1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK 2 3Release notes for Yocto-4.3.1 (Nanbield) 4---------------------------------------- 5 6Security Fixes in Yocto-4.3.1 7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 9- libsndfile1: Fix :cve:`2022-33065` 10- libxml2: Ignore :cve:`2023-45322` 11- linux-yocto/6.1: Ignore :cve:`2020-27418`, :cve:`2023-31085`, :cve_mitre:`2023-34324`, :cve:`2023-39189`, :cve:`2023-39192`, :cve:`2023-39193`, :cve:`2023-39194`, :cve:`2023-4244`, :cve:`2023-42754`, :cve:`2023-42756`, :cve:`2023-44466`, :cve:`2023-4563`, :cve:`2023-45862`, :cve:`2023-45863`, :cve:`2023-45871`, :cve:`2023-45898`, :cve:`2023-4732`, :cve:`2023-5158`, :cve:`2023-5197` and :cve:`2023-5345` 12- linux-yocto/6.5: Ignore :cve:`2020-27418`, :cve:`2023-1193`, :cve:`2023-39191`, :cve:`2023-39194`, :cve:`2023-40791`, :cve:`2023-44466`, :cve:`2023-45862`, :cve:`2023-45863`, :cve:`2023-4610` and :cve:`2023-4732` 13- openssl: Fix :cve:`2023-5363` 14- pixman: Ignore :cve:`2023-37769` 15- vim: Fix :cve:`2023-46246` 16- zlib: Ignore :cve:`2023-45853` 17 18 19Fixes in Yocto-4.3.1 20~~~~~~~~~~~~~~~~~~~~ 21 22- baremetal-helloworld: Pull in fix for race condition on x86-64 23- base: Ensure recipes using mercurial-native have certificates 24- bb-matrix-plot.sh: Show underscores correctly in labels 25- bin_package.bbclass: revert "Inhibit the default dependencies" 26- bitbake: SECURITY.md: add file 27- brief-yoctoprojectqs: use new CDN mirror for sstate 28- bsp-guide: bsp.rst: update beaglebone example 29- bsp-guide: bsp: skip Intel machines no longer supported in Poky 30- build-appliance-image: Update to nanbield head revision 31- contributor-guide: add patchtest section 32- contributor-guide: clarify patchtest usage 33- cve-check: don't warn if a patch is remote 34- cve-check: slightly more verbose warning when adding the same package twice 35- cve-check: sort the package list in the JSON report 36- dev-manual: add security team processes 37- dev-manual: extend the description of CVE patch preparation 38- dev-manual: layers: Add notes about layer.conf 39- dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section 40- dev-manual: start.rst: remove obsolete reference 41- dev-manual: wic: update "wic list images" output 42- docs: add support for nanbield (4.3) release 43- documentation.conf: drop SERIAL_CONSOLES_CHECK 44- ell: Upgrade to 0.59 45- glib-2.0: Remove unnecessary assignement 46- goarch: Move Go architecture mapping to a library 47- kernel-arch: drop CCACHE from :term:`KERNEL_STRIP` definition 48- kernel.bbclass: Use strip utility used for kernel build in do_package 49- layer.conf: Switch layer to nanbield series only 50- libsdl2: upgrade to 2.28.4 51- linux-yocto: make sure the pahole-native available before do_kernel_configme 52- llvm: Upgrade to 17.0.3 53- machine: drop obsolete SERIAL_CONSOLES_CHECK 54- manuals: correct "yocto-linux" by "linux-yocto" 55- manuals: improve description of :term:`CVE_STATUS` and :term:`CVE_STATUS_GROUPS` 56- manuals: Remove references to apm in :term:`MACHINE_FEATURES` 57- manuals: update linux-yocto append examples 58- manuals: update list of supported machines 59- migration-4.3: additional migration items 60- migration-4.3: adjustments to existing text 61- migration-4.3: remove some unnecessary items 62- migration-guides: QEMU_USE_SLIRP variable removed 63- migration-guides: add BitBake changes 64- migration-guides: add debian 12 to newly supported distros 65- migration-guides: add kernel notes 66- migration-guides: add testing notes 67- migration-guides: add utility notes 68- migration-guides: edgerouter machine removed 69- migration-guides: enabling :term:`SPDX` only for Poky, not a global default 70- migration-guides: fix empty sections 71- migration-guides: further updates for 4.3 72- migration-guides: further updates for release 4.3 73- migration-guides: git recipes reword 74- migration-guides: mention CDN 75- migration-guides: mention LLVM 17 76- migration-guides: mention runqemu change in serial port management 77- migration-guides: packaging changes 78- migration-guides: remove SERIAL_CONSOLES_CHECK 79- migration-guides: remove non-notable change 80- migration-guides: updates for 4.3 81- oeqa/selftest/debuginfod: improve selftest 82- oeqa/selftest/devtool: abort if a local workspace already exist 83- oeqa/ssh: Handle SSHCall timeout error code 84- openssl: Upgrade to 3.1.4 85- overview-manual: concepts: Add Bitbake Tasks Map 86- patchtest-send-results: add In-Reply-To 87- patchtest-send-results: check max line length, simplify responses 88- patchtest-send-results: fix sender parsing 89- patchtest-send-results: improve subject line 90- patchtest-send-results: send results to submitter 91- patchtest/selftest: add XSKIP, update test files 92- patchtest: disable merge test 93- patchtest: fix lic_files_chksum test regex 94- patchtest: make pylint tests compatible with 3.x 95- patchtest: reduce checksum test output length 96- patchtest: remove test for CVE tag in mbox 97- patchtest: remove unused imports 98- patchtest: rework license checksum tests 99- patchtest: shorten test result outputs 100- patchtest: simplify test directory structure 101- patchtest: skip merge test if not targeting master 102- patchtest: test regardless of mergeability 103- perl: fix intermittent test failure 104- poky.conf: bump version for 4.3.1 release 105- profile-manual: aesthetic cleanups 106- ref-manual: Add documentation for the unimplemented-ptest QA warning 107- ref-manual: Fix :term:`PACKAGECONFIG` term and add an example 108- ref-manual: Warn about :term:`COMPATIBLE_MACHINE` skipping native recipes 109- ref-manual: add systemd-resolved to distro features 110- ref-manual: classes: explain cml1 class name 111- ref-manual: document :term:`KERNEL_LOCALVERSION` 112- ref-manual: document :term:`KERNEL_STRIP` 113- ref-manual: document :term:`MESON_TARGET` 114- ref-manual: document cargo_c class 115- ref-manual: remove semicolons from ``*PROCESS_COMMAND`` variables 116- ref-manual: update :term:`SDK_NAME` variable documentation 117- ref-manual: variables: add :term:`RECIPE_MAINTAINER` 118- ref-manual: variables: add :term:`RECIPE_SYSROOT` and :term:`RECIPE_SYSROOT_NATIVE` 119- ref-manual: variables: add :term:`TOOLCHAIN_OPTIONS` variable 120- ref-manual: variables: add example for :term:`SYSROOT_DIRS` variable 121- ref-manual: variables: document :term:`OEQA_REPRODUCIBLE_TEST_PACKAGE` 122- ref-manual: variables: mention new CDN for :term:`SSTATE_MIRRORS` 123- ref-manual: variables: provide no-match example for :term:`COMPATIBLE_MACHINE` 124- ref-manual: variables: remove SERIAL_CONSOLES_CHECK 125- release-notes-4.3: add CVEs, recipe upgrades, license changes, contributors 126- release-notes-4.3: add Repositories / Downloads section 127- release-notes-4.3: feature additions 128- release-notes-4.3: fix some typos 129- release-notes-4.3: move new classes to Rust section 130- release-notes-4.3: remove the Distribution section 131- release-notes-4.3: tweaks to existing text 132- sdk-manual: appendix-obtain: improve and update descriptions 133- test-manual: reproducible-builds: stop mentioning LTO bug 134- vim: Improve locale handling 135- vim: Upgrade to 9.0.2068 136- vim: use upstream generated .po files 137 138 139Known Issues in Yocto-4.3.1 140~~~~~~~~~~~~~~~~~~~~~~~~~~~ 141 142- N/A 143 144 145Contributors to Yocto-4.3.1 146~~~~~~~~~~~~~~~~~~~~~~~~~~~ 147 148- Alejandro Hernandez Samaniego 149- Alex Stewart 150- Archana Polampalli 151- Arne Schwerdt 152- BELHADJ SALEM Talel 153- Dmitry Baryshkov 154- Eero Aaltonen 155- Joshua Watt 156- Julien Stephan 157- Jérémy Rosen 158- Khem Raj 159- Lee Chee Yang 160- Marta Rybczynska 161- Max Krummenacher 162- Michael Halstead 163- Michael Opdenacker 164- Paul Eggleton 165- Peter Kjellerstedt 166- Peter Marko 167- Quentin Schulz 168- Richard Purdie 169- Robert P. J. Day 170- Ross Burton 171- Rouven Czerwinski 172- Steve Sakoman 173- Trevor Gamblin 174- Wang Mingyu 175- William Lyu 176- Xiangyu Chen 177- luca fancellu 178 179 180Repositories / Downloads for Yocto-4.3.1 181~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 182 183poky 184 185- Repository Location: :yocto_git:`/poky` 186- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` 187- Tag: :yocto_git:`yocto-4.3.1 </poky/log/?h=yocto-4.3.1>` 188- Git Revision: :yocto_git:`bf9f2f6f60387b3a7cd570919cef6c4570edcb82 </poky/commit/?id=bf9f2f6f60387b3a7cd570919cef6c4570edcb82>` 189- Release Artefact: poky-bf9f2f6f60387b3a7cd570919cef6c4570edcb82 190- sha: 9b4351159d728fec2b63a50f1ac15edc412e2d726e9180a40afc06051fadb922 191- Download Locations: 192 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/poky-bf9f2f6f60387b3a7cd570919cef6c4570edcb82.tar.bz2 193 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/poky-bf9f2f6f60387b3a7cd570919cef6c4570edcb82.tar.bz2 194 195openembedded-core 196 197- Repository Location: :oe_git:`/openembedded-core` 198- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` 199- Tag: :oe_git:`yocto-4.3.1 </openembedded-core/log/?h=yocto-4.3.1>` 200- Git Revision: :oe_git:`cce77e8e79c860f4ef0ac4a86b9375bf87507360 </openembedded-core/commit/?id=cce77e8e79c860f4ef0ac4a86b9375bf87507360>` 201- Release Artefact: oecore-cce77e8e79c860f4ef0ac4a86b9375bf87507360 202- sha: e6cde08e7c549f57a67d833a36cdb942648fba81558dc8b0e65332d2a2c023cc 203- Download Locations: 204 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/oecore-cce77e8e79c860f4ef0ac4a86b9375bf87507360.tar.bz2 205 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/oecore-cce77e8e79c860f4ef0ac4a86b9375bf87507360.tar.bz2 206 207meta-mingw 208 209- Repository Location: :yocto_git:`/meta-mingw` 210- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` 211- Tag: :yocto_git:`yocto-4.3.1 </meta-mingw/log/?h=yocto-4.3.1>` 212- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>` 213- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2 214- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc 215- Download Locations: 216 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 217 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 218 219bitbake 220 221- Repository Location: :oe_git:`/bitbake` 222- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` 223- Tag: :oe_git:`yocto-4.3.1 </bitbake/log/?h=yocto-4.3.1>` 224- Git Revision: :oe_git:`936fcec41efacc4ce988c81882a9ae6403702bea </bitbake/commit/?id=936fcec41efacc4ce988c81882a9ae6403702bea>` 225- Release Artefact: bitbake-936fcec41efacc4ce988c81882a9ae6403702bea 226- sha: efbdd5fe7f29227a3fd26d6a08a368bf8215083a588b4d23f3adf35044897520 227- Download Locations: 228 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/bitbake-936fcec41efacc4ce988c81882a9ae6403702bea.tar.bz2 229 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/bitbake-936fcec41efacc4ce988c81882a9ae6403702bea.tar.bz2 230 231yocto-docs 232 233- Repository Location: :yocto_git:`/yocto-docs` 234- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` 235- Tag: :yocto_git:`yocto-4.3.1 </yocto-docs/log/?h=yocto-4.3.1>` 236- Git Revision: :yocto_git:`6b98a6164263298648e89b5a5ae1260a58f1bb35 </yocto-docs/commit/?id=6b98a6164263298648e89b5a5ae1260a58f1bb35>` 237 238