1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
2
3Release notes for Yocto-5.0.4 (Scarthgap)
4-----------------------------------------
5
6Security Fixes in Yocto-5.0.4
7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8
9-  apr: Fix :cve_nist:`2023-49582`
10-  curl: Ignore :cve_nist:`2024-32928`
11-  curl: Fix :cve_nist:`2024-7264`
12-  expat: Fix :cve_nist:`2024-45490`, :cve_nist:`2024-45491` and :cve_nist:`2024-45492`
13-  ffmpeg: Fix :cve_nist:`2023-50008` and :cve_nist:`2024-32230`
14-  libpcap: Fix :cve_nist:`2023-7256` and :cve_nist:`2024-8006`
15-  libyaml: Ignore :cve_nist:`2024-35325` and :cve_nist:`2024-35326`
16-  openssl: Fix :cve_nist:`2024-5535` and :cve_nist:`2024-6119`
17-  python3-certifi: Fix :cve_nist:`2024-39689`
18-  python3-setuptools: Fix :cve_nist:`2024-6345`
19-  python3: Fix :cve_nist:`2024-6232`, :cve_nist:`2024-7592`, :cve_nist:`2024-8088` and :cve_nist:`2024-27034`
20-  qemu: Fix :cve_nist:`2024-4467` and :cve_nist:`2024-7409`
21-  ruby: Fix :cve_nist:`2024-27282`
22-  tiff: Fix :cve_nist:`2024-7006`
23-  vim: Fix :cve_nist:`2024-41957`, :cve_nist:`2024-41965`, :cve_nist:`2024-43374`, :cve_nist:`2024-43790` and :cve_nist:`2024-43802`
24
25
26Fixes in Yocto-5.0.4
27~~~~~~~~~~~~~~~~~~~~
28
29-  apr: drop 0007-explicitly-link-libapr-against-phtread-to-make-gold-.patch
30-  apr: upgrade to 1.7.5
31-  bind: Fix build with the `httpstats` package config enabled
32-  bitbake: data_smart: Improve performance for VariableHistory
33-  bluez5: remove redundant patch for MAX_INPUT
34-  build-appliance-image: Update to scarthgap head revision
35-  buildhistory: Fix intermittent package file list creation
36-  buildhistory: Restoring files from preserve list
37-  buildhistory: Simplify intercept call sites and drop SSTATEPOSTINSTFUNC usage
38-  busybox: Fix cut with "-s" flag
39-  create-sdpx-2.2.bbclass: Switch from exists to isfile checking debugsrc
40-  cups: upgrade to 2.4.10
41-  dejagnu: Fix :term:`LICENSE` (change to GPL-3.0-only)
42-  doc: features: describe distribution feature pni-name
43-  doc: features: remove duplicate word in distribution feature ext2
44-  expat: upgrade to 2.6.3
45-  expect-native: fix do_compile failure with gcc-14
46-  gcc: Fix spurious '/' in GLIBC_DYNAMIC_LINKER on microblaze
47-  gcr: Fix :term:`LICENSE` (change to LGPL-2.0-only)
48-  glibc: fix fortran header file conflict for arm
49-  go: upgrade to 1.22.6
50-  gstreamer1.0: disable flaky baseparser tests
51-  image_types.bbclass: Use --force also with lz4,lzop
52-  initramfs-framework: fix typos
53-  iw: Fix :term:`LICENSE` (change to ISC)
54-  libadwaita: upgrade to 1.5.2
55-  libcap-ng: update :term:`SRC_URI`
56-  libdnf: upgrade to 0.73.2
57-  libedit: Make docs generation deterministic
58-  libgfortran.inc: fix nativesdk-libgfortran dependencies
59-  librsvg: don't try to run target code at build time
60-  linux-firmware: add a package for ath12k firmware
61-  llvm: Enable libllvm for native build
62-  maintainers.inc: add maintainer for python(-setuptools, -smmap, -subunit, -testtools)
63-  mc: fix source URL
64-  migration-guide: add release notes for 4.0.20 and 5.0.3
65-  oeqa/postactions: fix exception handling
66-  oeqa/runtime/ssh: In case of failure, show exit code and handle -15 (SIGTERM)
67-  oeqa/runtime/ssh: add retry logic and sleeps to allow for slower systems
68-  oeqa/runtime/ssh: check for all errors at the end
69-  oeqa/runtime/ssh: increase the number of attempts
70-  oeqa/selftest/reproducibile: Explicitly list virtual targets
71-  oeqa/utils/postactions: transfer whole archive over ssh instead of doing individual copies
72-  openssh: add backported header file include
73-  openssl: upgrade to 3.2.3
74-  os-release: Fix VERSION_CODENAME in case it is empty
75-  poky.conf: bump version for 5.0.4
76-  populate_sdk_ext.bclass: make sure OECORE_NATIVE_SYSROOT is exported.
77-  python3-maturin: Fix cross compilation issue for armv7l, mips64, ppc
78-  python3-pycryptodome(x): use python_setuptools_build_meta build class
79-  python3: upgrade to 3.12.6
80-  python3: skip readline limited history tests
81-  qemu: backport patches to fix riscv64 build failure
82-  qemuboot: Trigger write_qemuboot_conf task on changes of kernel image realpath
83-  ref-manual: fix typo and move :term:`SYSROOT_DIRS` example
84-  ruby: Make docs generation deterministic
85-  systemd: Mitigate /var/log type mismatch issue
86-  systemd: Mitigate /var/tmp type mismatch issue
87-  tiff: Fix :term:`LICENSE` (change to libtiff)
88-  u-boot.inc: Refactor do_* steps into functions that can be overridden
89-  udev-extraconf: Add collect flag to mount
90-  unzip: Fix :term:`LICENSE` (change to Info-ZIP)
91-  util-linux: Add :term:`PACKAGECONFIG` option (libmount-mountfd-support) to mitigate rootfs remount error
92-  vim: upgrade to 9.1.0698
93-  weston-init: fix weston not starting when xwayland is enabled
94-  wireless-regdb: upgrade to 2024.07.04
95-  wpa-supplicant: upgrade to 2.11
96-  xserver-xorg: mark :cve_nist:`2023-5574` as unpatched when xvfb enabled
97-  yocto-uninative: Update to 4.6 for glibc 2.40
98-  zip: Fix :term:`LICENSE` (change to Info-ZIP)
99
100
101Known Issues in Yocto-5.0.4
102~~~~~~~~~~~~~~~~~~~~~~~~~~~
103
104- N/A
105
106
107Contributors to Yocto-5.0.4
108~~~~~~~~~~~~~~~~~~~~~~~~~~~
109
110-  Alban Bedel
111-  Alexander Kanavin
112-  Alexis Lothoré
113-  Archana Polampalli
114-  Ashish Sharma
115-  Bartosz Golaszewski
116-  Benjamin Szőke
117-  Changqing Li
118-  Chen Qi
119-  Colin McAllister
120-  Daniel Semkowicz
121-  Dmitry Baryshkov
122-  Gauthier HADERER
123-  Guðni Már Gilbert
124-  Jon Mason
125-  Jose Quaresma
126-  Jörg Sommer
127-  Kai Kang
128-  Khem Raj
129-  Lee Chee Yang
130-  Mark Hatle
131-  Martin Jansa
132-  Matthias Pritschet
133-  Michael Halstead
134-  Mingli Yu
135-  Niko Mauno
136-  Pedro Ferreira
137-  Peter Marko
138-  Quentin Schulz
139-  Richard Purdie
140-  Robert Yang
141-  Ross Burton
142-  Ryan Eatmon
143-  Siddharth Doshi
144-  Simone Weiß
145-  Soumya Sambu
146-  Steve Sakoman
147-  Trevor Gamblin
148-  Ulrich Ölmann
149-  Vijay Anusuri
150-  Wang Mingyu
151-  Weisser, Pascal.ext
152-  Yogita Urade
153
154
155Repositories / Downloads for Yocto-5.0.4
156~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
157
158poky
159
160-  Repository Location: :yocto_git:`/poky`
161-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
162-  Tag:  :yocto_git:`yocto-5.0.4 </poky/log/?h=yocto-5.0.4>`
163-  Git Revision: :yocto_git:`2034fc38eb4e63984d9bd6b260aa1bf95ce562e4 </poky/commit/?id=2034fc38eb4e63984d9bd6b260aa1bf95ce562e4>`
164-  Release Artefact: poky-2034fc38eb4e63984d9bd6b260aa1bf95ce562e4
165-  sha: 697ed099793d6c86d5ffe590e96f99689bd28dcb2d4451dc4585496fa4a20400
166-  Download Locations:
167   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/poky-2034fc38eb4e63984d9bd6b260aa1bf95ce562e4.tar.bz2
168   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/poky-2034fc38eb4e63984d9bd6b260aa1bf95ce562e4.tar.bz2
169
170openembedded-core
171
172-  Repository Location: :oe_git:`/openembedded-core`
173-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
174-  Tag:  :oe_git:`yocto-5.0.4 </openembedded-core/log/?h=yocto-5.0.4>`
175-  Git Revision: :oe_git:`f888dd911529a828820799a7a1b75dfd3a44847c </openembedded-core/commit/?id=f888dd911529a828820799a7a1b75dfd3a44847c>`
176-  Release Artefact: oecore-f888dd911529a828820799a7a1b75dfd3a44847c
177-  sha: 93cb4c3c8e0f77edab20814d155847dc3452c6b083e3dd9c7a801e80a7e4d228
178-  Download Locations:
179   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/oecore-f888dd911529a828820799a7a1b75dfd3a44847c.tar.bz2
180   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/oecore-f888dd911529a828820799a7a1b75dfd3a44847c.tar.bz2
181
182meta-mingw
183
184-  Repository Location: :yocto_git:`/meta-mingw`
185-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
186-  Tag:  :yocto_git:`yocto-5.0.4 </meta-mingw/log/?h=yocto-5.0.4>`
187-  Git Revision: :yocto_git:`acbba477893ef87388effc4679b7f40ee49fc852 </meta-mingw/commit/?id=acbba477893ef87388effc4679b7f40ee49fc852>`
188-  Release Artefact: meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852
189-  sha: 3b7c2f475dad5130bace652b150367f587d44b391218b1364a8bbc430b48c54c
190-  Download Locations:
191   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2
192   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2
193
194bitbake
195
196-  Repository Location: :oe_git:`/bitbake`
197-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
198-  Tag:  :oe_git:`yocto-5.0.4 </bitbake/log/?h=yocto-5.0.4>`
199-  Git Revision: :oe_git:`d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3 </bitbake/commit/?id=d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3>`
200-  Release Artefact: bitbake-d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3
201-  sha: d873f4d3a471d26680dc39200d8f3851a6863f15daa9bed978ba31b930f9a1c1
202-  Download Locations:
203   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.4/bitbake-d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3.tar.bz2
204   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.4/bitbake-d251668d9a7a8dd25bd8767efb30d6d9ff8b1ad3.tar.bz2
205
206yocto-docs
207
208-  Repository Location: :yocto_git:`/yocto-docs`
209-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
210-  Tag: :yocto_git:`yocto-5.0.4 </yocto-docs/log/?h=yocto-5.0.4>`
211-  Git Revision: :yocto_git:`d71081dd14a9d75ace4d1c62472374f37b4a888d </yocto-docs/commit/?id=d71081dd14a9d75ace4d1c62472374f37b4a888d>`
212
213