1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK 2 3Release notes for Yocto-5.0.4 (Scarthgap) 4----------------------------------------- 5 6Security Fixes in Yocto-5.0.4 7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 8 9- apr: Fix :cve_nist:`2023-49582` 10- curl: Ignore :cve_nist:`2024-32928` 11- curl: Fix :cve_nist:`2024-7264` 12- expat: Fix :cve_nist:`2024-45490`, :cve_nist:`2024-45491` and :cve_nist:`2024-45492` 13- ffmpeg: Fix :cve_nist:`2023-50008` and :cve_nist:`2024-32230` 14- libpcap: Fix :cve_nist:`2023-7256` and :cve_nist:`2024-8006` 15- libyaml: Ignore :cve_nist:`2024-35325` and :cve_nist:`2024-35326` 16- openssl: Fix :cve_nist:`2024-5535` and :cve_nist:`2024-6119` 17- python3-certifi: Fix :cve_nist:`2024-39689` 18- python3-setuptools: Fix :cve_nist:`2024-6345` 19- python3: Fix :cve_nist:`2024-6232`, :cve_nist:`2024-7592`, :cve_nist:`2024-8088` and :cve_nist:`2024-27034` 20- qemu: Fix :cve_nist:`2024-4467` and :cve_nist:`2024-7409` 21- ruby: Fix :cve_nist:`2024-27282` 22- tiff: Fix :cve_nist:`2024-7006` 23- vim: Fix :cve_nist:`2024-41957`, :cve_nist:`2024-41965`, :cve_nist:`2024-43374`, :cve_nist:`2024-43790` and :cve_nist:`2024-43802` 24 25 26Fixes in Yocto-5.0.4 27~~~~~~~~~~~~~~~~~~~~ 28 29- apr: drop 0007-explicitly-link-libapr-against-phtread-to-make-gold-.patch 30- apr: upgrade to 1.7.5 31- bind: Fix build with the `httpstats` package config enabled 32- bitbake: data_smart: Improve performance for VariableHistory 33- bluez5: remove redundant patch for MAX_INPUT 34- build-appliance-image: Update to scarthgap head revision 35- buildhistory: Fix intermittent package file list creation 36- buildhistory: Restoring files from preserve list 37- buildhistory: Simplify intercept call sites and drop SSTATEPOSTINSTFUNC usage 38- busybox: Fix cut with "-s" flag 39- create-sdpx-2.2.bbclass: Switch from exists to isfile checking debugsrc 40- cups: upgrade to 2.4.10 41- dejagnu: Fix :term:`LICENSE` (change to GPL-3.0-only) 42- doc: features: describe distribution feature pni-name 43- doc: features: remove duplicate word in distribution feature ext2 44- expat: upgrade to 2.6.3 45- expect-native: fix do_compile failure with gcc-14 46- gcc: Fix spurious '/' in GLIBC_DYNAMIC_LINKER on microblaze 47- gcr: Fix :term:`LICENSE` (change to LGPL-2.0-only) 48- glibc: fix fortran header file conflict for arm 49- go: upgrade to 1.22.6 50- gstreamer1.0: disable flaky baseparser tests 51- image_types.bbclass: Use --force also with lz4,lzop 52- initramfs-framework: fix typos 53- iw: Fix :term:`LICENSE` (change to ISC) 54- libadwaita: upgrade to 1.5.2 55- libcap-ng: update :term:`SRC_URI` 56- libdnf: upgrade to 0.73.2 57- libedit: Make docs generation deterministic 58- libgfortran.inc: fix nativesdk-libgfortran dependencies 59- librsvg: don't try to run target code at build time 60- linux-firmware: add a package for ath12k firmware 61- llvm: Enable libllvm for native build 62- maintainers.inc: add maintainer for python(-setuptools, -smmap, -subunit, -testtools) 63- mc: fix source URL 64- migration-guide: add release notes for 4.0.20 and 5.0.3 65- oeqa/postactions: fix exception handling 66- oeqa/runtime/ssh: In case of failure, show exit code and handle -15 (SIGTERM) 67- oeqa/runtime/ssh: add retry logic and sleeps to allow for slower systems 68- oeqa/runtime/ssh: check for all errors at the end 69- oeqa/runtime/ssh: increase the number of attempts 70- oeqa/selftest/reproducibile: Explicitly list virtual targets 71- oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies 72- openssh: add backported header file include 73- openssl: upgrade to 3.2.3 74- os-release: Fix VERSION_CODENAME in case it is empty 75- poky.conf: bump version for 5.0.4 76- populate_sdk_ext.bclass: make sure OECORE_NATIVE_SYSROOT is exported. 77- python3-maturin: Fix cross compilation issue for armv7l, mips64, ppc 78- python3-pycryptodome(x): use python_setuptools_build_meta build class 79- python3: upgrade to 3.12.6 80- python3: skip readline limited history tests 81- qemu: backport patches to fix riscv64 build failure 82- qemuboot: Trigger write_qemuboot_conf task on changes of kernel image realpath 83- ref-manual: fix typo and move :term:`SYSROOT_DIRS` example 84- ruby: Make docs generation deterministic 85- systemd: Mitigate /var/log type mismatch issue 86- systemd: Mitigate /var/tmp type mismatch issue 87- tiff: Fix :term:`LICENSE` (change to libtiff) 88- u-boot.inc: Refactor do_* steps into functions that can be overridden 89- udev-extraconf: Add collect flag to mount 90- unzip: Fix :term:`LICENSE` (change to Info-ZIP) 91- util-linux: Add :term:`PACKAGECONFIG` option (libmount-mountfd-support) to mitigate rootfs remount error 92- vim: upgrade to 9.1.0698 93- weston-init: fix weston not starting when xwayland is enabled 94- wireless-regdb: upgrade to 2024.07.04 95- wpa-supplicant: upgrade to 2.11 96- xserver-xorg: mark :cve_nist:`2023-5574` as unpatched when xvfb enabled 97- yocto-uninative: Update to 4.6 for glibc 2.40 98- zip: Fix :term:`LICENSE` (change to Info-ZIP) 99 100 101Known Issues in Yocto-5.0.4 102~~~~~~~~~~~~~~~~~~~~~~~~~~~ 103 104- N/A 105 106 107Contributors to Yocto-5.0.4 108~~~~~~~~~~~~~~~~~~~~~~~~~~~ 109 110- Alban Bedel 111- Alexander Kanavin 112- Alexis Lothoré 113- Archana Polampalli 114- Ashish Sharma 115- Bartosz Golaszewski 116- Benjamin Szőke 117- Changqing Li 118- Chen Qi 119- Colin McAllister 120- Daniel Semkowicz 121- Dmitry Baryshkov 122- Gauthier HADERER 123- Guðni Már Gilbert 124- Jon Mason 125- Jose Quaresma 126- Jörg Sommer 127- Kai Kang 128- Khem Raj 129- Lee Chee Yang 130- Mark Hatle 131- Martin Jansa 132- Matthias Pritschet 133- Michael Halstead 134- Mingli Yu 135- Niko Mauno 136- Pedro Ferreira 137- Peter Marko 138- Quentin Schulz 139- Richard Purdie 140- Robert Yang 141- Ross Burton 142- Ryan Eatmon 143- Siddharth Doshi 144- Simone Weiß 145- Soumya Sambu 146- Steve Sakoman 147- Trevor Gamblin 148- Ulrich Ölmann 149- Vijay Anusuri 150- Wang Mingyu 151- Weisser, Pascal.ext 152- Yogita Urade 153 154 155Repositories / Downloads for Yocto-5.0.4 156~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 157 158poky 159 160- Repository Location: :yocto_git:`/poky` 161- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>` 162- Tag: :yocto_git:`yocto-5.0.4 </poky/log/?h=yocto-5.0.4>` 163- Git Revision: :yocto_git:`2034fc38eb4e63984d9bd6b260aa1bf95ce562e4 </poky/commit/?id=2034fc38eb4e63984d9bd6b260aa1bf95ce562e4>` 164- Release Artefact: poky-2034fc38eb4e63984d9bd6b260aa1bf95ce562e4 165- sha: 697ed099793d6c86d5ffe590e96f99689bd28dcb2d4451dc4585496fa4a20400 166- Download Locations: 167 http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/poky-2034fc38eb4e63984d9bd6b260aa1bf95ce562e4.tar.bz2 168 http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/poky-2034fc38eb4e63984d9bd6b260aa1bf95ce562e4.tar.bz2 169 170openembedded-core 171 172- Repository Location: :oe_git:`/openembedded-core` 173- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>` 174- Tag: :oe_git:`yocto-5.0.4 </openembedded-core/log/?h=yocto-5.0.4>` 175- Git Revision: :oe_git:`f888dd911529a828820799a7a1b75dfd3a44847c </openembedded-core/commit/?id=f888dd911529a828820799a7a1b75dfd3a44847c>` 176- Release Artefact: oecore-f888dd911529a828820799a7a1b75dfd3a44847c 177- sha: 93cb4c3c8e0f77edab20814d155847dc3452c6b083e3dd9c7a801e80a7e4d228 178- Download Locations: 179 http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/oecore-f888dd911529a828820799a7a1b75dfd3a44847c.tar.bz2 180 http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/oecore-f888dd911529a828820799a7a1b75dfd3a44847c.tar.bz2 181 182meta-mingw 183 184- Repository Location: :yocto_git:`/meta-mingw` 185- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>` 186- Tag: :yocto_git:`yocto-5.0.4 </meta-mingw/log/?h=yocto-5.0.4>` 187- Git Revision: :yocto_git:`acbba477893ef87388effc4679b7f40ee49fc852 </meta-mingw/commit/?id=acbba477893ef87388effc4679b7f40ee49fc852>` 188- Release Artefact: meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852 189- sha: 3b7c2f475dad5130bace652b150367f587d44b391218b1364a8bbc430b48c54c 190- Download Locations: 191 http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 192 http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 193 194bitbake 195 196- Repository Location: :oe_git:`/bitbake` 197- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>` 198- Tag: :oe_git:`yocto-5.0.4 </bitbake/log/?h=yocto-5.0.4>` 199- Git Revision: :oe_git:`d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3 </bitbake/commit/?id=d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3>` 200- Release Artefact: bitbake-d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3 201- sha: d873f4d3a471d26680dc39200d8f3851a6863f15daa9bed978ba31b930f9a1c1 202- Download Locations: 203 http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/bitbake-d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3.tar.bz2 204 http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/bitbake-d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3.tar.bz2 205 206yocto-docs 207 208- Repository Location: :yocto_git:`/yocto-docs` 209- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>` 210- Tag: :yocto_git:`yocto-5.0.4 </yocto-docs/log/?h=yocto-5.0.4>` 211- Git Revision: :yocto_git:`d71081dd14a9d75ace4d1c62472374f37b4a888d </yocto-docs/commit/?id=d71081dd14a9d75ace4d1c62472374f37b4a888d>` 212 213