74c92e38c701e268406bb656b45ccd68471c217e>` 238- Release Artefact: poky-74c92e38c701e268406bb656b45ccd68471c217e 239- sha: 06a2b304d0e928b62d81087797ae86115efe925c506bcb40c7d4747e14790bb0 240- Download Locations: 241 http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/poky-74c92e38c701e268406bb656b45ccd68471c217e.tar.bz2 242 http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/poky-74c92e38c701e268406bb656b45ccd68471c217e.tar.bz2 243 244openembedded-core 245 246- Repository Location: :oe_git:`/openembedded-core` 247- Branch: :oe_git:`langdale </openembedded-core/log/?h=langdale>` 248- Tag: :oe_git:`yocto-4.1.2 </openembedded-core/log/?h=yocto-4.1.2>` 249- Git Revision: :oe_git:`670f4f103b25897524d115c1f290ecae441fe4bd </openembedded-core/commit/?id=670f4f103b25897524d115c1f290ecae441fe4bd>` 250- Release Artefact: oecore-670f4f103b25897524d115c1f290ecae441fe4bd 251- sha: 09d77700e84efc738aef5713c5e86f19fa092f876d44b870789155cc1625ef04 252- Download Locations: 253 http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/oecore-670f4f103b25897524d115c1f290ecae441fe4bd.tar.bz2 254 http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/oecore-670f4f103b25897524d115c1f290ecae441fe4bd.tar.bz2 255 256meta-mingw 257 258- Repository Location: :yocto_git:`/meta-mingw` 259- Branch: :yocto_git:`langdale </meta-mingw/log/?h=langdale>` 260- Tag: :yocto_git:`yocto-4.1.2 </meta-mingw/log/?h=yocto-4.1.2>` 261- Git Revision: :yocto_git:`b0067202db8573df3d23d199f82987cebe1bee2c </meta-mingw/commit/?id=b0067202db8573df3d23d199f82987cebe1bee2c>` 262- Release Artefact: meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c 263- sha: 704f2940322b81ce774e9cbd27c3cfa843111d497dc7b1eeaa39cd694d9a2366 264- Download Locations: 265 http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 266 http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 267 268bitbake 269 270- Repository Location: :oe_git:`/bitbake` 271- Branch: :oe_git:`2.2 </bitbake/log/?h=2.2>` 272- Tag: :oe_git:`yocto-4.1.2 </bitbake/log/?h=yocto-4.1.2>` 273- Git Revision: :oe_git:`f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4 </bitbake/commit/?id=f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4>` 274- Release Artefact: bitbake-f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4 275- sha: 7faf97eca78afd3994e4e126e5f5908617408c340c6eff8cd7047e0b961e2d10 276- Download Locations: 277 http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/bitbake-f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4.tar.bz2 278 http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/bitbake-f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4.tar.bz2 279 280yocto-docs 281 282- Repository Location: :yocto_git:`/yocto-docs` 283- Branch: :yocto_git:`langdale </yocto-docs/log/?h=langdale>` 284- Tag: :yocto_git:`yocto-4.1.2 </yocto-docs/log/?h=yocto-4.1.2>` 285- Git Revision: :yocto_git:`30f5f9ece260fd600f0c0fa32fc2f1fc61cf7d1b </yocto-docs/commit/?id=30f5f9ece260fd600f0c0fa32fc2f1fc61cf7d1b>` 286 287