1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
2
3Release notes for Yocto-4.2.3 (Mickledore)
4------------------------------------------
5
6Security Fixes in Yocto-4.2.3
7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8
9-  bind: Fix :cve:`2023-2828` and :cve:`2023-2911`
10-  cups: Fix :cve:`2023-34241`
11-  dmidecode: Fix :cve:`2023-30630`
12-  erofs-utils: Fix :cve:`2023-33551` and :cve:`2023-33552`
13-  ghostscript: Fix :cve:`2023-36664`
14-  go: Fix :cve_mitre:`2023-24531`
15-  libarchive: ignore :cve:`2023-30571`
16-  libjpeg-turbo: Fix :cve:`2023-2804`
17-  libx11: Fix :cve:`2023-3138`
18-  ncurses: Fix :cve:`2023-29491`
19-  openssh: Fix :cve:`2023-38408`
20-  python3-certifi: Fix :cve:`2023-37920`
21-  python3-requests: Fix :cve:`2023-32681`
22-  python3: Ignore :cve:`2023-36632`
23-  qemu: fix :cve:`2023-0330`, :cve_mitre:`2023-2861`, :cve_mitre:`2023-3255` and :cve_mitre:`2023-3301`
24-  ruby: Fix :cve:`2023-36617`
25-  vim: Fix :cve:`2023-2609` and :cve:`2023-2610`
26-  webkitgtk: Fix :cve:`2023-27932` and :cve:`2023-27954`
27
28
29Fixes in Yocto-4.2.3
30~~~~~~~~~~~~~~~~~~~~
31
32-  acpica: Update :term:`SRC_URI`
33-  automake: fix buildtest patch
34-  baremetal-helloworld: Fix race condition
35-  bind: upgrade to v9.18.17
36-  binutils: stable 2.40 branch updates
37-  build-appliance-image: Update to mickledore head revision
38-  cargo.bbclass: set up cargo environment in common do_compile
39-  conf.py: add macro for Mitre CVE links
40-  curl: ensure all ptest failures are caught
41-  cve-update-nvd2-native: actually use API keys
42-  cve-update-nvd2-native: fix cvssV3 metrics
43-  cve-update-nvd2-native: handle all configuration nodes, not just first
44-  cve-update-nvd2-native: increase retry count
45-  cve-update-nvd2-native: log a little more
46-  cve-update-nvd2-native: retry all errors and sleep between retries
47-  cve-update-nvd2-native: use exact times, don't truncate
48-  dev-manual: wic.rst: Update native tools build command
49-  devtool/upgrade: raise an error if extracting source produces more than one directory
50-  diffutils: upgrade to 3.10
51-  docs: ref-manual: terms: fix typos in :term:`SPDX` term
52-  file: fix the way path is written to environment-setup.d
53-  file: return wrapper to fix builds when file is in buildtools-tarball
54-  freetype: upgrade to 2.13.1
55-  gcc-testsuite: Fix ppc cpu specification
56-  gcc: don't pass --enable-standard-branch-protection
57-  glibc-locale: use stricter matching for metapackages' runtime dependencies
58-  glibc-testsuite: Fix network restrictions causing test failures
59-  glibc/check-test-wrapper: don't emit warnings from ssh
60-  go: upgrade to 1.20.6
61-  gstreamer1.0: upgrade to 1.22.4
62-  ifupdown: install missing directories
63-  kernel-module-split add systemd modulesloaddir and modprobedir config
64-  kernel-module-split: install config modules directories only when they are needed
65-  kernel-module-split: make autoload and probeconf distribution specific
66-  kernel-module-split: use context manager to open files
67-  kernel: Fix path comparison in kernel staging dir symlinking
68-  kernel: config modules directories are handled by kernel-module-split
69-  kernel: don't fail if Modules.symvers doesn't exist
70-  libassuan: upgrade to 2.5.6
71-  libksba: upgrade to 1.6.4
72-  libnss-nis: upgrade to 3.2
73-  libproxy: fetch from git
74-  libwebp: upgrade to 1.3.1
75-  libx11: upgrade to 1.8.6
76-  libxcrypt: fix hard-coded ".so" extension
77-  linux-firmware : Add firmware of RTL8822 serie
78-  linux-firmware: Fix mediatek mt7601u firmware path
79-  linux-firmware: package firmare for Dragonboard 410c
80-  linux-firmware: split platform-specific Adreno shaders to separate packages
81-  linux-firmware: upgrade to 20230625
82-  linux-yocto/5.15: update to v5.15.124
83-  linux-yocto/6.1: cfg: update ima.cfg to match current meta-integrity
84-  linux-yocto/6.1: upgrade to v6.1.38
85-  ltp: Add kernel loopback module dependency
86-  ltp: add :term:`RDEPENDS` on findutils
87-  lttng-ust: upgrade to 2.13.6
88-  machine/arch-arm64: add -mbranch-protection=standard
89-  maintainers.inc: Modify email address
90-  mdadm: add util-linux-blockdev ptest dependency
91-  mdadm: fix 07revert-inplace ptest
92-  mdadm: fix segfaults when running ptests
93-  mdadm: fix util-linux ptest dependency
94-  mdadm: re-add mdadm-ptest to PTESTS_SLOW
95-  mdadm: skip running known broken ptests
96-  meson.bbclass: Point to llvm-config from native sysroot
97-  migration-guides: add release notes for 4.0.10
98-  migration-guides: add release notes for 4.0.11
99-  migration-guides: add release notes for 4.2.2
100-  oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case
101-  oeqa/runtime/ltp: Increase ltp test output timeout
102-  oeqa/selftest/devtool: add unit test for "devtool add -b"
103-  oeqa/ssh: Further improve process exit handling
104-  oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
105-  oeqa/utils/nfs: allow requesting non-udp ports
106-  openssh: upgrade to 9.3p2
107-  openssl: add PERLEXTERNAL path to test its existence
108-  openssl: use a glob on the PERLEXTERNAL to track updates on the path
109-  opkg-utils: upgrade to 0.6.2
110-  opkg: upgrade to 0.6.2
111-  pkgconf: update :term:`SRC_URI`
112-  poky.conf: bump version for 4.2.3 release
113-  poky.conf: update :term:`SANITY_TESTED_DISTROS` to match autobuilder
114-  ptest-runner: Pull in parallel test fixes and output handling
115-  python3-certifi: upgrade to 2023.7.22
116-  python3: fix missing comma in get_module_deps3.py
117-  recipetool: Fix inherit in created -native* recipes
118-  ref-manual: LTS releases now supported for 4 years
119-  ref-manual: document image-specific variant of :term:`INCOMPATIBLE_LICENSE`
120-  ref-manual: releases.svg: updates
121-  resulttool/resultutils: allow index generation despite corrupt json
122-  rootfs-postcommands.bbclass: Revert "add post func remove_unused_dnf_log_lock"
123-  rootfs: Add debugfs package db file copy and cleanup
124-  rootfs_rpm: don't depend on opkg-native for update-alternatives
125-  rpm: Pick debugfs package db files/dirs explicitly
126-  rust-common.bbclass: move musl-specific linking fix from rust-source.inc
127-  scripts/oe-setup-builddir: copy conf-notes.txt to build dir
128-  scripts/resulttool: add mention about new detected tests
129-  selftest/cases/glibc.py: fix the override syntax
130-  selftest/cases/glibc.py: increase the memory for testing
131-  selftest/cases/glibc.py: switch to using NFS over TCP
132-  shadow-sysroot: add license information
133-  systemd-systemctl: fix errors in instance name expansion
134-  taglib: upgrade to 1.13.1
135-  target/ssh: Ensure exit code set for commands
136-  tcf-agent: upgrade to 1.8.0
137-  testimage/oeqa: Drop testimage_dump_host functionality
138-  tiff: upgrade to 4.5.1
139-  uboot-extlinux-config.bbclass: fix old override syntax in comment
140-  util-linux: add alternative links for ipcs,ipcrm
141-  vim: upgrade to 9.0.1592
142-  webkitgtk: upgrade to 2.38.6
143-  weston: Cleanup and fix x11 and xwayland dependencies
144
145
146Known Issues in Yocto-4.2.3
147~~~~~~~~~~~~~~~~~~~~~~~~~~~
148
149- N/A
150
151
152Contributors to Yocto-4.2.3
153~~~~~~~~~~~~~~~~~~~~~~~~~~~
154
155-  Alejandro Hernandez Samaniego
156-  Alex Kiernan
157-  Alexander Kanavin
158-  Alexis Lothoré
159-  Andrej Valek
160-  Anuj Mittal
161-  Archana Polampalli
162-  BELOUARGA Mohamed
163-  Benjamin Bouvier
164-  Bruce Ashfield
165-  Changqing Li
166-  Chen Qi
167-  Daniel Semkowicz
168-  Dmitry Baryshkov
169-  Enrico Scholz
170-  Etienne Cordonnier
171-  Joe Slater
172-  Joel Stanley
173-  Jose Quaresma
174-  Julien Stephan
175-  Kai Kang
176-  Khem Raj
177-  Lee Chee Yang
178-  Marek Vasut
179-  Mark Hatle
180-  Michael Halstead
181-  Michael Opdenacker
182-  Mingli Yu
183-  Narpat Mali
184-  Oleksandr Hnatiuk
185-  Ovidiu Panait
186-  Peter Marko
187-  Quentin Schulz
188-  Richard Purdie
189-  Ross Burton
190-  Sanjana
191-  Sakib Sajal
192-  Staffan Rydén
193-  Steve Sakoman
194-  Stéphane Veyret
195-  Sudip Mukherjee
196-  Thomas Roos
197-  Tom Hochstein
198-  Trevor Gamblin
199-  Wang Mingyu
200-  Yi Zhao
201-  Yoann Congal
202-  Yogita Urade
203-  Yuta Hayama
204
205
206Repositories / Downloads for Yocto-4.2.3
207~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
208
209poky
210
211-  Repository Location: :yocto_git:`/poky`
212-  Branch: :yocto_git:`mickledore </poky/log/?h=mickledore>`
213-  Tag:  :yocto_git:`yocto-4.2.3 </poky/log/?h=yocto-4.2.3>`
214-  Git Revision: :yocto_git:`aa63b25cbe25d89ab07ca11ee72c17cab68df8de </poky/commit/?id=aa63b25cbe25d89ab07ca11ee72c17cab68df8de>`
215-  Release Artefact: poky-aa63b25cbe25d89ab07ca11ee72c17cab68df8de
216-  sha: 9e2b40fc25f7984b3227126ec9b8aa68d3747c8821fb7bf8cb635fc143f894c3
217-  Download Locations:
218   http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/poky-aa63b25cbe25d89ab07ca11ee72c17cab68df8de.tar.bz2
219   http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/poky-aa63b25cbe25d89ab07ca11ee72c17cab68df8de.tar.bz2
220
221openembedded-core
222
223-  Repository Location: :oe_git:`/openembedded-core`
224-  Branch: :oe_git:`mickledore </openembedded-core/log/?h=mickledore>`
225-  Tag:  :oe_git:`yocto-4.2.3 </openembedded-core/log/?h=yocto-4.2.3>`
226-  Git Revision: :oe_git:`7e3489c0c5970389c8a239dc7b367bcadf554eb5 </openembedded-core/commit/?id=7e3489c0c5970389c8a239dc7b367bcadf554eb5>`
227-  Release Artefact: oecore-7e3489c0c5970389c8a239dc7b367bcadf554eb5
228-  sha: 68620aca7c9db6b9a65d9853cacff4e60578f0df39e3e37114e062e1667ba724
229-  Download Locations:
230   http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/oecore-7e3489c0c5970389c8a239dc7b367bcadf554eb5.tar.bz2
231   http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/oecore-7e3489c0c5970389c8a239dc7b367bcadf554eb5.tar.bz2
232
233meta-mingw
234
235-  Repository Location: :yocto_git:`/meta-mingw`
236-  Branch: :yocto_git:`mickledore </meta-mingw/log/?h=mickledore>`
237-  Tag:  :yocto_git:`yocto-4.2.3 </meta-mingw/log/?h=yocto-4.2.3>`
238-  Git Revision: :yocto_git:`92258028e1b5664a9f832541d5c4f6de0bd05e07 </meta-mingw/commit/?id=92258028e1b5664a9f832541d5c4f6de0bd05e07>`
239-  Release Artefact: meta-mingw-92258028e1b5664a9f832541d5c4f6de0bd05e07
240-  sha: ee081460b5dff4fb8dd4869ce5631718dbaaffbede9532b879b854c18f1b3f5d
241-  Download Locations:
242   http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/meta-mingw-92258028e1b5664a9f832541d5c4f6de0bd05e07.tar.bz2
243   http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/meta-mingw-92258028e1b5664a9f832541d5c4f6de0bd05e07.tar.bz2
244
245bitbake
246
247-  Repository Location: :oe_git:`/bitbake`
248-  Branch: :oe_git:`2.4 </bitbake/log/?h=2.4>`
249-  Tag:  :oe_git:`yocto-4.2.3 </bitbake/log/?h=yocto-4.2.3>`
250-  Git Revision: :oe_git:`08033b63ae442c774bd3fce62844eac23e6882d7 </bitbake/commit/?id=08033b63ae442c774bd3fce62844eac23e6882d7>`
251-  Release Artefact: bitbake-08033b63ae442c774bd3fce62844eac23e6882d7
252-  sha: 1d070c133bfb6502ac04befbf082cbfda7582c8b1c48296a788384352e5061fd
253-  Download Locations:
254   http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/bitbake-08033b63ae442c774bd3fce62844eac23e6882d7.tar.bz2
255   http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/bitbake-08033b63ae442c774bd3fce62844eac23e6882d7.tar.bz2
256
257yocto-docs
258
259-  Repository Location: :yocto_git:`/yocto-docs`
260-  Branch: :yocto_git:`mickledore </yocto-docs/log/?h=mickledore>`
261-  Tag: :yocto_git:`yocto-4.2.3 </yocto-docs/log/?h=yocto-4.2.3>`
262-  Git Revision: :yocto_git:`8e6752a9e55d16f3713e248b37f9d4d2745a2375 </yocto-docs/commit/?id=8e6752a9e55d16f3713e248b37f9d4d2745a2375>`
263
264