diff options
Diffstat (limited to 'documentation/migration-guides')
76 files changed, 21619 insertions, 0 deletions
diff --git a/documentation/migration-guides/index.rst b/documentation/migration-guides/index.rst new file mode 100644 index 0000000000..e9d7f72809 --- /dev/null +++ b/documentation/migration-guides/index.rst @@ -0,0 +1,41 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +==================== + Release Information +==================== + +| + +Each document in this chapter provides release notes and information about how +to move to one release of the Yocto Project from the previous one. + +.. toctree:: + + migration-general + release-5.1 + release-5.0 + release-4.3 + release-4.2 + release-4.1 + release-4.0 + release-3.4 + migration-3.3 + migration-3.2 + migration-3.1 + migration-3.0 + migration-2.7 + migration-2.6 + migration-2.5 + migration-2.4 + migration-2.3 + migration-2.2 + migration-2.1 + migration-2.0 + migration-1.8 + migration-1.7 + migration-1.6 + migration-1.5 + migration-1.4 + migration-1.3 + +.. include:: /boilerplate.rst diff --git a/documentation/migration-guides/migration-1.3.rst b/documentation/migration-guides/migration-1.3.rst new file mode 100644 index 0000000000..95f7e3572b --- /dev/null +++ b/documentation/migration-guides/migration-1.3.rst @@ -0,0 +1,193 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 1.3 (danny) +=================== + +This section provides migration information for moving to the Yocto +Project 1.3 Release (codename "danny") from the prior release. + +.. _1.3-local-configuration: + +Local Configuration +------------------- + +Differences include changes for +:term:`SSTATE_MIRRORS` and ``bblayers.conf``. + +.. _migration-1.3-sstate-mirrors: + +SSTATE_MIRRORS +~~~~~~~~~~~~~~ + +The shared state cache (sstate-cache), as pointed to by +:term:`SSTATE_DIR`, by default now has two-character +subdirectories to prevent issues arising from too many files in the same +directory. Also, native sstate-cache packages, which are built to run on +the host system, will go into a subdirectory named using the distro ID +string. If you copy the newly structured sstate-cache to a mirror +location (either local or remote) and then point to it in +:term:`SSTATE_MIRRORS`, you need to append "PATH" +to the end of the mirror URL so that the path used by BitBake before the +mirror substitution is appended to the path used to access the mirror. +Here is an example:: + + SSTATE_MIRRORS = "file://.* http://someserver.tld/share/sstate/PATH" + +.. _migration-1.3-bblayers-conf: + +bblayers.conf +~~~~~~~~~~~~~ + +The ``meta-yocto`` layer consists of two parts that correspond to the +Poky reference distribution and the reference hardware Board Support +Packages (BSPs), respectively: ``meta-yocto`` and ``meta-yocto-bsp``. +When running BitBake for the first time after upgrading, your +``conf/bblayers.conf`` file will be updated to handle this change and +you will be asked to re-run or restart for the changes to take effect. + +.. _1.3-recipes: + +Recipes +------- + +Differences include changes for the following: + +.. _migration-1.3-python-function-whitespace: + +Python Function Whitespace +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +All Python functions must now use four spaces for indentation. +Previously, an inconsistent mix of spaces and tabs existed, which made +extending these functions using ``_append`` or ``_prepend`` complicated +given that Python treats whitespace as syntactically significant. If you +are defining or extending any Python functions (e.g. +``populate_packages``, :ref:`ref-tasks-unpack`, :ref:`ref-tasks-patch` and so forth) in +custom recipes or classes, you need to ensure you are using consistent +four-space indentation. + +.. _migration-1.3-proto=-in-src-uri: + +proto= in SRC_URI +~~~~~~~~~~~~~~~~~ + +Any use of ``proto=`` in :term:`SRC_URI` needs to be +changed to ``protocol=``. In particular, this applies to the following +URIs: + +- ``svn://`` + +- ``bzr://`` + +- ``hg://`` + +- ``osc://`` + +Other URIs were already using ``protocol=``. This change improves +consistency. + +.. _migration-1.3-nativesdk: + +nativesdk +~~~~~~~~~ + +The suffix ``nativesdk`` is now implemented as a prefix, which simplifies a lot +of the packaging code for :ref:`ref-classes-nativesdk` recipes. All custom +:ref:`ref-classes-nativesdk` recipes, which are relocatable packages that are +native to :term:`SDK_ARCH`, and any references need to be updated to use +``nativesdk-*`` instead of ``*-nativesdk``. + +.. _migration-1.3-task-recipes: + +Task Recipes +~~~~~~~~~~~~ + +"Task" recipes are now known as "Package groups" and have been renamed +from ``task-*.bb`` to ``packagegroup-*.bb``. Existing references to the +previous ``task-*`` names should work in most cases as there is an +automatic upgrade path for most packages. However, you should update +references in your own recipes and configurations as they could be +removed in future releases. You should also rename any custom ``task-*`` +recipes to ``packagegroup-*``, and change them to inherit +:ref:`ref-classes-packagegroup` instead of ``task``, as well +as taking the opportunity to remove anything now handled by +:ref:`ref-classes-packagegroup`, such as providing ``-dev`` and ``-dbg`` +packages, setting :term:`LIC_FILES_CHKSUM`, and so forth. See the +:ref:`ref-classes-packagegroup` section for further details. + +.. _migration-1.3-image-features: + +IMAGE_FEATURES +~~~~~~~~~~~~~~ + +Image recipes that previously included ``apps-console-core`` in +:term:`IMAGE_FEATURES` should now include ``splash`` +instead to enable the boot-up splash screen. Retaining +``apps-console-core`` will still include the splash screen but generates a +warning. The ``apps-x11-core`` and ``apps-x11-games`` :term:`IMAGE_FEATURES` +features have been removed. + +.. _migration-1.3-removed-recipes: + +Removed Recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed. For most of them, it is +unlikely that you would have any references to them in your own +:term:`Metadata`. However, you should check your metadata +against this list to be sure: + +- ``libx11-trim``: Replaced by ``libx11``, which has a negligible + size difference with modern Xorg. + +- ``xserver-xorg-lite``: Use ``xserver-xorg``, which has a negligible + size difference when DRI and GLX modules are not installed. + +- ``xserver-kdrive``: Effectively unmaintained for many years. + +- ``mesa-xlib``: No longer serves any purpose. + +- ``galago``: Replaced by telepathy. + +- ``gail``: Functionality was integrated into GTK+ 2.13. + +- ``eggdbus``: No longer needed. + +- ``gcc-*-intermediate``: The build has been restructured to avoid + the need for this step. + +- ``libgsmd``: Unmaintained for many years. Functionality now + provided by ``ofono`` instead. + +- *contacts, dates, tasks, eds-tools*: Largely unmaintained PIM + application suite. It has been moved to ``meta-gnome`` in + ``meta-openembedded``. + +In addition to the previously listed changes, the ``meta-demoapps`` +directory has also been removed because the recipes in it were not being +maintained and many had become obsolete or broken. Additionally, these +recipes were not parsed in the default configuration. Many of these +recipes are already provided in an updated and maintained form within +the OpenEmbedded community layers such as ``meta-oe`` and +``meta-gnome``. For the remainder, you can now find them in the +``meta-extras`` repository, which is in the +:yocto_git:`Source Repositories <>` at +:yocto_git:`/meta-extras/`. + +.. _1.3-linux-kernel-naming: + +Linux Kernel Naming +------------------- + +The naming scheme for kernel output binaries has been changed to now +include :term:`PE` as part of the filename:: + + KERNEL_IMAGE_BASE_NAME ?= "${KERNEL_IMAGETYPE}-${PE}-${PV}-${PR}-${MACHINE}-${DATETIME}" + +Because the :term:`PE` variable is not set by default, these binary files +could result with names that include two dash characters. Here is an +example:: + + bzImage--3.10.9+git0+cd502a8814_7144bcc4b8-r0-qemux86-64-20130830085431.bin + + diff --git a/documentation/migration-guides/migration-1.4.rst b/documentation/migration-guides/migration-1.4.rst new file mode 100644 index 0000000000..6db2a035b8 --- /dev/null +++ b/documentation/migration-guides/migration-1.4.rst @@ -0,0 +1,237 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 1.4 (dylan) +=================== + +This section provides migration information for moving to the Yocto +Project 1.4 Release (codename "dylan") from the prior release. + +.. _migration-1.4-bitbake: + +BitBake +------- + +Differences include the following: + +- *Comment Continuation:* If a comment ends with a line continuation + (\\) character, then the next line must also be a comment. Any + instance where this is not the case, now triggers a warning. You must + either remove the continuation character, or be sure the next line is + a comment. + +- *Package Name Overrides:* The runtime package specific variables + :term:`RDEPENDS`, + :term:`RRECOMMENDS`, + :term:`RSUGGESTS`, + :term:`RPROVIDES`, + :term:`RCONFLICTS`, + :term:`RREPLACES`, :term:`FILES`, + :term:`ALLOW_EMPTY`, and the pre, post, install, + and uninstall script functions ``pkg_preinst``, ``pkg_postinst``, + ``pkg_prerm``, and ``pkg_postrm`` should always have a package name + override. For example, use ``RDEPENDS_${PN}`` for the main package + instead of :term:`RDEPENDS`. BitBake uses more strict checks when it + parses recipes. + +.. _migration-1.4-build-behavior: + +Build Behavior +-------------- + +Differences include the following: + +- *Shared State Code:* The shared state code has been optimized to + avoid running unnecessary tasks. For example, the following no longer + populates the target sysroot since that is not necessary:: + + $ bitbake -c rootfs some-image + + Instead, the system just needs to extract the + output package contents, re-create the packages, and construct the + root filesystem. This change is unlikely to cause any problems unless + you have missing declared dependencies. + +- *Scanning Directory Names:* When scanning for files in + :term:`SRC_URI`, the build system now uses + :term:`FILESOVERRIDES` instead of + :term:`OVERRIDES` for the directory names. In + general, the values previously in :term:`OVERRIDES` are now in + :term:`FILESOVERRIDES` as well. However, if you relied upon an additional + value you previously added to :term:`OVERRIDES`, you might now need to + add it to :term:`FILESOVERRIDES` unless you are already adding it through + the :term:`MACHINEOVERRIDES` or + :term:`DISTROOVERRIDES` variables, as + appropriate. For more related changes, see the + ":ref:`migration-guides/migration-1.4:variables`" section. + +.. _migration-1.4-proxies-and-fetching-source: + +Proxies and Fetching Source +--------------------------- + +A new ``oe-git-proxy`` script has been added to replace previous methods +of handling proxies and fetching source from Git. See the +``meta-yocto/conf/site.conf.sample`` file for information on how to use +this script. + +.. _migration-1.4-custom-interfaces-file-netbase-change: + +Custom Interfaces File (netbase change) +--------------------------------------- + +If you have created your own custom ``etc/network/interfaces`` file by +creating an append file for the ``netbase`` recipe, you now need to +create an append file for the ``init-ifupdown`` recipe instead, which +you can find in the :term:`Source Directory` at +``meta/recipes-core/init-ifupdown``. For information on how to use +append files, see the +":ref:`dev-manual/layers:appending other layers metadata with your layer`" +section in the Yocto Project Development Tasks Manual. + +.. _migration-1.4-remote-debugging: + +Remote Debugging +---------------- + +Support for remote debugging with the Eclipse IDE is now separated into +an image feature (``eclipse-debug``) that corresponds to the +``packagegroup-core-eclipse-debug`` package group. Previously, the +debugging feature was included through the ``tools-debug`` image +feature, which corresponds to the ``packagegroup-core-tools-debug`` +package group. + +.. _migration-1.4-variables: + +Variables +--------- + +The following variables have changed: + +- :term:`SANITY_TESTED_DISTROS`: This variable now uses a distribution + ID, which is composed of the host distributor ID followed by the + release. Previously, + :term:`SANITY_TESTED_DISTROS` was + composed of the description field. For example, "Ubuntu 12.10" + becomes "Ubuntu-12.10". You do not need to worry about this change if + you are not specifically setting this variable, or if you are + specifically setting it to "". + +- :term:`SRC_URI`: The ``${``\ :term:`PN`\ ``}``, + ``${``\ :term:`PF`\ ``}``, + ``${``\ :term:`P`\ ``}``, and ``FILE_DIRNAME`` directories + have been dropped from the default value of the + :term:`FILESPATH` variable, which is used as the + search path for finding files referred to in + :term:`SRC_URI`. If you have a recipe that relied upon + these directories, which would be unusual, then you will need to add + the appropriate paths within the recipe or, alternatively, rearrange + the files. The most common locations are still covered by ``${``\ :term:`BP`\ ``}``, + ``${``\ :term:`BPN`\ ``}``, and "files", which all remain in the default value of + :term:`FILESPATH`. + +.. _migration-target-package-management-with-rpm: + +Target Package Management with RPM +---------------------------------- + +If runtime package management is enabled and the RPM backend is +selected, Smart is now installed for package download, dependency +resolution, and upgrades instead of Zypper. For more information on how +to use Smart, run the following command on the target:: + + smart --help + +.. _migration-1.4-recipes-moved: + +Recipes Moved +------------- + +The following recipes were moved from their previous locations because +they are no longer used by anything in the OpenEmbedded-Core: + +- ``clutter-box2d``: Now resides in the ``meta-oe`` layer. + +- ``evolution-data-server``: Now resides in the ``meta-gnome`` layer. + +- ``gthumb``: Now resides in the ``meta-gnome`` layer. + +- ``gtkhtml2``: Now resides in the ``meta-oe`` layer. + +- ``gupnp``: Now resides in the ``meta-multimedia`` layer. + +- ``gypsy``: Now resides in the ``meta-oe`` layer. + +- ``libcanberra``: Now resides in the ``meta-gnome`` layer. + +- ``libgdata``: Now resides in the ``meta-gnome`` layer. + +- ``libmusicbrainz``: Now resides in the ``meta-multimedia`` layer. + +- ``metacity``: Now resides in the ``meta-gnome`` layer. + +- ``polkit``: Now resides in the ``meta-oe`` layer. + +- ``zeroconf``: Now resides in the ``meta-networking`` layer. + +.. _migration-1.4-removals-and-renames: + +Removals and Renames +-------------------- + +The following list shows what has been removed or renamed: + +- ``evieext``: Removed because it has been removed from ``xserver`` + since 2008. + +- *Gtk+ DirectFB:* Removed support because upstream Gtk+ no longer + supports it as of version 2.18. + +- ``libxfontcache / xfontcacheproto``: Removed because they were + removed from the Xorg server in 2008. + +- ``libxp / libxprintapputil / libxprintutil / printproto``: Removed + because the XPrint server was removed from Xorg in 2008. + +- ``libxtrap / xtrapproto``: Removed because their functionality was + broken upstream. + +- *linux-yocto 3.0 kernel:* Removed with linux-yocto 3.8 kernel being + added. The linux-yocto 3.2 and linux-yocto 3.4 kernels remain as part + of the release. + +- ``lsbsetup``: Removed with functionality now provided by + ``lsbtest``. + +- ``matchbox-stroke``: Removed because it was never more than a + proof-of-concept. + +- ``matchbox-wm-2 / matchbox-theme-sato-2``: Removed because they are + not maintained. However, ``matchbox-wm`` and ``matchbox-theme-sato`` + are still provided. + +- ``mesa-dri``: Renamed to ``mesa``. + +- ``mesa-xlib``: Removed because it was no longer useful. + +- ``mutter``: Removed because nothing ever uses it and the recipe is + very old. + +- ``orinoco-conf``: Removed because it has become obsolete. + +- ``update-modules``: Removed because it is no longer used. The + kernel module ``postinstall`` and ``postrm`` scripts can now do the + same task without the use of this script. + +- ``web``: Removed because it is not maintained. Superseded by + ``web-webkit``. + +- ``xf86bigfontproto``: Removed because upstream it has been disabled + by default since 2007. Nothing uses ``xf86bigfontproto``. + +- ``xf86rushproto``: Removed because its dependency in ``xserver`` + was spurious and it was removed in 2005. + +- ``zypper / libzypp / sat-solver``: Removed and been functionally + replaced with Smart (``python-smartpm``) when RPM packaging is used + and package management is enabled on the target. + diff --git a/documentation/migration-guides/migration-1.5.rst b/documentation/migration-guides/migration-1.5.rst new file mode 100644 index 0000000000..c8f3cbc165 --- /dev/null +++ b/documentation/migration-guides/migration-1.5.rst @@ -0,0 +1,355 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 1.5 (dora) +================== + +This section provides migration information for moving to the Yocto +Project 1.5 Release (codename "dora") from the prior release. + +.. _migration-1.5-host-dependency-changes: + +Host Dependency Changes +----------------------- + +The OpenEmbedded build system now has some additional requirements on +the host system: + +- Python 2.7.3+ + +- Tar 1.24+ + +- Git 1.7.8+ + +- Patched version of Make if you are using 3.82. Most distributions + that provide Make 3.82 use the patched version. + +If the Linux distribution you are using on your build host does not +provide packages for these, you can install and use the Buildtools +tarball, which provides an SDK-like environment containing them. + +For more information on this requirement, see the +":ref:`system-requirements-buildtools`" section. + +.. _migration-1.5-atom-pc-bsp: + +``atom-pc`` Board Support Package (BSP) +--------------------------------------- + +The ``atom-pc`` hardware reference BSP has been replaced by a +``genericx86`` BSP. This BSP is not necessarily guaranteed to work on +all x86 hardware, but it will run on a wider range of systems than the +``atom-pc`` did. + +.. note:: + + Additionally, a ``genericx86-64`` BSP has been added for 64-bit Atom + systems. + +.. _migration-1.5-bitbake: + +BitBake +------- + +The following changes have been made that relate to BitBake: + +- BitBake now supports a ``_remove`` operator. The addition of this + operator means you will have to rename any items in recipe space + (functions, variables) whose names currently contain ``_remove_`` or + end with ``_remove`` to avoid unexpected behavior. + +- BitBake's global method pool has been removed. This method is not + particularly useful and led to clashes between recipes containing + functions that had the same name. + +- The "none" server backend has been removed. The "process" server + backend has been serving well as the default for a long time now. + +- The ``bitbake-runtask`` script has been removed. + +- ``${``\ :term:`P`\ ``}`` and + ``${``\ :term:`PF`\ ``}`` are no longer added to + :term:`PROVIDES` by default in ``bitbake.conf``. + These version-specific :term:`PROVIDES` items were seldom used. + Attempting to use them could result in two versions being built + simultaneously rather than just one version due to the way BitBake + resolves dependencies. + +.. _migration-1.5-qa-warnings: + +QA Warnings +----------- + +The following changes have been made to the package QA checks: + +- If you have customized :term:`ERROR_QA` or + :term:`WARN_QA` values in your configuration, check + that they contain all of the issues that you wish to be reported. + Previous Yocto Project versions contained a bug that meant that any + item not mentioned in :term:`ERROR_QA` or :term:`WARN_QA` would be treated as + a warning. Consequently, several important items were not already in + the default value of :term:`WARN_QA`. All of the possible QA checks are + now documented in the ":ref:`ref-classes-insane`" section. + +- An additional QA check has been added to check if + ``/usr/share/info/dir`` is being installed. Your recipe should delete + this file within :ref:`ref-tasks-install` if "make + install" is installing it. + +- If you are using the :ref:`ref-classes-buildhistory` class, the check for the + package version going backwards is now controlled using a standard QA check. + Thus, if you have customized your :term:`ERROR_QA` or :term:`WARN_QA` values + and still wish to have this check performed, you should add + "version-going-backwards" to your value for one or the other + variables depending on how you wish it to be handled. See the + documented QA checks in the ":ref:`ref-classes-insane`" section. + +.. _migration-1.5-directory-layout-changes: + +Directory Layout Changes +------------------------ + +The following directory changes exist: + +- Output SDK installer files are now named to include the image name + and tuning architecture through the :term:`SDK_NAME` + variable. + +- Images and related files are now installed into a directory that is + specific to the machine, instead of a parent directory containing + output files for multiple machines. The + :term:`DEPLOY_DIR_IMAGE` variable continues + to point to the directory containing images for the current + :term:`MACHINE` and should be used anywhere there is a + need to refer to this directory. The ``runqemu`` script now uses this + variable to find images and kernel binaries and will use BitBake to + determine the directory. Alternatively, you can set the + :term:`DEPLOY_DIR_IMAGE` variable in the external environment. + +- When buildhistory is enabled, its output is now written under the + :term:`Build Directory` rather than :term:`TMPDIR`. Doing so makes + it easier to delete :term:`TMPDIR` and preserve the build history. + Additionally, data for produced SDKs is now split by :term:`IMAGE_NAME`. + +- When :ref:`ref-classes-buildhistory` is enabled, its output + is now written under the :term:`Build Directory` rather than :term:`TMPDIR`. + Doing so makes it easier to delete :term:`TMPDIR` and preserve the build + history. Additionally, data for produced SDKs is now split by :term:`IMAGE_NAME`. + +- The ``pkgdata`` directory produced as part of the packaging process + has been collapsed into a single machine-specific directory. This + directory is located under ``sysroots`` and uses a machine-specific + name (i.e. ``tmp/sysroots/machine/pkgdata``). + +.. _migration-1.5-shortened-git-srcrev-values: + +Shortened Git ``SRCREV`` Values +------------------------------- + +BitBake will now shorten revisions from Git repositories from the normal +40 characters down to 10 characters within :term:`SRCPV` +for improved usability in path and filenames. This change should be +safe within contexts where these revisions are used because the chances +of spatially close collisions is very low. Distant collisions are not a +major issue in the way the values are used. + +.. _migration-1.5-image-features: + +``IMAGE_FEATURES`` +------------------ + +The following changes have been made that relate to +:term:`IMAGE_FEATURES`: + +- The value of :term:`IMAGE_FEATURES` is now validated to ensure invalid + feature items are not added. Some users mistakenly add package names + to this variable instead of using + :term:`IMAGE_INSTALL` in order to have the + package added to the image, which does not work. This change is + intended to catch those kinds of situations. Valid :term:`IMAGE_FEATURES` + are drawn from ``PACKAGE_GROUP`` definitions, + :term:`COMPLEMENTARY_GLOB` and a new + "validitems" varflag on :term:`IMAGE_FEATURES`. The "validitems" varflag + change allows additional features to be added if they are not + provided using the previous two mechanisms. + +- The previously deprecated "apps-console-core" :term:`IMAGE_FEATURES` item + is no longer supported. Add "splash" to :term:`IMAGE_FEATURES` if you + wish to have the splash screen enabled, since this is all that + apps-console-core was doing. + +.. _migration-1.5-run: + +``/run`` +-------- + +The ``/run`` directory from the Filesystem Hierarchy Standard 3.0 has +been introduced. You can find some of the implications for this change +:oe_git:`here </openembedded-core/commit/?id=0e326280a15b0f2c4ef2ef4ec441f63f55b75873>`. +The change also means that recipes that install files to ``/var/run`` +must be changed. You can find a guide on how to make these changes +`here <https://www.mail-archive.com/openembedded-devel@lists.openembedded.org/msg31649.html>`__. + +.. _migration-1.5-removal-of-package-manager-database-within-image-recipes: + +Removal of Package Manager Database Within Image Recipes +-------------------------------------------------------- + +The image ``core-image-minimal`` no longer adds +``remove_packaging_data_files`` to +:term:`ROOTFS_POSTPROCESS_COMMAND`. +This addition is now handled automatically when "package-management" is +not in :term:`IMAGE_FEATURES`. If you have custom +image recipes that make this addition, you should remove the lines, as +they are not needed and might interfere with correct operation of +postinstall scripts. + +.. _migration-1.5-images-now-rebuild-only-on-changes-instead-of-every-time: + +Images Now Rebuild Only on Changes Instead of Every Time +-------------------------------------------------------- + +The :ref:`ref-tasks-rootfs` and other related image +construction tasks are no longer marked as "nostamp". Consequently, they +will only be re-executed when their inputs have changed. Previous +versions of the OpenEmbedded build system always rebuilt the image when +requested rather when necessary. + +.. _migration-1.5-task-recipes: + +Task Recipes +------------ + +The previously deprecated ``task.bbclass`` has now been dropped. For +recipes that previously inherited from this class, you should rename +them from ``task-*`` to ``packagegroup-*`` and inherit +:ref:`ref-classes-packagegroup` instead. + +For more information, see the ":ref:`ref-classes-packagegroup`" section. + +.. _migration-1.5-busybox: + +BusyBox +------- + +By default, we now split BusyBox into two binaries: one that is suid +root for those components that need it, and another for the rest of the +components. Splitting BusyBox allows for optimization that eliminates +the ``tinylogin`` recipe as recommended by upstream. You can disable +this split by setting +:term:`BUSYBOX_SPLIT_SUID` to "0". + +.. _migration-1.5-automated-image-testing: + +Automated Image Testing +----------------------- + +A new automated image testing framework has been added through the +:ref:`ref-classes-testimage` classes. This +framework replaces the older ``imagetest-qemu`` framework. + +You can learn more about performing automated image tests in the +":ref:`dev-manual/runtime-testing:performing automated runtime testing`" +section in the Yocto Project Development Tasks Manual. + +.. _migration-1.5-build-history: + +Build History +------------- + +The changes to Build History are: + +- Installed package sizes: ``installed-package-sizes.txt`` for an image + now records the size of the files installed by each package instead + of the size of each compressed package archive file. + +- The dependency graphs (``depends*.dot``) now use the actual package + names instead of replacing dashes, dots and plus signs with + underscores. + +- The ``buildhistory-diff`` and ``buildhistory-collect-srcrevs`` + utilities have improved command-line handling. Use the ``--help`` + option for each utility for more information on the new syntax. + +For more information on Build History, see the +":ref:`dev-manual/build-quality:maintaining build output quality`" +section in the Yocto Project Development Tasks Manual. + +.. _migration-1.5-udev: + +``udev`` +-------- + +The changes to ``udev`` are: + +- ``udev`` no longer brings in ``udev-extraconf`` automatically through + :term:`RRECOMMENDS`, since this was originally + intended to be optional. If you need the extra rules, then add + ``udev-extraconf`` to your image. + +- ``udev`` no longer brings in ``pciutils-ids`` or ``usbutils-ids`` + through :term:`RRECOMMENDS`. These are not needed by ``udev`` itself and + removing them saves around 350KB. + +.. _migration-1.5-removed-renamed-recipes: + +Removed and Renamed Recipes +--------------------------- + +- The ``linux-yocto`` 3.2 kernel has been removed. + +- ``libtool-nativesdk`` has been renamed to ``nativesdk-libtool``. + +- ``tinylogin`` has been removed. It has been replaced by a suid + portion of Busybox. See the ":ref:`migration-1.5-busybox`" + section for more information. + +- ``external-python-tarball`` has been renamed to + ``buildtools-tarball``. + +- ``web-webkit`` has been removed. It has been functionally replaced by + ``midori``. + +- ``imake`` has been removed. It is no longer needed by any other + recipe. + +- ``transfig-native`` has been removed. It is no longer needed by any + other recipe. + +- ``anjuta-remote-run`` has been removed. Anjuta IDE integration has + not been officially supported for several releases. + +.. _migration-1.5-other-changes: + +Other Changes +------------- + +Here is a list of short entries describing other changes: + +- ``run-postinsts``: Make this generic. + +- ``base-files``: Remove the unnecessary ``media/``\ xxx directories. + +- ``alsa-state``: Provide an empty ``asound.conf`` by default. + +- ``classes/image``: Ensure + :term:`BAD_RECOMMENDATIONS` supports + pre-renamed package names. + +- ``classes/rootfs_rpm``: Implement :term:`BAD_RECOMMENDATIONS` for RPM. + +- ``systemd``: Remove ``systemd_unitdir`` if ``systemd`` is not in + :term:`DISTRO_FEATURES`. + +- ``systemd``: Remove ``init.d`` dir if ``systemd`` unit file is + present and ``sysvinit`` is not a distro feature. + +- ``libpam``: Deny all services for the ``OTHER`` entries. + +- :ref:`ref-classes-image`: Move ``runtime_mapping_rename`` to avoid conflict + with ``multilib``. See :yocto_bugs:`YOCTO #4993 </show_bug.cgi?id=4993>` + in Bugzilla for more information. + +- ``linux-dtb``: Use kernel build system to generate the ``dtb`` files. + +- ``kern-tools``: Switch from guilt to new ``kgit-s2q`` tool. + diff --git a/documentation/migration-guides/migration-1.6.rst b/documentation/migration-guides/migration-1.6.rst new file mode 100644 index 0000000000..916169e836 --- /dev/null +++ b/documentation/migration-guides/migration-1.6.rst @@ -0,0 +1,414 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 1.6 (daisy) +=================== + +This section provides migration information for moving to the Yocto +Project 1.6 Release (codename "daisy") from the prior release. + +.. _migration-1.6-archiver-class: + +``archiver`` Class +------------------ + +The :ref:`ref-classes-archiver` class has been rewritten and its configuration +has been simplified. For more details on the source archiver, see the +":ref:`dev-manual/licenses:maintaining open source license compliance during your product's lifecycle`" +section in the Yocto Project Development Tasks Manual. + +.. _migration-1.6-packaging-changes: + +Packaging Changes +----------------- + +The following packaging changes have been made: + +- The ``binutils`` recipe no longer produces a ``binutils-symlinks`` + package. ``update-alternatives`` is now used to handle the preferred + ``binutils`` variant on the target instead. + +- The tc (traffic control) utilities have been split out of the main + ``iproute2`` package and put into the ``iproute2-tc`` package. + +- The ``gtk-engines`` schemas have been moved to a dedicated + ``gtk-engines-schemas`` package. + +- The ``armv7a`` with thumb package architecture suffix has changed. + The suffix for these packages with the thumb optimization enabled is + "t2" as it should be. Use of this suffix was not the case in the 1.5 + release. Architecture names will change within package feeds as a + result. + +.. _migration-1.6-bitbake: + +BitBake +------- + +The following changes have been made to :term:`BitBake`. + +.. _migration-1.6-matching-branch-requirement-for-git-fetching: + +Matching Branch Requirement for Git Fetching +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +When fetching source from a Git repository using +:term:`SRC_URI`, BitBake will now validate the +:term:`SRCREV` value against the branch. You can specify +the branch using the following form:: + + SRC_URI = "git://server.name/repository;branch=branchname" + +If you do not specify a branch, BitBake looks in the default "master" branch. + +Alternatively, if you need to bypass this check (e.g. if you are +fetching a revision corresponding to a tag that is not on any branch), +you can add ";nobranch=1" to the end of the URL within :term:`SRC_URI`. + +.. _migration-1.6-bitbake-deps: + +Python Definition substitutions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +BitBake had some previously deprecated Python definitions within its +``bb`` module removed. You should use their sub-module counterparts +instead: + +- ``bb.MalformedUrl``: Use ``bb.fetch.MalformedUrl``. + +- ``bb.encodeurl``: Use ``bb.fetch.encodeurl``. + +- ``bb.decodeurl``: Use ``bb.fetch.decodeurl`` + +- ``bb.mkdirhier``: Use ``bb.utils.mkdirhier``. + +- ``bb.movefile``: Use ``bb.utils.movefile``. + +- ``bb.copyfile``: Use ``bb.utils.copyfile``. + +- ``bb.which``: Use ``bb.utils.which``. + +- ``bb.vercmp_string``: Use ``bb.utils.vercmp_string``. + +- ``bb.vercmp``: Use ``bb.utils.vercmp``. + +.. _migration-1.6-bitbake-fetcher: + +SVK Fetcher +~~~~~~~~~~~ + +The SVK fetcher has been removed from BitBake. + +.. _migration-1.6-bitbake-console-output: + +Console Output Error Redirection +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The BitBake console UI will now output errors to ``stderr`` instead of +``stdout``. Consequently, if you are piping or redirecting the output of +``bitbake`` to somewhere else, and you wish to retain the errors, you +will need to add ``2>&1`` (or something similar) to the end of your +``bitbake`` command line. + +.. _migration-1.6-task-taskname-overrides: + +``task-``\ taskname Overrides +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +``task-``\ taskname overrides have been adjusted so that tasks whose +names contain underscores have the underscores replaced by hyphens for +the override so that they now function properly. For example, the task +override for :ref:`ref-tasks-populate_sdk` is +``task-populate-sdk``. + +.. _migration-1.6-variable-changes: + +Changes to Variables +-------------------- + +The following variables have changed. For information on the +OpenEmbedded build system variables, see the ":doc:`/ref-manual/variables`" Chapter. + +.. _migration-1.6-variable-changes-TMPDIR: + +``TMPDIR`` +~~~~~~~~~~ + +:term:`TMPDIR` can no longer be on an NFS mount. NFS does +not offer full POSIX locking and inode consistency and can cause +unexpected issues if used to store :term:`TMPDIR`. + +The check for this occurs on startup. If :term:`TMPDIR` is detected on an +NFS mount, an error occurs. + +.. _migration-1.6-variable-changes-PRINC: + +``PRINC`` +~~~~~~~~~ + +The ``PRINC`` variable has been deprecated and triggers a warning if +detected during a build. For :term:`PR` increments on changes, +use the PR service instead. You can find out more about this service in +the ":ref:`dev-manual/packages:working with a pr service`" +section in the Yocto Project Development Tasks Manual. + +.. _migration-1.6-variable-changes-IMAGE_TYPES: + +``IMAGE_TYPES`` +~~~~~~~~~~~~~~~ + +The "sum.jffs2" option for :term:`IMAGE_TYPES` has +been replaced by the "jffs2.sum" option, which fits the processing +order. + +.. _migration-1.6-variable-changes-COPY_LIC_MANIFEST: + +``COPY_LIC_MANIFEST`` +~~~~~~~~~~~~~~~~~~~~~ + +The :term:`COPY_LIC_MANIFEST` variable must now +be set to "1" rather than any value in order to enable it. + +.. _migration-1.6-variable-changes-COPY_LIC_DIRS: + +``COPY_LIC_DIRS`` +~~~~~~~~~~~~~~~~~ + +The :term:`COPY_LIC_DIRS` variable must now be set +to "1" rather than any value in order to enable it. + +.. _migration-1.6-variable-changes-PACKAGE_GROUP: + +``PACKAGE_GROUP`` +~~~~~~~~~~~~~~~~~ + +The ``PACKAGE_GROUP`` variable has been renamed to +:term:`FEATURE_PACKAGES` to more accurately +reflect its purpose. You can still use ``PACKAGE_GROUP`` but the +OpenEmbedded build system produces a warning message when it encounters +the variable. + +.. _migration-1.6-variable-changes-variable-entry-behavior: + +Preprocess and Post Process Command Variable Behavior +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following variables now expect a semicolon separated list of +functions to call and not arbitrary shell commands: + + - :term:`ROOTFS_PREPROCESS_COMMAND` + - :term:`ROOTFS_POSTPROCESS_COMMAND` + - :term:`SDK_POSTPROCESS_COMMAND` + - :term:`POPULATE_SDK_POST_TARGET_COMMAND` + - :term:`POPULATE_SDK_POST_HOST_COMMAND` + - :term:`IMAGE_POSTPROCESS_COMMAND` + - :term:`IMAGE_PREPROCESS_COMMAND` + - :term:`ROOTFS_POSTUNINSTALL_COMMAND` + - :term:`ROOTFS_POSTINSTALL_COMMAND` + +For +migration purposes, you can simply wrap shell commands in a shell +function and then call the function. Here is an example:: + + my_postprocess_function() { + echo "hello" > ${IMAGE_ROOTFS}/hello.txt + } + ROOTFS_POSTPROCESS_COMMAND += "my_postprocess_function; " + +.. _migration-1.6-package-test-ptest: + +Package Test (ptest) +-------------------- + +Package Tests (ptest) are built but not installed by default. For +information on using Package Tests, see the +":ref:`dev-manual/packages:testing packages with ptest`" section in the +Yocto Project Development Tasks Manual. See also the ":ref:`ref-classes-ptest`" +section. + +.. _migration-1.6-build-changes: + +Build Changes +------------- + +Separate build and source directories have been enabled by default for +selected recipes where it is known to work and for all +recipes that inherit the :ref:`ref-classes-cmake` class. In +future releases the :ref:`ref-classes-autotools` class +will enable a separate :term:`Build Directory` by default as well. Recipes +building Autotools-based software that fails to build with a separate +:term:`Build Directory` should be changed to inherit from the +:ref:`autotools-brokensep <ref-classes-autotools>` class instead of +the :ref:`ref-classes-autotools` or ``autotools_stage`` classes. + +.. _migration-1.6-building-qemu-native: + +``qemu-native`` +--------------- + +``qemu-native`` now builds without SDL-based graphical output support by +default. The following additional lines are needed in your +``local.conf`` to enable it:: + + PACKAGECONFIG_pn-qemu-native = "sdl" + ASSUME_PROVIDED += "libsdl-native" + +.. note:: + + The default ``local.conf`` contains these statements. Consequently, if you + are building a headless system and using a default ``local.conf`` + file, you will need comment these two lines out. + +.. _migration-1.6-core-image-basic: + +``core-image-basic`` +-------------------- + +``core-image-basic`` has been renamed to ``core-image-full-cmdline``. + +In addition to ``core-image-basic`` being renamed, +``packagegroup-core-basic`` has been renamed to +``packagegroup-core-full-cmdline`` to match. + +.. _migration-1.6-licensing: + +Licensing +--------- + +The top-level :term:`LICENSE` file has been changed to better describe the +license of the various components of :term:`OpenEmbedded-Core (OE-Core)`. However, +the licensing itself remains unchanged. + +Normally, this change would not cause any side-effects. However, some +recipes point to this file within +:term:`LIC_FILES_CHKSUM` (as +``${COREBASE}/LICENSE``) and thus the accompanying checksum must be +changed from 3f40d7994397109285ec7b81fdeb3b58 to +4d92cd373abda3937c2bc47fbc49d690. A better alternative is to have +:term:`LIC_FILES_CHKSUM` point to a file describing the license that is +distributed with the source that the recipe is building, if possible, +rather than pointing to ``${COREBASE}/LICENSE``. + +.. _migration-1.6-cflags-options: + +``CFLAGS`` Options +------------------ + +The "-fpermissive" option has been removed from the default +:term:`CFLAGS` value. You need to take action on +individual recipes that fail when building with this option. You need to +either patch the recipes to fix the issues reported by the compiler, or +you need to add "-fpermissive" to :term:`CFLAGS` in the recipes. + +.. _migration-1.6-custom-images: + +Custom Image Output Types +------------------------- + +Custom image output types, as selected using +:term:`IMAGE_FSTYPES`, must declare their +dependencies on other image types (if any) using a new +:term:`IMAGE_TYPEDEP` variable. + +.. _migration-1.6-do-package-write-task: + +Tasks +----- + +The ``do_package_write`` task has been removed. The task is no longer +needed. + +.. _migration-1.6-update-alternatives-provider: + +``update-alternative`` Provider +------------------------------- + +The default ``update-alternatives`` provider has been changed from +``opkg`` to ``opkg-utils``. This change resolves some troublesome +circular dependencies. The runtime package has also been renamed from +``update-alternatives-cworth`` to ``update-alternatives-opkg``. + +.. _migration-1.6-virtclass-overrides: + +``virtclass`` Overrides +----------------------- + +The ``virtclass`` overrides are now deprecated. Use the equivalent class +overrides instead (e.g. ``virtclass-native`` becomes ``class-native``.) + +.. _migration-1.6-removed-renamed-recipes: + +Removed and Renamed Recipes +--------------------------- + +The following recipes have been removed: + +- ``packagegroup-toolset-native`` --- this recipe is largely unused. + +- ``linux-yocto-3.8`` --- support for the Linux yocto 3.8 kernel has been + dropped. Support for the 3.10 and 3.14 kernels have been added with + the ``linux-yocto-3.10`` and ``linux-yocto-3.14`` recipes. + +- ``ocf-linux`` --- this recipe has been functionally replaced using + ``cryptodev-linux``. + +- ``genext2fs`` --- ``genext2fs`` is no longer used by the build system + and is unmaintained upstream. + +- ``js`` --- this provided an ancient version of Mozilla's javascript + engine that is no longer needed. + +- ``zaurusd`` --- the recipe has been moved to the ``meta-handheld`` + layer. + +- ``eglibc 2.17`` --- replaced by the ``eglibc 2.19`` recipe. + +- ``gcc 4.7.2`` --- replaced by the now stable ``gcc 4.8.2``. + +- ``external-sourcery-toolchain`` --- this recipe is now maintained in + the ``meta-sourcery`` layer. + +- ``linux-libc-headers-yocto 3.4+git`` --- now using version 3.10 of the + ``linux-libc-headers`` by default. + +- ``meta-toolchain-gmae`` --- this recipe is obsolete. + +- ``packagegroup-core-sdk-gmae`` --- this recipe is obsolete. + +- ``packagegroup-core-standalone-gmae-sdk-target`` --- this recipe is + obsolete. + +.. _migration-1.6-removed-classes: + +Removed Classes +--------------- + +The following classes have become obsolete and have been removed: + +- ``module_strip`` + +- ``pkg_metainfo`` + +- ``pkg_distribute`` + +- ``image-empty`` + +.. _migration-1.6-reference-bsps: + +Reference Board Support Packages (BSPs) +--------------------------------------- + +The following reference BSPs changes occurred: + +- The BeagleBoard (``beagleboard``) ARM reference hardware has been + replaced by the BeagleBone (``beaglebone``) hardware. + +- The RouterStation Pro (``routerstationpro``) MIPS reference hardware + has been replaced by the EdgeRouter Lite (``edgerouter``) hardware. + +The previous reference BSPs for the ``beagleboard`` and +``routerstationpro`` machines are still available in a new +``meta-yocto-bsp-old`` layer in the +:yocto_git:`Source Repositories <>` at +:yocto_git:`/meta-yocto-bsp-old/`. + + diff --git a/documentation/migration-guides/migration-1.7.rst b/documentation/migration-guides/migration-1.7.rst new file mode 100644 index 0000000000..ca8222098a --- /dev/null +++ b/documentation/migration-guides/migration-1.7.rst @@ -0,0 +1,222 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 1.7 (dizzy) +=================== + +This section provides migration information for moving to the Yocto +Project 1.7 Release (codename "dizzy") from the prior release. + +.. _migration-1.7-changes-to-setting-qemu-packageconfig-options: + +Changes to Setting QEMU ``PACKAGECONFIG`` Options in ``local.conf`` +------------------------------------------------------------------- + +The QEMU recipe now uses a number of +:term:`PACKAGECONFIG` options to enable various +optional features. The method used to set defaults for these options +means that existing ``local.conf`` files will need to be modified to +append to :term:`PACKAGECONFIG` for ``qemu-native`` and ``nativesdk-qemu`` +instead of setting it. In other words, to enable graphical output for +QEMU, you should now have these lines in ``local.conf``:: + + PACKAGECONFIG_append_pn-qemu-native = " sdl" + PACKAGECONFIG_append_pn-nativesdk-qemu = " sdl" + +.. _migration-1.7-minimum-git-version: + +Minimum Git version +------------------- + +The minimum :ref:`overview-manual/development-environment:git` +version required on the +build host is now 1.7.8 because the ``--list`` option is now required by +BitBake's Git fetcher. As always, if your host distribution does not +provide a version of Git that meets this requirement, you can use the +:term:`buildtools` tarball that does. See the +":ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions`" +section for more information. + +.. _migration-1.7-autotools-class-changes: + +Autotools Class Changes +----------------------- + +The following :ref:`ref-classes-autotools` class changes occurred: + +- *A separate :term:`Build Directory` is now used by default:* The + :ref:`ref-classes-autotools` class has been changed to use a directory for + building (:term:`B`), which is separate from the source directory + (:term:`S`). This is commonly referred to as ``B != S``, or + an out-of-tree build. + + If the software being built is already capable of building in a + directory separate from the source, you do not need to do anything. + However, if the software is not capable of being built in this + manner, you will need to either patch the software so that it can + build separately, or you will need to change the recipe to inherit + the :ref:`autotools-brokensep <ref-classes-autotools>` class instead + of the :ref:`ref-classes-autotools` or ``autotools_stage`` classes. + +- The ``--foreign`` option is no longer passed to ``automake`` when + running ``autoconf``: This option tells ``automake`` that a + particular software package does not follow the GNU standards and + therefore should not be expected to distribute certain files such as + ``ChangeLog``, ``AUTHORS``, and so forth. Because the majority of + upstream software packages already tell ``automake`` to enable + foreign mode themselves, the option is mostly superfluous. However, + some recipes will need patches for this change. You can easily make + the change by patching ``configure.ac`` so that it passes "foreign" + to ``AM_INIT_AUTOMAKE()``. See :oe_git:`this + commit </openembedded-core/commit/?id=01943188f85ce6411717fb5bf702d609f55813f2>` + for an example showing how to make the patch. + +.. _migration-1.7-binary-configuration-scripts-disabled: + +Binary Configuration Scripts Disabled +------------------------------------- + +Some of the core recipes that package binary configuration scripts now +disable the scripts due to the scripts previously requiring error-prone +path substitution. Software that links against these libraries using +these scripts should use the much more robust ``pkg-config`` instead. +The list of recipes changed in this version (and their configuration +scripts) is as follows:: + + directfb (directfb-config) + freetype (freetype-config) + gpgme (gpgme-config) + libassuan (libassuan-config) + libcroco (croco-6.0-config) + libgcrypt (libgcrypt-config) + libgpg-error (gpg-error-config) + libksba (ksba-config) + libpcap (pcap-config) + libpcre (pcre-config) + libpng (libpng-config, libpng16-config) + libsdl (sdl-config) + libusb-compat (libusb-config) + libxml2 (xml2-config) + libxslt (xslt-config) + ncurses (ncurses-config) + neon (neon-config) + npth (npth-config) + pth (pth-config) + taglib (taglib-config) + +Additionally, support for ``pkg-config`` has been added to some recipes in the +previous list in the rare cases where the upstream software package does +not already provide it. + +.. _migration-1.7-glibc-replaces-eglibc: + +``eglibc 2.19`` Replaced with ``glibc 2.20`` +-------------------------------------------- + +Because ``eglibc`` and ``glibc`` were already fairly close, this +replacement should not require any significant changes to other software +that links to ``eglibc``. However, there were a number of minor changes +in ``glibc 2.20`` upstream that could require patching some software +(e.g. the removal of the ``_BSD_SOURCE`` feature test macro). + +``glibc 2.20`` requires version 2.6.32 or greater of the Linux kernel. +Thus, older kernels will no longer be usable in conjunction with it. + +For full details on the changes in ``glibc 2.20``, see the upstream +release notes +`here <https://sourceware.org/ml/libc-alpha/2014-09/msg00088.html>`__. + +.. _migration-1.7-kernel-module-autoloading: + +Kernel Module Autoloading +------------------------- + +The :term:`module_autoload_* <module_autoload>` variable is now +deprecated and a new +:term:`KERNEL_MODULE_AUTOLOAD` variable +should be used instead. Also, :term:`module_conf_* <module_conf>` +must now be used in conjunction with a new +:term:`KERNEL_MODULE_PROBECONF` variable. +The new variables no longer require you to specify the module name as +part of the variable name. This change not only simplifies usage but +also allows the values of these variables to be appropriately +incorporated into task signatures and thus trigger the appropriate tasks +to re-execute when changed. You should replace any references to +``module_autoload_*`` with :term:`KERNEL_MODULE_AUTOLOAD`, and add any +modules for which ``module_conf_*`` is specified to +:term:`KERNEL_MODULE_PROBECONF`. + +.. _migration-1.7-qa-check-changes: + +QA Check Changes +---------------- + +The following changes have occurred to the QA check process: + +- Additional QA checks ``file-rdeps`` and ``build-deps`` have been + added in order to verify that file dependencies are satisfied (e.g. + package contains a script requiring ``/bin/bash``) and build-time + dependencies are declared, respectively. For more information, please + see the ":doc:`/ref-manual/qa-checks`" chapter. + +- Package QA checks are now performed during a new + :ref:`ref-tasks-package_qa` task rather than being + part of the :ref:`ref-tasks-package` task. This allows + more parallel execution. This change is unlikely to be an issue + except for highly customized recipes that disable packaging tasks + themselves by marking them as ``noexec``. For those packages, you + will need to disable the :ref:`ref-tasks-package_qa` task as well. + +- Files being overwritten during the + :ref:`ref-tasks-populate_sysroot` task now + trigger an error instead of a warning. Recipes should not be + overwriting files written to the sysroot by other recipes. If you + have these types of recipes, you need to alter them so that they do + not overwrite these files. + + You might now receive this error after changes in configuration or + metadata resulting in orphaned files being left in the sysroot. If + you do receive this error, the way to resolve the issue is to delete + your :term:`TMPDIR` or to move it out of the way and + then re-start the build. Anything that has been fully built up to + that point and does not need rebuilding will be restored from the + shared state cache and the rest of the build will be able to proceed + as normal. + +.. _migration-1.7-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- ``x-load``: This recipe has been superseded by U-Boot SPL for all + Cortex-based TI SoCs. For legacy boards, the ``meta-ti`` layer, which + contains a maintained recipe, should be used instead. + +- ``ubootchart``: This recipe is obsolete. A ``bootchart2`` recipe has + been added to functionally replace it. + +- ``linux-yocto 3.4``: Support for the linux-yocto 3.4 kernel has been + dropped. Support for the 3.10 and 3.14 kernels remains, while support + for version 3.17 has been added. + +- ``eglibc`` has been removed in favor of ``glibc``. See the + ":ref:`migration-1.7-glibc-replaces-eglibc`" section for more information. + +.. _migration-1.7-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous change occurred: + +- The build history feature now writes ``build-id.txt`` instead of + ``build-id``. Additionally, ``build-id.txt`` now contains the full + build header as printed by BitBake upon starting the build. You + should manually remove old "build-id" files from your existing build + history repositories to avoid confusion. For information on the build + history feature, see the + ":ref:`dev-manual/build-quality:maintaining build output quality`" + section in the Yocto Project Development Tasks Manual. + + diff --git a/documentation/migration-guides/migration-1.8.rst b/documentation/migration-guides/migration-1.8.rst new file mode 100644 index 0000000000..5cc5f8a047 --- /dev/null +++ b/documentation/migration-guides/migration-1.8.rst @@ -0,0 +1,183 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 1.8 (fido) +================== + +This section provides migration information for moving to the Yocto +Project 1.8 Release (codename "fido") from the prior release. + +.. _migration-1.8-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- ``owl-video``: Functionality replaced by ``gst-player``. + +- ``gaku``: Functionality replaced by ``gst-player``. + +- ``gnome-desktop``: This recipe is now available in ``meta-gnome`` and + is no longer needed. + +- ``gsettings-desktop-schemas``: This recipe is now available in + ``meta-gnome`` and is no longer needed. + +- ``python-argparse``: The ``argparse`` module is already provided in + the default Python distribution in a package named + ``python-argparse``. Consequently, the separate ``python-argparse`` + recipe is no longer needed. + +- ``telepathy-python, libtelepathy, telepathy-glib, telepathy-idle, telepathy-mission-control``: + All these recipes have moved to ``meta-oe`` and are consequently no + longer needed by any recipes in OpenEmbedded-Core. + +- ``linux-yocto_3.10`` and ``linux-yocto_3.17``: Support for the + linux-yocto 3.10 and 3.17 kernels has been dropped. Support for the + 3.14 kernel remains, while support for 3.19 kernel has been added. + +- ``poky-feed-config-opkg``: This recipe has become obsolete and is no + longer needed. Use ``distro-feed-config`` from ``meta-oe`` instead. + +- ``libav 0.8.x``: ``libav 9.x`` is now used. + +- ``sed-native``: No longer needed. A working version of ``sed`` is + expected to be provided by the host distribution. + +.. _migration-1.8-bluez: + +BlueZ 4.x / 5.x Selection +------------------------- + +Proper built-in support for selecting BlueZ 5.x in preference to the +default of 4.x now exists. To use BlueZ 5.x, simply add "bluez5" to your +:term:`DISTRO_FEATURES` value. If you had +previously added append files (``*.bbappend``) to make this selection, +you can now remove them. + +Additionally, a ``bluetooth`` class has been added to make selection of +the appropriate bluetooth support within a recipe a little easier. If +you wish to make use of this class in a recipe, add something such as +the following:: + + inherit bluetooth + PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'bluetooth', '${BLUEZ}', '', d)}" + PACKAGECONFIG[bluez4] = "--enable-bluetooth,--disable-bluetooth,bluez4" + PACKAGECONFIG[bluez5] = "--enable-bluez5,--disable-bluez5,bluez5" + +.. _migration-1.8-kernel-build-changes: + +Kernel Build Changes +-------------------- + +The kernel build process was changed to place the source in a common shared work +area and to place build artifacts separately in the source code tree. In theory, +migration paths have been provided for most common usages in kernel recipes but +this might not work in all cases. In particular, users need to ensure that +``${S}`` (source files) and ``${B}`` (build artifacts) are used correctly in +functions such as :ref:`ref-tasks-configure` and :ref:`ref-tasks-install`. For +kernel recipes that do not inherit from :ref:`ref-classes-kernel-yocto` or +include ``linux-yocto.inc``, you might wish to refer to the ``linux.inc`` file +in the ``meta-oe`` layer for the kinds of changes you need to make. For reference, +here is the +:oe_git:`commit </meta-openembedded/commit/meta-oe/recipes-kernel/linux/linux.inc?id=fc7132ede27ac67669448d3d2845ce7d46c6a1ee>` +where the ``linux.inc`` file in ``meta-oe`` was updated. + +Recipes that rely on the kernel source code and do not inherit the +:ref:`module <ref-classes-module>` classes might need to add explicit +dependencies on the :ref:`ref-tasks-shared_workdir` kernel task, for example:: + + do_configure[depends] += "virtual/kernel:do_shared_workdir" + +.. _migration-1.8-ssl: + +SSL 3.0 is Now Disabled in OpenSSL +---------------------------------- + +SSL 3.0 is now disabled when building OpenSSL. Disabling SSL 3.0 avoids +any lingering instances of the POODLE vulnerability. If you feel you +must re-enable SSL 3.0, then you can add an append file (``*.bbappend``) +for the ``openssl`` recipe to remove "-no-ssl3" from +:term:`EXTRA_OECONF`. + +.. _migration-1.8-default-sysroot-poisoning: + +Default Sysroot Poisoning +------------------------- + +``gcc's`` default sysroot and include directories are now "poisoned". In +other words, the sysroot and include directories are being redirected to +a non-existent location in order to catch when host directories are +being used due to the correct options not being passed. This poisoning +applies both to the cross-compiler used within the build and to the +cross-compiler produced in the SDK. + +If this change causes something in the build to fail, it almost +certainly means the various compiler flags and commands are not being +passed correctly to the underlying piece of software. In such cases, you +need to take corrective steps. + +.. _migration-1.8-rebuild-improvements: + +Rebuild Improvements +-------------------- + +Changes have been made to the :ref:`ref-classes-base`, +:ref:`ref-classes-autotools`, and :ref:`ref-classes-cmake` classes to clean out +generated files when the :ref:`ref-tasks-configure` task needs to be +re-executed. + +One of the improvements is to attempt to run "make clean" during the +:ref:`ref-tasks-configure` task if a ``Makefile`` exists. Some software packages +do not provide a working clean target within their make files. If you +have such recipes, you need to set +:term:`CLEANBROKEN` to "1" within the recipe, for example:: + + CLEANBROKEN = "1" + +.. _migration-1.8-qa-check-and-validation-changes: + +QA Check and Validation Changes +------------------------------- + +The following QA Check and Validation Changes have occurred: + +- Usage of ``PRINC`` previously triggered a warning. It now triggers an + error. You should remove any remaining usage of ``PRINC`` in any + recipe or append file. + +- An additional QA check has been added to detect usage of ``${D}`` in + :term:`FILES` values where :term:`D` values + should not be used at all. The same check ensures that ``$D`` is used + in ``pkg_preinst/pkg_postinst/pkg_prerm/pkg_postrm`` functions + instead of ``${D}``. + +- :term:`S` now needs to be set to a valid value within a + recipe. If :term:`S` is not set in the recipe, the directory is not + automatically created. If :term:`S` does not point to a directory that + exists at the time the :ref:`ref-tasks-unpack` task + finishes, a warning will be shown. + +- :term:`LICENSE` is now validated for correct + formatting of multiple licenses. If the format is invalid (e.g. + multiple licenses are specified with no operators to specify how the + multiple licenses interact), then a warning will be shown. + +.. _migration-1.8-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous changes have occurred: + +- The ``send-error-report`` script now expects a "-s" option to be + specified before the server address. This assumes a server address is + being specified. + +- The ``oe-pkgdata-util`` script now expects a "-p" option to be + specified before the ``pkgdata`` directory, which is now optional. If + the ``pkgdata`` directory is not specified, the script will run + BitBake to query :term:`PKGDATA_DIR` from the + build environment. + + diff --git a/documentation/migration-guides/migration-2.0.rst b/documentation/migration-guides/migration-2.0.rst new file mode 100644 index 0000000000..13be9846df --- /dev/null +++ b/documentation/migration-guides/migration-2.0.rst @@ -0,0 +1,280 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.0 (jethro) +==================== + +This section provides migration information for moving to the Yocto +Project 2.0 Release (codename "jethro") from the prior release. + +.. _migration-2.0-gcc-5: + +GCC 5 +----- + +The default compiler is now GCC 5.2. This change has required fixes for +compilation errors in a number of other recipes. + +One important example is a fix for when the Linux kernel freezes at boot +time on ARM when built with GCC 5. If you are using your own kernel +recipe or source tree and building for ARM, you will likely need to +apply this +`patch <https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit?id=a077224fd35b2f7fbc93f14cf67074fc792fbac2>`__. +The standard ``linux-yocto`` kernel source tree already has a workaround +for the same issue. + +For further details, see https://gcc.gnu.org/gcc-5/changes.html +and the porting guide at +https://gcc.gnu.org/gcc-5/porting_to.html. + +Alternatively, you can switch back to GCC 4.9 or 4.8 by setting +:term:`GCCVERSION` in your configuration, as follows:: + + GCCVERSION = "4.9%" + +.. _migration-2.0-Gstreamer-0.10-removed: + +Gstreamer 0.10 Removed +---------------------- + +Gstreamer 0.10 has been removed in favor of Gstreamer 1.x. As part of +the change, recipes for Gstreamer 0.10 and related software are now +located in ``meta-multimedia``. This change results in Qt4 having Phonon +and Gstreamer support in QtWebkit disabled by default. + +.. _migration-2.0-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been moved or removed: + +- ``bluez4``: The recipe is obsolete and has been moved due to + ``bluez5`` becoming fully integrated. The ``bluez4`` recipe now + resides in ``meta-oe``. + +- ``gamin``: The recipe is obsolete and has been removed. + +- ``gnome-icon-theme``: The recipe's functionally has been replaced by + ``adwaita-icon-theme``. + +- Gstreamer 0.10 Recipes: Recipes for Gstreamer 0.10 have been removed + in favor of the recipes for Gstreamer 1.x. + +- ``insserv``: The recipe is obsolete and has been removed. + +- ``libunique``: The recipe is no longer used and has been moved to + ``meta-oe``. + +- ``midori``: The recipe's functionally has been replaced by + ``epiphany``. + +- ``python-gst``: The recipe is obsolete and has been removed since it + only contains bindings for Gstreamer 0.10. + +- ``qt-mobility``: The recipe is obsolete and has been removed since it + requires ``Gstreamer 0.10``, which has been replaced. + +- ``subversion``: All 1.6.x versions of this recipe have been removed. + +- ``webkit-gtk``: The older 1.8.3 version of this recipe has been + removed in favor of ``webkitgtk``. + +.. _migration-2.0-bitbake-datastore-improvements: + +BitBake datastore improvements +------------------------------ + +The method by which BitBake's datastore handles overrides has changed. +Overrides are now applied dynamically and ``bb.data.update_data()`` is +now a no-op. Thus, ``bb.data.update_data()`` is no longer required in +order to apply the correct overrides. In practice, this change is +unlikely to require any changes to Metadata. However, these minor +changes in behavior exist: + +- All potential overrides are now visible in the variable history as + seen when you run the following:: + + $ bitbake -e + +- ``d.delVar('VARNAME')`` and + ``d.setVar('VARNAME', None)`` result in the variable and all + of its overrides being cleared out. Before the change, only the + non-overridden values were cleared. + +.. _migration-2.0-shell-message-function-changes: + +Shell Message Function Changes +------------------------------ + +The shell versions of the BitBake message functions (i.e. ``bbdebug``, +``bbnote``, ``bbwarn``, ``bbplain``, ``bberror``, and ``bbfatal``) are +now connected through to their BitBake equivalents ``bb.debug()``, +``bb.note()``, ``bb.warn()``, ``bb.plain()``, ``bb.error()``, and +``bb.fatal()``, respectively. Thus, those message functions that you +would expect to be printed by the BitBake UI are now actually printed. +In practice, this change means two things: + +- If you now see messages on the console that you did not previously + see as a result of this change, you might need to clean up the calls + to ``bbwarn``, ``bberror``, and so forth. Or, you might want to + simply remove the calls. + +- The ``bbfatal`` message function now suppresses the full error log in + the UI, which means any calls to ``bbfatal`` where you still wish to + see the full error log should be replaced by ``die`` or + ``bbfatal_log``. + +.. _migration-2.0-extra-development-debug-package-cleanup: + +Extra Development/Debug Package Cleanup +--------------------------------------- + +The following recipes have had extra ``dev/dbg`` packages removed: + +- ``acl`` + +- ``apmd`` + +- ``aspell`` + +- ``attr`` + +- ``augeas`` + +- ``bzip2`` + +- ``cogl`` + +- ``curl`` + +- ``elfutils`` + +- ``gcc-target`` + +- ``libgcc`` + +- ``libtool`` + +- ``libxmu`` + +- ``opkg`` + +- ``pciutils`` + +- ``rpm`` + +- ``sysfsutils`` + +- ``tiff`` + +- ``xz`` + +All of the above recipes now conform to the standard packaging scheme +where a single ``-dev``, ``-dbg``, and ``-staticdev`` package exists per +recipe. + +.. _migration-2.0-recipe-maintenance-tracking-data-moved-to-oe-core: + +Recipe Maintenance Tracking Data Moved to OE-Core +------------------------------------------------- + +Maintenance tracking data for recipes that was previously part of +``meta-yocto`` has been moved to :term:`OpenEmbedded-Core (OE-Core)`. The change +includes ``package_regex.inc`` and ``distro_alias.inc``, which are +typically enabled when using the ``distrodata`` class. Additionally, the +contents of ``upstream_tracking.inc`` has now been split out to the +relevant recipes. + +.. _migration-2.0-automatic-stale-sysroot-file-cleanup: + +Automatic Stale Sysroot File Cleanup +------------------------------------ + +Stale files from recipes that no longer exist in the current +configuration are now automatically removed from sysroot as well as +removed from any other place managed by shared state. This automatic +cleanup means that the build system now properly handles situations such +as renaming the build system side of recipes, removal of layers from +``bblayers.conf``, and :term:`DISTRO_FEATURES` +changes. + +Additionally, work directories for old versions of recipes are now +pruned. If you wish to disable pruning old work directories, you can set +the following variable in your configuration:: + + SSTATE_PRUNE_OBSOLETEWORKDIR = "0" + +.. _migration-2.0-linux-yocto-kernel-metadata-repository-now-split-from-source: + +``linux-yocto`` Kernel Metadata Repository Now Split from Source +---------------------------------------------------------------- + +The ``linux-yocto`` tree has up to now been a combined set of kernel +changes and configuration (meta) data carried in a single tree. While +this format is effective at keeping kernel configuration and source +modifications synchronized, it is not always obvious to developers how +to manipulate the Metadata as compared to the source. + +Metadata processing has now been removed from the +:ref:`ref-classes-kernel-yocto` class and the external +Metadata repository ``yocto-kernel-cache``, which has always been used +to seed the ``linux-yocto`` "meta" branch. This separate ``linux-yocto`` +cache repository is now the primary location for this data. Due to this +change, ``linux-yocto`` is no longer able to process combined trees. +Thus, if you need to have your own combined kernel repository, you must +do the split there as well and update your recipes accordingly. See the +``meta/recipes-kernel/linux/linux-yocto_4.1.bb`` recipe for an example. + +.. _migration-2.0-additional-qa-checks: + +Additional QA checks +-------------------- + +The following QA checks have been added: + +- Added a "host-user-contaminated" check for ownership issues for + packaged files outside of ``/home``. The check looks for files that + are incorrectly owned by the user that ran BitBake instead of owned + by a valid user in the target system. + +- Added an "invalid-chars" check for invalid (non-UTF8) characters in + recipe metadata variable values (i.e. + :term:`DESCRIPTION`, + :term:`SUMMARY`, :term:`LICENSE`, and + :term:`SECTION`). Some package managers do not support + these characters. + +- Added an "invalid-packageconfig" check for any options specified in + :term:`PACKAGECONFIG` that do not match any + :term:`PACKAGECONFIG` option defined for the recipe. + +.. _migration-2.0-miscellaneous: + +Miscellaneous Changes +--------------------- + +These additional changes exist: + +- ``gtk-update-icon-cache`` has been renamed to ``gtk-icon-utils``. + +- The ``tools-profile`` :term:`IMAGE_FEATURES` + item as well as its corresponding packagegroup and + ``packagegroup-core-tools-profile`` no longer bring in ``oprofile``. + Bringing in ``oprofile`` was originally added to aid compilation on + resource-constrained targets. However, this aid has not been widely + used and is not likely to be used going forward due to the more + powerful target platforms and the existence of better + cross-compilation tools. + +- The :term:`IMAGE_FSTYPES` variable's default + value now specifies ``ext4`` instead of ``ext3``. + +- All support for the ``PRINC`` variable has been removed. + +- The ``packagegroup-core-full-cmdline`` packagegroup no longer brings + in ``lighttpd`` due to the fact that bringing in ``lighttpd`` is not + really in line with the packagegroup's purpose, which is to add full + versions of command-line tools that by default are provided by + ``busybox``. + + diff --git a/documentation/migration-guides/migration-2.1.rst b/documentation/migration-guides/migration-2.1.rst new file mode 100644 index 0000000000..18b05b52cc --- /dev/null +++ b/documentation/migration-guides/migration-2.1.rst @@ -0,0 +1,432 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.1 (krogoth) +===================== + +This section provides migration information for moving to the Yocto +Project 2.1 Release (codename "krogoth") from the prior release. + +.. _migration-2.1-variable-expansion-in-python-functions: + +Variable Expansion in Python Functions +-------------------------------------- + +Variable expressions, such as ``${VARNAME}`` no longer expand +automatically within Python functions. Suppressing expansion was done to +allow Python functions to construct shell scripts or other code for +situations in which you do not want such expressions expanded. For any +existing code that relies on these expansions, you need to change the +expansions to expand the value of individual variables through +``d.getVar()``. To alternatively expand more complex expressions, use +``d.expand()``. + +.. _migration-2.1-overrides-must-now-be-lower-case: + +Overrides Must Now be Lower-Case +-------------------------------- + +The convention for overrides has always been for them to be lower-case +characters. This practice is now a requirement as BitBake's datastore +now assumes lower-case characters in order to give a slight performance +boost during parsing. In practical terms, this requirement means that +anything that ends up in :term:`OVERRIDES` must now +appear in lower-case characters (e.g. values for :term:`MACHINE`, +:term:`TARGET_ARCH`, :term:`DISTRO`, and also recipe names if +``_pn-``\ recipename overrides are to be effective). + +.. _migration-2.1-expand-parameter-to-getvar-and-getvarflag-now-mandatory: + +Expand Parameter to ``getVar()`` and ``getVarFlag()`` is Now Mandatory +---------------------------------------------------------------------- + +The expand parameter to ``getVar()`` and ``getVarFlag()`` previously +defaulted to False if not specified. Now, however, no default exists so +one must be specified. You must change any ``getVar()`` calls that do +not specify the final expand parameter to calls that do specify the +parameter. You can run the following ``sed`` command at the base of a +layer to make this change:: + + sed -e 's:\(\.getVar([^,()]*\)):\1, False):g' -i `grep -ril getVar *` + sed -e 's:\(\.getVarFlag([^,()]*,[^,()]*\)):\1, False):g' -i `grep -ril getVarFlag *` + +.. note:: + + The reason for this change is that it prepares the way for changing + the default to True in a future Yocto Project release. This future + change is a much more sensible default than False. However, the + change needs to be made gradually as a sudden change of the default + would potentially cause side-effects that would be difficult to + detect. + +.. _migration-2.1-makefile-environment-changes: + +Makefile Environment Changes +---------------------------- + +:term:`EXTRA_OEMAKE` now defaults to "" instead of +"-e MAKEFLAGS=". Setting :term:`EXTRA_OEMAKE` to "-e MAKEFLAGS=" by default +was a historical accident that has required many classes (e.g. +:ref:`ref-classes-autotools`, ``module``) and recipes to override this default in order +to work with sensible build systems. When upgrading to the release, you +must edit any recipe that relies upon this old default by either setting +:term:`EXTRA_OEMAKE` back to "-e MAKEFLAGS=" or by explicitly setting any +required variable value overrides using :term:`EXTRA_OEMAKE`, which is +typically only needed when a Makefile sets a default value for a +variable that is inappropriate for cross-compilation using the "=" +operator rather than the "?=" operator. + +.. _migration-2.1-libexecdir-reverted-to-prefix-libexec: + +``libexecdir`` Reverted to ``${prefix}/libexec`` +------------------------------------------------ + +The use of ``${libdir}/${BPN}`` as ``libexecdir`` is different as +compared to all other mainstream distributions, which either uses +``${prefix}/libexec`` or ``${libdir}``. The use is also contrary to the +GNU Coding Standards (i.e. +https://www.gnu.org/prep/standards/html_node/Directory-Variables.html) +that suggest ``${prefix}/libexec`` and also notes that any +package-specific nesting should be done by the package itself. Finally, +having ``libexecdir`` change between recipes makes it very difficult for +different recipes to invoke binaries that have been installed into +``libexecdir``. The Filesystem Hierarchy Standard (i.e. +https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html) now +recognizes the use of ``${prefix}/libexec/``, giving distributions the +choice between ``${prefix}/lib`` or ``${prefix}/libexec`` without +breaking FHS. + +.. _migration-2.1-ac-cv-sizeof-off-t-no-longer-cached-in-site-files: + +``ac_cv_sizeof_off_t`` is No Longer Cached in Site Files +-------------------------------------------------------- + +For recipes inheriting the :ref:`ref-classes-autotools` +class, ``ac_cv_sizeof_off_t`` is no longer cached in the site files for +``autoconf``. The reason for this change is because the +``ac_cv_sizeof_off_t`` value is not necessarily static per architecture +as was previously assumed. Rather, the value changes based on whether +large file support is enabled. For most software that uses ``autoconf``, +this change should not be a problem. However, if you have a recipe that +bypasses the standard :ref:`ref-tasks-configure` task +from the :ref:`ref-classes-autotools` class and the software the recipe is building +uses a very old version of ``autoconf``, the recipe might be incapable +of determining the correct size of ``off_t`` during :ref:`ref-tasks-configure`. + +The best course of action is to patch the software as necessary to allow +the default implementation from the :ref:`ref-classes-autotools` class to work such +that ``autoreconf`` succeeds and produces a working configure script, +and to remove the overridden :ref:`ref-tasks-configure` task such that the default +implementation does get used. + +.. _migration-2.1-image-generation-split-out-from-filesystem-generation: + +Image Generation is Now Split Out from Filesystem Generation +------------------------------------------------------------ + +Previously, for image recipes the :ref:`ref-tasks-rootfs` +task assembled the filesystem and then from that filesystem generated +images. With this Yocto Project release, image generation is split into +separate :ref:`ref-tasks-image` tasks for clarity both in +operation and in the code. + +For most cases, this change does not present any problems. However, if +you have made customizations that directly modify the :ref:`ref-tasks-rootfs` task +or that mention :ref:`ref-tasks-rootfs`, you might need to update those changes. +In particular, if you had added any tasks after :ref:`ref-tasks-rootfs`, you +should make edits so that those tasks are after the +:ref:`ref-tasks-image-complete` task rather than +after :ref:`ref-tasks-rootfs` so that your added tasks run at the correct +time. + +A minor part of this restructuring is that the post-processing definitions and +functions have been moved from the :ref:`ref-classes-image` class to the +:ref:`rootfs-postcommands <ref-classes-rootfs*>` class. Functionally, +however, they remain unchanged. + +.. _migration-2.1-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed in the 2.1 release: + +- ``gcc`` version 4.8: Versions 4.9 and 5.3 remain. + +- ``qt4``: All support for Qt 4.x has been moved out to a separate + ``meta-qt4`` layer because Qt 4 is no longer supported upstream. + +- ``x11vnc``: Moved to the ``meta-oe`` layer. + +- ``linux-yocto-3.14``: No longer supported. + +- ``linux-yocto-3.19``: No longer supported. + +- ``libjpeg``: Replaced by the ``libjpeg-turbo`` recipe. + +- ``pth``: Became obsolete. + +- ``liboil``: Recipe is no longer needed and has been moved to the + ``meta-multimedia`` layer. + +- ``gtk-theme-torturer``: Recipe is no longer needed and has been moved + to the ``meta-gnome`` layer. + +- ``gnome-mime-data``: Recipe is no longer needed and has been moved to + the ``meta-gnome`` layer. + +- ``udev``: Replaced by the ``eudev`` recipe for compatibility when + using ``sysvinit`` with newer kernels. + +- ``python-pygtk``: Recipe became obsolete. + +- ``adt-installer``: Recipe became obsolete. See the + ":ref:`migration-guides/migration-2.1:adt removed`" section for more information. + +.. _migration-2.1-class-changes: + +Class Changes +------------- + +The following classes have changed: + +- ``autotools_stage``: Removed because the + :ref:`ref-classes-autotools` class now provides its + functionality. Recipes that inherited from ``autotools_stage`` should + now inherit from :ref:`ref-classes-autotools` instead. + +- ``boot-directdisk``: Merged into the ``image-vm`` class. The + ``boot-directdisk`` class was rarely directly used. Consequently, + this change should not cause any issues. + +- ``bootimg``: Merged into the :ref:`ref-classes-image-live` class. The + ``bootimg`` class was rarely directly used. Consequently, this change should + not cause any issues. + +- ``packageinfo``: Removed due to its limited use by the Hob UI, which + has itself been removed. + +.. _migration-2.1-build-system-ui-changes: + +Build System User Interface Changes +----------------------------------- + +The following changes have been made to the build system user interface: + +- *Hob GTK+-based UI*: Removed because it is unmaintained and based on + the outdated GTK+ 2 library. The Toaster web-based UI is much more + capable and is actively maintained. See the + ":ref:`toaster-manual/setup-and-use:using the toaster web interface`" + section in the Toaster User Manual for more information on this + interface. + +- *"puccho" BitBake UI*: Removed because is unmaintained and no longer + useful. + +.. _migration-2.1-adt-removed: + +ADT Removed +----------- + +The Application Development Toolkit (ADT) has been removed because its +functionality almost completely overlapped with the :ref:`standard +SDK <sdk-manual/using:using the standard sdk>` and the +:ref:`extensible SDK <sdk-manual/extensible:using the extensible sdk>`. For +information on these SDKs and how to build and use them, see the +:doc:`/sdk-manual/index` manual. + +.. note:: + + The Yocto Project Eclipse IDE Plug-in is still supported and is not + affected by this change. + +.. _migration-2.1-poky-reference-distribution-changes: + +Poky Reference Distribution Changes +----------------------------------- + +The following changes have been made for the Poky distribution: + +- The ``meta-yocto`` layer has been renamed to ``meta-poky`` to better + match its purpose, which is to provide the Poky reference + distribution. The ``meta-yocto-bsp`` layer retains its original name + since it provides reference machines for the Yocto Project and it is + otherwise unrelated to Poky. References to ``meta-yocto`` in your + ``conf/bblayers.conf`` should automatically be updated, so you should + not need to change anything unless you are relying on this naming + elsewhere. + +- The :ref:`ref-classes-uninative` class is now enabled + by default in Poky. This class attempts to isolate the build system + from the host distribution's C library and makes re-use of native + shared state artifacts across different host distributions practical. + With this class enabled, a tarball containing a pre-built C library + is downloaded at the start of the build. + + The :ref:`ref-classes-uninative` class is enabled through the + ``meta/conf/distro/include/yocto-uninative.inc`` file, which for + those not using the Poky distribution, can include to easily enable + the same functionality. + + Alternatively, if you wish to build your own ``uninative`` tarball, + you can do so by building the ``uninative-tarball`` recipe, making it + available to your build machines (e.g. over HTTP/HTTPS) and setting a + similar configuration as the one set by ``yocto-uninative.inc``. + +- Static library generation, for most cases, is now disabled by default + in the Poky distribution. Disabling this generation saves some build + time as well as the size used for build output artifacts. + + Disabling this library generation is accomplished through a + ``meta/conf/distro/include/no-static-libs.inc``, which for those not + using the Poky distribution can easily include to enable the same + functionality. + + Any recipe that needs to opt-out of having the ``--disable-static`` + option specified on the configure command line either because it is + not a supported option for the configure script or because static + libraries are needed should set the following variable:: + + DISABLE_STATIC = "" + +- The separate ``poky-tiny`` distribution now uses the musl C library + instead of a heavily pared down ``glibc``. Using musl results in a + smaller distribution and facilitates much greater maintainability + because musl is designed to have a small footprint. + + If you have used ``poky-tiny`` and have customized the ``glibc`` + configuration you will need to redo those customizations with musl + when upgrading to the new release. + +.. _migration-2.1-packaging-changes: + +Packaging Changes +----------------- + +The following changes have been made to packaging: + +- The ``runuser`` and ``mountpoint`` binaries, which were previously in + the main ``util-linux`` package, have been split out into the + ``util-linux-runuser`` and ``util-linux-mountpoint`` packages, + respectively. + +- The ``python-elementtree`` package has been merged into the + ``python-xml`` package. + +.. _migration-2.1-tuning-file-changes: + +Tuning File Changes +------------------- + +The following changes have been made to the tuning files: + +- The "no-thumb-interwork" tuning feature has been dropped from the ARM + tune include files. Because interworking is required for ARM EABI, + attempting to disable it through a tuning feature no longer makes + sense. + + .. note:: + + Support for ARM OABI was deprecated in gcc 4.7. + +- The ``tune-cortexm*.inc`` and ``tune-cortexr4.inc`` files have been + removed because they are poorly tested. Until the OpenEmbedded build + system officially gains support for CPUs without an MMU, these tuning + files would probably be better maintained in a separate layer if + needed. + +.. _migration-2.1-supporting-gobject-introspection: + +Supporting GObject Introspection +-------------------------------- + +This release supports generation of GLib Introspective Repository (GIR) +files through GObject introspection, which is the standard mechanism for +accessing GObject-based software from runtime environments. You can +enable, disable, and test the generation of this data. See the +":ref:`dev-manual/gobject-introspection:enabling gobject introspection support`" +section in the Yocto Project Development Tasks Manual for more +information. + +.. _migration-2.1-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +These additional changes exist: + +- The minimum Git version has been increased to 1.8.3.1. If your host + distribution does not provide a sufficiently recent version, you can + install the :term:`buildtools`, which will provide it. See the + :ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions` + section for more information on the :term:`buildtools` tarball. + +- The buggy and incomplete support for the RPM version 4 package + manager has been removed. The well-tested and maintained support for + RPM version 5 remains. + +- Previously, the following list of packages were removed if + package-management was not in + :term:`IMAGE_FEATURES`, regardless of any + dependencies:: + + update-rc.d + base-passwd + shadow + update-alternatives + run-postinsts + + With the Yocto Project 2.1 release, these packages are + only removed if "read-only-rootfs" is in :term:`IMAGE_FEATURES`, since + they might still be needed for a read-write image even in the absence + of a package manager (e.g. if users need to be added, modified, or + removed at runtime). + +- The + :ref:`devtool modify <sdk-manual/extensible:use \`\`devtool modify\`\` to modify the source of an existing component>` + command now defaults to extracting the source since that is most + commonly expected. The ``-x`` or ``--extract`` options are now no-ops. If + you wish to provide your own existing source tree, you will now need + to specify either the ``-n`` or ``--no-extract`` options when running + ``devtool modify``. + +- If the formfactor for a machine is either not supplied or does not + specify whether a keyboard is attached, then the default is to assume + a keyboard is attached rather than assume no keyboard. This change + primarily affects the Sato UI. + +- The ``.debug`` directory packaging is now automatic. If your recipe + builds software that installs binaries into directories other than + the standard ones, you no longer need to take care of setting + ``FILES_${PN}-dbg`` to pick up the resulting ``.debug`` directories + as these directories are automatically found and added. + +- Inaccurate disk and CPU percentage data has been dropped from + :ref:`ref-classes-buildstats` output. This data has been replaced with + ``getrusage()`` data and corrected IO statistics. You will probably + need to update any custom code that reads the :ref:`ref-classes-buildstats` data. + +- The ``meta/conf/distro/include/package_regex.inc`` is now deprecated. + The contents of this file have been moved to individual recipes. + + .. note:: + + Because this file will likely be removed in a future Yocto Project + release, it is suggested that you remove any references to the + file that might be in your configuration. + +- The ``v86d/uvesafb`` has been removed from the ``genericx86`` and + ``genericx86-64`` reference machines, which are provided by the + ``meta-yocto-bsp`` layer. Most modern x86 boards do not rely on this + file and it only adds kernel error messages during startup. If you do + still need to support ``uvesafb``, you can simply add ``v86d`` to + your image. + +- Build sysroot paths are now removed from debug symbol files. Removing + these paths means that remote GDB using an unstripped build system + sysroot will no longer work (although this was never documented to + work). The supported method to accomplish something similar is to set + ``IMAGE_GEN_DEBUGFS`` to "1", which will generate a companion debug + image containing unstripped binaries and associated debug sources + alongside the image. + + diff --git a/documentation/migration-guides/migration-2.2.rst b/documentation/migration-guides/migration-2.2.rst new file mode 100644 index 0000000000..9d50dc6202 --- /dev/null +++ b/documentation/migration-guides/migration-2.2.rst @@ -0,0 +1,456 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.2 (morty) +=================== + +This section provides migration information for moving to the Yocto +Project 2.2 Release (codename "morty") from the prior release. + +.. _migration-2.2-minimum-kernel-version: + +Minimum Kernel Version +---------------------- + +The minimum kernel version for the target system and for SDK is now +3.2.0, due to the upgrade to ``glibc 2.24``. Specifically, for +AArch64-based targets the version is 3.14. For Nios II-based targets, +the minimum kernel version is 3.19. + +.. note:: + + For x86 and x86_64, you can reset :term:`OLDEST_KERNEL` + to anything down to 2.6.32 if desired. + +.. _migration-2.2-staging-directories-in-sysroot-simplified: + +Staging Directories in Sysroot Has Been Simplified +-------------------------------------------------- + +The way directories are staged in sysroot has been simplified and +introduces the new :term:`SYSROOT_DIRS`, +:term:`SYSROOT_DIRS_NATIVE`, and ``SYSROOT_DIRS_BLACKLIST`` +(replaced by :term:`SYSROOT_DIRS_IGNORE` in version 4.0). See the +:oe_lists:`v2 patch series on the OE-Core Mailing List +</pipermail/openembedded-core/2016-May/121365.html>` +for additional information. + +.. _migration-2.2-removal-of-old-images-from-tmp-deploy-now-enabled: + +Removal of Old Images and Other Files in ``tmp/deploy`` Now Enabled +------------------------------------------------------------------- + +Removal of old images and other files in ``tmp/deploy/`` is now enabled +by default due to a new staging method used for those files. As a result +of this change, the ``RM_OLD_IMAGE`` variable is now redundant. + +.. _migration-2.2-python-changes: + +Python Changes +-------------- + +The following changes for Python occurred: + +.. _migration-2.2-bitbake-now-requires-python-3.4: + +BitBake Now Requires Python 3.4+ +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +BitBake requires Python 3.4 or greater. + +.. _migration-2.2-utf-8-locale-required-on-build-host: + +UTF-8 Locale Required on Build Host +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +A UTF-8 locale is required on the build host due to Python 3. Since +C.UTF-8 is not a standard, the default is en_US.UTF-8. + +.. _migration-2.2-metadata-now-must-use-python-3-syntax: + +Metadata Must Now Use Python 3 Syntax +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The metadata is now required to use Python 3 syntax. For help preparing +metadata, see any of the many Python 3 porting guides available. +Alternatively, you can reference the conversion commits for BitBake and +you can use :term:`OpenEmbedded-Core (OE-Core)` as a guide for changes. +Particular areas of interest are: + + - subprocess command-line pipes needing locale decoding + + - the syntax for octal values changed + + - the ``iter*()`` functions changed name + + - iterators now return views, not lists + + - changed names for Python modules + +.. _migration-2.2-target-python-recipes-switched-to-python-3: + +Target Python Recipes Switched to Python 3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Most target Python recipes have now been switched to Python 3. +Unfortunately, systems using RPM as a package manager and providing +online package-manager support through SMART still require Python 2. + +.. note:: + + Python 2 and recipes that use it can still be built for the target as + with previous versions. + +.. _migration-2.2-buildtools-tarball-includes-python-3: + +``buildtools-tarball`` Includes Python 3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The :term:`buildtools` tarball now includes Python 3. + +.. _migration-2.2-uclibc-replaced-by-musl: + +uClibc Replaced by musl +----------------------- + +uClibc has been removed in favor of musl. Musl has matured, is better +maintained, and is compatible with a wider range of applications as +compared to uClibc. + +.. _migration-2.2-B-no-longer-default-working-directory-for-tasks: + +``${B}`` No Longer Default Working Directory for Tasks +------------------------------------------------------ + +``${``\ :term:`B`\ ``}`` is no longer the default working directory for tasks. +Consequently, any custom tasks you define now need to either have the +``[``\ :ref:`dirs <bitbake-user-manual/bitbake-user-manual-metadata:variable flags>`\ ``]`` +flag set, or the task needs to change into the appropriate working directory +manually (e.g using ``cd`` for a shell task). + +.. note:: + + The preferred method is to use the + [dirs] + flag. + +.. _migration-2.2-runqemu-ported-to-python: + +``runqemu`` Ported to Python +---------------------------- + +``runqemu`` has been ported to Python and has changed behavior in some +cases. Previous usage patterns continue to be supported. + +The new ``runqemu`` is a Python script. Machine knowledge is no longer +hardcoded into ``runqemu``. You can choose to use the ``qemuboot`` +configuration file to define the BSP's own arguments and to make it +bootable with ``runqemu``. If you use a configuration file, use the +following form:: + + image-name-machine.qemuboot.conf + +The configuration file +enables fine-grained tuning of options passed to QEMU without the +``runqemu`` script hard-coding any knowledge about different machines. +Using a configuration file is particularly convenient when trying to use +QEMU with machines other than the ``qemu*`` machines in +:term:`OpenEmbedded-Core (OE-Core)`. The ``qemuboot.conf`` file is generated by the +``qemuboot`` class when the root filesystem is being built (i.e. build +rootfs). QEMU boot arguments can be set in BSP's configuration file and +the ``qemuboot`` class will save them to ``qemuboot.conf``. + +If you want to use ``runqemu`` without a configuration file, use the +following command form:: + + $ runqemu machine rootfs kernel [options] + +Supported machines are as follows: + + - qemuarm + - qemuarm64 + - qemux86 + - qemux86-64 + - qemuppc + - qemumips + - qemumips64 + - qemumipsel + - qemumips64el + +Consider the +following example, which uses the ``qemux86-64`` machine, provides a +root filesystem, provides an image, and uses the ``nographic`` option:: + + $ runqemu qemux86-64 tmp/deploy/images/qemux86-64/core-image-minimal-qemux86-64.ext4 tmp/deploy/images/qemux86-64/bzImage nographic + +Here is a list of variables that can be set in configuration files +such as ``bsp.conf`` to enable the BSP to be booted by ``runqemu``:: + + QB_SYSTEM_NAME: QEMU name (e.g. "qemu-system-i386") + QB_OPT_APPEND: Options to append to QEMU (e.g. "-show-cursor") + QB_DEFAULT_KERNEL: Default kernel to boot (e.g. "bzImage") + QB_DEFAULT_FSTYPE: Default FSTYPE to boot (e.g. "ext4") + QB_MEM: Memory (e.g. "-m 512") + QB_MACHINE: QEMU machine (e.g. "-machine virt") + QB_CPU: QEMU cpu (e.g. "-cpu qemu32") + QB_CPU_KVM: Similar to QB_CPU except used for kvm support (e.g. "-cpu kvm64") + QB_KERNEL_CMDLINE_APPEND: Options to append to the kernel's -append + option (e.g. "console=ttyS0 console=tty") + QB_DTB: QEMU dtb name + QB_AUDIO_DRV: QEMU audio driver (e.g. "alsa", set it when support audio) + QB_AUDIO_OPT: QEMU audio option (e.g. "-soundhw ac97,es1370"), which is used + when QB_AUDIO_DRV is set. + QB_KERNEL_ROOT: Kernel's root (e.g. /dev/vda) + QB_TAP_OPT: Network option for 'tap' mode (e.g. + "-netdev tap,id=net0,ifname=@TAP@,script=no,downscript=no -device virtio-net-device,netdev=net0"). + runqemu will replace "@TAP@" with the one that is used, such as tap0, tap1 ... + QB_SLIRP_OPT: Network option for SLIRP mode (e.g. "-netdev user,id=net0 -device virtio-net-device,netdev=net0") + QB_ROOTFS_OPT: Used as rootfs (e.g. + "-drive id=disk0,file=@ROOTFS@,if=none,format=raw -device virtio-blk-device,drive=disk0"). + runqemu will replace "@ROOTFS@" with the one which is used, such as + core-image-minimal-qemuarm64.ext4. + QB_SERIAL_OPT: Serial port (e.g. "-serial mon:stdio") + QB_TCPSERIAL_OPT: tcp serial port option (e.g. + " -device virtio-serial-device -chardev socket,id=virtcon,port=@PORT@,host=127.0.0.1 -device virtconsole,chardev=virtcon" + runqemu will replace "@PORT@" with the port number which is used. + +To use ``runqemu``, set :term:`IMAGE_CLASSES` as +follows and run ``runqemu``: + +.. note:: + + "QB" means "QEMU Boot". + +.. note:: + + For command-line syntax, use ``runqemu help``. + +:: + + IMAGE_CLASSES += "qemuboot" + +.. _migration-2.2-default-linker-hash-style-changed: + +Default Linker Hash Style Changed +--------------------------------- + +The default linker hash style for ``gcc-cross`` is now "sysv" in order +to catch recipes that are building software without using the +OpenEmbedded :term:`LDFLAGS`. This change could result in +seeing some "No GNU_HASH in the elf binary" QA issues when building such +recipes. You need to fix these recipes so that they use the expected +:term:`LDFLAGS`. Depending on how the software is built, the build system +used by the software (e.g. a Makefile) might need to be patched. +However, sometimes making this fix is as simple as adding the following +to the recipe:: + + TARGET_CC_ARCH += "${LDFLAGS}" + +.. _migration-2.2-kernel-image-base-name-no-longer-uses-kernel-imagetype: + +``KERNEL_IMAGE_BASE_NAME`` no Longer Uses ``KERNEL_IMAGETYPE`` +-------------------------------------------------------------- + +The ``KERNEL_IMAGE_BASE_NAME`` variable no longer uses the +:term:`KERNEL_IMAGETYPE` variable to create the +image's base name. Because the OpenEmbedded build system can now build +multiple kernel image types, this part of the kernel image base name as +been removed leaving only the following:: + + KERNEL_IMAGE_BASE_NAME ?= "${PKGE}-${PKGV}-${PKGR}-${MACHINE}-${DATETIME}" + +If you have recipes or +classes that use ``KERNEL_IMAGE_BASE_NAME`` directly, you might need to +update the references to ensure they continue to work. + +.. _migration-2.2-imgdeploydir-replaces-deploy-dir-image-for-most-use-cases: + +``IMGDEPLOYDIR`` Replaces ``DEPLOY_DIR_IMAGE`` for Most Use Cases +----------------------------------------------------------------- + +The :term:`IMGDEPLOYDIR` variable was introduced to allow sstate caching of +image creation results. Image recipes defining custom :term:`IMAGE_CMD` or +doing postprocessing on the generated images need to be adapted to use +:term:`IMGDEPLOYDIR` instead of :term:`DEPLOY_DIR_IMAGE`. :term:`IMAGE_MANIFEST` +creation and symlinking of the most recent image file will fail otherwise. + +.. _migration-2.2-bitbake-changes: + +BitBake Changes +--------------- + +The following changes took place for BitBake: + +- The "goggle" UI and standalone image-writer tool have been removed as + they both require GTK+ 2.0 and were not being maintained. + +- The Perforce fetcher now supports :term:`SRCREV` for + specifying the source revision to use, be it + ``${``\ :term:`AUTOREV`\ ``}``, changelist number, + p4date, or label, in preference to separate + :term:`SRC_URI` parameters to specify these. This + change is more in-line with how the other fetchers work for source + control systems. Recipes that fetch from Perforce will need to be + updated to use :term:`SRCREV` in place of specifying the source revision + within :term:`SRC_URI`. + +- Some of BitBake's internal code structures for accessing the recipe + cache needed to be changed to support the new multi-configuration + functionality. These changes will affect external tools that use + BitBake's tinfoil module. For information on these changes, see the + changes made to the scripts supplied with OpenEmbedded-Core: + :yocto_git:`1 </poky/commit/?id=189371f8393971d00bca0fceffd67cc07784f6ee>` + and + :yocto_git:`2 </poky/commit/?id=4a5aa7ea4d07c2c90a1654b174873abb018acc67>`. + +- The task management code has been rewritten to avoid using ID + indirection in order to improve performance. This change is unlikely + to cause any problems for most users. However, the setscene + verification function as pointed to by + ``BB_SETSCENE_VERIFY_FUNCTION`` needed to change signature. + Consequently, a new variable named ``BB_SETSCENE_VERIFY_FUNCTION2`` + has been added allowing multiple versions of BitBake to work with + suitably written metadata, which includes OpenEmbedded-Core and Poky. + Anyone with custom BitBake task scheduler code might also need to + update the code to handle the new structure. + +.. _migration-2.2-swabber-has-been-removed: + +Swabber has Been Removed +------------------------ + +Swabber, a tool that was intended to detect host contamination in the +build process, has been removed, as it has been unmaintained and unused +for some time and was never particularly effective. The OpenEmbedded +build system has since incorporated a number of mechanisms including +enhanced QA checks that mean that there is less of a need for such a +tool. + +.. _migration-2.2-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- ``augeas``: No longer needed and has been moved to ``meta-oe``. + +- ``directfb``: Unmaintained and has been moved to ``meta-oe``. + +- ``gcc``: Removed 4.9 version. Versions 5.4 and 6.2 are still present. + +- ``gnome-doc-utils``: No longer needed. + +- ``gtk-doc-stub``: Replaced by ``gtk-doc``. + +- ``gtk-engines``: No longer needed and has been moved to + ``meta-gnome``. + +- ``gtk-sato-engine``: Became obsolete. + +- ``libglade``: No longer needed and has been moved to ``meta-oe``. + +- ``libmad``: Unmaintained and functionally replaced by ``libmpg123``. + ``libmad`` has been moved to ``meta-oe``. + +- ``libowl``: Became obsolete. + +- ``libxsettings-client``: No longer needed. + +- ``oh-puzzles``: Functionally replaced by ``puzzles``. + +- ``oprofileui``: Became obsolete. OProfile has been largely supplanted + by perf. + +- ``packagegroup-core-directfb.bb``: Removed. + +- ``core-image-directfb.bb``: Removed. + +- ``pointercal``: No longer needed and has been moved to ``meta-oe``. + +- ``python-imaging``: No longer needed and moved to ``meta-python`` + +- ``python-pyrex``: No longer needed and moved to ``meta-python``. + +- ``sato-icon-theme``: Became obsolete. + +- ``swabber-native``: Swabber has been removed. See the :ref:`entry on + Swabber <migration-guides/migration-2.2:swabber has been removed>`. + +- ``tslib``: No longer needed and has been moved to ``meta-oe``. + +- ``uclibc``: Removed in favor of musl. + +- ``xtscal``: No longer needed and moved to ``meta-oe`` + +.. _migration-2.2-removed-classes: + +Removed Classes +--------------- + +The following classes have been removed: + +- ``distutils-native-base``: No longer needed. + +- ``distutils3-native-base``: No longer needed. + +- ``sdl``: Only set :term:`DEPENDS` and + :term:`SECTION`, which are better set within the + recipe instead. + +- ``sip``: Mostly unused. + +- ``swabber``: See the :ref:`entry on + Swabber <migration-guides/migration-2.2:swabber has been removed>`. + +.. _migration-2.2-minor-packaging-changes: + +Minor Packaging Changes +----------------------- + +The following minor packaging changes have occurred: + +- ``grub``: Split ``grub-editenv`` into its own package. + +- ``systemd``: Split container and vm related units into a new package, + systemd-container. + +- ``util-linux``: Moved ``prlimit`` to a separate + ``util-linux-prlimit`` package. + +.. _migration-2.2-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous changes have occurred: + +- ``package_regex.inc``: Removed because the definitions + ``package_regex.inc`` previously contained have been moved to their + respective recipes. + +- Both ``devtool add`` and ``recipetool create`` now use a fixed + :term:`SRCREV` by default when fetching from a Git + repository. You can override this in either case to use + ``${``\ :term:`AUTOREV`\ ``}`` instead by using the + ``-a`` or ``--autorev`` command-line option + +- ``distcc``: GTK+ UI is now disabled by default. + +- ``packagegroup-core-tools-testapps``: Removed Piglit. + +- :ref:`ref-classes-image`: Renamed COMPRESS(ION) to CONVERSION. This change + means that ``COMPRESSIONTYPES``, ``COMPRESS_DEPENDS`` and + ``COMPRESS_CMD`` are deprecated in favor of ``CONVERSIONTYPES``, + ``CONVERSION_DEPENDS`` and :term:`CONVERSION_CMD`. The ``COMPRESS*`` + variable names will still work in the 2.2 release but metadata that + does not need to be backwards-compatible should be changed to use the + new names as the ``COMPRESS*`` ones will be removed in a future + release. + +- ``gtk-doc``: A full version of ``gtk-doc`` is now made available. + However, some old software might not be capable of using the current + version of ``gtk-doc`` to build documentation. You need to change + recipes that build such software so that they explicitly disable + building documentation with ``gtk-doc``. + + diff --git a/documentation/migration-guides/migration-2.3.rst b/documentation/migration-guides/migration-2.3.rst new file mode 100644 index 0000000000..60340b9592 --- /dev/null +++ b/documentation/migration-guides/migration-2.3.rst @@ -0,0 +1,515 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.3 (pyro) +================== + +This section provides migration information for moving to the Yocto +Project 2.3 Release (codename "pyro") from the prior release. + +.. _migration-2.3-recipe-specific-sysroots: + +Recipe-specific Sysroots +------------------------ + +The OpenEmbedded build system now uses one sysroot per recipe to resolve +long-standing issues with configuration script auto-detection of +undeclared dependencies. Consequently, you might find that some of your +previously written custom recipes are missing declared dependencies, +particularly those dependencies that are incidentally built earlier in a +typical build process and thus are already likely to be present in the +shared sysroot in previous releases. + +Consider the following: + +- *Declare Build-Time Dependencies:* Because of this new feature, you + must explicitly declare all build-time dependencies for your recipe. + If you do not declare these dependencies, they are not populated into + the sysroot for the recipe. + +- *Specify Pre-Installation and Post-Installation Native Tool + Dependencies:* You must specifically specify any special native tool + dependencies of ``pkg_preinst`` and ``pkg_postinst`` scripts by using + the :term:`PACKAGE_WRITE_DEPS` variable. + Specifying these dependencies ensures that these tools are available + if these scripts need to be run on the build host during the + :ref:`ref-tasks-rootfs` task. + + As an example, see the ``dbus`` recipe. You will see that this recipe + has a ``pkg_postinst`` that calls ``systemctl`` if "systemd" is in + :term:`DISTRO_FEATURES`. In the example, + ``systemd-systemctl-native`` is added to :term:`PACKAGE_WRITE_DEPS`, + which is also conditional on "systemd" being in :term:`DISTRO_FEATURES`. + +- Examine Recipes that Use ``SSTATEPOSTINSTFUNCS``: You need to + examine any recipe that uses ``SSTATEPOSTINSTFUNCS`` and determine + steps to take. + + Functions added to ``SSTATEPOSTINSTFUNCS`` are still called as they + were in previous Yocto Project releases. However, since a separate + sysroot is now being populated for every recipe and if existing + functions being called through ``SSTATEPOSTINSTFUNCS`` are doing + relocation, then you will need to change these to use a + post-installation script that is installed by a function added to + :term:`SYSROOT_PREPROCESS_FUNCS`. + + For an example, see the :ref:`ref-classes-pixbufcache` class in ``meta/classes/`` in + the :ref:`overview-manual/development-environment:yocto project source repositories`. + + .. note:: + + The + SSTATEPOSTINSTFUNCS + variable itself is now deprecated in favor of the + do_populate_sysroot[postfuncs] + task. Consequently, if you do still have any function or functions + that need to be called after the sysroot component is created for + a recipe, then you would be well advised to take steps to use a + post installation script as described previously. Taking these + steps prepares your code for when + SSTATEPOSTINSTFUNCS + is removed in a future Yocto Project release. + +- *Specify the Sysroot when Using Certain External Scripts:* Because + the shared sysroot is now gone, the scripts + ``oe-find-native-sysroot`` and ``oe-run-native`` have been changed + such that you need to specify which recipe's + :term:`STAGING_DIR_NATIVE` is used. + +.. note:: + + You can find more information on how recipe-specific sysroots work in + the ":ref:`ref-classes-staging`" section. + +.. _migration-2.3-path-variable: + +``PATH`` Variable +----------------- + +Within the environment used to run build tasks, the environment variable +``PATH`` is now sanitized such that the normal native binary paths +(``/bin``, ``/sbin``, ``/usr/bin`` and so forth) are removed and a +directory containing symbolic links linking only to the binaries from +the host mentioned in the :term:`HOSTTOOLS` and +:term:`HOSTTOOLS_NONFATAL` variables is added +to ``PATH``. + +Consequently, any native binaries provided by the host that you need to +call needs to be in one of these two variables at the configuration +level. + +Alternatively, you can add a native recipe (i.e. ``-native``) that +provides the binary to the recipe's :term:`DEPENDS` +value. + +.. note:: + + PATH + is not sanitized in the same way within ``devshell``. + If it were, you would have difficulty running host tools for + development and debugging within the shell. + +.. _migration-2.3-scripts: + +Changes to Scripts +------------------ + +The following changes to scripts took place: + +- ``oe-find-native-sysroot``: The usage for the + ``oe-find-native-sysroot`` script has changed to the following:: + + $ . oe-find-native-sysroot recipe + + You must now supply a recipe for recipe + as part of the command. Prior to the Yocto Project 2.3 release, it + was not necessary to provide the script with the command. + +- ``oe-run-native``: The usage for the ``oe-run-native`` script has + changed to the following:: + + $ oe-run-native native_recipe tool + + You must + supply the name of the native recipe and the tool you want to run as + part of the command. Prior to the Yocto Project 2.3 release, it + was not necessary to provide the native recipe with the command. + +- ``cleanup-workdir``: The ``cleanup-workdir`` script has been + removed because the script was found to be deleting files it should + not have, which lead to broken build trees. Rather than trying to + delete portions of :term:`TMPDIR` and getting it wrong, + it is recommended that you delete :term:`TMPDIR` and have it restored + from shared state (sstate) on subsequent builds. + +- ``wipe-sysroot``: The ``wipe-sysroot`` script has been removed as + it is no longer needed with recipe-specific sysroots. + +.. _migration-2.3-functions: + +Changes to Functions +-------------------- + +The previously deprecated ``bb.data.getVar()``, ``bb.data.setVar()``, +and related functions have been removed in favor of ``d.getVar()``, +``d.setVar()``, and so forth. + +You need to fix any references to these old functions. + +.. _migration-2.3-bitbake-changes: + +BitBake Changes +--------------- + +The following changes took place for BitBake: + +- *BitBake's Graphical Dependency Explorer UI Replaced:* BitBake's + graphical dependency explorer UI ``depexp`` was replaced by + ``taskexp`` ("Task Explorer"), which provides a graphical way of + exploring the ``task-depends.dot`` file. The data presented by Task + Explorer is much more accurate than the data that was presented by + ``depexp``. Being able to visualize the data is an often requested + feature as standard ``*.dot`` file viewers cannot usual cope with the + size of the ``task-depends.dot`` file. + +- *BitBake "-g" Output Changes:* The ``package-depends.dot`` and + ``pn-depends.dot`` files as previously generated using the + ``bitbake -g`` command have been removed. A ``recipe-depends.dot`` + file is now generated as a collapsed version of ``task-depends.dot`` + instead. + + The reason for this change is because ``package-depends.dot`` and + ``pn-depends.dot`` largely date back to a time before task-based + execution and do not take into account task-level dependencies + between recipes, which could be misleading. + +- *Mirror Variable Splitting Changes:* Mirror variables including + :term:`MIRRORS`, :term:`PREMIRRORS`, + and :term:`SSTATE_MIRRORS` can now separate + values entirely with spaces. Consequently, you no longer need "\\n". + BitBake looks for pairs of values, which simplifies usage. There + should be no change required to existing mirror variable values + themselves. + +- *The Subversion (SVN) Fetcher Uses an "ssh" Parameter and Not an + "rsh" Parameter:* The SVN fetcher now takes an "ssh" parameter + instead of an "rsh" parameter. This new optional parameter is used + when the "protocol" parameter is set to "svn+ssh". You can only use + the new parameter to specify the ``ssh`` program used by SVN. The SVN + fetcher passes the new parameter through the ``SVN_SSH`` environment + variable during the :ref:`ref-tasks-fetch` task. + + See the + ":ref:`bitbake-user-manual/bitbake-user-manual-fetching:subversion (svn) fetcher (\`\`svn://\`\`)`" + section in the BitBake User Manual for additional information. + +- ``BB_SETSCENE_VERIFY_FUNCTION`` and ``BB_SETSCENE_VERIFY_FUNCTION2`` + Removed: Because the mechanism they were part of is no longer + necessary with recipe-specific sysroots, the + ``BB_SETSCENE_VERIFY_FUNCTION`` and ``BB_SETSCENE_VERIFY_FUNCTION2`` + variables have been removed. + +.. _migration-2.3-absolute-symlinks: + +Absolute Symbolic Links +----------------------- + +Absolute symbolic links (symlinks) within staged files are no longer +permitted and now trigger an error. Any explicit creation of symlinks +can use the ``lnr`` script, which is a replacement for ``ln -r``. + +If the build scripts in the software that the recipe is building are +creating a number of absolute symlinks that need to be corrected, you +can inherit ``relative_symlinks`` within the recipe to turn those +absolute symlinks into relative symlinks. + +.. _migration-2.3-gplv2-and-gplv3-moves: + +GPLv2 Versions of GPLv3 Recipes Moved +------------------------------------- + +Older GPLv2 versions of GPLv3 recipes have moved to a separate +``meta-gplv2`` layer. + +If you use :term:`INCOMPATIBLE_LICENSE` to +exclude GPLv3 or set :term:`PREFERRED_VERSION` +to substitute a GPLv2 version of a GPLv3 recipe, then you must add the +``meta-gplv2`` layer to your configuration. + +.. note:: + + You can ``find meta-gplv2`` layer in the OpenEmbedded layer index at + :oe_layer:`/meta-gplv2`. + +These relocated GPLv2 recipes do not receive the same level of +maintenance as other core recipes. The recipes do not get security fixes +and upstream no longer maintains them. In fact, the upstream community +is actively hostile towards people that use the old versions of the +recipes. Moving these recipes into a separate layer both makes the +different needs of the recipes clearer and clearly identifies the number +of these recipes. + +.. note:: + + The long-term solution might be to move to BSD-licensed replacements + of the GPLv3 components for those that need to exclude GPLv3-licensed + components from the target system. This solution will be investigated + for future Yocto Project releases. + +.. _migration-2.3-package-management-changes: + +Package Management Changes +-------------------------- + +The following package management changes took place: + +- Smart package manager is replaced by DNF package manager. Smart has + become unmaintained upstream, is not ported to Python 3.x. + Consequently, Smart needed to be replaced. DNF is the only feasible + candidate. + + The change in functionality is that the on-target runtime package + management from remote package feeds is now done with a different + tool that has a different set of command-line options. If you have + scripts that call the tool directly, or use its API, they need to be + fixed. + + For more information, see the `DNF + Documentation <https://dnf.readthedocs.io/en/latest/>`__. + +- Rpm 5.x is replaced with Rpm 4.x. This is done for two major reasons: + + - DNF is API-incompatible with Rpm 5.x and porting it and + maintaining the port is non-trivial. + + - Rpm 5.x itself has limited maintenance upstream, and the Yocto + Project is one of the very few remaining users. + +- Berkeley DB 6.x is removed and Berkeley DB 5.x becomes the default: + + - Version 6.x of Berkeley DB has largely been rejected by the open + source community due to its AGPLv3 license. As a result, most + mainstream open source projects that require DB are still + developed and tested with DB 5.x. + + - In OE-core, the only thing that was requiring DB 6.x was Rpm 5.x. + Thus, no reason exists to continue carrying DB 6.x in OE-core. + +- ``createrepo`` is replaced with ``createrepo_c``. + + ``createrepo_c`` is the current incarnation of the tool that + generates remote repository metadata. It is written in C as compared + to ``createrepo``, which is written in Python. ``createrepo_c`` is + faster and is maintained. + +- Architecture-independent RPM packages are "noarch" instead of "all". + + This change was made because too many places in DNF/RPM4 stack + already make that assumption. Only the filenames and the architecture + tag has changed. Nothing else has changed in OE-core system, + particularly in the :ref:`ref-classes-allarch` class. + +- Signing of remote package feeds using ``PACKAGE_FEED_SIGN`` is not + currently supported. This issue will be fully addressed in a future + Yocto Project release. See :yocto_bugs:`defect 11209 </show_bug.cgi?id=11209>` + for more information on a solution to package feed signing with RPM + in the Yocto Project 2.3 release. + +- OPKG now uses the libsolv backend for resolving package dependencies + by default. This is vastly superior to OPKG's internal ad-hoc solver + that was previously used. This change does have a small impact on + disk (around 500 KB) and memory footprint. + + .. note:: + + For further details on this change, see the + :yocto_git:`commit message </poky/commit/?id=f4d4f99cfbc2396e49c1613a7d237b9e57f06f81>`. + +.. _migration-2.3-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- ``linux-yocto 4.8``: Version 4.8 has been removed. Versions 4.1 + (LTSI), 4.4 (LTS), 4.9 (LTS/LTSI) and 4.10 are now present. + +- ``python-smartpm``: Functionally replaced by ``dnf``. + +- ``createrepo``: Replaced by the ``createrepo-c`` recipe. + +- ``rpmresolve``: No longer needed with the move to RPM 4 as RPM + itself is used instead. + +- ``gstreamer``: Removed the GStreamer Git version recipes as they + have been stale. ``1.10.``\ x recipes are still present. + +- ``alsa-conf-base``: Merged into ``alsa-conf`` since ``libasound`` + depended on both. Essentially, no way existed to install only one of + these. + +- ``tremor``: Moved to ``meta-multimedia``. Fixed-integer Vorbis + decoding is not needed by current hardware. Thus, GStreamer's ivorbis + plugin has been disabled by default eliminating the need for the + ``tremor`` recipe in :term:`OpenEmbedded-Core (OE-Core)`. + +- ``gummiboot``: Replaced by ``systemd-boot``. + +.. _migration-2.3-wic-changes: + +Wic Changes +----------- + +The following changes have been made to Wic: + +.. note:: + + For more information on Wic, see the + ":ref:`dev-manual/wic:creating partitioned images using wic`" + section in the Yocto Project Development Tasks Manual. + +- *Default Output Directory Changed:* Wic's default output directory is + now the current directory by default instead of the unusual + ``/var/tmp/wic``. + + The ``-o`` and ``--outdir`` options remain unchanged and are used to + specify your preferred output directory if you do not want to use the + default directory. + +- *fsimage Plug-in Removed:* The Wic fsimage plugin has been removed as + it duplicates functionality of the rawcopy plugin. + +.. _migration-2.3-qa-changes: + +QA Changes +---------- + +The following QA checks have changed: + +- ``unsafe-references-in-binaries``: The + ``unsafe-references-in-binaries`` QA check, which was disabled by + default, has now been removed. This check was intended to detect + binaries in ``/bin`` that link to libraries in ``/usr/lib`` and have + the case where the user has ``/usr`` on a separate filesystem to + ``/``. + + The removed QA check was buggy. Additionally, ``/usr`` residing on a + separate partition from ``/`` is now a rare configuration. + Consequently, ``unsafe-references-in-binaries`` was removed. + +- ``file-rdeps``: The ``file-rdeps`` QA check is now an error by + default instead of a warning. Because it is an error instead of a + warning, you need to address missing runtime dependencies. + + For additional information, see the + :ref:`ref-classes-insane` class and the + ":ref:`ref-manual/qa-checks:errors and warnings`" section. + +.. _migration-2.3-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous changes have occurred: + +- In this release, a number of recipes have been changed to ignore the + ``largefile`` :term:`DISTRO_FEATURES` item, + enabling large file support unconditionally. This feature has always + been enabled by default. Disabling the feature has not been widely + tested. + + .. note:: + + Future releases of the Yocto Project will remove entirely the + ability to disable the + largefile + feature, which would make it unconditionally enabled everywhere. + +- If the :term:`DISTRO_VERSION` value contains + the value of the :term:`DATE` variable, which is the + default between Poky releases, the :term:`DATE` value is explicitly + excluded from ``/etc/issue`` and ``/etc/issue.net``, which is + displayed at the login prompt, in order to avoid conflicts with + Multilib enabled. Regardless, the :term:`DATE` value is inaccurate if the + ``base-files`` recipe is restored from shared state (sstate) rather + than rebuilt. + + If you need the build date recorded in ``/etc/issue*`` or anywhere + else in your image, a better method is to define a post-processing + function to do it and have the function called from + :term:`ROOTFS_POSTPROCESS_COMMAND`. + Doing so ensures the value is always up-to-date with the created + image. + +- Dropbear's ``init`` script now disables DSA host keys by default. + This change is in line with the systemd service file, which supports + RSA keys only, and with recent versions of OpenSSH, which deprecates + DSA host keys. + +- The :ref:`ref-classes-buildhistory` class now + correctly uses tabs as separators between all columns in + ``installed-package-sizes.txt`` in order to aid import into other + tools. + +- The ``USE_LDCONFIG`` variable has been replaced with the "ldconfig" + :term:`DISTRO_FEATURES` feature. Distributions that previously set:: + + USE_LDCONFIG = "0" + + should now instead use the following:: + + DISTRO_FEATURES_BACKFILL_CONSIDERED_append = " ldconfig" + +- The default value of + :term:`COPYLEFT_LICENSE_INCLUDE` now + includes all versions of AGPL licenses in addition to GPL and LGPL. + + .. note:: + + The default list is not intended to be guaranteed as a complete + safe list. You should seek legal advice based on what you are + distributing if you are unsure. + +- Kernel module packages are now suffixed with the kernel version in + order to allow module packages from multiple kernel versions to + co-exist on a target system. If you wish to return to the previous + naming scheme that does not include the version suffix, use the + following:: + + KERNEL_MODULE_PACKAGE_SUFFIX = "" + +- Removal of ``libtool`` ``*.la`` files is now enabled by default. The + ``*.la`` files are not actually needed on Linux and relocating them + is an unnecessary burden. + + If you need to preserve these ``.la`` files (e.g. in a custom + distribution), you must change :term:`INHERIT_DISTRO` such that + ":ref:`ref-classes-remove-libtool`" is not included + in the value. + +- Extensible SDKs built for GCC 5+ now refuse to install on a + distribution where the host GCC version is 4.8 or 4.9. This change + resulted from the fact that the installation is known to fail due to + the way the ``uninative`` shared state (sstate) package is built. See + the :ref:`ref-classes-uninative` class for additional information. + +- All :ref:`ref-classes-native` and :ref:`ref-classes-nativesdk` recipes now + use a separate :term:`DISTRO_FEATURES` value instead of sharing the value + used by recipes for the target, in order to avoid unnecessary rebuilds. + + The :term:`DISTRO_FEATURES` for :ref:`ref-classes-native` recipes + is :term:`DISTRO_FEATURES_NATIVE` added to an intersection of + :term:`DISTRO_FEATURES` and :term:`DISTRO_FEATURES_FILTER_NATIVE`. + + For :ref:`ref-classes-nativesdk` recipes, the corresponding + variables are :term:`DISTRO_FEATURES_NATIVESDK` and + :term:`DISTRO_FEATURES_FILTER_NATIVESDK`. + +- The ``FILESDIR`` variable, which was previously deprecated and rarely + used, has now been removed. You should change any recipes that set + ``FILESDIR`` to set :term:`FILESPATH` instead. + +- The ``MULTIMACH_HOST_SYS`` variable has been removed as it is no + longer needed with recipe-specific sysroots. + + diff --git a/documentation/migration-guides/migration-2.4.rst b/documentation/migration-guides/migration-2.4.rst new file mode 100644 index 0000000000..5d5d601988 --- /dev/null +++ b/documentation/migration-guides/migration-2.4.rst @@ -0,0 +1,319 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.4 (rocko) +=================== + +This section provides migration information for moving to the Yocto +Project 2.4 Release (codename "rocko") from the prior release. + +.. _migration-2.4-memory-resident-mode: + +Memory Resident Mode +-------------------- + +A persistent mode is now available in BitBake's default operation, +replacing its previous "memory resident mode" (i.e. +``oe-init-build-env-memres``). Now you only need to set +:term:`BB_SERVER_TIMEOUT` to a timeout (in +seconds) and BitBake's server stays resident for that amount of time +between invocations. The ``oe-init-build-env-memres`` script has been +removed since a separate environment setup script is no longer needed. + +.. _migration-2.4-packaging-changes: + +Packaging Changes +----------------- + +This section provides information about packaging changes that have +occurred: + +- ``python3`` Changes: + + - The main "python3" package now brings in all of the standard + Python 3 distribution rather than a subset. This behavior matches + what is expected based on traditional Linux distributions. If you + wish to install a subset of Python 3, specify ``python-core`` plus + one or more of the individual packages that are still produced. + + - ``python3``: The ``bz2.py``, ``lzma.py``, and + ``_compression.py`` scripts have been moved from the + ``python3-misc`` package to the ``python3-compression`` package. + +- ``binutils``: The ``libbfd`` library is now packaged in a separate + "libbfd" package. This packaging saves space when certain tools (e.g. + ``perf``) are installed. In such cases, the tools only need + ``libbfd`` rather than all the packages in ``binutils``. + +- ``util-linux`` Changes: + + - The ``su`` program is now packaged in a separate "util-linux-su" + package, which is only built when "pam" is listed in the + :term:`DISTRO_FEATURES` variable. + ``util-linux`` should not be installed unless it is needed because + ``su`` is normally provided through the shadow file format. The + main ``util-linux`` package has runtime dependencies (i.e. + :term:`RDEPENDS`) on the ``util-linux-su`` package + when "pam" is in :term:`DISTRO_FEATURES`. + + - The ``switch_root`` program is now packaged in a separate + "util-linux-switch-root" package for small :term:`Initramfs` images that + do not need the whole ``util-linux`` package or the busybox + binary, which are both much larger than ``switch_root``. The main + ``util-linux`` package has a recommended runtime dependency (i.e. + :term:`RRECOMMENDS`) on the + ``util-linux-switch-root`` package. + + - The ``ionice`` program is now packaged in a separate + "util-linux-ionice" package. The main ``util-linux`` package has a + recommended runtime dependency (i.e. :term:`RRECOMMENDS`) on the + ``util-linux-ionice`` package. + +- ``initscripts``: The ``sushell`` program is now packaged in a + separate "initscripts-sushell" package. This packaging change allows + systems to pull ``sushell`` in when ``selinux`` is enabled. The + change also eliminates needing to pull in the entire ``initscripts`` + package. The main ``initscripts`` package has a runtime dependency + (i.e. :term:`RDEPENDS`) on the ``sushell`` package when "selinux" is in + :term:`DISTRO_FEATURES`. + +- ``glib-2.0``: The ``glib-2.0`` package now has a recommended + runtime dependency (i.e. :term:`RRECOMMENDS`) on the ``shared-mime-info`` + package, since large portions of GIO are not useful without the MIME + database. You can remove the dependency by using the + :term:`BAD_RECOMMENDATIONS` variable if + ``shared-mime-info`` is too large and is not required. + +- *Go Standard Runtime:* The Go standard runtime has been split out + from the main ``go`` recipe into a separate ``go-runtime`` recipe. + +.. _migration-2.4-removed-recipes: + +Removed Recipes +--------------- + +- ``acpitests``: This recipe is not maintained. + +- ``autogen-native``: No longer required by Grub, oe-core, or + meta-oe. + +- ``bdwgc``: Nothing in OpenEmbedded-Core requires this recipe. It + has moved to meta-oe. + +- ``byacc``: This recipe was only needed by rpm 5.x and has moved to + meta-oe. + +- ``gcc (5.4)``: The 5.4 series dropped the recipe in favor of 6.3 / + 7.2. + +- ``gnome-common``: Deprecated upstream and no longer needed. + +- ``go-bootstrap-native``: Go 1.9 does its own bootstrapping so this + recipe has been removed. + +- ``guile``: This recipe was only needed by ``autogen-native`` and + ``remake``. The recipe is no longer needed by either of these + programs. + +- ``libclass-isa-perl``: This recipe was previously needed for LSB 4, + no longer needed. + +- ``libdumpvalue-perl``: This recipe was previously needed for LSB 4, + no longer needed. + +- ``libenv-perl``: This recipe was previously needed for LSB 4, no + longer needed. + +- ``libfile-checktree-perl``: This recipe was previously needed for + LSB 4, no longer needed. + +- ``libi18n-collate-perl``: This recipe was previously needed for LSB + 4, no longer needed. + +- ``libiconv``: This recipe was only needed for ``uclibc``, which was + removed in the previous release. ``glibc`` and ``musl`` have their + own implementations. ``meta-mingw`` still needs ``libiconv``, so it + has been moved to ``meta-mingw``. + +- ``libpng12``: This recipe was previously needed for LSB. The + current ``libpng`` is 1.6.x. + +- ``libpod-plainer-perl``: This recipe was previously needed for LSB + 4, no longer needed. + +- ``linux-yocto (4.1)``: This recipe was removed in favor of 4.4, + 4.9, 4.10 and 4.12. + +- ``mailx``: This recipe was previously only needed for LSB + compatibility, and upstream is defunct. + +- ``mesa (git version only)``: The git version recipe was stale with + respect to the release version. + +- ``ofono (git version only)``: The git version recipe was stale with + respect to the release version. + +- ``portmap``: This recipe is obsolete and is superseded by + ``rpcbind``. + +- ``python3-pygpgme``: This recipe is old and unmaintained. It was + previously required by ``dnf``, which has switched to official + ``gpgme`` Python bindings. + +- ``python-async``: This recipe has been removed in favor of the + Python 3 version. + +- ``python-gitdb``: This recipe has been removed in favor of the + Python 3 version. + +- ``python-git``: This recipe was removed in favor of the Python 3 + version. + +- ``python-mako``: This recipe was removed in favor of the Python 3 + version. + +- ``python-pexpect``: This recipe was removed in favor of the Python + 3 version. + +- ``python-ptyprocess``: This recipe was removed in favor of Python + the 3 version. + +- ``python-pycurl``: Nothing is using this recipe in + OpenEmbedded-Core (i.e. ``meta-oe``). + +- ``python-six``: This recipe was removed in favor of the Python 3 + version. + +- ``python-smmap``: This recipe was removed in favor of the Python 3 + version. + +- ``remake``: Using ``remake`` as the provider of ``virtual/make`` is + broken. Consequently, this recipe is not needed in OpenEmbedded-Core. + +.. _migration-2.4-kernel-device-tree-move: + +Kernel Device Tree Move +----------------------- + +Kernel Device Tree support is now easier to enable in a kernel recipe. +The Device Tree code has moved to a :ref:`ref-classes-kernel-devicetree` class. +Functionality is automatically enabled for any recipe that inherits the +:ref:`kernel <ref-classes-kernel>` class and sets the :term:`KERNEL_DEVICETREE` +variable. The previous mechanism for doing this, +``meta/recipes-kernel/linux/linux-dtb.inc``, is still available to avoid +breakage, but triggers a deprecation warning. Future releases of the +Yocto Project will remove ``meta/recipes-kernel/linux/linux-dtb.inc``. +It is advisable to remove any ``require`` statements that request +``meta/recipes-kernel/linux/linux-dtb.inc`` from any custom kernel +recipes you might have. This will avoid breakage in post 2.4 releases. + +.. _migration-2.4-package-qa-changes: + +Package QA Changes +------------------ + +- The "unsafe-references-in-scripts" QA check has been removed. + +- If you refer to ``${COREBASE}/LICENSE`` within + :term:`LIC_FILES_CHKSUM` you receive a + warning because this file is a description of the license for + OE-Core. Use ``${COMMON_LICENSE_DIR}/MIT`` if your recipe is + MIT-licensed and you cannot use the preferred method of referring to + a file within the source tree. + +.. _migration-2.4-readme-changes: + +``README`` File Changes +----------------------- + +- The main Poky ``README`` file has been moved to the ``meta-poky`` + layer and has been renamed ``README.poky``. A symlink has been + created so that references to the old location work. + +- The ``README.hardware`` file has been moved to ``meta-yocto-bsp``. A + symlink has been created so that references to the old location work. + +- A ``README.qemu`` file has been created with coverage of the + ``qemu*`` machines. + +.. _migration-2.4-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +- The ``ROOTFS_PKGMANAGE_BOOTSTRAP`` variable and any references to it + have been removed. You should remove this variable from any custom + recipes. + +- The ``meta-yocto`` directory has been removed. + + .. note:: + + In the Yocto Project 2.1 release + meta-yocto + was renamed to + meta-poky + and the + meta-yocto + subdirectory remained to avoid breaking existing configurations. + +- The ``maintainers.inc`` file, which tracks maintainers by listing a + primary person responsible for each recipe in OE-Core, has been moved + from ``meta-poky`` to OE-Core (i.e. from + ``meta-poky/conf/distro/include`` to ``meta/conf/distro/include``). + +- The :ref:`ref-classes-buildhistory` class now makes + a single commit per build rather than one commit per subdirectory in + the repository. This behavior assumes the commits are enabled with + :term:`BUILDHISTORY_COMMIT` = "1", which + is typical. Previously, the :ref:`ref-classes-buildhistory` class made one commit + per subdirectory in the repository in order to make it easier to see + the changes for a particular subdirectory. To view a particular + change, specify that subdirectory as the last parameter on the + ``git show`` or ``git diff`` commands. + +- The ``x86-base.inc`` file, which is included by all x86-based machine + configurations, now sets :term:`IMAGE_FSTYPES` + using ``?=`` to "live" rather than appending with ``+=``. This change + makes the default easier to override. + +- BitBake fires multiple "BuildStarted" events when multiconfig is + enabled (one per configuration). For more information, see the + ":ref:`bitbake-user-manual/bitbake-user-manual-metadata:events`" + section in the BitBake User Manual. + +- By default, the ``security_flags.inc`` file sets a + :term:`GCCPIE` variable with an option to enable + Position Independent Executables (PIE) within ``gcc``. Enabling PIE + in the GNU C Compiler (GCC), makes Return Oriented Programming (ROP) + attacks much more difficult to execute. + +- OE-Core now provides a ``bitbake-layers`` plugin that implements a + "create-layer" subcommand. The implementation of this subcommand has + resulted in the ``yocto-layer`` script being deprecated and will + likely be removed in the next Yocto Project release. + +- The ``vmdk``, ``vdi``, and ``qcow2`` image file types are now used in + conjunction with the "wic" image type through :term:`CONVERSION_CMD`. + Consequently, the equivalent image types are now ``wic.vmdk``, + ``wic.vdi``, and ``wic.qcow2``, respectively. + +- ``do_image_<type>[depends]`` has replaced ``IMAGE_DEPENDS_<type>``. + If you have your own classes that implement custom image types, then + you need to update them. + +- OpenSSL 1.1 has been introduced. However, the default is still 1.0.x + through the :term:`PREFERRED_VERSION` + variable. This preference is set is due to the remaining + compatibility issues with other software. The + :term:`PROVIDES` variable in the openssl 1.0 recipe + now includes "openssl10" as a marker that can be used in + :term:`DEPENDS` within recipes that build software + that still depend on OpenSSL 1.0. + +- To ensure consistent behavior, BitBake's "-r" and "-R" options (i.e. + prefile and postfile), which are used to read or post-read additional + configuration files from the command line, now only affect the + current BitBake command. Before these BitBake changes, these options + would "stick" for future executions. + + diff --git a/documentation/migration-guides/migration-2.5.rst b/documentation/migration-guides/migration-2.5.rst new file mode 100644 index 0000000000..facf5110b7 --- /dev/null +++ b/documentation/migration-guides/migration-2.5.rst @@ -0,0 +1,304 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.5 (sumo) +================== + +This section provides migration information for moving to the Yocto +Project 2.5 Release (codename "sumo") from the prior release. + +.. _migration-2.5-packaging-changes: + +Packaging Changes +----------------- + +This section provides information about packaging changes that have +occurred: + +- ``bind-libs``: The libraries packaged by the bind recipe are in a + separate ``bind-libs`` package. + +- ``libfm-gtk``: The ``libfm`` GTK+ bindings are split into a + separate ``libfm-gtk`` package. + +- ``flex-libfl``: The flex recipe splits out libfl into a separate + ``flex-libfl`` package to avoid too many dependencies being pulled in + where only the library is needed. + +- ``grub-efi``: The ``grub-efi`` configuration is split into a + separate ``grub-bootconf`` recipe. However, the dependency + relationship from ``grub-efi`` is through a virtual/grub-bootconf + provider making it possible to have your own recipe provide the + dependency. Alternatively, you can use a BitBake append file to bring + the configuration back into the ``grub-efi`` recipe. + +- *armv7a Legacy Package Feed Support:* Legacy support is removed for + transitioning from ``armv7a`` to ``armv7a-vfp-neon`` in package + feeds, which was previously enabled by setting + ``PKGARCHCOMPAT_ARMV7A``. This transition occurred in 2011 and active + package feeds should by now be updated to the new naming. + +.. _migration-2.5-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- ``gcc``: The version 6.4 recipes are replaced by 7.x. + +- ``gst-player``: Renamed to ``gst-examples`` as per upstream. + +- ``hostap-utils``: This software package is obsolete. + +- ``latencytop``: This recipe is no longer maintained upstream. The + last release was in 2009. + +- ``libpfm4``: The only file that requires this recipe is + ``oprofile``, which has been removed. + +- ``linux-yocto``: The version 4.4, 4.9, and 4.10 recipes have been + removed. Versions 4.12, 4.14, and 4.15 remain. + +- ``man``: This recipe has been replaced by modern ``man-db`` + +- ``mkelfimage``: This tool has been removed in the upstream coreboot + project, and is no longer needed with the removal of the ELF image + type. + +- ``nativesdk-postinst-intercept``: This recipe is not maintained. + +- ``neon``: This software package is no longer maintained upstream + and is no longer needed by anything in OpenEmbedded-Core. + +- ``oprofile``: The functionality of this recipe is replaced by + ``perf`` and keeping compatibility on an ongoing basis with ``musl`` + is difficult. + +- ``pax``: This software package is obsolete. + +- ``stat``: This software package is not maintained upstream. + ``coreutils`` provides a modern stat binary. + +- ``zisofs-tools-native``: This recipe is no longer needed because + the compressed ISO image feature has been removed. + +.. _migration-2.5-scripts-and-tools-changes: + +Scripts and Tools Changes +------------------------- + +- ``yocto-bsp``, ``yocto-kernel``, and ``yocto-layer``: The + ``yocto-bsp``, ``yocto-kernel``, and ``yocto-layer`` scripts + previously shipped with poky but not in OpenEmbedded-Core have been + removed. These scripts are not maintained and are outdated. In many + cases, they are also limited in scope. The + ``bitbake-layers create-layer`` command is a direct replacement for + ``yocto-layer``. See the documentation to create a BSP or kernel + recipe in the ":ref:`bsp-guide/bsp:bsp kernel recipe example`" section. + +- ``devtool finish``: ``devtool finish`` now exits with an error if + there are uncommitted changes or a rebase/am in progress in the + recipe's source repository. If this error occurs, there might be + uncommitted changes that will not be included in updates to the + patches applied by the recipe. A -f/--force option is provided for + situations that the uncommitted changes are inconsequential and you + want to proceed regardless. + +- ``scripts/oe-setup-rpmrepo`` script: The functionality of + ``scripts/oe-setup-rpmrepo`` is replaced by + ``bitbake package-index``. + +- ``scripts/test-dependencies.sh`` script: The script is largely made + obsolete by the recipe-specific sysroots functionality introduced in + the previous release. + +.. _migration-2.5-bitbake-changes: + +BitBake Changes +--------------- + +- The ``--runall`` option has changed. There are two different + behaviors people might want: + + - *Behavior A:* For a given target (or set of targets) look through + the task graph and run task X only if it is present and will be + built. + + - *Behavior B:* For a given target (or set of targets) look through + the task graph and run task X if any recipe in the taskgraph has + such a target, even if it is not in the original task graph. + + The ``--runall`` option now performs "Behavior B". Previously + ``--runall`` behaved like "Behavior A". A ``--runonly`` option has + been added to retain the ability to perform "Behavior A". + +- Several explicit "run this task for all recipes in the dependency + tree" tasks have been removed (e.g. ``fetchall``, ``checkuriall``, + and the ``*all`` tasks provided by the ``distrodata`` and + :ref:`ref-classes-archiver` classes). There is a BitBake option to complete this for + any arbitrary task. For example:: + + bitbake <target> -c fetchall + + should now be replaced with:: + + bitbake <target> --runall=fetch + +.. _migration-2.5-python-and-python3-changes: + +Python and Python 3 Changes +--------------------------- + +Here are auto-packaging changes to Python and Python 3: + +The script-managed ``python-*-manifest.inc`` files that were previously +used to generate Python and Python 3 packages have been replaced with a +JSON-based file that is easier to read and maintain. A new task is +available for maintainers of the Python recipes to update the JSON file +when upgrading to new Python versions. You can now edit the file +directly instead of having to edit a script and run it to update the +file. + +One particular change to note is that the Python recipes no longer have +build-time provides for their packages. This assumes ``python-foo`` is +one of the packages provided by the Python recipe. You can no longer run +``bitbake python-foo`` or have a +:term:`DEPENDS` on ``python-foo``, +but doing either of the following causes the package to work as +expected:: + + IMAGE_INSTALL_append = " python-foo" + +or :: + + RDEPENDS_${PN} = "python-foo" + +The earlier build-time provides behavior was a quirk of the +way the Python manifest file was created. For more information on this +change please see :yocto_git:`this commit +</poky/commit/?id=8d94b9db221d1def42f091b991903faa2d1651ce>`. + +.. _migration-2.5-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +- The :ref:`ref-classes-kernel` class supports building packages for multiple kernels. + If your kernel recipe or ``.bbappend`` file mentions packaging at + all, you should replace references to the kernel in package names + with ``${KERNEL_PACKAGE_NAME}``. For example, if you disable + automatic installation of the kernel image using + ``RDEPENDS_kernel-base = ""`` you can avoid warnings using + ``RDEPENDS_${KERNEL_PACKAGE_NAME}-base = ""`` instead. + +- The :ref:`ref-classes-buildhistory` class commits changes to the repository by + default so you no longer need to set ``BUILDHISTORY_COMMIT = "1"``. + If you want to disable commits you need to set + ``BUILDHISTORY_COMMIT = "0"`` in your configuration. + +- The ``beaglebone`` reference machine has been renamed to + ``beaglebone-yocto``. The ``beaglebone-yocto`` BSP is a reference + implementation using only mainline components available in + OpenEmbedded-Core and ``meta-yocto-bsp``, whereas Texas Instruments + maintains a full-featured BSP in the ``meta-ti`` layer. This rename + avoids the previous name clash that existed between the two BSPs. + +- The :ref:`ref-classes-update-alternatives` class no longer works with SysV ``init`` + scripts because this usage has been problematic. Also, the + ``sysklogd`` recipe no longer uses ``update-alternatives`` because it + is incompatible with other implementations. + +- By default, the :ref:`ref-classes-cmake` class uses + ``ninja`` instead of ``make`` for building. This improves build + performance. If a recipe is broken with ``ninja``, then the recipe + can set ``OECMAKE_GENERATOR = "Unix Makefiles"`` to change back to + ``make``. + +- The previously deprecated ``base_*`` functions have been removed in + favor of their replacements in ``meta/lib/oe`` and + ``bitbake/lib/bb``. These are typically used from recipes and + classes. Any references to the old functions must be updated. The + following table shows the removed functions and their replacements: + + +------------------------------+----------------------------------------------------------+ + | *Removed* | *Replacement* | + +==============================+==========================================================+ + | base_path_join() | oe.path.join() | + +------------------------------+----------------------------------------------------------+ + | base_path_relative() | oe.path.relative() | + +------------------------------+----------------------------------------------------------+ + | base_path_out() | oe.path.format_display() | + +------------------------------+----------------------------------------------------------+ + | base_read_file() | oe.utils.read_file() | + +------------------------------+----------------------------------------------------------+ + | base_ifelse() | oe.utils.ifelse() | + +------------------------------+----------------------------------------------------------+ + | base_conditional() | oe.utils.conditional() | + +------------------------------+----------------------------------------------------------+ + | base_less_or_equal() | oe.utils.less_or_equal() | + +------------------------------+----------------------------------------------------------+ + | base_version_less_or_equal() | oe.utils.version_less_or_equal() | + +------------------------------+----------------------------------------------------------+ + | base_contains() | bb.utils.contains() | + +------------------------------+----------------------------------------------------------+ + | base_both_contain() | oe.utils.both_contain() | + +------------------------------+----------------------------------------------------------+ + | base_prune_suffix() | oe.utils.prune_suffix() | + +------------------------------+----------------------------------------------------------+ + | oe_filter() | oe.utils.str_filter() | + +------------------------------+----------------------------------------------------------+ + | oe_filter_out() | oe.utils.str_filter_out() (or use the \_remove operator) | + +------------------------------+----------------------------------------------------------+ + +- Using ``exit 1`` to explicitly defer a postinstall script until first + boot is now deprecated since it is not an obvious mechanism and can + mask actual errors. If you want to explicitly defer a postinstall to + first boot on the target rather than at ``rootfs`` creation time, use + ``pkg_postinst_ontarget()`` or call + ``postinst_intercept delay_to_first_boot`` from ``pkg_postinst()``. + Any failure of a ``pkg_postinst()`` script (including ``exit 1``) + will trigger a warning during :ref:`ref-tasks-rootfs`. + + For more information, see the + ":ref:`dev-manual/new-recipe:post-installation scripts`" + section in the Yocto Project Development Tasks Manual. + +- The ``elf`` image type has been removed. This image type was removed + because the ``mkelfimage`` tool that was required to create it is no + longer provided by coreboot upstream and required updating every time + ``binutils`` updated. + +- Support for .iso image compression (previously enabled through + ``COMPRESSISO = "1"``) has been removed. The userspace tools + (``zisofs-tools``) are unmaintained and ``squashfs`` provides better + performance and compression. In order to build a live image with + squashfs+lz4 compression enabled you should now set + ``LIVE_ROOTFS_TYPE = "squashfs-lz4"`` and ensure that ``live`` is in + :term:`IMAGE_FSTYPES`. + +- Recipes with an unconditional dependency on ``libpam`` are only + buildable with ``pam`` in :term:`DISTRO_FEATURES`. If the dependency is + truly optional then it is recommended that the dependency be + conditional upon ``pam`` being in :term:`DISTRO_FEATURES`. + +- For EFI-based machines, the bootloader (``grub-efi`` by default) is + installed into the image at /boot. Wic can be used to split the + bootloader into separate boot and root filesystem partitions if necessary. + +- Patches whose context does not match exactly (i.e. where patch + reports "fuzz" when applying) will generate a warning. For an example + of this see :yocto_git:`this commit + </poky/commit/?id=cc97bc08125b63821ce3f616771830f77c456f57>`. + +- Layers are expected to set ``LAYERSERIES_COMPAT_layername`` to match + the version(s) of OpenEmbedded-Core they are compatible with. This is + specified as codenames using spaces to separate multiple values (e.g. + "rocko sumo"). If a layer does not set + ``LAYERSERIES_COMPAT_layername``, a warning will is shown. If a layer + sets a value that does not include the current version ("sumo" for + the 2.5 release), then an error will be produced. + +- The ``TZ`` environment variable is set to "UTC" within the build + environment in order to fix reproducibility problems in some recipes. + + diff --git a/documentation/migration-guides/migration-2.6.rst b/documentation/migration-guides/migration-2.6.rst new file mode 100644 index 0000000000..ecb559dd4c --- /dev/null +++ b/documentation/migration-guides/migration-2.6.rst @@ -0,0 +1,447 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.6 (thud) +================== + +This section provides migration information for moving to the Yocto +Project 2.6 Release (codename "thud") from the prior release. + +.. _migration-2.6-gcc-changes: + +GCC 8.2 is Now Used by Default +------------------------------ + +The GNU Compiler Collection version 8.2 is now used by default for +compilation. For more information on what has changed in the GCC 8.x +release, see https://gcc.gnu.org/gcc-8/changes.html. + +If you still need to compile with version 7.x, GCC 7.3 is also provided. +You can select this version by setting the and can be selected by +setting the :term:`GCCVERSION` variable to "7.%" in +your configuration. + +.. _migration-2.6-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- *beecrypt*: No longer needed since moving to RPM 4. +- *bigreqsproto*: Replaced by ``xorgproto``. +- *calibrateproto*: Removed in favor of ``xinput``. +- *compositeproto*: Replaced by ``xorgproto``. +- *damageproto*: Replaced by ``xorgproto``. +- *dmxproto*: Replaced by ``xorgproto``. +- *dri2proto*: Replaced by ``xorgproto``. +- *dri3proto*: Replaced by ``xorgproto``. +- *eee-acpi-scripts*: Became obsolete. +- *fixesproto*: Replaced by ``xorgproto``. +- *fontsproto*: Replaced by ``xorgproto``. +- *fstests*: Became obsolete. +- *gccmakedep*: No longer used. +- *glproto*: Replaced by ``xorgproto``. +- *gnome-desktop3*: No longer needed. This recipe has moved to ``meta-oe``. +- *icon-naming-utils*: No longer used since the Sato theme was removed in 2016. +- *inputproto*: Replaced by ``xorgproto``. +- *kbproto*: Replaced by ``xorgproto``. +- *libusb-compat*: Became obsolete. +- *libuser*: Became obsolete. +- *libnfsidmap*: No longer an external requirement since ``nfs-utils`` 2.2.1. ``libnfsidmap`` is now integrated. +- *libxcalibrate*: No longer needed with ``xinput`` +- *mktemp*: Became obsolete. The ``mktemp`` command is provided by both ``busybox`` and ``coreutils``. +- *ossp-uuid*: Is not being maintained and has mostly been replaced by ``uuid.h`` in ``util-linux``. +- *pax-utils*: No longer needed. Previous QA tests that did use this recipe are now done at build time. +- *pcmciautils*: Became obsolete. +- *pixz*: No longer needed. ``xz`` now supports multi-threaded compression. +- *presentproto*: Replaced by ``xorgproto``. +- *randrproto*: Replaced by ``xorgproto``. +- *recordproto*: Replaced by ``xorgproto``. +- *renderproto*: Replaced by ``xorgproto``. +- *resourceproto*: Replaced by ``xorgproto``. +- *scrnsaverproto*: Replaced by ``xorgproto``. +- *trace-cmd*: Became obsolete. ``perf`` replaced this recipe's functionally. +- *videoproto*: Replaced by ``xorgproto``. +- *wireless-tools*: Became obsolete. Superseded by ``iw``. +- *xcmiscproto*: Replaced by ``xorgproto``. +- *xextproto*: Replaced by ``xorgproto``. +- *xf86dgaproto*: Replaced by ``xorgproto``. +- *xf86driproto*: Replaced by ``xorgproto``. +- *xf86miscproto*: Replaced by ``xorgproto``. +- *xf86-video-omapfb*: Became obsolete. Use kernel modesetting driver instead. +- *xf86-video-omap*: Became obsolete. Use kernel modesetting driver instead. +- *xf86vidmodeproto*: Replaced by ``xorgproto``. +- *xineramaproto*: Replaced by ``xorgproto``. +- *xproto*: Replaced by ``xorgproto``. +- *yasm*: No longer needed since previous usages are now satisfied by ``nasm``. + +.. _migration-2.6-packaging-changes: + +Packaging Changes +----------------- + +The following packaging changes have been made: + +- *cmake*: ``cmake.m4`` and ``toolchain`` files have been moved to + the main package. + +- *iptables*: The ``iptables`` modules have been split into + separate packages. + +- *alsa-lib*: ``libasound`` is now in the main ``alsa-lib`` package + instead of ``libasound``. + +- *glibc*: ``libnss-db`` is now in its own package along with a + ``/var/db/makedbs.sh`` script to update databases. + +- *python and python3*: The main package has been removed from + the recipe. You must install specific packages or ``python-modules`` + / ``python3-modules`` for everything. + +- *systemtap*: Moved ``systemtap-exporter`` into its own package. + +.. _migration-2.6-xorg-protocol-dependencies: + +XOrg Protocol dependencies +-------------------------- + +The ``*proto`` upstream repositories have been combined into one +"xorgproto" repository. Thus, the corresponding recipes have also been +combined into a single ``xorgproto`` recipe. Any recipes that depend +upon the older ``*proto`` recipes need to be changed to depend on the +newer ``xorgproto`` recipe instead. + +For names of recipes removed because of this repository change, see the +:ref:`migration-guides/migration-2.6:removed recipes` section. + +.. _migration-2.6-distutils-distutils3-fetching-dependencies: + +``distutils`` and ``distutils3`` Now Prevent Fetching Dependencies During the ``do_configure`` Task +--------------------------------------------------------------------------------------------------- + +Previously, it was possible for Python recipes that inherited the +``distutils`` and ``distutils3`` classes to fetch code +during the :ref:`ref-tasks-configure` task to satisfy +dependencies mentioned in ``setup.py`` if those dependencies were not +provided in the sysroot (i.e. recipes providing the dependencies were +missing from :term:`DEPENDS`). + +.. note:: + + This change affects classes beyond just the two mentioned (i.e. ``distutils`` + and ``distutils3``). Any recipe that inherits ``distutils*`` classes are + affected. For example, the ``setuptools`` and :ref:`ref-classes-setuptools3` + recipes are affected since they inherit the ``distutils*`` classes. + +Fetching these types of dependencies that are not provided in the +sysroot negatively affects the ability to reproduce builds. This type of +fetching is now explicitly disabled. Consequently, any missing +dependencies in Python recipes that use these classes now result in an +error during the :ref:`ref-tasks-configure` task. + +.. _migration-2.6-linux-yocto-configuration-audit-issues-now-correctly-reported: + +``linux-yocto`` Configuration Audit Issues Now Correctly Reported +----------------------------------------------------------------- + +Due to a bug, the kernel configuration audit functionality was not +writing out any resulting warnings during the build. This issue is now +corrected. You might notice these warnings now if you have a custom +kernel configuration with a ``linux-yocto`` style kernel recipe. + +.. _migration-2.6-image-kernel-artifact-naming-changes: + +Image/Kernel Artifact Naming Changes +------------------------------------ + +The following changes have been made: + +- Name variables (e.g. :term:`IMAGE_NAME`) use a new + :term:`IMAGE_VERSION_SUFFIX` variable instead of + :term:`DATETIME`. Using :term:`IMAGE_VERSION_SUFFIX` + allows easier and more direct changes. + + The :term:`IMAGE_VERSION_SUFFIX` variable is set in the ``bitbake.conf`` + configuration file as follows:: + + IMAGE_VERSION_SUFFIX = "-${DATETIME}" + +- Several variables have changed names for consistency:: + + Old Variable Name New Variable Name + ======================================================== + KERNEL_IMAGE_BASE_NAME KERNEL_IMAGE_NAME + KERNEL_IMAGE_SYMLINK_NAME KERNEL_IMAGE_LINK_NAME + MODULE_TARBALL_BASE_NAME MODULE_TARBALL_NAME + MODULE_TARBALL_SYMLINK_NAME MODULE_TARBALL_LINK_NAME + INITRAMFS_BASE_NAME INITRAMFS_NAME + +- The ``MODULE_IMAGE_BASE_NAME`` variable has been removed. The module + tarball name is now controlled directly with the + :term:`MODULE_TARBALL_NAME` variable. + +- The :term:`KERNEL_DTB_NAME` and + :term:`KERNEL_DTB_LINK_NAME` variables + have been introduced to control kernel Device Tree Binary (DTB) + artifact names instead of mangling ``KERNEL_IMAGE_*`` variables. + +- The :term:`KERNEL_FIT_NAME` and + :term:`KERNEL_FIT_LINK_NAME` variables + have been introduced to specify the name of flattened image tree + (FIT) kernel images similar to other deployed artifacts. + +- The :term:`MODULE_TARBALL_NAME` and + :term:`MODULE_TARBALL_LINK_NAME` + variable values no longer include the "module-" prefix or ".tgz" + suffix. These parts are now hardcoded so that the values are + consistent with other artifact naming variables. + +- Added the :term:`INITRAMFS_LINK_NAME` + variable so that the symlink can be controlled similarly to other + artifact types. + +- :term:`INITRAMFS_NAME` now uses + "${PKGE}-${PKGV}-${PKGR}-${MACHINE}${IMAGE_VERSION_SUFFIX}" instead + of "${PV}-${PR}-${MACHINE}-${DATETIME}", which makes it consistent + with other variables. + +.. _migration-2.6-serial-console-deprecated: + +``SERIAL_CONSOLE`` Deprecated +----------------------------- + +The ``SERIAL_CONSOLE`` variable has been functionally replaced by the +:term:`SERIAL_CONSOLES` variable for some time. With the Yocto Project 2.6 +release, ``SERIAL_CONSOLE`` has been officially deprecated. + +``SERIAL_CONSOLE`` will continue to work as before for the 2.6 release. +However, for the sake of future compatibility, it is recommended that +you replace all instances of ``SERIAL_CONSOLE`` with :term:`SERIAL_CONSOLES`. + +.. note:: + + The only difference in usage is that :term:`SERIAL_CONSOLES` + expects entries to be separated using semicolons as compared to + ``SERIAL_CONSOLE``, which expects spaces. + +.. _migration-2.6-poky-sets-unknown-configure-option-to-qa-error: + +Configure Script Reports Unknown Options as Errors +-------------------------------------------------- + +If the configure script reports an unknown option, this now triggers a +QA error instead of a warning. Any recipes that previously got away with +specifying such unknown options now need to be fixed. + +.. _migration-2.6-override-changes: + +Override Changes +---------------- + +The following changes have occurred: + +- The ``virtclass-native`` and ``virtclass-nativesdk`` Overrides Have + Been Removed: The ``virtclass-native`` and ``virtclass-nativesdk`` + overrides have been deprecated since 2012 in favor of + ``class-native`` and ``class-nativesdk``, respectively. Both + ``virtclass-native`` and ``virtclass-nativesdk`` are now dropped. + + .. note:: + + The ``virtclass-multilib-`` overrides for multilib are still valid. + +- The ``forcevariable`` Override Now Has a Higher Priority Than + ``libc`` Overrides: The ``forcevariable`` override is documented to + be the highest priority override. However, due to a long-standing + quirk of how :term:`OVERRIDES` is set, the ``libc`` + overrides (e.g. ``libc-glibc``, ``libc-musl``, and so forth) + erroneously had a higher priority. This issue is now corrected. + + It is likely this change will not cause any problems. However, it is + possible with some unusual configurations that you might see a change + in behavior if you were relying on the previous behavior. Be sure to + check how you use ``forcevariable`` and ``libc-*`` overrides in your + custom layers and configuration files to ensure they make sense. + +- The ``build-${BUILD_OS}`` Override Has Been Removed: The + ``build-${BUILD_OS}``, which is typically ``build-linux``, override + has been removed because building on a host operating system other + than a recent version of Linux is neither supported nor recommended. + Dropping the override avoids giving the impression that other host + operating systems might be supported. + +- The "_remove" operator now preserves whitespace. Consequently, when + specifying list items to remove, be aware that leading and trailing + whitespace resulting from the removal is retained. + + See the ":ref:`bitbake-user-manual/bitbake-user-manual-metadata:removal (override style syntax)`" + section in the BitBake User Manual for a detailed example. + +.. _migration-2.6-systemd-configuration-now-split-out-to-systemd-conf: + +``systemd`` Configuration is Now Split Into ``systemd-conf`` +------------------------------------------------------------ + +The configuration for the ``systemd`` recipe has been moved into a +``systemd-conf`` recipe. Moving this configuration to a separate recipe +avoids the ``systemd`` recipe from becoming machine-specific for cases +where machine-specific configurations need to be applied (e.g. for +``qemu*`` machines). + +Currently, the new recipe packages the following files:: + + ${sysconfdir}/machine-id + ${sysconfdir}/systemd/coredump.conf + ${sysconfdir}/systemd/journald.conf + ${sysconfdir}/systemd/logind.conf + ${sysconfdir}/systemd/system.conf + ${sysconfdir}/systemd/user.conf + +If you previously used bbappend files to append the ``systemd`` recipe to +change any of the listed files, you must do so for the ``systemd-conf`` +recipe instead. + +.. _migration-2.6-automatic-testing-changes: + +Automatic Testing Changes +------------------------- + +This section provides information about automatic testing changes: + +- ``TEST_IMAGE`` Variable Removed: Prior to this release, you set the + ``TEST_IMAGE`` variable to "1" to enable automatic testing for + successfully built images. The ``TEST_IMAGE`` variable no longer + exists and has been replaced by the + :term:`TESTIMAGE_AUTO` variable. + +- Inheriting the :ref:`ref-classes-testimage` and :ref:`ref-classes-testsdk` + classes: best practices now dictate that you use the :term:`IMAGE_CLASSES` + variable rather than the :term:`INHERIT` variable when you inherit the + :ref:`ref-classes-testimage` and :ref:`ref-classes-testsdk` classes used + for automatic testing. + +.. _migration-2.6-openssl-changes: + +OpenSSL Changes +--------------- + +`OpenSSL <https://www.openssl.org/>`__ has been upgraded from 1.0 to +1.1. By default, this upgrade could cause problems for recipes that have +both versions in their dependency chains. The problem is that both +versions cannot be installed together at build time. + +.. note:: + + It is possible to have both versions of the library at runtime. + +.. _migration-2.6-bitbake-changes: + +BitBake Changes +--------------- + +The server logfile ``bitbake-cookerdaemon.log`` is now always placed in +the :term:`Build Directory` instead of the current directory. + +.. _migration-2.6-security-changes: + +Security Changes +---------------- + +The Poky distribution now uses security compiler flags by default. +Inclusion of these flags could cause new failures due to stricter +checking for various potential security issues in code. + +.. _migration-2.6-post-installation-changes: + +Post Installation Changes +------------------------- + +You must explicitly mark post installs to defer to the target. If you +want to explicitly defer a postinstall to first boot on the target +rather than at root filesystem creation time, use ``pkg_postinst_ontarget()`` or +call ``postinst_intercept delay_to_first_boot`` from ``pkg_postinst()``. +Any failure of a ``pkg_postinst()`` script (including exit 1) triggers +an error during the :ref:`ref-tasks-rootfs` task. + +For more information on post-installation behavior, see the +":ref:`dev-manual/new-recipe:post-installation scripts`" +section in the Yocto Project Development Tasks Manual. + +.. _migration-2.6-python-3-profile-guided-optimizations: + +Python 3 Profile-Guided Optimization +------------------------------------ + +The ``python3`` recipe now enables profile-guided optimization. Using +this optimization requires a little extra build time in exchange for +improved performance on the target at runtime. Additionally, the +optimization is only enabled if the current +:term:`MACHINE` has support for user-mode emulation in +QEMU (i.e. "qemu-usermode" is in +:term:`MACHINE_FEATURES`, which it is by +default). + +If you wish to disable Python profile-guided optimization regardless of +the value of :term:`MACHINE_FEATURES`, then ensure that +:term:`PACKAGECONFIG` for the ``python3`` recipe +does not contain "pgo". You could accomplish the latter using the +following at the configuration level:: + + PACKAGECONFIG_remove_pn-python3 = "pgo" + +Alternatively, you can set :term:`PACKAGECONFIG` using an append file +for the ``python3`` recipe. + +.. _migration-2.6-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous changes occurred: + +- Default to using the Thumb-2 instruction set for armv7a and above. If + you have any custom recipes that build software that needs to be + built with the ARM instruction set, change the recipe to set the + instruction set as follows:: + + ARM_INSTRUCTION_SET = "arm" + +- ``run-postinsts`` no longer uses ``/etc/*-postinsts`` for + ``dpkg/opkg`` in favor of built-in postinst support. RPM behavior + remains unchanged. + +- The ``NOISO`` and ``NOHDD`` variables are no longer used. You now + control building ``*.iso`` and ``*.hddimg`` image types directly by + using the :term:`IMAGE_FSTYPES` variable. + +- The ``scripts/contrib/mkefidisk.sh`` has been removed in favor of + Wic. + +- ``kernel-modules`` has been removed from + :term:`RRECOMMENDS` for ``qemumips`` and + ``qemumips64`` machines. Removal also impacts the ``x86-base.inc`` + file. + + .. note:: + + ``genericx86`` and ``genericx86-64`` retain ``kernel-modules`` as part of + the :term:`RRECOMMENDS` variable setting. + +- The ``LGPLv2_WHITELIST_GPL-3.0`` variable has been removed. If you + are setting this variable in your configuration, set or append it to + the ``WHITELIST_GPL-3.0`` variable instead. + +- ``${ASNEEDED}`` is now included in the + :term:`TARGET_LDFLAGS` variable directly. The + remaining definitions from ``meta/conf/distro/include/as-needed.inc`` + have been moved to corresponding recipes. + +- Support for DSA host keys has been dropped from the OpenSSH recipes. + If you are still using DSA keys, you must switch over to a more + secure algorithm as recommended by OpenSSH upstream. + +- The ``dhcp`` recipe now uses the ``dhcpd6.conf`` configuration file + in ``dhcpd6.service`` for IPv6 DHCP rather than re-using + ``dhcpd.conf``, which is now reserved for IPv4. + + diff --git a/documentation/migration-guides/migration-2.7.rst b/documentation/migration-guides/migration-2.7.rst new file mode 100644 index 0000000000..c49d2f05d2 --- /dev/null +++ b/documentation/migration-guides/migration-2.7.rst @@ -0,0 +1,181 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 2.7 (warrior) +===================== + +This section provides migration information for moving to the Yocto +Project 2.7 Release (codename "warrior") from the prior release. + +.. _migration-2.7-bitbake-changes: + +BitBake Changes +--------------- + +The following changes have been made to BitBake: + +- BitBake now checks anonymous Python functions and pure Python + functions (e.g. ``def funcname:``) in the metadata for tab + indentation. If found, BitBake produces a warning. + +- BitBake now checks + :term:`BBFILE_COLLECTIONS` for duplicate + entries and triggers an error if any are found. + +.. _migration-2.7-eclipse-support-dropped: + +Eclipse Support Removed +----------------------- + +Support for the Eclipse IDE has been removed. Support continues for +those releases prior to 2.7 that did include support. The 2.7 release +does not include the Eclipse Yocto plugin. + +.. _migration-2.7-qemu-native-splits-system-and-user-mode-parts: + +``qemu-native`` Splits the System and User-Mode Parts +----------------------------------------------------- + +The system and user-mode parts of ``qemu-native`` are now split. +``qemu-native`` provides the user-mode components and +``qemu-system-native`` provides the system components. If you have +recipes that depend on QEMU's system emulation functionality at build +time, they should now depend upon ``qemu-system-native`` instead of +``qemu-native``. + +.. _migration-2.7-upstream-tracking.inc-removed: + +The ``upstream-tracking.inc`` File Has Been Removed +--------------------------------------------------- + +The previously deprecated ``upstream-tracking.inc`` file is now removed. +Any ``UPSTREAM_TRACKING*`` variables are now set in the corresponding +recipes instead. + +Remove any references you have to the ``upstream-tracking.inc`` file in +your configuration. + +.. _migration-2.7-distro-features-libc-removed: + +The ``DISTRO_FEATURES_LIBC`` Variable Has Been Removed +------------------------------------------------------ + +The ``DISTRO_FEATURES_LIBC`` variable is no longer used. The ability to +configure glibc using kconfig has been removed for quite some time +making the ``libc-*`` features set no longer effective. + +Remove any references you have to ``DISTRO_FEATURES_LIBC`` in your own +layers. + +.. _migration-2.7-license-values: + +License Value Corrections +------------------------- + +The following corrections have been made to the +:term:`LICENSE` values set by recipes: + +- *socat*: Corrected :term:`LICENSE` to be "GPLv2" rather than "GPLv2+". +- *libgfortran*: Set license to "GPL-3.0-with-GCC-exception". +- *elfutils*: Removed "Elfutils-Exception" and set to "GPLv2" for shared libraries + +.. _migration-2.7-packaging-changes: + +Packaging Changes +----------------- + +This section provides information about packaging changes. + +- ``bind``: The ``nsupdate`` binary has been moved to the + ``bind-utils`` package. + +- Debug split: The default debug split has been changed to create + separate source packages (i.e. ``package_name-dbg`` and + ``package_name-src``). If you are currently using ``dbg-pkgs`` in + :term:`IMAGE_FEATURES` to bring in debug + symbols and you still need the sources, you must now also add + ``src-pkgs`` to :term:`IMAGE_FEATURES`. Source packages remain in the + target portion of the SDK by default, unless you have set your own + value for :term:`SDKIMAGE_FEATURES` that + does not include ``src-pkgs``. + +- Mount all using ``util-linux``: ``/etc/default/mountall`` has moved + into the -mount sub-package. + +- Splitting binaries using ``util-linux``: ``util-linux`` now splits + each binary into its own package for fine-grained control. The main + ``util-linux`` package pulls in the individual binary packages using + the :term:`RRECOMMENDS` and + :term:`RDEPENDS` variables. As a result, existing + images should not see any changes assuming + :term:`NO_RECOMMENDATIONS` is not set. + +- ``netbase/base-files``: ``/etc/hosts`` has moved from ``netbase`` to + ``base-files``. + +- ``tzdata``: The main package has been converted to an empty meta + package that pulls in all ``tzdata`` packages by default. + +- ``lrzsz``: This package has been removed from + ``packagegroup-self-hosted`` and + ``packagegroup-core-tools-testapps``. The X/Y/ZModem support is less + likely to be needed on modern systems. If you are relying on these + packagegroups to include the ``lrzsz`` package in your image, you now + need to explicitly add the package. + +.. _migration-2.7-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed: + +- *gcc*: Drop version 7.3 recipes. Version 8.3 now remains. +- *linux-yocto*: Drop versions 4.14 and 4.18 recipes. Versions 4.19 and 5.0 remain. +- *go*: Drop version 1.9 recipes. Versions 1.11 and 1.12 remain. +- *xvideo-tests*: Became obsolete. +- *libart-lgpl*: Became obsolete. +- *gtk-icon-utils-native*: These tools are now provided by gtk+3-native +- *gcc-cross-initial*: No longer needed. gcc-cross/gcc-crosssdk is now used instead. +- *gcc-crosssdk-initial*: No longer needed. gcc-cross/gcc-crosssdk is now used instead. +- *glibc-initial*: Removed because the benefits of having it for site_config are currently outweighed by the cost of building the recipe. + +.. _migration-2.7-removed-classes: + +Removed Classes +--------------- + +The following classes have been removed: + +- *distutils-tools*: This class was never used. +- *bugzilla.bbclass*: Became obsolete. +- *distrodata*: This functionally has been replaced by a more modern tinfoil-based implementation. + +.. _migration-2.7-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous changes occurred: + +- The ``distro`` subdirectory of the Poky repository has been removed + from the top-level ``scripts`` directory. + +- Perl now builds for the target using + `perl-cross <https://arsv.github.io/perl-cross/>`_ for better + maintainability and improved build performance. This change should + not present any problems unless you have heavily customized your Perl + recipe. + +- ``arm-tunes``: Removed the "-march" option if mcpu is already added. + +- ``update-alternatives``: Convert file renames to + :term:`PACKAGE_PREPROCESS_FUNCS` + +- ``base/pixbufcache``: Obsolete ``sstatecompletions`` code has been + removed. + +- :ref:`ref-classes-native` class: :term:`RDEPENDS` handling has been enabled. + +- ``inetutils``: This recipe has rsh disabled. + + diff --git a/documentation/migration-guides/migration-3.0.rst b/documentation/migration-guides/migration-3.0.rst new file mode 100644 index 0000000000..67fcac41f7 --- /dev/null +++ b/documentation/migration-guides/migration-3.0.rst @@ -0,0 +1,323 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 3.0 (zeus) +================== + +This section provides migration information for moving to the Yocto +Project 3.0 Release (codename "zeus") from the prior release. + +.. _migration-3.0-init-system-selection: + +Init System Selection +--------------------- + +Changing the init system manager previously required setting a number of +different variables. You can now change the manager by setting the +``INIT_MANAGER`` variable and the corresponding include files (i.e. +``conf/distro/include/init-manager-*.conf``). Include files are provided +for four values: "none", "sysvinit", "systemd", and "mdev-busybox". The +default value, "none", for ``INIT_MANAGER`` should allow your current +settings to continue working. However, it is advisable to explicitly set +``INIT_MANAGER``. + +.. _migration-3.0-lsb-support-removed: + +LSB Support Removed +------------------- + +Linux Standard Base (LSB) as a standard is not current, and is not well +suited for embedded applications. Support can be continued in a separate +layer if needed. However, presently LSB support has been removed from +the core. + +As a result of this change, the ``poky-lsb`` derivative distribution +configuration that was also used for testing alternative configurations +has been replaced with a ``poky-altcfg`` distribution that has LSB parts +removed. + +.. _migration-3.0-removed-recipes: + +Removed Recipes +--------------- + +The following recipes have been removed. + +- ``core-image-lsb-dev``: Part of removed LSB support. + +- ``core-image-lsb``: Part of removed LSB support. + +- ``core-image-lsb-sdk``: Part of removed LSB support. + +- ``cve-check-tool``: Functionally replaced by the ``cve-update-db`` + recipe and :ref:`ref-classes-cve-check` class. + +- ``eglinfo``: No longer maintained. ``eglinfo`` from ``mesa-demos`` is + an adequate and maintained alternative. + +- ``gcc-8.3``: Version 8.3 removed. Replaced by 9.2. + +- ``gnome-themes-standard``: Only needed by gtk+ 2.x, which has been + removed. + +- ``gtk+``: GTK+ 2 is obsolete and has been replaced by gtk+3. + +- ``irda-utils``: Has become obsolete. IrDA support has been removed + from the Linux kernel in version 4.17 and later. + +- ``libnewt-python``: ``libnewt`` Python support merged into main + ``libnewt`` recipe. + +- ``libsdl``: Replaced by newer ``libsdl2``. + +- ``libx11-diet``: Became obsolete. + +- ``libxx86dga``: Removed obsolete client library. + +- ``libxx86misc``: Removed. Library is redundant. + +- ``linux-yocto``: Version 5.0 removed, which is now redundant (5.2 / + 4.19 present). + +- ``lsbinitscripts``: Part of removed LSB support. + +- ``lsb``: Part of removed LSB support. + +- ``lsbtest``: Part of removed LSB support. + +- ``openssl10``: Replaced by newer ``openssl`` version 1.1. + +- ``packagegroup-core-lsb``: Part of removed LSB support. + +- ``python-nose``: Removed the Python 2.x version of the recipe. + +- ``python-numpy``: Removed the Python 2.x version of the recipe. + +- ``python-scons``: Removed the Python 2.x version of the recipe. + +- ``source-highlight``: No longer needed. + +- ``stress``: Replaced by ``stress-ng``. + +- ``vulkan``: Split into ``vulkan-loader``, ``vulkan-headers``, and + ``vulkan-tools``. + +- ``weston-conf``: Functionality moved to ``weston-init``. + +.. _migration-3.0-packaging-changes: + +Packaging Changes +----------------- + +The following packaging changes have occurred. + +- The :wikipedia:`Epiphany <GNOME_Web>` browser + has been dropped from ``packagegroup-self-hosted`` as it has not been + needed inside ``build-appliance-image`` for quite some time and was + causing resource problems. + +- ``libcap-ng`` Python support has been moved to a separate + ``libcap-ng-python`` recipe to streamline the build process when the + Python bindings are not needed. + +- ``libdrm`` now packages the file ``amdgpu.ids`` into a separate + ``libdrm-amdgpu`` package. + +- ``python3``: The ``runpy`` module is now in the ``python3-core`` + package as it is required to support the common "python3 -m" command + usage. + +- ``distcc`` now provides separate ``distcc-client`` and + ``distcc-server`` packages as typically one or the other are needed, + rather than both. + +- ``python*-setuptools`` recipes now separately package the + ``pkg_resources`` module in a ``python-pkg-resources`` / + ``python3-pkg-resources`` package as the module is useful independent + of the rest of the setuptools package. The main ``python-setuptools`` + / ``python3-setuptools`` package depends on this new package so you + should only need to update dependencies unless you want to take + advantage of the increased granularity. + +.. _migration-3.0-cve-checking: + +CVE Checking +------------ + +``cve-check-tool`` has been functionally replaced by a new +``cve-update-db`` recipe and functionality built into the :ref:`ref-classes-cve-check` +class. The result uses NVD JSON data feeds rather than the deprecated +XML feeds that ``cve-check-tool`` was using, supports CVSSv3 scoring, +and makes other improvements. + +Additionally, the ``CVE_CHECK_CVE_WHITELIST`` variable has been replaced +by ``CVE_CHECK_WHITELIST`` (replaced by :term:`CVE_CHECK_IGNORE` in version 4.0). + +.. _migration-3.0-bitbake-changes: + +BitBake Changes +--------------- + +The following BitBake changes have occurred. + +- ``addtask`` statements now properly validate dependent tasks. + Previously, an invalid task was silently ignored. With this change, + the invalid task generates a warning. + +- Other invalid ``addtask`` and ``deltask`` usages now trigger these + warnings: "multiple target tasks arguments with addtask / deltask", + and "multiple before/after clauses". + +- The "multiconfig" prefix is now shortened to "mc". "multiconfig" will + continue to work, however it may be removed in a future release. + +- The ``bitbake -g`` command no longer generates a + ``recipe-depends.dot`` file as the contents (i.e. a reprocessed + version of ``task-depends.dot``) were confusing. + +- The ``bb.build.FuncFailed`` exception, previously raised by + ``bb.build.exec_func()`` when certain other exceptions have occurred, + has been removed. The real underlying exceptions will be raised + instead. If you have calls to ``bb.build.exec_func()`` in custom + classes or ``tinfoil-using`` scripts, any references to + ``bb.build.FuncFailed`` should be cleaned up. + +- Additionally, the ``bb.build.exec_func()`` no longer accepts the + "pythonexception" parameter. The function now always raises + exceptions. Remove this argument in any calls to + ``bb.build.exec_func()`` in custom classes or scripts. + +- The ``BB_SETSCENE_VERIFY_FUNCTION2`` variable is no longer used. In + the unlikely event that you have any references to it, they should be + removed. + +- The ``RunQueueExecuteScenequeue`` and ``RunQueueExecuteTasks`` events + have been removed since setscene tasks are now executed as part of + the normal runqueue. Any event handling code in custom classes or + scripts that handles these two events need to be updated. + +- The arguments passed to functions used with + :term:`BB_HASHCHECK_FUNCTION` + have changed. If you are using your own custom hash check function, + see :yocto_git:`/poky/commit/?id=40a5e193c4ba45c928fccd899415ea56b5417725` + for details. + +- Task specifications in ``BB_TASKDEPDATA`` and class implementations + used in signature generator classes now use "<fn>:<task>" everywhere + rather than the "." delimiter that was being used in some places. + This change makes it consistent with all areas in the code. Custom + signature generator classes and code that reads ``BB_TASKDEPDATA`` + need to be updated to use ':' as a separator rather than '.'. + +.. _migration-3.0-sanity-checks: + +Sanity Checks +------------- + +The following sanity check changes occurred. + +- :term:`SRC_URI` is now checked for usage of two + problematic items: + + - "${PN}" prefix/suffix use --- warnings always appear if ${PN} is + used. You must fix the issue regardless of whether multiconfig or + anything else that would cause prefixing/suffixing to happen. + + - Github archive tarballs --- these are not guaranteed to be stable. + Consequently, it is likely that the tarballs will be refreshed and + thus the :term:`SRC_URI` checksums will fail to apply. It is recommended + that you fetch either an official release tarball or a specific + revision from the actual Git repository instead. + + Either one of these items now trigger a warning by default. If you + wish to disable this check, remove ``src-uri-bad`` from + :term:`WARN_QA`. + +- The ``file-rdeps`` runtime dependency check no longer expands + :term:`RDEPENDS` recursively as there is no mechanism + to ensure they can be fully computed, and thus races sometimes result + in errors either showing up or not. Thus, you might now see errors + for missing runtime dependencies that were previously satisfied + recursively. Here is an example: package A contains a shell script + starting with ``#!/bin/bash`` but has no dependency on bash. However, + package A depends on package B, which does depend on bash. You need + to add the missing dependency or dependencies to resolve the warning. + +- Setting ``DEPENDS_${PN}`` anywhere (i.e. typically in a recipe) now + triggers an error. The error is triggered because + :term:`DEPENDS` is not a package-specific variable + unlike RDEPENDS. You should set :term:`DEPENDS` instead. + +- systemd currently does not work well with the musl C library because + only upstream officially supports linking the library with glibc. + Thus, a warning is shown when building systemd in conjunction with + musl. + +.. _migration-3.0-miscellaneous-changes: + +Miscellaneous Changes +--------------------- + +The following miscellaneous changes have occurred. + +- The ``gnome`` class has been removed because it now does very little. + You should update recipes that previously inherited this class to do + the following:: + + inherit gnomebase gtk-icon-cache gconf mime + +- The ``meta/recipes-kernel/linux/linux-dtb.inc`` file has been + removed. This file was previously deprecated in favor of setting + :term:`KERNEL_DEVICETREE` in any kernel + recipe and only produced a warning. Remove any ``include`` or + ``require`` statements pointing to this file. + +- :term:`TARGET_CFLAGS`, + :term:`TARGET_CPPFLAGS`, + :term:`TARGET_CXXFLAGS`, and + :term:`TARGET_LDFLAGS` are no longer exported + to the external environment. This change did not require any changes + to core recipes, which is a good indicator that no changes will be + required. However, if for some reason the software being built by one + of your recipes is expecting these variables to be set, then building + the recipe will fail. In such cases, you must either export the + variable or variables in the recipe or change the scripts so that + exporting is not necessary. + +- You must change the host distro identifier used in + :term:`NATIVELSBSTRING` to use all lowercase + characters even if it does not contain a version number. This change + is necessary only if you are not using + :ref:`ref-classes-uninative` and :term:`SANITY_TESTED_DISTROS`. + +- In the ``base-files`` recipe, writing the hostname into + ``/etc/hosts`` and ``/etc/hostname`` is now done within the main + :ref:`ref-tasks-install` function rather than in the + ``do_install_basefilesissue`` function. The reason for the change is + because ``do_install_basefilesissue`` is more easily overridden + without having to duplicate the hostname functionality. If you have + done the latter (e.g. in a ``base-files`` bbappend), then you should + remove it from your customized ``do_install_basefilesissue`` + function. + +- The ``wic --expand`` command now uses commas to separate "key:value" + pairs rather than hyphens. + + .. note:: + + The wic command-line help is not updated. + + You must update any scripts or commands where you use + ``wic --expand`` with multiple "key:value" pairs. + +- UEFI image variable settings have been moved from various places to a + central ``conf/image-uefi.conf``. This change should not influence + any existing configuration as the ``meta/conf/image-uefi.conf`` in + the core metadata sets defaults that can be overridden in the same + manner as before. + +- ``conf/distro/include/world-broken.inc`` has been removed. For cases + where certain recipes need to be disabled when using the musl C + library, these recipes now have ``COMPATIBLE_HOST_libc-musl`` set + with a comment that explains why. + + diff --git a/documentation/migration-guides/migration-3.1.rst b/documentation/migration-guides/migration-3.1.rst new file mode 100644 index 0000000000..fdb959c4af --- /dev/null +++ b/documentation/migration-guides/migration-3.1.rst @@ -0,0 +1,277 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 3.1 (dunfell) +===================== + +This section provides migration information for moving to the Yocto +Project 3.1 Release (codename "dunfell") from the prior release. + +.. _migration-3.1-minimum-system-requirements: + +Minimum system requirements +--------------------------- + +The following versions / requirements of build host components have been +updated: + +- gcc 5.0 + +- python 3.5 + +- tar 1.28 + +- ``rpcgen`` is now required on the host (part of the ``libc-dev-bin`` + package on Ubuntu, Debian and related distributions, and the + ``glibc`` package on RPM-based distributions). + +Additionally, the ``makeinfo`` and ``pod2man`` tools are *no longer* +required on the host. + +.. _migration-3.1-mpc8315e-rdb-removed: + +mpc8315e-rdb machine removed +---------------------------- + +The MPC8315E-RDB machine is old/obsolete and unobtainable, thus given +the maintenance burden the ``mpc8315e-rdb`` machine configuration that +supported it has been removed in this release. The removal does leave a +gap in official PowerPC reference hardware support; this may change in +future if a suitable machine with accompanying support resources is +found. + +.. _migration-3.1-python-2-removed: + +Python 2 removed +---------------- + +Due to the expiration of upstream support in January 2020, support for +Python 2 has now been removed; it is recommended that you use Python 3 +instead. If absolutely needed there is a meta-python2 community layer +containing Python 2, related classes and various Python 2-based modules, +however it should not be considered as supported. + +.. _migration-3.1-reproducible-builds: + +Reproducible builds now enabled by default +------------------------------------------ + +In order to avoid unnecessary differences in output files (aiding binary +reproducibility), the Poky distribution configuration +(``DISTRO = "poky"``) now inherits the ``reproducible_build`` class by +default. + +.. _migration-3.1-ptest-feature-impact: + +Impact of ptest feature is now more significant +----------------------------------------------- + +The Poky distribution configuration (``DISTRO = "poky"``) enables ptests +by default to enable runtime testing of various components. In this +release, a dependency needed to be added that has resulted in a +significant increase in the number of components that will be built just +when building a simple image such as core-image-minimal. If you do not +need runtime tests enabled for core components, then it is recommended +that you remove "ptest" from +:term:`DISTRO_FEATURES` to save a significant +amount of build time e.g. by adding the following in your configuration:: + + DISTRO_FEATURES_remove = "ptest" + +.. _migration-3.1-removed-recipes: + +Removed recipes +--------------- + +The following recipes have been removed: + +- ``chkconfig``: obsolete + +- ``console-tools``: obsolete + +- ``enchant``: replaced by ``enchant2`` + +- ``foomatic-filters``: obsolete + +- ``libidn``: no longer needed, moved to meta-oe + +- ``libmodulemd``: replaced by ``libmodulemd-v1`` + +- ``linux-yocto``: drop 4.19, 5.2 version recipes (5.4 now provided) + +- ``nspr``: no longer needed, moved to meta-oe + +- ``nss``: no longer needed, moved to meta-oe + +- ``python``: Python 2 removed (Python 3 preferred) + +- ``python-setuptools``: Python 2 version removed (python3-setuptools + preferred) + +- ``sysprof``: no longer needed, moved to meta-oe + +- ``texi2html``: obsolete + +- ``u-boot-fw-utils``: functionally replaced by ``libubootenv`` + +.. _migration-3.1-features-check: + +features_check class replaces distro_features_check +--------------------------------------------------- + +The ``distro_features_check`` class has had its functionality expanded, +now supporting ``ANY_OF_MACHINE_FEATURES``, +``REQUIRED_MACHINE_FEATURES``, ``CONFLICT_MACHINE_FEATURES``, +``ANY_OF_COMBINED_FEATURES``, ``REQUIRED_COMBINED_FEATURES``, +``CONFLICT_COMBINED_FEATURES``. As a result the class has now been +renamed to ``features_check``; the ``distro_features_check`` class still +exists but generates a warning and redirects to the new class. In +preparation for a future removal of the old class it is recommended that +you update recipes currently inheriting ``distro_features_check`` to +inherit :ref:`ref-classes-features_check` instead. + +.. _migration-3.1-removed-classes: + +Removed classes +--------------- + +The following classes have been removed: + +- ``distutils-base``: moved to meta-python2 + +- ``distutils``: moved to meta-python2 + +- ``libc-common``: merged into the glibc recipe as nothing else used + it. + +- ``python-dir``: moved to meta-python2 + +- ``pythonnative``: moved to meta-python2 + +- ``setuptools``: moved to meta-python2 + +- ``tinderclient``: dropped as it was obsolete. + +.. _migration-3.1-src-uri-checksums: + +SRC_URI checksum behaviour +-------------------------- + +Previously, recipes by tradition included both SHA256 and MD5 checksums +for remotely fetched files in :term:`SRC_URI`, even +though only one is actually mandated. However, the MD5 checksum does not +add much given its inherent weakness; thus when a checksum fails only +the SHA256 sum will now be printed. The md5sum will still be verified if +it is specified. + +.. _migration-3.1-npm: + +npm fetcher changes +------------------- + +The npm fetcher has been completely reworked in this release. The npm +fetcher now only fetches the package source itself and no longer the +dependencies; there is now also an npmsw fetcher which explicitly +fetches the shrinkwrap file and the dependencies. This removes the +slightly awkward ``NPM_LOCKDOWN`` and ``NPM_SHRINKWRAP`` variables which +pointed to local files; the lockdown file is no longer needed at all. +Additionally, the package name in ``npm://`` entries in +:term:`SRC_URI` is now specified using a ``package`` +parameter instead of the earlier ``name`` which overlapped with the +generic ``name`` parameter. All recipes using the npm fetcher will need +to be changed as a result. + +An example of the new scheme:: + + SRC_URI = "npm://registry.npmjs.org;package=array-flatten;version=1.1.1 \ + npmsw://${THISDIR}/npm-shrinkwrap.json" + +Another example where the sources are fetched from git rather than an npm repository:: + + SRC_URI = "git://github.com/foo/bar.git;protocol=https \ + npmsw://${THISDIR}/npm-shrinkwrap.json" + +devtool and recipetool have also been updated to match with the npm +fetcher changes. Other than producing working and more complete recipes +for npm sources, there is also a minor change to the command line for +devtool: the ``--fetch-dev`` option has been renamed to ``--npm-dev`` as +it is npm-specific. + +.. _migration-3.1-packaging-changes: + +Packaging changes +----------------- + +- ``intltool`` has been removed from ``packagegroup-core-sdk`` as it is + rarely needed to build modern software --- gettext can do most of the + things it used to be needed for. ``intltool`` has also been removed + from ``packagegroup-core-self-hosted`` as it is not needed to for + standard builds. + +- git: ``git-am``, ``git-difftool``, ``git-submodule``, and + ``git-request-pull`` are no longer perl-based, so are now installed + with the main ``git`` package instead of within ``git-perltools``. + +- The ``ldconfig`` binary built as part of glibc has now been moved to + its own ``ldconfig`` package (note no ``glibc-`` prefix). This + package is in the :term:`RRECOMMENDS` of the main + ``glibc`` package if ``ldconfig`` is present in + :term:`DISTRO_FEATURES`. + +- ``libevent`` now splits each shared library into its own package (as + Debian does). Since these are shared libraries and will be pulled in + through the normal shared library dependency handling, there should + be no impact to existing configurations other than less unnecessary + libraries being installed in some cases. + +- linux-firmware now has a new package for ``bcm4366c`` and includes + available NVRAM config files into the ``bcm43340``, ``bcm43362``, + ``bcm43430`` and ``bcm4356-pcie`` packages. + +- ``harfbuzz`` now splits the new ``libharfbuzz-subset.so`` library + into its own package to reduce the main package size in cases where + ``libharfbuzz-subset.so`` is not needed. + +.. _migration-3.1-package-qa-warnings: + +Additional warnings +------------------- + +Warnings will now be shown at :ref:`ref-tasks-package_qa` time in the following +circumstances: + +- A recipe installs ``.desktop`` files containing ``MimeType`` keys but + does not inherit the new :ref:`ref-classes-mime-xdg` class + +- A recipe installs ``.xml`` files into ``${datadir}/mime/packages`` + but does not inherit the :ref:`ref-classes-mime` class + +.. _migration-3.1-x86-live-wic: + +``wic`` image type now used instead of ``live`` by default for x86 +------------------------------------------------------------------ + +``conf/machine/include/x86-base.inc`` (inherited by most x86 machine +configurations) now specifies ``wic`` instead of ``live`` by default in +:term:`IMAGE_FSTYPES`. The ``live`` image type will +likely be removed in a future release so it is recommended that you use +``wic`` instead. + +.. _migration-3.1-misc: + +Miscellaneous changes +--------------------- + +- The undocumented ``SRC_DISTRIBUTE_LICENSES`` variable has now been + removed in favour of a new ``AVAILABLE_LICENSES`` variable which is + dynamically set based upon license files found in + ``${COMMON_LICENSE_DIR}`` and ``${LICENSE_PATH}``. + +- The tune definition for big-endian microblaze machines is now + ``microblaze`` instead of ``microblazeeb``. + +- ``newlib`` no longer has built-in syscalls. ``libgloss`` should then + provide the syscalls, ``crt0.o`` and other functions that are no + longer part of ``newlib`` itself. If you are using + ``TCLIBC = "newlib"`` this now means that you must link applications + with both ``newlib`` and ``libgloss``, whereas before ``newlib`` + would run in many configurations by itself. diff --git a/documentation/migration-guides/migration-3.2.rst b/documentation/migration-guides/migration-3.2.rst new file mode 100644 index 0000000000..c538df04d2 --- /dev/null +++ b/documentation/migration-guides/migration-3.2.rst @@ -0,0 +1,340 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 3.2 (gatesgarth) +======================== + +This section provides migration information for moving to the Yocto +Project 3.2 Release (codename "gatesgarth") from the prior release. + +.. _migration-3.2-minimum-system-requirements: + +Minimum system requirements +--------------------------- + +``gcc`` version 6.0 is now required at minimum on the build host. For older +host distributions where this is not available, you can use the +:term:`buildtools-extended` tarball (easily installable using +``scripts/install-buildtools``). + + +.. _migration-3.2-removed-recipes: + +Removed recipes +--------------- + +The following recipes have been removed: + +- ``bjam-native``: replaced by ``boost-build-native`` +- ``avahi-ui``: folded into the main ``avahi`` recipe --- the GTK UI can be disabled using :term:`PACKAGECONFIG` for ``avahi``. +- ``build-compare``: no longer needed with the removal of the ``packagefeed-stability`` class +- ``dhcp``: obsolete, functionally replaced by ``dhcpcd`` and ``kea`` +- ``libmodulemd-v1``: replaced by ``libmodulemd`` +- ``packagegroup-core-device-devel``: obsolete + + +.. _migration-3.2-removed-classes: + +Removed classes +--------------- + +The following classes (.bbclass files) have been removed: + +- ``spdx``: obsolete --- the Yocto Project is a strong supporter of SPDX, but this class was old code using a dated approach and had the potential to be misleading. The ``meta-sdpxscanner`` layer is a much more modern and active approach to handling this and is recommended as a replacement. + +- ``packagefeed-stability``: this class had become obsolete with the advent of hash equivalence and reproducible builds. + + +pseudo path filtering and mismatch behaviour +-------------------------------------------- + +pseudo now operates on a filtered subset of files. This is a significant change +to the way pseudo operates within OpenEmbedded --- by default, pseudo monitors and +logs (adds to its database) any file created or modified whilst in a ``fakeroot`` +environment. However, there are large numbers of files that we simply don't care +about the permissions of whilst in that ``fakeroot`` context, for example ${:term:`S`}, ${:term:`B`}, ${:term:`T`}, +${:term:`SSTATE_DIR`}, the central sstate control directories, and others. + +As of this release, new functionality in pseudo is enabled to ignore these +directory trees (controlled using a new :term:`PSEUDO_IGNORE_PATHS` variable) +resulting in a cleaner database with less chance of "stray" mismatches if files +are modified outside pseudo context. It also should reduce some overhead from +pseudo as the interprocess round trip to the server is avoided. + +There is a possible complication where some existing recipe may break, for +example, a recipe was found to be writing to ``${B}/install`` for +``make install`` in :ref:`ref-tasks-install` and since ``${B}`` is listed as not to be tracked, +there were errors trying to ``chown root`` for files in this location. Another +example was the ``tcl`` recipe where the source directory :term:`S` is set to a +subdirectory of the source tree but files were written out to the directory +structure above that subdirectory. For these types of cases in your own recipes, +extend :term:`PSEUDO_IGNORE_PATHS` to cover additional paths that pseudo should not +be monitoring. + +In addition, pseudo's behaviour on mismatches has now been changed --- rather +than doing what turns out to be a rather dangerous "fixup" if it sees a file +with a different path but the same inode as another file it has previously seen, +pseudo will throw an ``abort()`` and direct you to a :yocto_wiki:`wiki page </Pseudo_Abort>` +that explains how to deal with this. + + +.. _migration-3.2-multilib-mlprefix: + +``MLPREFIX`` now required for multilib when runtime dependencies conditionally added +------------------------------------------------------------------------------------ + +In order to solve some previously intractable problems with runtime +dependencies and multilib, a change was made that now requires the :term:`MLPREFIX` +value to be explicitly prepended to package names being added as +dependencies (e.g. in :term:`RDEPENDS` and :term:`RRECOMMENDS` values) +where the dependency is conditionally added. + +If you have anonymous Python or in-line Python conditionally adding +dependencies in your custom recipes, and you intend for those recipes to +work with multilib, then you will need to ensure that ``${MLPREFIX}`` +is prefixed on the package names in the dependencies, for example +(from the ``glibc`` recipe):: + + RRECOMMENDS_${PN} = "${@bb.utils.contains('DISTRO_FEATURES', 'ldconfig', '${MLPREFIX}ldconfig', '', d)}" + +This also applies when conditionally adding packages to :term:`PACKAGES` where +those packages have dependencies, for example (from the ``alsa-plugins`` recipe):: + + PACKAGES += "${@bb.utils.contains('PACKAGECONFIG', 'pulseaudio', 'alsa-plugins-pulseaudio-conf', '', d)}" + ... + RDEPENDS_${PN}-pulseaudio-conf += "\ + ${MLPREFIX}libasound-module-conf-pulse \ + ${MLPREFIX}libasound-module-ctl-pulse \ + ${MLPREFIX}libasound-module-pcm-pulse \ + " + + +.. _migration-3.2-packagegroup-core-device-devel: + +packagegroup-core-device-devel no longer included in images built for qemu* machines +------------------------------------------------------------------------------------ + +``packagegroup-core-device-devel`` was previously added automatically to +images built for ``qemu*`` machines, however the purpose of the group and what +it should contain is no longer clear, and in general, adding userspace +development items to images is best done at the image/class level; thus this +packagegroup was removed. + +This packagegroup previously pulled in the following: + +- ``distcc-config`` +- ``nfs-export-root`` +- ``bash`` +- ``binutils-symlinks`` + +If you still need any of these in your image built for a ``qemu*`` machine +then you will add them explicitly to :term:`IMAGE_INSTALL` or another +appropriate place in the dependency chain for your image (if you have not +already done so). + + +.. _migration-3.2-dhcp: + +DHCP server/client replaced +--------------------------- + +The ``dhcp`` software package has become unmaintained and thus has been +functionally replaced by ``dhcpcd`` (client) and ``kea`` (server). You will +need to replace references to the recipe/package names as appropriate --- most +commonly, at the package level ``dhcp-client`` should be replaced by +``dhcpcd`` and ``dhcp-server`` should be replaced by ``kea``. If you have any +custom configuration files for these they will need to be adapted --- refer to +the upstream documentation for ``dhcpcd`` and ``kea`` for further details. + + +.. _migration-3.2-packaging-changes: + +Packaging changes +----------------- + +- ``python3``: the ``urllib`` Python package has now moved into the core package, as it is used more commonly than just netclient (e.g. email, xml, mimetypes, pydoc). In addition, the ``pathlib`` module is now also part of the core package. + +- ``iptables``: ``iptables-apply`` and ``ip6tables-apply`` have been split out to their own package to avoid a bash dependency in the main ``iptables`` package + + +.. _migration-3.2-package-qa-checks: + +Package QA check changes +------------------------ + +Previously, the following package QA checks triggered warnings, however they can +be indicators of genuine underlying problems and are therefore now treated as +errors: + +- :ref:`already-stripped <qa-check-already-stripped>` +- :ref:`compile-host-path <qa-check-compile-host-path>` +- :ref:`installed-vs-shipped <qa-check-installed-vs-shipped>` +- :ref:`ldflags <qa-check-ldflags>` +- :ref:`pn-overrides <qa-check-pn-overrides>` +- :ref:`rpaths <qa-check-rpaths>` +- :ref:`staticdev <qa-check-staticdev>` +- :ref:`unknown-configure-option <qa-check-unknown-configure-option>` +- :ref:`useless-rpaths <qa-check-useless-rpaths>` + +In addition, the following new checks were added and default to triggering an error: + +- :ref:`shebang-size <qa-check-shebang-size>`: Check for shebang (#!) lines + longer than 128 characters, which can give an error at runtime depending on + the operating system. + +- :ref:`unhandled-features-check <qa-check-unhandled-features-check>`: Check + if any of the variables supported by the :ref:`ref-classes-features_check` + class is set while not inheriting the class itself. + +- :ref:`missing-update-alternatives <qa-check-missing-update-alternatives>`: + Check if the recipe sets the :term:`ALTERNATIVE` variable for any of its + packages, and does not inherit the :ref:`ref-classes-update-alternatives` + class. + +- A trailing slash or duplicated slashes in the value of :term:`S` or :term:`B` + will now trigger a warning so that they can be removed and path comparisons + can be more reliable --- remove any instances of these in your recipes if the + warning is displayed. + + +.. _migration-3.2-src-uri-file-globbing: + +Globbing no longer supported in ``file://`` entries in ``SRC_URI`` +------------------------------------------------------------------ + +Globbing (``*`` and ``?`` wildcards) in ``file://`` URLs within :term:`SRC_URI` +did not properly support file checksums, thus changes to the source files +would not always change the :ref:`ref-tasks-fetch` task checksum, and consequently would +not ensure that the changed files would be incorporated in subsequent builds. + +Unfortunately it is not practical to make globbing work generically here, so +the decision was taken to remove support for globs in ``file://`` URLs. +If you have any usage of these in your recipes, then you will now need to +either add each of the files that you expect to match explicitly, or +alternatively if you still need files to be pulled in dynamically, put the +files into a subdirectory and reference that instead. + + +.. _migration-3.2-deploydir-clean: + +deploy class now cleans ``DEPLOYDIR`` before ``do_deploy`` +---------------------------------------------------------- + +:ref:`ref-tasks-deploy` as implemented in the :ref:`ref-classes-deploy` class +now cleans up ${:term:`DEPLOYDIR`} before running, just as +:ref:`ref-tasks-install` cleans up ${:term:`D`} before running. This reduces +the risk of :term:`DEPLOYDIR` being accidentally contaminated by files from +previous runs, possibly even with different config, in case of incremental +builds. + +Most recipes and classes that inherit the :ref:`ref-classes-deploy` class or +interact with :ref:`ref-tasks-deploy` are unlikely to be affected by this +unless they add ``prefuncs`` to :ref:`ref-tasks-deploy` *which also* put files +into ``${DEPLOYDIR}`` --- these should be refactored to use +``do_deploy_prepend`` instead. + + +.. _migration-3.2-nativesdk-sdk-provides-dummy: + +Custom SDK / SDK-style recipes need to include ``nativesdk-sdk-provides-dummy`` +------------------------------------------------------------------------------- + +All :ref:`ref-classes-nativesdk` packages require ``/bin/sh`` due +to their postinstall scriptlets, thus this package has to be dummy-provided +within the SDK and ``nativesdk-sdk-provides-dummy`` now does this. If you have +a custom SDK recipe (or your own SDK-style recipe similar to e.g. +``buildtools-tarball``), you will need to ensure +``nativesdk-sdk-provides-dummy`` or an equivalent is included in +:term:`TOOLCHAIN_HOST_TASK`. + + +``ld.so.conf`` now moved back to main ``glibc`` package +------------------------------------------------------- + +There are cases where one doesn't want ``ldconfig`` on target (e.g. for +read-only root filesystems, it's rather pointless), yet one still +needs ``/etc/ld.so.conf`` to be present at image build time: + +When some recipe installs libraries to a non-standard location, and +therefore installs in a file in ``/etc/ld.so.conf.d/foo.conf``, we +need ``/etc/ld.so.conf`` containing:: + + include /etc/ld.so.conf.d/*.conf + +in order to get those other locations picked up. + +Thus ``/etc/ld.so.conf`` is now in the main ``glibc`` package so that +there's always an ``ld.so.conf`` present when the build-time ``ldconfig`` +runs towards the end of image construction. + +The ``ld.so.conf`` and ``ld.so.conf.d/*.conf`` files do not take up +significant space (at least not compared to the ~700kB ``ldconfig`` binary), and they +might be needed in case ``ldconfig`` is installable, so they are left +in place after the image is built. Technically it would be possible to +remove them if desired, though it would not be trivial if you still +wanted the build-time ldconfig to function (:term:`ROOTFS_POSTPROCESS_COMMAND` +will not work as ``ldconfig`` is run after the functions referred to +by that variable). + + +.. _migration-3.2-virgl: + +Host DRI drivers now used for GL support within ``runqemu`` +----------------------------------------------------------- + +``runqemu`` now uses the mesa-native libraries everywhere virgl is used +(i.e. when ``gl``, ``gl-es`` or ``egl-headless`` options are specified), +but instructs them to load DRI drivers from the host. Unfortunately this +may not work well with proprietary graphics drivers such as those from +Nvidia; if you are using such drivers then you may need to switch to an +alternative (such as Nouveau in the case of Nvidia hardware) or avoid +using the GL options. + + +.. _migration-3.2-initramfs-suffix: + +Initramfs images now use a blank suffix +--------------------------------------- + +The reference :term:`Initramfs` images (``core-image-minimal-initramfs``, +``core-image-tiny-initramfs`` and ``core-image-testmaster-initramfs``) now +set an empty string for :term:`IMAGE_NAME_SUFFIX`, which otherwise defaults +to ``".rootfs"``. These images aren't root filesystems and thus the rootfs +label didn't make sense. If you are looking for the output files generated +by these image recipes directly then you will need to adapt to the new +naming without the ``.rootfs`` part. + + +.. _migration-3.2-image-artifact-names: + +Image artifact name variables now centralised in image-artifact-names class +--------------------------------------------------------------------------- + +The defaults for the following image artifact name variables have been moved +from ``bitbake.conf`` to a new ``image-artifact-names`` class: + +- :term:`IMAGE_BASENAME` +- :term:`IMAGE_LINK_NAME` +- :term:`IMAGE_NAME` +- :term:`IMAGE_NAME_SUFFIX` +- :term:`IMAGE_VERSION_SUFFIX` + +Image-related classes now inherit this class, and typically these variables +are only referenced within image recipes so those will be unaffected by this +change. However if you have references to these variables in either a recipe +that is not an image or a class that is enabled globally, then those will +now need to be changed to ``inherit image-artifact-names``. + + +.. _migration-3.2-misc: + +Miscellaneous changes +--------------------- + +- Support for the long-deprecated ``PACKAGE_GROUP`` variable has now been removed --- replace any remaining instances with :term:`FEATURE_PACKAGES`. +- The ``FILESPATHPKG`` variable, having been previously deprecated, has now been removed. Replace any remaining references with appropriate use of :term:`FILESEXTRAPATHS`. +- Erroneous use of ``inherit +=`` (instead of ``INHERIT +=``) in a configuration file now triggers an error instead of silently being ignored. +- ptest support has been removed from the ``kbd`` recipe, as upstream has moved to autotest which is difficult to work with in a cross-compilation environment. +- ``oe.utils.is_machine_specific()`` and ``oe.utils.machine_paths()`` have been removed as their utility was questionable. In the unlikely event that you have references to these in your own code, then the code will need to be reworked. +- The ``i2ctransfer`` module is now disabled by default when building ``busybox`` in order to be consistent with disabling the other i2c tools there. If you do wish the i2ctransfer module to be built in BusyBox then add ``CONFIG_I2CTRANSFER=y`` to your custom BusyBox configuration. +- In the ``Upstream-Status`` header convention for patches, ``Accepted`` has been replaced with ``Backport`` as these almost always mean the same thing i.e. the patch is already upstream and may need to be removed in a future recipe upgrade. If you are adding these headers to your own patches then use ``Backport`` to indicate that the patch has been sent upstream. +- The ``tune-supersparc.inc`` tune file has been removed as it does not appear to be widely used and no longer works. diff --git a/documentation/migration-guides/migration-3.3.rst b/documentation/migration-guides/migration-3.3.rst new file mode 100644 index 0000000000..d1e589d7b4 --- /dev/null +++ b/documentation/migration-guides/migration-3.3.rst @@ -0,0 +1,170 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 3.3 (hardknott) +======================= + +This section provides migration information for moving to the Yocto +Project 3.3 Release (codename "hardknott") from the prior release. + + +.. _migration-3.3-minimum-system-requirements: + +Minimum system requirements +--------------------------- + +You will now need at least Python 3.6 installed on your build host. Most recent +distributions provide this, but should you be building on a distribution that +does not have it, you can use the :term:`buildtools` tarball (easily installable +using ``scripts/install-buildtools``) --- see +:ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions` +for details. + +.. _migration-3.3-removed-recipes: + +Removed recipes +--------------- + +The following recipes have been removed: + +- ``go-dep``: obsolete with the advent of go modules +- ``gst-validate``: replaced by ``gst-devtools`` +- ``linux-yocto``: removed 5.8 version recipes (5.4 / 5.10 still provided) +- ``vulkan-demos``: replaced by ``vulkan-samples`` + + +.. _migration-3.3-common-license-only-versions: + +Single version common license file naming +----------------------------------------- + +Some license files in ``meta/files/common-licenses`` have been renamed to match +current SPDX naming conventions: + +- AGPL-3.0 -> AGPL-3.0-only +- GPL-1.0 -> GPL-1.0-only +- GPL-2.0 -> GPL-2.0-only +- GPL-3.0 -> GPL-3.0-only +- LGPL-2.0 -> LGPL-2.0-only +- LGPL-2.1 -> LGPL-2.1-only +- LGPL-3.0 -> LGPL-3.0-only + +Additionally, corresponding "-or-later" suffixed files have been added e.g. +``GPL-2.0-or-later``. + +It is not required that you change :term:`LICENSE` values as there are mappings +from the original names in place; however, in rare cases where you have a recipe +which sets :term:`LIC_FILES_CHKSUM` to point to file(s) in +``meta/files/common-licenses`` (which in any case is not recommended) you will +need to update those. + + +.. _migration-3.3-python3targetconfig: + +New ``python3targetconfig`` class +--------------------------------- + +A new :ref:`ref-classes-python3targetconfig` class has +been created for situations where you would previously have inherited the +:ref:`ref-classes-python3native` class but need access to +target configuration data (such as correct installation directories). Recipes +where this situation applies should be changed to inherit +:ref:`ref-classes-python3targetconfig` instead of +:ref:`ref-classes-python3native`. This also adds a dependency +on target ``python3``, so it should only be used where appropriate in order to +avoid unnecessarily lengthening builds. + +Some example recipes where this change has been made: ``gpgme``, ``libcap-ng``, +``python3-pycairo``. + + +.. _migration-3.3-distutils-path: + +``setup.py`` path for Python modules +------------------------------------ + +In a Python module, sometimes ``setup.py`` can be buried deep in the +source tree. Previously this was handled in recipes by setting :term:`S` to +point to the subdirectory within the source where ``setup.py`` is located. +However with the recent :ref:`pseudo <overview-manual/concepts:fakeroot and pseudo>` +changes, some Python modules make changes to files beneath ``${S}``, for +example:: + + S = "${WORKDIR}/git/python/pythonmodule" + +then in ``setup.py`` it works with source code in a relative fashion, such +as ``../../src``. This causes pseudo to fail as it isn't able to track +the paths properly. This release introduces a new ``DISTUTILS_SETUP_PATH`` +variable so that recipes can specify it explicitly, for example:: + + S = "${WORKDIR}/git" + DISTUTILS_SETUP_PATH = "${S}/python/pythonmodule" + +Recipes that inherit from ``distutils3`` (or :ref:`ref-classes-setuptools3` +which itself inherits ``distutils3``) that also set :term:`S` to point to a +Python module within a subdirectory in the aforementioned manner should be +changed to set ``DISTUTILS_SETUP_PATH`` instead. + + +.. _migration-3.3-bitbake: + +BitBake changes +--------------- + +- BitBake is now configured to use a default ``umask`` of ``022`` for all tasks + (specified via a new :term:`BB_DEFAULT_UMASK` variable). If needed, ``umask`` can + still be set on a per-task basis via the ``umask`` varflag on the task + function, but that is unlikely to be necessary in most cases. + +- If a version specified in :term:`PREFERRED_VERSION` is not available this + will now trigger a warning instead of just a note, making such issues more + visible. + + +.. _migration-3.3-packaging: + +Packaging changes +----------------- + +The following packaging changes have been made; in all cases the main package +still depends upon the split out packages so you should not need to do anything +unless you want to take advantage of the improved granularity: + +- ``dbus``: ``-common`` and ``-tools`` split out +- ``iproute2``: split ``ip`` binary to its own package +- ``net-tools``: split ``mii-tool`` into its own package +- ``procps``: split ``ps`` and ``sysctl`` into their own packages +- ``rpm``: split build and extra functionality into separate packages +- ``sudo``: split ``sudo`` binary into ``sudo-sudo`` and libs into ``sudo-lib`` +- ``systemtap``: examples, Python scripts and runtime material split out +- ``util-linux``: ``libuuid`` has been split out to its own + ``util-linux-libuuid`` recipe (and corresponding packages) to avoid circular + dependencies if ``libgcrypt`` support is enabled in ``util-linux``. + (``util-linux`` depends upon ``util-linux-libuuid``.) + + +.. _migration-3.3-misc: + +Miscellaneous changes +--------------------- + +- The default poky :term:`DISTRO_VERSION` value now uses the core metadata's + git hash (i.e. :term:`METADATA_REVISION`) rather than the date (i.e. + :term:`DATE`) to reduce one small source of non-reproducibility. You can + of course specify your own :term:`DISTRO_VERSION` value as desired + (particularly if you create your own custom distro configuration). +- ``adwaita-icon-theme`` version 3.34.3 has been added back, and is selected + as the default via :term:`PREFERRED_VERSION` in + ``meta/conf/distro/include/default-versions.inc`` due to newer versions + not working well with ``librsvg`` 2.40. ``librsvg`` is not practically + upgradeable at the moment as it has been ported to Rust, and Rust is not + (yet) in OE-Core, but this will change in a future release. +- ``ffmpeg`` is now configured to disable GPL-licensed portions by default + to make it harder to accidentally violate the GPL. To explicitly enable GPL + licensed portions, add ``gpl`` to :term:`PACKAGECONFIG` for ``ffmpeg`` + using a bbappend (or use ``PACKAGECONFIG_append_pn-ffmpeg = " gpl"`` in + your configuration.) +- ``connman`` is now set to conflict with ``systemd-networkd`` as they + overlap functionally and may interfere with each other at runtime. +- Canonical SPDX license names are now used in image license manifests in + order to avoid aliases of the same license from showing up together (e.g. + ``GPLv2`` and ``GPL-2.0``) diff --git a/documentation/migration-guides/migration-3.4.rst b/documentation/migration-guides/migration-3.4.rst new file mode 100644 index 0000000000..a9b1057206 --- /dev/null +++ b/documentation/migration-guides/migration-3.4.rst @@ -0,0 +1,275 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Migration notes for 3.4 (honister) +---------------------------------- + +This section provides migration information for moving to the Yocto +Project 3.4 Release (codename "honister") from the prior release. + +Override syntax changes +~~~~~~~~~~~~~~~~~~~~~~~ + +In this release, the ``:`` character replaces the use of ``_`` to +refer to an override, most commonly when making a conditional assignment +of a variable. This means that an entry like:: + + SRC_URI_qemux86 = "file://somefile" + +now becomes:: + + SRC_URI:qemux86 = "file://somefile" + +since ``qemux86`` is an override. This applies to any use of override +syntax, so the following:: + + SRC_URI_append = " file://somefile" + SRC_URI_append_qemux86 = " file://somefile2" + SRC_URI_remove_qemux86-64 = "file://somefile3" + SRC_URI_prepend_qemuarm = "file://somefile4 " + FILES_${PN}-ptest = "${bindir}/xyz" + IMAGE_CMD_tar = "tar" + BASE_LIB_tune-cortexa76 = "lib" + SRCREV_pn-bash = "abc" + BB_TASK_NICE_LEVEL_task-testimage = '0' + +would now become:: + + SRC_URI:append = " file://somefile" + SRC_URI:append:qemux86 = " file://somefile2" + SRC_URI:remove:qemux86-64 = "file://somefile3" + SRC_URI:prepend:qemuarm = "file://somefile4 " + FILES:${PN}-ptest = "${bindir}/xyz" + IMAGE_CMD:tar = "tar" + BASE_LIB:tune-cortexa76 = "lib" + SRCREV:pn-bash = "abc" + BB_TASK_NICE_LEVEL:task-testimage = '0' + +This also applies to +:ref:`variable queries to the datastore <bitbake-user-manual/bitbake-user-manual-metadata:functions for accessing datastore variables>`, +for example using ``getVar`` and similar so ``d.getVar("RDEPENDS_${PN}")`` +becomes ``d.getVar("RDEPENDS:${PN}")``. + +Whilst some of these are fairly obvious such as :term:`MACHINE` and :term:`DISTRO` +overrides, some are less obvious, for example the packaging variables such as +:term:`RDEPENDS`, :term:`FILES` and so on taking package names (e.g. ``${PN}``, +``${PN}-ptest``) as overrides. These overrides are not always in +:term:`OVERRIDES` but applied conditionally in specific contexts +such as packaging. ``task-<taskname>`` is another context specific override, the +context being specific tasks in that case. Tune overrides are another special +case where some code does use them as overrides but some does not. We plan to try +and make the tune code use overrides more consistently in the future. + +There are some variables which do not use override syntax which include the +suffix to variables in ``layer.conf`` files such as :term:`BBFILE_PATTERN`, +:term:`SRCREV`\ ``_xxx`` where ``xxx`` is a name from :term:`SRC_URI` and +:term:`PREFERRED_VERSION`\ ``_xxx``. In particular, ``layer.conf`` suffixes +may be the same as a :term:`DISTRO` override causing some confusion. We do +plan to try and improve consistency as these issues are identified. + +To help with migration of layers, a script has been provided in OE-Core. +Once configured with the overrides used by a layer, this can be run as:: + + <oe-core>/scripts/contrib/convert-overrides.py <layerdir> + +.. note:: + + Please read the notes in the script as it isn't entirely automatic and it isn't + expected to handle every case. In particular, it needs to be told which overrides + the layer uses (usually machine and distro names/overrides) and the result should + be carefully checked since it can be a little enthusiastic and will convert + references to ``_append``, ``_remove`` and ``_prepend`` in function and variable + names. + +For reference, this conversion is important as it allows BitBake to more reliably +determine what is an override and what is not, as underscores are also used in +variable names without intending to be overrides. This should allow us to proceed +with other syntax improvements and simplifications for usability. It also means +BitBake no longer has to guess and maintain large lookup lists just in case +e.g. ``functionname`` in ``my_functionname`` is an override, and thus should improve +efficiency. + +New host dependencies +~~~~~~~~~~~~~~~~~~~~~ + +The ``lz4c``, ``pzstd`` and ``zstd`` commands are now required to be +installed on the build host to support LZ4 and Zstandard compression +functionality. These are typically provided by ``lz4`` and ``zstd`` +packages in most Linux distributions. Alternatively they are available +as part of :term:`buildtools` tarball if your distribution does not provide +them. For more information see +:ref:`ref-manual/system-requirements:required packages for the build host`. + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +- ``assimp``: problematic from a licensing perspective and no longer + needed by anything else +- ``clutter-1.0``: legacy component moved to meta-gnome +- ``clutter-gst-3.0``: legacy component moved to meta-gnome +- ``clutter-gtk-1.0``: legacy component moved to meta-gnome +- ``cogl-1.0``: legacy component moved to meta-gnome +- ``core-image-clutter``: removed along with clutter +- ``linux-yocto``: removed version 5.4 recipes (5.14 and 5.10 still + provided) +- ``mklibs-native``: not actively tested and upstream mklibs still + requires Python 2 +- ``mx-1.0``: obsolete (last release 2012) and isn't used by anything in + any known layer +- ``packagegroup-core-clutter``: removed along with clutter + +Removed classes +~~~~~~~~~~~~~~~ + +- ``clutter``: moved to meta-gnome along with clutter itself +- ``image-mklibs``: not actively tested and upstream mklibs still + requires Python 2 +- ``meta``: no longer useful. Recipes that need to skip installing + packages should inherit :ref:`ref-classes-nopackages` instead. + +Prelinking disabled by default +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Recent tests have shown that prelinking works only when PIE is not +enabled (see `here <https://rlbl.me/prelink-1>`__ and `here <https://rlbl.me/prelink-2>`__), +and as PIE is both a desirable security feature, and the only +configuration provided and tested by the Yocto Project, there is +simply no sense in continuing to enable prelink. + +There's also a concern that no one is maintaining the code, and there +are open bugs (including :yocto_bugs:`this serious one </show_bug.cgi?id=14429>`). +Given that prelink does intricate address arithmetic and rewriting +of binaries the best option is to disable the feature. It is recommended +that you consider disabling this feature in your own configuration if +it is currently enabled. + +Virtual runtime provides +~~~~~~~~~~~~~~~~~~~~~~~~ + +Recipes shouldn't use the ``virtual/`` string in :term:`RPROVIDES` and +:term:`RDEPENDS` --- it is confusing because ``virtual/`` has no special +meaning in :term:`RPROVIDES` and :term:`RDEPENDS` (unlike in the +corresponding build-time :term:`PROVIDES` and :term:`DEPENDS`). + +Tune files moved to architecture-specific directories +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The tune files found in ``conf/machine/include`` have now been moved +into their respective architecture name directories under that same +location; e.g. x86 tune files have moved into an ``x86`` subdirectory, +MIPS tune files have moved into a ``mips`` subdirectory, etc. +The ARM tunes have an extra level (``armv8a``, ``armv8m``, etc.) and +some have been renamed to make them uniform with the rest of the tunes. +See :yocto_git:`this commit </poky/commit/?id=1d381f21f5f13aa0c4e1a45683ed656ebeedd37d>` +for reference. + +If you have any references to tune files (e.g. in custom machine +configuration files) they will need to be updated. + +Extensible SDK host extension +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +For a normal SDK, some layers append to :term:`TOOLCHAIN_HOST_TASK` +unconditionally which is fine, until the eSDK tries to override the +variable to its own values. Instead of installing packages specified +in this variable it uses native recipes instead --- a very different +approach. This has led to confusing errors when binaries are added +to the SDK but not relocated. + +To avoid these issues, a new :term:`TOOLCHAIN_HOST_TASK_ESDK` variable has +been created. If you wish to extend what is installed in the host +portion of the eSDK then you will now need to set this variable. + +Package/recipe splitting +~~~~~~~~~~~~~~~~~~~~~~~~ + +- ``perl-cross`` has been split out from the main ``perl`` recipe to + its own ``perlcross`` recipe for maintenance reasons. If you have + bbappends for the perl recipe then these may need extending. + +- The ``wayland`` recipe now packages its binaries in a + ``wayland-tools`` package rather than putting them into + ``wayland-dev``. + +- Xwayland has been split out of the xserver-xorg tree and thus is now + in its own ``xwayland`` recipe. If you need Xwayland in your image + then you may now need to add it explicitly. + +- The ``rpm`` package no longer has ``rpm-build`` in its :term:`RRECOMMENDS`; + if by chance you still need rpm package building functionality in + your image and you have not already done so then you should add + ``rpm-build`` to your image explicitly. + +- The Python ``statistics`` standard module is now packaged in its own + ``python3-statistics`` package instead of ``python3-misc`` as + previously. + +Image / SDK generation changes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Recursive dependencies on the :ref:`ref-tasks-build` task are now disabled when + building SDKs. These are generally not needed; in the unlikely event + that you do encounter problems then it will probably be as a result of + missing explicit dependencies that need to be added. + +- Errors during "complementary" package installation (e.g. for ``*-dbg`` + and ``*-dev`` packages) during image construction are no longer + ignored. Historically some of these packages had installation problems, + that is no longer the case. In the unlikely event that you see errors + as a result, you will need to fix the installation/packaging issues. + +- When building an image, only packages that will be used in building + the image (i.e. the first entry in :term:`PACKAGE_CLASSES`) will be + produced if multiple package types are enabled (which is not a typical + configuration). If in your CI system you need to have the original + behaviour, use ``bitbake --runall build <target>``. + +- The ``-lic`` package is no longer automatically added to + :term:`RRECOMMENDS` for every other package when + :term:`LICENSE_CREATE_PACKAGE` is set to "1". If you wish all license + packages to be installed corresponding to packages in your image, then + you should instead add the new ``lic-pkgs`` feature to + :term:`IMAGE_FEATURES`. + +Miscellaneous +~~~~~~~~~~~~~ + +- Certificates are now properly checked when BitBake fetches sources + over HTTPS. If you receive errors as a result for your custom recipes, + you will need to use a mirror or address the issue with the operators + of the server in question. + +- ``avahi`` has had its GTK+ support disabled by default. If you wish to + re-enable it, set ``AVAHI_GTK = "gtk3"`` in a bbappend for the + ``avahi`` recipe or in your custom distro configuration file. + +- Setting the ``BUILD_REPRODUCIBLE_BINARIES`` variable to "0" no longer + uses a strangely old fallback date of April 2011, it instead disables + building reproducible binaries as you would logically expect. + +- Setting noexec/nostamp/fakeroot varflags to any value besides "1" will + now trigger a warning. These should be either set to "1" to enable, or + not set at all to disable. + +- The previously deprecated ``COMPRESS_CMD`` and + ``CVE_CHECK_CVE_WHITELIST`` variables have been removed. Use + :term:`CONVERSION_CMD` and ``CVE_CHECK_WHITELIST`` (replaced by + :term:`CVE_CHECK_IGNORE` in version 4.0) respectively + instead. + +- The obsolete ``oe_machinstall`` function previously provided in the + :ref:`ref-classes-utils` class has been removed. For + machine-specific installation it is recommended that you use the + built-in override support in the fetcher or overrides in general + instead. + +- The ``-P`` (``--clear-password``) option can no longer be used with + ``useradd`` and ``usermod`` entries in :term:`EXTRA_USERS_PARAMS`. + It was being implemented using a custom patch to the ``shadow`` recipe + which clashed with a ``-P`` option that was added upstream in + ``shadow`` version 4.9, and in any case is fundamentally insecure. + Hardcoded passwords are still supported but they need to be hashed, see + examples in :term:`EXTRA_USERS_PARAMS`. + + diff --git a/documentation/migration-guides/migration-4.0.rst b/documentation/migration-guides/migration-4.0.rst new file mode 100644 index 0000000000..0e9e741458 --- /dev/null +++ b/documentation/migration-guides/migration-4.0.rst @@ -0,0 +1,271 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.0 (kirkstone) +======================= + +Migration notes for 4.0 (kirkstone) +----------------------------------- + +This section provides migration information for moving to the Yocto +Project 4.0 Release (codename "kirkstone") from the prior release. + +.. _migration-4.0-inclusive-language: + +Inclusive language improvements +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +To use more `inclusive language <https://inclusivenaming.org/>`__ +in the code and documentation, some variables have been renamed, and +some have been deleted where they are no longer needed. In many cases the +new names are also easier to understand. BitBake will stop with an error when +renamed or removed variables still exist in your recipes or configuration. + +Please note that the change applies also to environmental variables, so +make sure you use a fresh environment for your build. + +The following variables have changed their names: + +- ``BB_ENV_WHITELIST`` became :term:`BB_ENV_PASSTHROUGH` +- ``BB_ENV_EXTRAWHITE`` became :term:`BB_ENV_PASSTHROUGH_ADDITIONS` +- ``BB_HASHBASE_WHITELIST`` became :term:`BB_BASEHASH_IGNORE_VARS` +- ``BB_HASHCONFIG_WHITELIST`` became :term:`BB_HASHCONFIG_IGNORE_VARS` +- ``BB_HASHTASK_WHITELIST`` became ``BB_TASKHASH_IGNORE_TASKS`` +- ``BB_SETSCENE_ENFORCE_WHITELIST`` became ``BB_SETSCENE_ENFORCE_IGNORE_TASKS`` +- ``CVE_CHECK_PN_WHITELIST`` became :term:`CVE_CHECK_SKIP_RECIPE` +- ``CVE_CHECK_WHITELIST`` became :term:`CVE_CHECK_IGNORE` +- ``ICECC_USER_CLASS_BL`` became :term:`ICECC_CLASS_DISABLE` +- ``ICECC_SYSTEM_CLASS_BL`` became :term:`ICECC_CLASS_DISABLE` +- ``ICECC_USER_PACKAGE_WL`` became :term:`ICECC_RECIPE_ENABLE` +- ``ICECC_USER_PACKAGE_BL`` became :term:`ICECC_RECIPE_DISABLE` +- ``ICECC_SYSTEM_PACKAGE_BL`` became :term:`ICECC_RECIPE_DISABLE` +- ``LICENSE_FLAGS_WHITELIST`` became :term:`LICENSE_FLAGS_ACCEPTED` +- ``MULTI_PROVIDER_WHITELIST`` became :term:`BB_MULTI_PROVIDER_ALLOWED` +- ``PNBLACKLIST`` became :term:`SKIP_RECIPE` +- ``SDK_LOCAL_CONF_BLACKLIST`` became :term:`ESDK_LOCALCONF_REMOVE` +- ``SDK_LOCAL_CONF_WHITELIST`` became :term:`ESDK_LOCALCONF_ALLOW` +- ``SDK_INHERIT_BLACKLIST`` became :term:`ESDK_CLASS_INHERIT_DISABLE` +- ``SSTATE_DUPWHITELIST`` became ``SSTATE_ALLOW_OVERLAP_FILES`` +- ``SYSROOT_DIRS_BLACKLIST`` became :term:`SYSROOT_DIRS_IGNORE` +- ``UNKNOWN_CONFIGURE_WHITELIST`` became :term:`UNKNOWN_CONFIGURE_OPT_IGNORE` +- ``WHITELIST_<license>`` became :term:`INCOMPATIBLE_LICENSE_EXCEPTIONS` + +In addition, ``BB_STAMP_WHITELIST``, ``BB_STAMP_POLICY``, ``INHERIT_BLACKLIST``, +``TUNEABI``, ``TUNEABI_WHITELIST``, and ``TUNEABI_OVERRIDE`` have been removed. + +Many internal variable names have been also renamed accordingly. + +In addition, in the ``cve-check`` output, the CVE issue status ``Whitelisted`` +has been renamed to ``Ignored``. + +The :term:`BB_DISKMON_DIRS` variable value now uses the term ``HALT`` +instead of ``ABORT``. + +A :oe_git:`convert-variable-renames.py +</openembedded-core/tree/scripts/contrib/convert-variable-renames.py>` +script is provided to convert your recipes and configuration, +and also warns you about the use of problematic words. The script performs +changes and you need to review them before committing. An example warning +looks like:: + + poky/scripts/lib/devtool/upgrade.py needs further work at line 275 since it contains abort + +Fetching changes +~~~~~~~~~~~~~~~~ + +- Because of the uncertainty in future default branch names in git repositories, + it is now required to add a branch name to all URLs described + by ``git://`` and ``gitsm://`` :term:`SRC_URI` entries. For example:: + + SRC_URI = "git://git.denx.de/u-boot.git;branch=master" + + A :oe_git:`convert-srcuri </openembedded-core/tree/scripts/contrib/convert-srcuri.py>` + script to convert your recipes is available in :term:`OpenEmbedded-Core (OE-Core)` + and in :term:`Poky`. + +- Because of `GitHub dropping support for the git: + protocol <https://github.blog/2021-09-01-improving-git-protocol-security-github/>`__, + recipes now need to use ``;protocol=https`` at the end of GitHub + URLs. The same ``convert-srcuri`` script mentioned above can be used to convert + your recipes. + +- Network access from tasks is now disabled by default on kernels which support + this feature (on most recent distros such as CentOS 8 and Debian 11 onwards). + This means that tasks accessing the network need to be marked as such with the ``network`` + flag. For example:: + + do_mytask[network] = "1" + + This is allowed by default from :ref:`ref-tasks-fetch` but not from any of our other standard + tasks. Recipes shouldn't be accessing the network outside of :ref:`ref-tasks-fetch` as it + usually undermines fetcher source mirroring, image and licence manifests, software + auditing and supply chain security. + +License changes +~~~~~~~~~~~~~~~ + +- The ambiguous "BSD" license has been removed from the ``common-licenses`` directory. + Each recipe that fetches or builds BSD-licensed code should specify the proper + version of the BSD license in its :term:`LICENSE` value. + +- :term:`LICENSE` variable values should now use `SPDX identifiers <https://spdx.org/licenses/>`__. + If they do not, by default a warning will be shown. A + :oe_git:`convert-spdx-licenses.py </openembedded-core/tree/scripts/contrib/convert-spdx-licenses.py>` + script can be used to update your recipes. + +- :term:`INCOMPATIBLE_LICENSE` should now use `SPDX identifiers <https://spdx.org/licenses/>`__. + Additionally, wildcarding is now limited to specifically supported values - + see the :term:`INCOMPATIBLE_LICENSE` documentation for further information. + +- The ``AVAILABLE_LICENSES`` variable has been removed. This variable was a performance + liability and is highly dependent on which layers are added to the configuration, + which can cause signature issues for users. In addition the ``available_licenses()`` + function has been removed from the :ref:`ref-classes-license` class as + it is no longer needed. + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +- ``dbus-test``: merged into main dbus recipe +- ``libid3tag``: moved to meta-oe - no longer needed by anything in OE-Core +- ``libportal``: moved to meta-gnome - no longer needed by anything in OE-Core +- ``linux-yocto``: removed version 5.14 recipes (5.15 and 5.10 still provided) +- ``python3-nose``: has not changed since 2016 upstream, and no longer needed by anything in OE-Core +- ``rustfmt``: not especially useful as a standalone recipe + +Python changes +~~~~~~~~~~~~~~ + +- ``distutils`` has been deprecated upstream in Python 3.10 and thus the ``distutils*`` + classes have been moved to ``meta-python``. Recipes that inherit the ``distutils*`` + classes should be updated to inherit ``setuptools*`` equivalents instead. + +- The Python package build process is now based on `wheels <https://pythonwheels.com/>`__. + The new Python packaging classes that should be used are + :ref:`ref-classes-python_flit_core`, :ref:`ref-classes-python_setuptools_build_meta` + and :ref:`ref-classes-python_poetry_core`. + +- The :ref:`ref-classes-setuptools3` class :ref:`ref-tasks-install` task now + installs the ``wheel`` binary archive. In current versions of ``setuptools`` the + legacy ``setup.py install`` method is deprecated. If the ``setup.py`` cannot be used + with wheels, for example it creates files outside of the Python module or standard + entry points, then :ref:`ref-classes-setuptools3_legacy` should + be used instead. + +Prelink removed +~~~~~~~~~~~~~~~ + +Prelink has been dropped by ``glibc`` upstream in 2.36. It already caused issues with +binary corruption, has a number of open bugs and is of questionable benefit +without disabling load address randomization and PIE executables. + +We disabled prelinking by default in the honister (3.4) release, but left it able +to be enabled if desired. However, without glibc support it cannot be maintained +any further, so all of the prelinking functionality has been removed in this release. +If you were enabling the ``image-prelink`` class in :term:`INHERIT`, :term:`IMAGE_CLASSES`, +:term:`USER_CLASSES` etc in your configuration, then you will need to remove the +reference(s). + +Reproducible as standard +~~~~~~~~~~~~~~~~~~~~~~~~ + +Reproducibility is now considered as standard functionality, thus the +``reproducible`` class has been removed and its previous contents merged into the +:ref:`ref-classes-base` class. If you have references in your configuration to +``reproducible`` in :term:`INHERIT`, :term:`USER_CLASSES` etc. then they should be +removed. + +Additionally, the ``BUILD_REPRODUCIBLE_BINARIES`` variable is no longer used. +Specifically for the kernel, if you wish to enable build timestamping functionality +that is normally disabled for reproducibility reasons, you can do so by setting +a new :term:`KERNEL_DEBUG_TIMESTAMPS` variable to "1". + +Supported host distribution changes +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Support for :wikipedia:`AlmaLinux <AlmaLinux>` + hosts replacing :wikipedia:`CentOS <CentOS>`. + The following distribution versions were dropped: CentOS 8, Ubuntu 16.04 and Fedora 30, 31 and 32. + +- ``gcc`` version 7.5 is now required at minimum on the build host. For older + host distributions where this is not available, you can use the + :term:`buildtools-extended` tarball (easily installable using + ``scripts/install-buildtools``). + +:append/:prepend in combination with other operators +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``append``, ``prepend`` and ``remove`` operators can now only be combined with +``=`` and ``:=`` operators. To the exception of the ``append`` plus ``+=`` and +``prepend`` plus ``=+`` combinations, all combinations could be factored up to the +``append``, ``prepend`` or ``remove`` in the combination. This brought a lot of +confusion on how the override style syntax operators work and should be used. +Therefore, those combinations should be replaced by a single ``append``, +``prepend`` or ``remove`` operator without any additional change. +For the ``append`` plus ``+=`` (and ``prepend`` plus ``=+``) combinations, +the content should be prefixed (respectively suffixed) by a space to maintain +the same behavior. You can learn more about override style syntax operators +(``append``, ``prepend`` and ``remove``) in the BitBake documentation: +:ref:`bitbake-user-manual/bitbake-user-manual-metadata:appending and prepending (override style syntax)` +and :ref:`bitbake-user-manual/bitbake-user-manual-metadata:removal (override style syntax)`. + +Miscellaneous changes +~~~~~~~~~~~~~~~~~~~~~ + +- ``blacklist.bbclass`` is removed and the functionality moved to the + :ref:`ref-classes-base` class with a more descriptive + ``varflag`` variable named :term:`SKIP_RECIPE` which will use the `bb.parse.SkipRecipe()` + function. The usage remains the same, for example:: + + SKIP_RECIPE[my-recipe] = "Reason for skipping recipe" + +- :ref:`ref-classes-allarch` packagegroups can no longer depend on packages + which use :term:`PKG` renaming such as :ref:`ref-classes-debian`. Such packagegroups + recipes should be changed to avoid inheriting :ref:`ref-classes-allarch`. + +- The ``lnr`` script has been removed. ``lnr`` implemented the same behaviour as `ln --relative --symbolic`, + since at the time of creation `--relative` was only available in coreutils 8.16 + onwards which was too new for the older supported distros. Current supported host + distros have a new enough version of coreutils, so it is no longer needed. If you have + any calls to ``lnr`` in your recipes or classes, they should be replaced with + `ln --relative --symbolic` or `ln -rs` if you prefer the short version. + +- The ``package_qa_handle_error()`` function formerly in the :ref:`ref-classes-insane` + class has been moved and renamed - if you have any references in your own custom + classes they should be changed to ``oe.qa.handle_error()``. + +- When building ``perl``, Berkeley db support is no longer enabled by default, since + Berkeley db is largely obsolete. If you wish to reenable it, you can append ``bdb`` + to :term:`PACKAGECONFIG` in a ``perl`` bbappend or ``PACKAGECONFIG:pn-perl`` at + the configuration level. + +- For the ``xserver-xorg`` recipe, the ``xshmfence``, ``xmlto`` and ``systemd`` options + previously supported in :term:`PACKAGECONFIG` have been removed, as they are no + longer supported since the move from building it with autotools to meson in this release. + +- For the ``libsdl2`` recipe, various X11 features are now disabled by default (primarily + for reproducibility purposes in the native case) with options in :term:`EXTRA_OECMAKE` + within the recipe. These can be changed within a bbappend if desired. See the + ``libsdl2`` recipe for more details. + +- The ``cortexa72-crc`` and ``cortexa72-crc-crypto`` tunes have been removed since + the crc extension is now enabled by default for cortexa72. Replace any references to + these with ``cortexa72`` and ``cortexa72-crypto`` respectively. + +- The Python development shell (previously known as ``devpyshell``) feature has been + renamed to ``pydevshell``. To start it you should now run:: + + bitbake <target> -c pydevshell + +- The ``packagegroups-core-full-cmdline-libs`` packagegroup is no longer produced, as + libraries should normally be brought in via dependencies. If you have any references + to this then remove them. + +- The :term:`TOPDIR` variable and the current working directory are no longer modified + when parsing recipes. Any code depending on the previous behaviour will no longer + work - change any such code to explicitly use appropriate path variables instead. + +- In order to exclude the kernel image from the image rootfs, + :term:`RRECOMMENDS`\ ``:${KERNEL_PACKAGE_NAME}-base`` should be set instead of + :term:`RDEPENDS`\ ``:${KERNEL_PACKAGE_NAME}-base``. diff --git a/documentation/migration-guides/migration-4.1.rst b/documentation/migration-guides/migration-4.1.rst new file mode 100644 index 0000000000..86721b9873 --- /dev/null +++ b/documentation/migration-guides/migration-4.1.rst @@ -0,0 +1,216 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.1 (langdale) +====================== + +Migration notes for 4.1 (langdale) +----------------------------------- + +This section provides migration information for moving to the Yocto +Project 4.1 Release (codename "langdale") from the prior release. + + +.. _migration-4.1-make-4.0: + +make 4.0 is now the minimum required make version +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +glibc now requires ``make`` 4.0 to build, thus it is now the version required to +be installed on the build host. A new :term:`buildtools-make` tarball has been +introduced to provide just make 4.0 for host distros without a current/working +make 4.x version; if you also need other tools you can use the updated +:term:`buildtools` tarball. For more information see +:ref:`ref-manual/system-requirements:required packages for the build host`. + + +.. _migration-4.1-complementary-deps: + +Complementary package installation ignores recommends +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +When installing complementary packages (e.g. ``-dev`` and ``-dbg`` packages when +building an SDK, or if you have added ``dev-deps`` to :term:`IMAGE_FEATURES`), +recommends (as defined by :term:`RRECOMMENDS`) are no longer installed. + +If you wish to double-check the contents of your images after this change, see +:ref:`Checking Image / SDK Changes <migration-general-buildhistory>`. If needed +you can explicitly install items by adding them to :term:`IMAGE_INSTALL` in +image recipes or :term:`TOOLCHAIN_TARGET_TASK` for the SDK. + + +.. _migration-4.1-dev-recommends: + +dev dependencies are now recommends +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The default for ``${PN}-dev`` package is now to use :term:`RRECOMMENDS` instead +of :term:`RDEPENDS` to pull in the main package. This takes advantage of a +change to complimentary package installation to not follow :term:`RRECOMMENDS` +(as mentioned above) and for example means an SDK for an image with both openssh +and dropbear components will now build successfully. + + +.. _migration-4.1-dropbear-sftp: + +dropbear now recommends openssh-sftp-server +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +openssh has switched the scp client to use the sftp protocol instead of scp to +move files. This means scp from Fedora 36 and other current distributions will +no longer be able to move files to/from a system running dropbear with no sftp +server installed. + +The sftp server from openssh is small (200kb uncompressed) and standalone, so +adding it to the packagegroup seems to be the best way to preserve the +functionality for user sanity. However, if you wish to avoid this dependency, +you can either: + + A. Use ``dropbear`` in :term:`IMAGE_INSTALL` instead of + ``packagegroup-core-ssh-dropbear`` (or ``ssh-server-dropbear`` in + :term:`IMAGE_FEATURES`), or + B. Add ``openssh-sftp-server`` to :term:`BAD_RECOMMENDATIONS`. + + +.. _migration-4.1-classes-split: + +Classes now split by usage context +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +A split directory structure has now been set up for ``.bbclass`` files - classes +that are intended to be inherited only by recipes (e.g. ``inherit`` in a recipe +file, :term:`IMAGE_CLASSES` or :term:`KERNEL_CLASSES`) should be in a +``classes-recipe`` subdirectory and classes that are intended to be inherited +globally (e.g. via ``INHERIT +=``, :term:`PACKAGE_CLASSES`, :term:`USER_CLASSES` +or :term:`INHERIT_DISTRO`) should be in ``classes-global``. Classes in the +existing ``classes`` subdirectory will continue to work in any context as before. + +Other than knowing where to look when manually browsing the class files, this is +not likely to require any changes to your configuration. However, if in your +configuration you were using some classes in the incorrect context, you will now +receive an error during parsing. For example, the following in ``local.conf`` will +now cause an error:: + + INHERIT += "testimage" + +Since :ref:`ref-classes-testimage` is a class intended solely to +affect image recipes, this would be correctly specified as:: + + IMAGE_CLASSES += "testimage" + + +.. _migration-4.1-local-file-error: + +Missing local files in SRC_URI now triggers an error +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +If a file referenced in :term:`SRC_URI` does not exist, in 4.1 this will trigger +an error at parse time where previously this only triggered a warning. In the past +you could ignore these warnings for example if you have multiple build +configurations (e.g. for several different target machines) and there were recipes +that you were not building in one of the configurations. If you have this scenario +you will now need to conditionally add entries to :term:`SRC_URI` where they are +valid, or use :term:`COMPATIBLE_MACHINE` / :term:`COMPATIBLE_HOST` to prevent the +recipe from being available (and therefore avoid it being parsed) in configurations +where the files aren't available. + + +.. _migration-4.1-qa-checks: + +QA check changes +~~~~~~~~~~~~~~~~ + +- The :ref:`buildpaths <qa-check-buildpaths>` QA check is now enabled by default + in :term:`WARN_QA`, and thus any build system paths found in output files will + trigger a warning. If you see these warnings for your own recipes, for full + binary reproducibility you should make the necessary changes to the recipe build + to remove these paths. If you wish to disable the warning for a particular + recipe you can use :term:`INSANE_SKIP`, or for the entire build you can adjust + :term:`WARN_QA`. For more information, see the :ref:`buildpaths QA check + <qa-check-buildpaths>` section. + +- ``do_qa_staging`` now checks shebang length in all directories specified by + :term:`SYSROOT_DIRS`, since there is a maximum length defined in the kernel. For + native recipes which write scripts to the sysroot, if the shebang line in one of + these scripts is too long you will get an error. This can be skipped using + :term:`INSANE_SKIP` if necessary, but the best course of action is of course to + fix the script. There is now also a ``create_cmdline_shebang_wrapper`` function + that you can call e.g. from ``do_install`` (or ``do_install:append``) within a + recipe to create a wrapper to fix such scripts - see the ``libcheck`` recipe + for an example usage. + + + +Miscellaneous changes +~~~~~~~~~~~~~~~~~~~~~ + +- ``mount.blacklist`` has been renamed to ``mount.ignorelist`` in + ``udev-extraconf``. If you are customising this file via ``udev-extraconf`` then + you will need to update your ``udev-extraconf`` ``.bbappend`` as appropriate. +- ``help2man-native`` has been removed from implicit sysroot dependencies. If a + recipe needs ``help2man-native`` it should now be explicitly added to + :term:`DEPENDS` within the recipe. +- For images using systemd, the reboot watchdog timeout has been set to 60 + seconds (from the upstream default of 10 minutes). If you wish to override this + you can set :term:`WATCHDOG_TIMEOUT` to the desired timeout in seconds. Note + that the same :term:`WATCHDOG_TIMEOUT` variable also specifies the timeout used + for the ``watchdog`` tool (if that is being built). +- The :ref:`ref-classes-image-buildinfo` class now writes to + ``${sysconfdir}/buildinfo`` instead of ``${sysconfdir}/build`` by default (i.e. + the default value of :term:`IMAGE_BUILDINFO_FILE` has been changed). If you have + code that reads this from images at build or runtime you will need to update it + or specify your own value for :term:`IMAGE_BUILDINFO_FILE`. +- In the :ref:`ref-classes-archiver` class, the default + ``ARCHIVER_OUTDIR`` value no longer includes the :term:`MACHINE` value in order + to avoid the archive task running multiple times in a multiconfig setup. If you + have custom code that does something with the files archived by the + :ref:`ref-classes-archiver` class then you may need to adjust it to + the new structure. +- If you are not using `systemd` then udev is now configured to use labels + (``LABEL`` or ``PARTLABEL``) to set the mount point for the device. For example:: + + /run/media/rootfs-sda2 + + instead of:: + + /run/media/sda2 + +- ``icu`` no longer provides the ``icu-config`` configuration tool - upstream + have indicated ``icu-config`` is deprecated and should no longer be used. Code + with references to it will need to be updated, for example to use ``pkg-config`` + instead. +- The ``rng-tools`` systemd service name has changed from ``rngd`` to ``rng-tools`` +- The ``largefile`` :term:`DISTRO_FEATURES` item has been removed, large file + support is now always enabled where it was previously optional. +- The Python ``zoneinfo`` module is now split out to its own ``python3-zoneinfo`` + package. +- The :term:`PACKAGECONFIG` option to enable wpa_supplicant in the ``connman`` + recipe has been renamed to "wpa-supplicant". If you have set :term:`PACKAGECONFIG` for + the ``connman`` recipe to include this option you will need to update + your configuration. Related to this, the :term:`WIRELESS_DAEMON` variable + now expects the new ``wpa-supplicant`` naming and affects ``packagegroup-base`` + as well as ``connman``. +- The ``wpa-supplicant`` recipe no longer uses a static (and stale) ``defconfig`` + file, instead it uses the upstream version with appropriate edits for the + :term:`PACKAGECONFIG`. If you are customising this file you will need to + update your customisations. +- With the introduction of picobuild in + :ref:`ref-classes-python_pep517`, The ``PEP517_BUILD_API`` + variable is no longer supported. If you have any references to this variable + you should remove them. + + +.. _migration-4.1-removed-recipes: + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +- ``alsa-utils-scripts``: merged into alsa-utils +- ``cargo-cross-canadian``: optimised out +- ``lzop``: obsolete, unmaintained upstream +- ``linux-yocto (5.10)``: 5.15 and 5.19 are currently provided +- ``rust-cross``: optimised out +- ``rust-crosssdk``: optimised out +- ``rust-tools-cross-canadian``: optimised out +- ``xf86-input-keyboard``: obsolete (replaced by libinput/evdev) diff --git a/documentation/migration-guides/migration-4.2.rst b/documentation/migration-guides/migration-4.2.rst new file mode 100644 index 0000000000..f5f12c8871 --- /dev/null +++ b/documentation/migration-guides/migration-4.2.rst @@ -0,0 +1,276 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.2 (mickledore) +======================== + +Migration notes for 4.2 (mickledore) +------------------------------------ + +This section provides migration information for moving to the Yocto +Project 4.2 Release (codename "mickledore") from the prior release. + +.. _migration-4.2-supported-distributions: + +Supported distributions +~~~~~~~~~~~~~~~~~~~~~~~ + +This release supports running BitBake on new GNU/Linux distributions: + +- Fedora 36 and 37 +- AlmaLinux 8.7 and 9.1 +- OpenSuse 15.4 + +On the other hand, some earlier distributions are no longer supported: + +- Debian 10.x +- Fedora 34 and 35 +- AlmaLinux 8.5 + +See :ref:`all supported distributions <system-requirements-supported-distros>`. + +.. _migration-4.2-python-3.8: + +Python 3.8 is now the minimum required Python version version +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +BitBake and OpenEmbedded-Core now require Python 3.8 or newer, +making it a requirement to use a distribution providing at least this +version, or to install a :term:`buildtools` tarball. + +.. _migration-4.2-gcc-8.0: + +gcc 8.0 is now the minimum required GNU C compiler version +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This version, released in 2018, is a minimum requirement +to build the ``mesa-native`` recipe and as the latter is in the +default dependency chain when building QEMU this has now been +made a requirement for all builds. + +In the event that your host distribution does not provide this +or a newer version of gcc, you can install a +:term:`buildtools-extended` tarball. + +.. _migration-4.2-new-nvd-api: + +Fetching the NVD vulnerability database through the 2.0 API +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This new version adds a new fetcher for the NVD database using the 2.0 API, +as the 1.0 API will be retired in 2023. + +The implementation changes as little as possible, keeping the current +database format (but using a different database file for the transition +period), with a notable exception of not using the META table. + +Here are minor changes that you may notice: + +- The database starts in 1999 instead of 2002 +- The complete fetch is longer (30 minutes typically) + +.. _migration-4.2-rust-crate-checksums: + +Rust: mandatory checksums for crates +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This release now supports checksums for Rust crates and makes +them mandatory for each crate in a recipe. See :yocto_git:`python3_bcrypt recipe changes +</poky/commit/?h=mickledore&id=0dcb5ab3462fdaaf1646b05a00c7150eea711a9a>` +for example. + +The ``cargo-update-recipe-crates`` utility +:yocto_git:`has been extended </poky/commit/?h=mickledore&id=eef7fbea2c5bf59369390be4d5efa915591b7b22>` +to include such checksums. So, in case you need to add the list of checksums +to a recipe just inheriting the :ref:`ref-classes-cargo` class so far, you can +follow these steps: + +#. Make the recipe inherit :ref:`ref-classes-cargo-update-recipe-crates` +#. Remove all ``crate://`` lines from the recipe +#. Create an empty ``${BPN}-crates.inc`` file and make your recipe require it +#. Execute ``bitbake -c update_crates your_recipe`` +#. Copy and paste the output of BitBake about the missing checksums into the + ``${BPN}-crates.inc`` file. + + +.. _migration-4.2-addpylib: + +Python library code extensions +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +BitBake in this release now supports a new ``addpylib`` directive to enable +Python libraries within layers. + +This directive should be added to your layer configuration +as in the below example from ``meta/conf/layer.conf``:: + + addpylib ${LAYERDIR}/lib oe + +Layers currently adding a lib directory to extend Python library code should now +use this directive as :term:`BBPATH` is not going to be added automatically by +OE-Core in future. Note that the directives are immediate operations, so it does +make modules available for use sooner than the current BBPATH-based approach. + +For more information, see :ref:`bitbake-user-manual/bitbake-user-manual-metadata:extending python library code`. + + +.. _migration-4.2-removed-variables: + +Removed variables +~~~~~~~~~~~~~~~~~ + +The following variables have been removed: + +- ``SERIAL_CONSOLE``, deprecated since version 2.6, replaced by :term:`SERIAL_CONSOLES`. +- ``PACKAGEBUILDPKGD``, a mostly internal variable in the :ref:`ref-classes-package` + class was rarely used to customise packaging. If you were using this in your custom + recipes or bbappends, you will need to switch to using :term:`PACKAGE_PREPROCESS_FUNCS` + or :term:`PACKAGESPLITFUNCS` instead. + +.. _migration-4.2-removed-recipes: + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +- ``python3-picobuild``: after switching to ``python3-build`` +- ``python3-strict-rfc3339``: unmaintained and not needed by anything in + :oe_git:`openembedded-core </openembedded-core>` + or :oe_git:`meta-openembedded </meta-openembedded>`. +- ``linux-yocto``: removed version 5.19 recipes (6.1 and 5.15 still provided) + + +.. _migration-4.2-removed-classes: + +Removed classes +~~~~~~~~~~~~~~~ + +The following classes have been removed in this release: + +- ``rust-bin``: no longer used +- ``package_tar``: could not be used for actual packaging, and thus not particularly useful. + + +LAYERSERIES_COMPAT for custom layers and devtool workspace +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Some layer maintainers have been setting :term:`LAYERSERIES_COMPAT` in their +layer's ``conf/layer.conf`` to the value of ``LAYERSERIES_CORENAMES`` to +effectively bypass the compatibility check - this is no longer permitted. +Layer maintainers should set :term:`LAYERSERIES_COMPAT` appropriately to +help users understand the compatibility status of the layer. + +Additionally, the :term:`LAYERSERIES_COMPAT` value for the devtool workspace +layer is now set at the time of creation, thus if you upgrade with the +workspace layer enabled and you wish to retain it, you will need to manually +update the :term:`LAYERSERIES_COMPAT` value in ``workspace/conf/layer.conf`` +(or remove the path from :term:`BBLAYERS` in ``conf/bblayers.conf`` and +delete/move the ``workspace`` directory out of the way if you no longer +need it). + + +.. _migration-4.2-runqemu-slirp: + +runqemu now limits slirp host port forwarding to localhost +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +With default slirp port forwarding configuration in runqemu, qemu +previously listened on TCP ports 2222 and 2323 on all IP addresses +available on the build host. Most use cases with runqemu only need +it for localhost and it is not safe to run qemu images with root +login without password enabled and listening on all available, +possibly Internet reachable network interfaces. Thus, in this +release we limit qemu port forwarding to localhost (127.0.0.1). + +However, if you need the qemu machine to be reachable from the +network, then it can be enabled via ``conf/local.conf`` or machine +config variable ``QB_SLIRP_OPT``:: + + QB_SLIRP_OPT = "-netdev user,id=net0,hostfwd=tcp::2222-:22" + + +.. _migration-4.2-patch-qa: + +Patch QA checks +~~~~~~~~~~~~~~~ + +The QA checks for patch fuzz and Upstream-Status have been reworked +slightly in this release. The Upstream-Status checking is now configurable +from :term:`WARN_QA` / :term:`ERROR_QA` (``patch-status-core`` for the +core layer, and ``patch-status-noncore`` for other layers). + +The ``patch-fuzz`` and ``patch-status-core`` checks are now in the default +value of :term:`ERROR_QA` so that they will cause the build to fail +if triggered. If you prefer to avoid this you will need to adjust the value +of :term:`ERROR_QA` in your configuration as desired. + + +.. _migration-4.2-mesa: + +Native/nativesdk mesa usage and graphics drivers +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +This release includes mesa 23.0, and with that mesa release it is not longer +possible to use drivers from the host system, as mesa upstream has added strict +checks for matching builds between drivers and libraries that load them. + +This is particularly relevant when running QEMU built within the build +system. A check has been added to runqemu so that there is a helpful error +when there is no native/nativesdk opengl/virgl support available. + +To support this, a number of drivers have been enabled when building ``mesa-native``. +The one major dependency pulled in by this change is ``llvm-native`` which will +add a few minutes to the build on a modern machine. If this is undesirable, you +can set the value of :term:`DISTRO_FEATURES_NATIVE` in your configuration such +that ``opengl`` is excluded. + + +.. _migration-4.2-misc-changes: + +Miscellaneous changes +~~~~~~~~~~~~~~~~~~~~~ + +- The :term:`IMAGE_NAME` variable is now set based on :term:`IMAGE_LINK_NAME`. This + means that if you are setting :term:`IMAGE_LINK_NAME` to "" to disable unversioned + image symlink creation, you also now need to set :term:`IMAGE_NAME` to still have + a reasonable value e.g.:: + + IMAGE_LINK_NAME = "" + IMAGE_NAME = "${IMAGE_BASENAME}${IMAGE_MACHINE_SUFFIX}${IMAGE_VERSION_SUFFIX}" + +- In ``/etc/os-release``, the ``VERSION_CODENAME`` field is now used instead of + ``DISTRO_CODENAME`` (though its value is still set from the :term:`DISTRO_CODENAME` + variable) for better conformance to standard os-release usage. If you have runtime + code reading this from ``/etc/os-release`` it may need to be updated. + +- The kmod recipe now enables OpenSSL support by default in order to support module + signing. If you do not need this and wish to reclaim some space/avoid the dependency + you should set :term:`PACKAGECONFIG` in a kmod bbappend (or ``PACKAGECONFIG:pn-kmod`` + at the configuration level) to exclude ``openssl``. + +- The ``OEBasic`` signature handler (see :term:`BB_SIGNATURE_HANDLER`) has been + removed. It is unlikely that you would have selected to use this, but if you have + you will need to remove this setting. + +- The :ref:`ref-classes-package` class now checks if package names conflict via + ``PKG:${PN}`` override during ``do_package``. If you receive the associated error + you will need to address the :term:`PKG` usage so that the conflict is resolved. + +- openssh no longer uses :term:`RRECOMMENDS` to pull in ``rng-tools``, since rngd + is no longer needed as of Linux kernel 5.6. If you still need ``rng-tools`` + installed for other reasons, you should add ``rng-tools`` explicitly to your + image. If you additionally need rngd to be started as a service you will also + need to add the ``rng-tools-service`` package as that has been split out. + +- The cups recipe no longer builds with the web interface enabled, saving ~1.8M of + space in the final image. If you wish to enable it, you should set + :term:`PACKAGECONFIG` in a cups bbappend (or ``PACKAGECONFIG:pn-cups`` at the + configuration level) to include ``webif``. + +- The :ref:`ref-classes-scons` class now passes a ``MAXLINELENGTH`` argument to + scons in order to fix an issue with scons and command line lengths when ccache is + enabled. However, some recipes may be using older scons versions which don't support + this argument. If that is the case you can set the following in the recipe in order + to disable this:: + + SCONS_MAXLINELENGTH = "" diff --git a/documentation/migration-guides/migration-4.3.rst b/documentation/migration-guides/migration-4.3.rst new file mode 100644 index 0000000000..fc25397d70 --- /dev/null +++ b/documentation/migration-guides/migration-4.3.rst @@ -0,0 +1,252 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.3 (nanbield) +======================== + +Migration notes for 4.3 (nanbield) +------------------------------------ + +This section provides migration information for moving to the Yocto +Project 4.3 Release (codename "nanbield") from the prior release. + +.. _migration-4.3-supported-kernel-versions: + +Supported kernel versions +~~~~~~~~~~~~~~~~~~~~~~~~~ + +The :term:`OLDEST_KERNEL` setting has been changed to "5.15" in this release, meaning that +out the box, older kernels are not supported. There were two reasons for this. +Firstly it allows glibc optimisations that improve the performance of the system +by removing compatibility code and using modern kernel APIs exclusively. The second +issue was this allows 64 bit time support even on 32 bit platforms and resolves Y2038 +issues. + +It is still possible to override this value and build for older kernels, this is just +no longer the default supported configuration. This setting does not affect which +kernel versions SDKs will run against and does not affect which versions of the kernel +can be used to run builds. + +.. _migration-4.3-layername-override: + +Layername override implications +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Code can now know which layer a recipe is coming from through the newly added +:term:`FILE_LAYERNAME` variable and the ``layer-<layername> override``. This is being used +for enabling QA checks on a per layer basis. For existing code this has the +side effect that the QA checks will apply to recipes being bbappended +from other layers - for example, patches added through such bbappends will now +need to have the "Upstream-Status" specified in the patch header. + +.. _migration-4.3-compiling-changes: + +Compiling changes +~~~~~~~~~~~~~~~~~ + +- Code on 32 bit platforms is now compiled with largefile support and 64 + bit ``time_t``, to avoid the Y2038 time overflow issue. This breaks the ABI + and could break existing programs in untested layers. + +.. _migration-4.3-supported-distributions: + +Supported distributions +~~~~~~~~~~~~~~~~~~~~~~~ + +This release supports running BitBake on new GNU/Linux distributions: + +- Ubuntu 22.10 +- Fedora 38 +- Debian 12 +- CentOS Stream 8 +- AlmaLinux 8.8 +- AlmaLinux 9.2 + +On the other hand, some earlier distributions are no longer supported: + +- Fedora 36 +- AlmaLinux 8.7 +- AlmaLinux 9.1 + +See :ref:`all supported distributions <system-requirements-supported-distros>`. + +.. _migration-4.3-removed-machines: + +edgerouter machine removed +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The ``edgerouter`` reference BSP for the MIPS architecture in ``meta-yocto-bsp`` +has been removed as the hardware has been unavailable for some time. There is no +suitable reference MIPS hardware to replace it with, but the MIPS architecture +will continue to get coverage via QEMU build/boot testing. + +.. _migration-4.3-go-changes: + +Go language changes +~~~~~~~~~~~~~~~~~~~ + +- Support for the Glide package manager has been removed, as ``go mod`` + has become the standard. + +.. _migration-4.3-systemd-changes: + +systemd changes +~~~~~~~~~~~~~~~ + +Upstream systemd is now more strict on filesystem layout and the ``usrmerge`` +feature is therefore required alongside systemd. The Poky test configurations +have been updated accordingly for systemd. + +.. _migration-4.3-recipe-changes: + +Recipe changes +~~~~~~~~~~~~~~ + +- Runtime testing of ptest now fails if no test results are returned by + any given ptest. + +.. _migration-4.3-deprecated-variables: + +Deprecated variables +~~~~~~~~~~~~~~~~~~~~ + +The following variables have been deprecated: + +- :term:`CVE_CHECK_IGNORE`: use :term:`CVE_STATUS` instead. + +.. _migration-4.3-removed-variables: + +Removed variables +~~~~~~~~~~~~~~~~~ + +The following variables have been removed: + +- ``AUTHOR`` +- ``PERLARCH`` +- ``PERLVERSION`` +- ``QEMU_USE_SLIRP`` - add ``slirp`` to ``TEST_RUNQEMUPARAMS`` instead. +- ``SERIAL_CONSOLES_CHECK`` - no longer necessary because all + consoles listed in :term:`SERIAL_CONSOLES` are checked for their existence + before a ``getty`` is started. + +.. _migration-4.3-removed-recipes: + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +- ``apmd``: obsolete (``apm`` in :term:`MACHINE_FEATURES` also removed). +- ``cve-update-db-native``: functionally replaced by ``cve-update-nvd2-native`` +- ``gcr3``: no longer needed by core recipes, moved to meta-gnome (gcr, i.e. version 4.x, is still provided). +- ``glide``: as explained in :ref:`migration-4.3-go-changes`. +- ``libdmx``: obsolete +- ``linux-yocto`` version 5.15 (versions 6.1 and 6.5 provided instead). +- ``python3-async``: obsolete - no longer needed by ``python3-gitdb`` or any other core recipe +- ``rust-hello-world``: there are sufficient other Rust recipes and test cases such that this is no longer needed. + + +.. _migration-4.3-removed-classes: + +Removed classes +~~~~~~~~~~~~~~~ + +The following classes have been removed in this release: + +- ``glide``: as explained in :ref:`migration-4.3-go-changes`. + + +Output file naming changes +~~~~~~~~~~~~~~~~~~~~~~~~~~ + +In 4.3 there are some minor differences in image and SDK output file names. +If you rely on the existing naming (e.g. in external scripts) you may need to +either modify configuration or adapt to the new naming. Further details: + +- :term:`IMAGE_NAME` and :term:`IMAGE_LINK_NAME` now include the + :term:`IMAGE_NAME_SUFFIX` value directly. In practical terms, this means + that ``.rootfs`` will now appear in image output file names. If you do not + wish to have the ``.rootfs`` suffix used, you can just set + :term:`IMAGE_NAME_SUFFIX` to "" and this will now be consistently respected + in both the image file and image file symlink names. As part of this change, + support for the ``imgsuffix`` task varflag has been dropped (mostly + an internal implementation detail, but if you were implementing a custom + image construction with a task in a similar manner to ``do_bootimg`` + you may have been using this). + +- :term:`SDK_NAME` now includes the values of :term:`IMAGE_BASENAME` and + :term:`MACHINE` so that they are unique when building SDKs for different + images and machines. + + + +.. _migration-4.3-pr-pe: + +Versioning changes +~~~~~~~~~~~~~~~~~~ + +- :term:`PR` values have been removed from all core recipes - distro maintainers + who make use of :term:`PR` values would need to curate these already so the + sparsely set base values would not be that useful anymore. If you have been + relying on these (i.e. you are maintaining a binary package feed where package + versions should only ever increase), double-check the output (perhaps with the + help of the :ref:`ref-classes-buildhistory` class) to ensure that package + versions are consistent. + +- The :term:`PR` value can no longer be set from the recipe file name - this + was rarely used, but in any case is no longer supported. + +- :term:`PE` and :term:`PR` are no longer included in the work directory path + (:term:`WORKDIR`). This may break some tool assumptions about directory paths, + but those should really be querying paths from the build system (or not poking + into :term:`WORKDIR` externally). + +- Source revision information has been moved from :term:`PV` to :term:`PKGV`. + The user visible effect of this change is that :term:`PV` will no longer have + revision information in it and this will now be appended to the :term:`PV` + value through :term:`PKGV` when the packages are written out (as long as "+" + is present in the :term:`PKGV` value). Since :term:`PV` is used in + :term:`STAMP` and :term:`WORKDIR`, you may notice small directory naming and + stamp naming changes. + +- The :term:`SRCPV` variable is no longer needed in :term:`PV`, but since + the default :term:`SRCPV` value is now "", using it is effectively now just a + null operation - you can remove it (leaving behind the "+") , but it is not + yet required to do so. + + +.. _migration-4.3-qemu-changes: + +QEMU changes +~~~~~~~~~~~~ + +- The ``runqemu`` script no longer systematically adds two serial ports + (``--serial null`` and ``-serial mon:stdio``) to the QEMU emulated machine + if the user already adds such ports through the ``QB_OPT_APPEND`` setting. + + If the user adds one port, only ``--serial null`` is added, and + ``-serial mon:stdio`` is no longer passed. If the user adds more than one + port, ``--serial null`` is no longer added either. This can break some + existing QEMU based configurations expecting such serial ports to be added + when ``runqemu`` is executed. + + This change was made to avoid exceeding two serial ports, which interferes + with automated testing. + +- ``runqemu`` now uses the ``ip tuntap`` command instead of ``tunctl``, and + thus ``tunctl`` is no longer built by the ``qemu-helper-native`` recipe; if + for some reason you were calling ``tunctl`` directly from your own scripts + you should switch to calling ``ip tuntap`` instead. + +.. _migration-4.3-misc-changes: + +Miscellaneous changes +~~~~~~~~~~~~~~~~~~~~~ + +- The ``-crosssdk`` suffix and any :term:`MLPREFIX` were removed from + ``virtual/XXX`` provider/dependencies where a ``PREFIX`` was used as well, + as we don't need both and it made automated dependency rewriting + unnecessarily complex. In general this only affects internal toolchain + dependencies so isn't end user visible, but if for some reason you have + custom classes or recipes that rely upon the old providers then you will + need to update those. + diff --git a/documentation/migration-guides/migration-5.0.rst b/documentation/migration-guides/migration-5.0.rst new file mode 100644 index 0000000000..cf413300c2 --- /dev/null +++ b/documentation/migration-guides/migration-5.0.rst @@ -0,0 +1,202 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 5.0 LTS (scarthgap) +=========================== + +Migration notes for 5.0 (scarthgap) +------------------------------------ + +This section provides migration information for moving to the Yocto +Project 5.0 Release (codename "scarthgap") from the prior release. + +To migrate from an earlier LTS release, you **also** need to check all +the previous migration notes from your release to this new one: + +- :doc:`/migration-guides/migration-4.3` +- :doc:`/migration-guides/migration-4.2` +- :doc:`/migration-guides/migration-4.1` +- :doc:`/migration-guides/migration-4.0` +- :doc:`/migration-guides/migration-3.4` +- :doc:`/migration-guides/migration-3.3` +- :doc:`/migration-guides/migration-3.2` + +.. _migration-5.0-supported-kernel-versions: + +Supported kernel versions +~~~~~~~~~~~~~~~~~~~~~~~~~ + +The :term:`OLDEST_KERNEL` setting is still "5.15" in this release, meaning that +out the box, older kernels are not supported. See :ref:`4.3 migration notes +<migration-4.3-supported-kernel-versions>` for details. + +.. _migration-5.0-supported-distributions: + +Supported distributions +~~~~~~~~~~~~~~~~~~~~~~~ + +Compared to the previous releases, running BitBake is supported on new +GNU/Linux distributions: + +- Rocky 9 + +On the other hand, some earlier distributions are no longer supported: + +- Fedora 37 +- Ubuntu 22.10 +- OpenSUSE Leap 15.3 + +See :ref:`all supported distributions <system-requirements-supported-distros>`. + +.. _migration-5.0-go-changes: + +Go language changes +~~~~~~~~~~~~~~~~~~~ + +The ``linkmode`` flag was dropped from ``GO_LDFLAGS`` for ``nativesdk`` and +``cross-canadian``. Also, dynamic linking was disabled for the whole set of +(previously) supported architectures in the ``goarch`` class. + +.. _migration-5.0-systemd-changes: + +systemd changes +~~~~~~~~~~~~~~~ + +Systemd's nss-resolve plugin is now supported and can be added via the +``nss-resolve`` :term:`PACKAGECONFIG` option , which is from now on required +(along with ``resolved``) by the ``systemd-resolved`` feature. Related to that +(i.e., Systemd's network name resolution), an option to use ``stub-resolv.conf`` +was added as well. + +.. _migration-5.0-recipe-changes: + +Recipe changes +~~~~~~~~~~~~~~ + +- Runtime testing of ptest now fails if no test results are returned by + any given ptest. + +.. _migration-5.0-deprecated-variables: + +Deprecated variables +~~~~~~~~~~~~~~~~~~~~ + +- ``CVE_CHECK_IGNORE`` should be replaced with :term:`CVE_STATUS` + + +.. _migration-5.0-removed-variables: + +Removed variables +~~~~~~~~~~~~~~~~~ + +The following variables have been removed: + +- ``DEPLOY_DIR_TAR``: no longer needed since the package_tar class was removed in 4.2. +- ``PYTHON_PN``: Python 2 has previously been removed, leaving Python 3 as the sole + major version. Therefore, this abstraction to differentiate both versions is + no longer needed. +- ``oldincludedir`` +- ``USE_L10N``: previously deprecated, and now removed. +- ``CVE_SOCKET_TIMEOUT`` +- ``SERIAL_CONSOLES_CHECK`` - use :term:`SERIAL_CONSOLES` instead as all consoles specified in the latter are checked for their existence before a ``getty`` is started. + +.. _migration-5.0-removed-recipes: + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +- ``libcroco``: deprecated and archived by the Gnome Project. +- ``liberror-perl``: unmaintained and no longer needed - moved to meta-perl. +- ``linux-yocto``: version 6.1 (version 6.6 provided instead). +- ``systemtap-uprobes``: obsolete. +- ``zvariant``: fails to build with newer Rust. + +.. _migration-5.0-removed-classes: + +Removed classes +~~~~~~~~~~~~~~~ + +No classes have been removed in this release. + +.. _migration-5.0-qemu-changes: + +QEMU changes +~~~~~~~~~~~~ + +In ``tune-core2``, the cpu models ``n270`` and ``core2duo`` are no longer +passed to QEMU, since its documentation recommends not using them with ``-cpu`` +option. Therefore, from now on, ``Nehalem`` model is used instead. + + +ipk packaging changes +~~~~~~~~~~~~~~~~~~~~~ + +ipk packaging (using ``opkg``) now uses ``zstd`` compression instead of ``xz`` +for better compression and performance. This does mean that ``.ipk`` packages +built using the 5.0 release requires Opkg built with zstd enabled --- naturally +this is the case in 5.0, but at least by default these packages will not be +usable on older systems where Opkg does not have zstd enabled at build time. + +Additionally, the internal dependency solver in Opkg is now deprecated --- it +is still available in this release but will trigger a warning if selected. +The default has been the external ``libsolv`` solver for some time, but if you +have explicitly removed that from :term:`PACKAGECONFIG` for Opkg to +select the internal solver, you should plan to switch to ``libsolv`` in the +near future (by including ``libsolv`` your custom :term:`PACKAGECONFIG` value +for Opkg, or reverting to the default value). + + +motd message when using ``DISTRO = "poky"`` +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The default ``poky`` :term:`DISTRO` is explicitly a *reference* distribution +for testing and development purposes. It enables most hardware and software +features so that they can be tested, but this also means that +from a security point of view the attack surface is very large. + +We encourage anyone using the Yocto Project for production use to create +their own distribution and not use Poky. To encourage this behaviour +further, in 5.0 a warning has been added to ``/etc/motd`` when Poky is used +so that the developer will see it when they log in. If you are creating your +own distribution this message will not show up. + +For information on how to create your own distribution, see +":ref:`dev-manual/custom-distribution:creating your own distribution`". + +.. _migration-5.0-misc-changes: + +Miscellaneous changes +~~~~~~~~~~~~~~~~~~~~~ + +- ``bitbake-whatchanged`` script was removed as it was broken and unmaintained. + +- ``scripts/sstate-cache-management.sh`` has been replaced by + ``scripts/sstate-cache-management.py``, a more performant Python-based version. + +- The ``bmap-tools`` recipe has been renamed to ``bmaptool``. + +- ``gpgme`` has had Python binding support disabled since upstream does not + support Python 3.12 yet. This will be fixed in future once it is fixed upstream.) + +- A warning will now be shown if the ``virtual/`` prefix is used in runtime + contexts (:term:`RDEPENDS` / :term:`RPROVIDES`) --- + See :ref:`virtual-slash <qa-check-virtual-slash>` for details. + +- ``recipetool`` now prefixes the names of recipes created for Python modules + with ``python3-``. + +- The :ref:`ref-classes-cve-check` class no longer produces a warning for + remote patches --- it only logs a note and does not try to fetch the patch + in order to scan it for issues or CVE numbers. However, CVE number + references in remote patch file names will now be picked up. + +- The values of :term:`PE` and :term:`PR` have been dropped from + ``-f{file,macro,debug}-prefix-map``, in order to avoid unnecessary churn + in debugging symbol paths when the version is bumped. This is unlikely to + cause issues, but if you are paying attention to the debugging source path + (e.g. in recipes that need to manipulate these files during packaging) then + you will notice the difference. A new :term:`TARGET_DBGSRC_DIR` variable is + provided to make this easier. + +- ``ccache`` no longer supports FORTRAN. diff --git a/documentation/migration-guides/migration-5.1.rst b/documentation/migration-guides/migration-5.1.rst new file mode 100644 index 0000000000..b43fecc2dd --- /dev/null +++ b/documentation/migration-guides/migration-5.1.rst @@ -0,0 +1,143 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 5.1 (styhead) +===================== + +Migration notes for 5.1 (styhead) +------------------------------------ + +This section provides migration information for moving to the Yocto +Project 5.1 Release (codename "styhead") from the prior release. + +.. _migration-5.1-supported-kernel-versions: + +:term:`WORKDIR` changes +~~~~~~~~~~~~~~~~~~~~~~~ + +S = ${WORKDIR} no longer supported +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If a recipe has :term:`S` set to be :term:`WORKDIR`, this is no longer +supported, and an error will be issued. The recipe should be changed to:: + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" + +Any :term:`WORKDIR` references where files from :term:`SRC_URI` are referenced +should be changed to :term:`S`. These are commonly in :ref:`ref-tasks-compile`, +:ref:`ref-tasks-compile`, :ref:`ref-tasks-install` and :term:`LIC_FILES_CHKSUM`. + +:term:`WORKDIR` references in recipes +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +:term:`WORKDIR` references in other recipes need auditing. If they reference +files from :term:`SRC_URI`, they likely need changing to :term:`UNPACKDIR`. +These are commonly in :ref:`ref-tasks-compile` and :ref:`ref-tasks-install` +for things like service or configuration files. One unusual case is +``${WORKDIR}/${BP}`` which should probably be set to ``${S}``. + +References to ``../`` in :term:`LIC_FILES_CHKSUM` or elsewhere may need changing +to :term:`UNPACKDIR`. References to :term:`WORKDIR` in ``sed`` commands are +usually left as they are. + +General notes +^^^^^^^^^^^^^ + +Files from :ref:`ref-tasks-unpack` now unpack to ``WORKDIR/sources-unpack/`` +rather than ``WORKDIR/``. + +If :term:`S` is set to a subdirectory under :term:`WORKDIR` and that +subdirectory exists in ``sources-unpack`` after :ref:`ref-tasks-unpack` runs, +it is moved to :term:`WORKDIR`. This means that ``S = "${WORKDIR}/${BP}"``, +``S = "${WORKDIR}/git"`` and also deeper paths continue to work as expected +without changes. We cannot use symlinks to do this as it breaks autotools +based recipes. Keeping all sources under ``sources-unpack`` wasn't considered +as it meant more invasive recipes changes. The key objective was separating the +:ref:`ref-tasks-unpack` task output from :term:`WORKDIR`. + +Previously, :term:`S` was always created but after the recent changes it is no +longer the case. This means the check in ``do_unpack_qa`` triggers where +:term:`S` is not created by a recipe while it didn't happen before. This can +require to add an :term:`S` definition to a recipe that only uses +``file://`` :term:`SRC_URI` entries. To be consistent, the following pattern is +recommended:: + + S = "${WORKDIR}/sources" + UNPACKDIR = "${S}" + +Building C files from :term:`UNPACKDIR` without setting :term:`S` to point at +it does not work as the debug prefix mapping doesn't handle that. + +``devtool`` and ``recipetool`` have been updated to handle this and their +support for ``S = WORKDIR`` and ``oe-local-files`` has been removed. + +Supported kernel versions +~~~~~~~~~~~~~~~~~~~~~~~~~ + +The :term:`OLDEST_KERNEL` setting is still "5.15" in this release, meaning that +out the box, older kernels are not supported. See :ref:`4.3 migration notes +<migration-4.3-supported-kernel-versions>` for details. + +.. _migration-5.1-supported-distributions: + +Supported distributions +~~~~~~~~~~~~~~~~~~~~~~~ + +Compared to the previous releases, running BitBake is supported on new +GNU/Linux distributions: + +On the other hand, some earlier distributions are no longer supported: + +See :ref:`all supported distributions <system-requirements-supported-distros>`. + +.. _migration-5.1-go-changes: + +Go language changes +~~~~~~~~~~~~~~~~~~~ + +.. _migration-5.1-systemd-changes: + +systemd changes +~~~~~~~~~~~~~~~ + +.. _migration-5.1-recipe-changes: + +Recipe changes +~~~~~~~~~~~~~~ + +.. _migration-5.1-deprecated-variables: + +Deprecated variables +~~~~~~~~~~~~~~~~~~~~ + +.. _migration-5.1-removed-variables: + +Removed variables +~~~~~~~~~~~~~~~~~ + +The following variables have been removed: + +.. _migration-5.1-removed-recipes: + +Removed recipes +~~~~~~~~~~~~~~~ + +The following recipes have been removed in this release: + +.. _migration-5.1-removed-classes: + +Removed classes +~~~~~~~~~~~~~~~ + +No classes have been removed in this release. + +.. _migration-5.1-qemu-changes: + +QEMU changes +~~~~~~~~~~~~ + +.. _migration-5.1-misc-changes: + +Miscellaneous changes +~~~~~~~~~~~~~~~~~~~~~ + diff --git a/documentation/migration-guides/migration-general.rst b/documentation/migration-guides/migration-general.rst new file mode 100644 index 0000000000..1820f5cfd8 --- /dev/null +++ b/documentation/migration-guides/migration-general.rst @@ -0,0 +1,108 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Introduction +============ + +This guide provides a list of the backwards-incompatible changes you +might need to adapt to in your existing Yocto Project configuration +when upgrading to a new release. + +If you are upgrading over multiple releases, you will need to follow +the sections from the version following the one you were previously +using up to the new version you are upgrading to. + + +General Migration Considerations +-------------------------------- + +Some considerations are not tied to a specific Yocto Project release. +This section presents information you should consider when migrating to +any new Yocto Project release. + +- *Dealing with Customized Recipes*: + + Issues could arise if you take + older recipes that contain customizations and simply copy them + forward expecting them to work after you migrate to new Yocto Project + metadata. For example, suppose you have a recipe in your layer that + is a customized version of a core recipe copied from the earlier + release, rather than through the use of an append file. When you + migrate to a newer version of Yocto Project, the metadata (e.g. + perhaps an include file used by the recipe) could have changed in a + way that would break the build. Say, for example, a function is + removed from an include file and the customized recipe tries to call + that function. + + You could "forward-port" all your customizations in your recipe so + that everything works for the new release. However, this is not the + optimal solution as you would have to repeat this process with each + new release if changes occur that give rise to problems. + + The better solution (where practical) is to use append files + (``*.bbappend``) to capture any customizations you want to make to a + recipe. Doing so isolates your changes from the main recipe, making + them much more manageable. However, sometimes it is not practical to + use an append file. A good example of this is when introducing a + newer or older version of a recipe in another layer. + + +- *Updating Append Files*: + + Since append (``.bbappend``) files generally only contain + your customizations, they often do not need to be adjusted for new + releases. However, if the append file is specific to a + particular version of the recipe (i.e. its name does not use the % + wildcard) and the version of the recipe to which it is appending has + changed, then you will at a minimum need to rename the append file to + match the name of the recipe file. A mismatch between an append file + and its corresponding recipe file (``.bb``) will trigger an error + during parsing. + + Depending on the type of customization the append file applies, other + incompatibilities might occur when you upgrade. For example, if your + append file applies a patch and the recipe to which it is appending + is updated to a newer version, the patch might no longer apply. If + this is the case and assuming the patch is still needed, you must + modify the patch file so that it does apply. + + .. tip:: + + You can list all append files used in your configuration by running: + + bitbake-layers show-appends + + +.. _migration-general-buildhistory: + +- *Checking Image / SDK Changes*: + + The :ref:`ref-classes-buildhistory` class can be used + if you wish to check the impact of changes to images / SDKs across + the migration (e.g. added/removed packages, added/removed files, size + changes etc.). To do this, follow these steps: + + #. Enable :ref:`ref-classes-buildhistory` before the migration + + #. Run a pre-migration build + + #. Capture the :ref:`ref-classes-buildhistory` output (as + specified by :term:`BUILDHISTORY_DIR`) and ensure it is preserved for + subsequent builds. How you would do this depends on how you are running + your builds - if you are doing this all on one workstation in the same + :term:`Build Directory` you may not need to do anything other than not + deleting the :ref:`ref-classes-buildhistory` output + directory. For builds in a pipeline it may be more complicated. + + #. Set a tag in the :ref:`ref-classes-buildhistory` output (which is a git repository) before + migration, to make the commit from the pre-migration build easy to find + as you may end up running multiple builds during the migration. + + #. Perform the migration + + #. Run a build + + #. Check the output changes between the previously set tag and HEAD in the + :ref:`ref-classes-buildhistory` output using ``git diff`` or ``buildhistory-diff``. + + For more information on using :ref:`ref-classes-buildhistory`, see + :ref:`dev-manual/build-quality:maintaining build output quality`. diff --git a/documentation/migration-guides/release-3.4.rst b/documentation/migration-guides/release-3.4.rst new file mode 100644 index 0000000000..043fdd1c9f --- /dev/null +++ b/documentation/migration-guides/release-3.4.rst @@ -0,0 +1,14 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 3.4 (honister) +====================== + +.. toctree:: + + migration-3.4 + release-notes-3.4 + release-notes-3.4.1 + release-notes-3.4.2 + release-notes-3.4.3 + release-notes-3.4.4 + diff --git a/documentation/migration-guides/release-4.0.rst b/documentation/migration-guides/release-4.0.rst new file mode 100644 index 0000000000..d848b3ef64 --- /dev/null +++ b/documentation/migration-guides/release-4.0.rst @@ -0,0 +1,27 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.0 (kirkstone) +======================= + +.. toctree:: + + migration-4.0 + release-notes-4.0 + release-notes-4.0.1 + release-notes-4.0.2 + release-notes-4.0.3 + release-notes-4.0.4 + release-notes-4.0.5 + release-notes-4.0.6 + release-notes-4.0.7 + release-notes-4.0.8 + release-notes-4.0.9 + release-notes-4.0.10 + release-notes-4.0.11 + release-notes-4.0.12 + release-notes-4.0.13 + release-notes-4.0.14 + release-notes-4.0.15 + release-notes-4.0.16 + release-notes-4.0.17 + release-notes-4.0.18 diff --git a/documentation/migration-guides/release-4.1.rst b/documentation/migration-guides/release-4.1.rst new file mode 100644 index 0000000000..7d1ce95e25 --- /dev/null +++ b/documentation/migration-guides/release-4.1.rst @@ -0,0 +1,13 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.1 (langdale) +====================== + +.. toctree:: + + migration-4.1 + release-notes-4.1 + release-notes-4.1.1 + release-notes-4.1.2 + release-notes-4.1.3 + release-notes-4.1.4 diff --git a/documentation/migration-guides/release-4.2.rst b/documentation/migration-guides/release-4.2.rst new file mode 100644 index 0000000000..5ef2cc6657 --- /dev/null +++ b/documentation/migration-guides/release-4.2.rst @@ -0,0 +1,13 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.2 (mickledore) +======================== + +.. toctree:: + + migration-4.2 + release-notes-4.2 + release-notes-4.2.1 + release-notes-4.2.2 + release-notes-4.2.3 + release-notes-4.2.4 diff --git a/documentation/migration-guides/release-4.3.rst b/documentation/migration-guides/release-4.3.rst new file mode 100644 index 0000000000..1f07d229a7 --- /dev/null +++ b/documentation/migration-guides/release-4.3.rst @@ -0,0 +1,13 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 4.3 (nanbield) +======================== + +.. toctree:: + + migration-4.3 + release-notes-4.3 + release-notes-4.3.1 + release-notes-4.3.2 + release-notes-4.3.3 + release-notes-4.3.4 diff --git a/documentation/migration-guides/release-5.0.rst b/documentation/migration-guides/release-5.0.rst new file mode 100644 index 0000000000..44a02ab041 --- /dev/null +++ b/documentation/migration-guides/release-5.0.rst @@ -0,0 +1,10 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 5.0 (scarthgap) +======================= + +.. toctree:: + + migration-5.0 + release-notes-5.0 + release-notes-5.0.1 diff --git a/documentation/migration-guides/release-5.1.rst b/documentation/migration-guides/release-5.1.rst new file mode 100644 index 0000000000..768edfa2b0 --- /dev/null +++ b/documentation/migration-guides/release-5.1.rst @@ -0,0 +1,9 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release 5.1 (styhead) +======================= + +.. toctree:: + + migration-5.1 + release-notes-5.1 diff --git a/documentation/migration-guides/release-notes-3.4.1.rst b/documentation/migration-guides/release-notes-3.4.1.rst new file mode 100644 index 0000000000..097c249a90 --- /dev/null +++ b/documentation/migration-guides/release-notes-3.4.1.rst @@ -0,0 +1,254 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 3.4.1 (honister) +---------------------------------- + +Known Issues in 3.4.1 +~~~~~~~~~~~~~~~~~~~~~ + +- :yocto_bugs:`bsps-hw.bsps-hw.Test_Seek_bar_and_volume_control manual test case failure </show_bug.cgi?id=14622>` + +Security Fixes in 3.4.1 +~~~~~~~~~~~~~~~~~~~~~~~ + +- glibc: Backport fix for :cve:`2021-43396` +- vim: add patch number to :cve:`2021-3778` patch +- vim: fix :cve:`2021-3796`, :cve:`2021-3872`, and :cve:`2021-3875` +- squashfs-tools: follow-up fix for :cve:`2021-41072` +- avahi: update CVE id fixed by local-ping.patch +- squashfs-tools: fix :cve:`2021-41072` +- ffmpeg: fix :cve:`2021-38114` +- curl: fix :cve:`2021-22945`, :cve:`2021-22946` and :cve:`2021-22947` + +Fixes in 3.4.1 +~~~~~~~~~~~~~~ + +- bitbake.conf: Fix corruption of GNOME mirror url +- bitbake.conf: Use wayland distro feature for native builds +- bitbake: Revert "parse/ast: Show errors for append/prepend/remove operators combined with +=/.=" +- bitbake: bitbake-worker: Add debug when unpickle fails +- bitbake: cooker: Fix task-depends.dot for multiconfig targets +- bitbake: cooker: Handle parse threads disappearing to avoid hangs +- bitbake: cooker: Handle parsing results queue race +- bitbake: cooker: Remove debug code, oops :( +- bitbake: cooker: check if upstream hash equivalence server is available +- bitbake: fetch/git: Handle github dropping git:// support +- bitbake: fetch/wget: Add timeout for checkstatus calls (30s) +- bitbake: fetch2/perforce: Fix typo +- bitbake: fetch2: Fix url remap issue and add testcase +- bitbake: fetch2: fix downloadfilename issue with premirror +- bitbake: fetch: Handle mirror user/password replacements correctly +- bitbake: parse/ast: Show errors for append/prepend/remove operators combined with +=/.= +- bitbake: runqueue: Fix runall option handling +- bitbake: runqueue: Fix runall option task deletion ordering issue +- bitbake: test/fetch: Update urls to match upstream branch name changes +- bitbake: tests/fetch.py: add test case to ensure downloadfilename is used for premirror +- bitbake: tests/fetch.py: fix premirror test cases +- bitbake: tests/fetch: Update github urls +- bitbake: tests/fetch: Update pcre.org address after github changes +- bitbake: tests/runqueue: Ensure hashserv exits before deleting files +- bitbake: utils: Handle lockfile filenames that are too long for filesystems +- bootchart2: Don't compile Python modules +- build-appliance-image: Update to honister head revision +- buildhistory: Fix package output files for SDKs +- busybox: 1.34.0 -> 1.34.1 +- ca-certificates: update 20210119 -> 20211016 +- classes/populate_sdk_base: Add setscene tasks +- conf: update for release 3.4 +- convert-srcuri.py: use regex to check space in :term:`SRC_URI` +- create-spdx: Fix key errors in do_create_runtime_spdx +- create-spdx: Protect against None from :term:`LICENSE_PATH` +- create-spdx: Set the Organization field via a variable +- create-spdx: add create_annotation function +- create-spdx: cross recipes are native also +- create_spdx: ensure is_work_shared() is unique +- cups: Fix missing installation of cups sysv init scripts +- docs: poky.yaml: updates for 3.4 +- dpkg: Install dkpg-perl scripts to versioned perl directory +- glibc-version.inc: remove branch= from GLIBC_GIT_URI +- go-helloworld/glide: Fix urls +- go.bbclass: Allow adding parameters to go ldflags +- go: upgrade 1.16.7 -> 1.16.8 +- gst-devtools: 1.18.4 -> 1.18.5 +- gst-examples: 1.18.4 -> 1.18.5 +- gstreamer1.0-libav: 1.18.4 -> 1.18.5 +- gstreamer1.0-omx: 1.18.4 -> 1.18.5 +- gstreamer1.0-plugins-bad: 1.18.4 -> 1.18.5 +- gstreamer1.0-plugins-base: 1.18.4 -> 1.18.5 +- gstreamer1.0-plugins-good: 1.18.4 -> 1.18.5 +- gstreamer1.0-plugins-ugly: 1.18.4 -> 1.18.5 +- gstreamer1.0-python: 1.18.4 -> 1.18.5 +- gstreamer1.0-rtsp-server: 1.18.4 -> 1.18.5 +- gstreamer1.0-vaapi: 1.18.4 -> 1.18.5 +- gstreamer1.0: 1.18.4 -> 1.18.5 +- insane.bbclass: Add a check for directories that are expected to be empty +- kernel-devsrc: Add vdso.lds and other build files for riscv64 as well +- libnewt: Use python3targetconfig to fix reproducibility issue +- libpcre/libpcre2: correct :term:`SRC_URI` +- libx11-compose-data: Update :term:`LICENSE` to better reflect reality +- libx11: Update :term:`LICENSE` to better reflect reality +- libxml2: Use python3targetconfig to fix reproducibility issue +- linunistring: Add missing gperf-native dependency +- linux-firmware: upgrade to 20211027 +- linux-yocto-dev: Ensure :term:`DEPENDS` matches recent 5.14 kernel changes +- linux-yocto-rt/5.10: update to -rt54 +- linux-yocto/5.10: update to v5.10.78 +- linux-yocto/5.14: common-pc: enable CONFIG_ATA_PIIX as built-in +- linux-yocto/5.14: update to v5.14.17 +- linux-yocto: add libmpc-native to :term:`DEPENDS` +- lttng-tools: replace ad hoc ptest fixup with upstream fixes +- manuals: releases.rst: move gatesgarth to outdated releases section +- mesa: Enable svga for x86 only +- mesa: upgrade 21.2.1 -> 21.2.4 +- meson.bblcass: Remove empty egg-info directories before running meson +- meson: install native file in sdk +- meson: move lang args to the right section +- meson: set objcopy in the cross and native toolchain files +- meta/scripts: Manual git url branch additions +- meta: Add explict branch to git SRC_URIs +- migration-3.4: add additional migration info +- migration-3.4: add some extra packaging notes +- migration-3.4: tweak overrides change section +- migration: tweak introduction section +- mirrors: Add kernel.org sources mirror for downloads.yoctoproject.org +- mirrors: Add uninative mirror on kernel.org +- nativesdk-packagegroup-sdk-host.bb: Update host tools for wayland +- oeqa/runtime/parselogs: modified drm error in common errors list +- oeqa/selftest/sstatetests: fix typo ware -> were +- oeqa: Update cleanup code to wait for hashserv exit +- opkg: Fix poor operator combination choice +- ovmf: update 202105 -> 202108 +- patch.bbclass: when the patch fails show more info on the fatal error +- poky.conf: bump version for 3.4.1 honister release +- poky.yaml: add lz4 and zstd to essential host packages +- poky.yaml: fix lz4 package name for older Ubuntu versions +- pseudo: Add fcntl64 wrapper +- python3-setuptools: _distutils/sysconfig fix +- python3: update to 3.9.7 +- qemu.inc: Remove empty egg-info directories before running meson +- recipes: Update github.com urls to use https +- ref-manual: Update how to set a useradd password +- ref-manual: document "reproducible_build" class and :term:`SOURCE_DATE_EPOCH` +- ref-manual: document BUILD_REPRODUCIBLE_BINARIES +- ref-manual: document :term:`TOOLCHAIN_HOST_TASK_ESDK` +- ref-manual: remove meta class +- ref-manual: update system requirements +- releases.rst: fix release number for 3.3.3 +- scripts/convert-srcuri: Update :term:`SRC_URI` conversion script to handle github url changes +- scripts/lib/wic/help.py: Update Fedora Kickstart URLs +- scripts/oe-package-browser: Fix after overrides change +- scripts/oe-package-browser: Handle no packages being built +- spdx.py: Add annotation to relationship +- sstate: Account for reserved characters when shortening sstate filenames +- sstate: another fix for touching files inside pseudo +- sstate: fix touching files inside pseudo +- staging: Fix autoconf-native rebuild failure +- strace: fix build against 5.15 kernel/kernel-headers +- strace: show test suite log on failure +- stress-ng: convert to git, website is down +- systemd: add missing include for musl +- tar: filter CVEs using vendor name +- test-manual: how to enable reproducible builds +- testimage: fix unclosed testdata file +- tzdata: update 2021d to 2021d +- uninative: Add version to uninative tarball name +- waffle: convert to git, website is down +- wayland: Fix wayland-tools packaging +- wireless-regdb: upgrade 2021.07.14 -> 2021.08.28 +- wpa-supplicant: Match package override to :term:`PACKAGES` for pkg_postinst + +Contributors to 3.4.1 +~~~~~~~~~~~~~~~~~~~~~ + +- Ahmed Hossam +- Alexander Kanavin +- Alexandre Belloni +- Andrej Valek +- Andres Beltran +- Anuj Mittal +- Bruce Ashfield +- Chen Qi +- Claus Stovgaard +- Daiane Angolini +- Hsia-Jun(Randy) Li +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Khem Raj +- Kiran Surendran +- Manuel Leonhardt +- Michael Opdenacker +- Oleksandr Kravchuk +- Pablo Saavedra +- Paul Eggleton +- Peter Kjellerstedt +- Quentin Schulz +- Ralph Siemsen +- Randy Li +- Richard Purdie +- Ross Burton +- Sakib Sajal +- Saul Wold +- Teoh Jay Shen +- Tim Orling +- Tom Hochstein +- Yureka + +Repositories / Downloads for 3.4.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`honister </poky/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.1 </poky/tag/?h=yocto-3.4.1>` +- Git Revision: :yocto_git:`b53230c08d9f02ecaf35b4f0b70512abbf10ae11 </poky/commit/?id=b53230c08d9f02ecaf35b4f0b70512abbf10ae11>` +- Release Artefact: poky-b53230c08d9f02ecaf35b4f0b70512abbf10ae11 +- sha: 57d49e2afafb555baf65643acf752464f0eb7842b964713a5de7530c392de159 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.1/poky-b53230c08d9f02ecaf35b4f0b70512abbf10ae11.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.1/poky-b53230c08d9f02ecaf35b4f0b70512abbf10ae11.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`honister </meta-mingw/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.1 </meta-mingw/tag/?h=yocto-3.4.1>` +- Git Revision: :yocto_git:`f5d761cbd5c957e4405c5d40b0c236d263c916a8 </meta-mingw/commit/?id=f5d761cbd5c957e4405c5d40b0c236d263c916a8>` +- Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8 +- sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.1/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.1/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`honister </meta-gplv2/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.1 </meta-gplv2/tag/?h=yocto-3.4.1>` +- Git Revision: :yocto_git:`f04e4369bf9dd3385165281b9fa2ed1043b0e400 </meta-gplv2/commit/?id=f04e4369bf9dd3385165281b9fa2ed1043b0e400>` +- Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400 +- sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`1.52 </bitbake/log/?h=1.52>` +- Tag: :oe_git:`yocto-3.4.1 </bitbake/tag/?h=yocto-3.4.1>` +- Git Revision: :oe_git:`44a83b373e1fc34c93cd4a6c6cf8b73b230c1520 </bitbake/commit/?id=44a83b373e1fc34c93cd4a6c6cf8b73b230c1520>` +- Release Artefact: bitbake-44a83b373e1fc34c93cd4a6c6cf8b73b230c1520 +- sha: 03d50c1318d88d62eb01d359412ea5a8014ef506266629a2bd43ab3a2ef19430 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.1/bitbake-44a83b373e1fc34c93cd4a6c6cf8b73b230c1520.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.1/bitbake-44a83b373e1fc34c93cd4a6c6cf8b73b230c1520.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`honister </yocto-docs/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.1 </yocto-docs/tag/?h=yocto-3.4.1>` +- Git Revision: :yocto_git:`b250eda5a0beba8acc9641c55a5b0e30594b5178 </yocto-docs/commit/?b250eda5a0beba8acc9641c55a5b0e30594b5178>` diff --git a/documentation/migration-guides/release-notes-3.4.2.rst b/documentation/migration-guides/release-notes-3.4.2.rst new file mode 100644 index 0000000000..5ff42d3900 --- /dev/null +++ b/documentation/migration-guides/release-notes-3.4.2.rst @@ -0,0 +1,242 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 3.4.2 (honister) +---------------------------------- + +Security Fixes in 3.4.2 +~~~~~~~~~~~~~~~~~~~~~~~ + +- tiff: backport fix for :cve:`2022-22844` +- glibc : Fix :cve:`2021-3999` +- glibc : Fix :cve:`2021-3998` +- glibc : Fix :cve:`2022-23219` +- glibc : Fix :cve:`2022-23218` +- lighttpd: backport a fix for :cve:`2022-22707` +- speex: fix :cve:`2020-23903` +- linux-yocto/5.10: amdgpu: updates for :cve:`2021-42327` +- libsndfile1: fix :cve:`2021-4156` +- xserver-xorg: whitelist two CVEs +- grub2: fix :cve:`2021-3981` +- xserver-xorg: update :term:`CVE_PRODUCT` +- binutils: :cve:`2021-42574` +- gcc: Fix :cve:`2021-42574` +- gcc: Fix :cve:`2021-35465` +- cve-extra-exclusions: add db CVEs to exclusion list +- gcc: Add :cve:`2021-37322` to the list of CVEs to ignore +- bind: fix :cve:`2021-25219` +- openssh: fix :cve:`2021-41617` +- ncurses: fix :cve:`2021-39537` +- vim: fix :cve:`2021-3968` and :cve:`2021-3973` +- vim: fix :cve:`2021-3927` and :cve:`2021-3928` +- gmp: fix :cve:`2021-43618` + +Fixes in 3.4.2 +~~~~~~~~~~~~~~ + +- build-appliance-image: Update to honister head revision +- poky.conf: bump version for 3.4.2 release +- libxml2: Backport python3-lxml workaround patch +- core-image-sato-sdk: allocate more memory when in qemu +- vim: upgrade to patch 4269 +- vim: update to include latest CVE fixes +- expat: upgrade to 2.4.4 +- libusb1: correct :term:`SRC_URI` +- yocto-check-layer: add debug output for the layers that were found +- linux-firmware: Add CLM blob to linux-firmware-bcm4373 package +- linux-yocto/5.10: update to v5.10.93 +- icu: fix make_icudata dependencies +- sstate: Improve failure to obtain archive message/handling +- insane.bbclass: Correct package_qa_check_empty_dirs() +- sstate: A third fix for for touching files inside pseudo +- kernel: introduce python3-dtschema-wrapper +- vim: upgrade to 8.2 patch 3752 +- bootchart2: Add missing python3-math dependency +- socat: update :term:`SRC_URI` +- pigz: fix one failure of command "unpigz -l" +- linux-yocto/5.14: update genericx86* machines to v5.14.21 +- linux-yocto/5.10: update genericx86* machines to v5.10.87 +- go: upgrade 1.16.10 -> 1.16.13 +- linux-yocto/5.10/cfg: add kcov feature fragment +- linux-yocto/5.14: fix arm 32bit -rt warnings +- oeqa/sstate: Fix allarch samesigs test +- rootfs-postcommands.bbclass: Make two comments use the new variable syntax +- cve-check: add lockfile to task +- lib/oe/reproducible: correctly set .git location when recursively looking for git repos +- epiphany: Update 40.3 -> 40.6 +- scripts/buildhistory-diff: drop use of distutils +- scripts: Update to use exec_module() instead of load_module() +- vulkan-loader: inherit pkgconfig +- webkitgtk: Add reproducibility fix +- openssl: Add reproducibility fix +- rpm: remove tmp folder created during install +- package_manager: ipk: Fix host manifest generation +- bitbake: utils: Update to use exec_module() instead of load_module() +- linux-yocto: add libmpc-native to :term:`DEPENDS` +- ref-manual: fix patch documentation +- bitbake: tests/fetch: Drop gnu urls from wget connectivity test +- bitbake: fetch: npm: Use temporary file for empty user config +- bitbake: fetch: npm: Quote destdir in run chmod command +- bitbake: process: Do not mix stderr with stdout +- xserver-xorg: upgrade 1.20.13 -> 1.20.14 +- python3-pyelftools: Depend on debugger, pprint +- linux-firmware: upgrade 20211027 -> 20211216 +- oeqa/selftest/bbtests: Use YP sources mirror instead of GNU +- systemd: Fix systemd-journal-gateway user/groups +- license.bbclass: implement ast.NodeVisitor.visit_Constant +- oe/license: implement ast.NodeVisitor.visit_Constant +- packagedata.py: silence a DeprecationWarning +- uboot-sign: fix the concatenation when multiple U-BOOT configurations are specified +- runqemu: check the qemu PID has been set before kill()ing it +- selftest/devtool: Check branch in git fetch +- recipetool: Set master branch only as fallback +- kern-tools: bug fixes and kgit-gconfig +- linux-yocto-rt/5.10: update to -rt56 +- linux-yocto/5.14: update to v5.14.21 +- python3: upgrade 3.9.7 -> 3.9.9 +- bitbake: lib/pyinotify.py: Remove deprecated module asyncore +- updates for recent releases +- libdrm: upgrade 2.4.108 -> 2.4.109 +- patch.py: Initialize git repo before patching +- boost: Fix build on arches with no atomics +- boost: allow searching for python310 +- recipetool: extend curl detection when creating recipes +- recipetool: handle GitLab URLs like we do GitHub +- README.OE-Core.md: update URLs +- libtool: change the default AR_FLAGS from "cru" to "cr" +- libtool: Update patchset to match those submitted upstream +- scripts/checklayer/common.py: Fixed a minor grammatical error +- oeqa/parselogs: Fix quoting +- oeqa/utils/dump: Fix typo +- systemd: update 249.6 -> 249.7 +- glibc: Fix i586/c3 support +- wic: support rootdev identified by partition label +- buildhistory: Fix srcrevs output +- classes/crate-fetch: Ensure crate fetcher is available +- rootfs-postcommands: update systemd_create_users +- classes/meson: Add optional rust definitions +- rust-cross: Replace :term:`TARGET_ARCH` with :term:`TUNE_PKGARCH` +- maintainers.inc: fix up rust-cross entry +- rust-cross: Fix directory not deleted for race glibc vs. musl +- wic: use shutil.which +- bitbake: data_smart.py: Skip old override syntax checking for anonymous functions +- documentation: conf.py: fix version of bitbake objects.inv +- updates for release 3.3.4 + +Contributors to 3.4.2 +~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Alexandre Belloni +- Anton Mikanovich +- Anuj Mittal +- Bruce Ashfield +- Carlos Rafael Giani +- Chaitanya Vadrevu +- Changqing Li +- Dhruva Gole +- Florian Amstutz +- Joshua Watt +- Kai Kang +- Khairul Rohaizzat Jamaluddin +- Khem Raj +- Konrad Weihmann +- Kory Maincent +- Li Wang +- Marek Vasut +- Markus Volk +- Martin Jansa +- Max Krummenacher +- Michael Opdenacker +- Mingli Yu +- Oleksiy Obitotskyy +- Pavel Zhukov +- Peter Kjellerstedt +- Pgowda +- Quentin Schulz +- Richard Purdie +- Robert Yang +- Ross Burton +- Rudolf J Streif +- Sakib Sajal +- Samuli Piippo +- Schmidt, Adriaan +- Stefan Herbrechtsmeier +- Steve Sakoman +- Sundeep KOKKONDA +- Teoh Jay Shen +- Thomas Perrot +- Tim Orling +- Vyacheslav Yurkov +- Yongxin Liu +- pgowda +- Wang Mingyu + +Repositories / Downloads for 3.4.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`honister </poky/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.2 </poky/tag/?h=yocto-3.4.2>` +- Git Revision: :yocto_git:`e0ab08bb6a32916b457d221021e7f402ffa36b1a </poky/commit/?id=e0ab08bb6a32916b457d221021e7f402ffa36b1a>` +- Release Artefact: poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a +- sha: 8580dc5067ee426fe347a0d0f7a74c29ba539120bbe8438332339a9c8bce00fd +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/poky-e0ab08bb6a32916b457d221021e7f402ffa36b1a.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`honister </openembedded-core/log/?h=honister>` +- Tag: :oe_git:`yocto-3.4.2 </openembedded-core/tag/?h=yocto-3.4.2>` +- Git Revision: :oe_git:`418a9c4c31615a9e3e011fc2b21fb7154bc6c93a </openembedded-core/commit/?id=418a9c4c31615a9e3e011fc2b21fb7154bc6c93a>` +- Release Artefact: oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a +- sha: f2ca94a5a7ec669d4c208d1729930dfc1b917846dbb2393d01d6d5856fcbc6de +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/oecore-418a9c4c31615a9e3e011fc2b21fb7154bc6c93a.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`meta-mingw` +- Branch: :yocto_git:`honister </meta-mingw/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.2 </meta-mingw/tag/?h=yocto-3.4.2>` +- Git Revision: :yocto_git:`f5d761cbd5c957e4405c5d40b0c236d263c916a8 </meta-mingw/commit/?id=f5d761cbd5c957e4405c5d40b0c236d263c916a8>` +- Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8 +- sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`honister </meta-gplv2/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.2 </meta-gplv2/tag/?h=yocto-3.4.2>` +- Git Revision: :yocto_git:`f04e4369bf9dd3385165281b9fa2ed1043b0e400 </meta-gplv2/commit/?id=f04e4369bf9dd3385165281b9fa2ed1043b0e400>` +- Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400 +- sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`1.52 </bitbake/log/?h=1.52>` +- Tag: :oe_git:`yocto-3.4.2 </bitbake/tag/?h=yocto-3.4.2>` +- Git Revision: :oe_git:`c039182c79e2ccc54fff5d7f4f266340014ca6e0 </bitbake/commit/?id=c039182c79e2ccc54fff5d7f4f266340014ca6e0>` +- Release Artefact: bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0 +- sha: bd80297f8d8aa40cbcc8a3d4e23a5223454b305350adf34cd29b5fb65c1b4c52 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.2/bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.2/bitbake-c039182c79e2ccc54fff5d7f4f266340014ca6e0.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`honister </yocto-docs/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.2 </yocto-docs/tag/?h=yocto-3.4.2>` +- Git Revision: :yocto_git:`3061d3d62054a5c3b9e16bfce4bcd186fa7a23d2` </yocto-docs/commit/?3061d3d62054a5c3b9e16bfce4bcd186fa7a23d2>` diff --git a/documentation/migration-guides/release-notes-3.4.3.rst b/documentation/migration-guides/release-notes-3.4.3.rst new file mode 100644 index 0000000000..2af802307d --- /dev/null +++ b/documentation/migration-guides/release-notes-3.4.3.rst @@ -0,0 +1,199 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 3.4.3 (honister) +---------------------------------- + +Security Fixes in 3.4.3 +~~~~~~~~~~~~~~~~~~~~~~~ + +- ghostscript: fix :cve:`2021-3781` +- ghostscript: fix :cve:`2021-45949` +- tiff: Add backports for two CVEs from upstream (:cve:`2022-0561` & :cve:`2022-0562`) +- gcc : Fix :cve:`2021-46195` +- virglrenderer: fix `CVE-2022-0135 <https://security-tracker.debian.org/tracker/CVE-2022-0135>`__ and `CVE-2022-0175 <https://security-tracker.debian.org/tracker/CVE-2022-0175>`__ +- binutils: Add fix for :cve:`2021-45078` + + +Fixes in 3.4.3 +~~~~~~~~~~~~~~ + +- Revert "cve-check: add lockfile to task" +- asciidoc: update git repository +- bitbake: build: Tweak exception handling for setscene tasks +- bitbake: contrib: Fix hash server Dockerfile dependencies +- bitbake: cooker: Improve parsing failure from handled exception usability +- bitbake: data_smart: Fix overrides file/line message additions +- bitbake: fetch2: ssh: username and password are optional +- bitbake: tests/fetch: Handle upstream master -> main branch change +- bitbake: utils: Ensure shell function failure in python logging is correct +- build-appliance-image: Update to honister head revision +- build-appliance-image: Update to honister head revision +- coreutils: remove obsolete ignored CVE list +- crate-fetch: fix setscene failures +- cups: Add --with-dbusdir to :term:`EXTRA_OECONF` for deterministic build +- cve-check: create directory of CVE_CHECK_MANIFEST before copy +- cve-check: get_cve_info should open the database read-only +- default-distrovars.inc: Switch connectivity check to a yoctoproject.org page +- depmodwrapper-cross: add config directory option +- devtool: deploy-target: Remove stripped binaries in pseudo context +- devtool: explicitly set main or master branches in upgrades when available +- docs: fix hardcoded link warning messages +- documentation: conf.py: update for 3.4.2 +- documentation: prepare for 3.4.3 release +- expat: Upgrade to 2.4.7 +- gcc-target: fix glob to remove gcc-<version> binary +- gcsections: add nativesdk-cairo to exclude list +- go: update to 1.16.15 +- gst-devtools: 1.18.5 -> 1.18.6 +- gst-examples: 1.18.5 -> 1.18.6 +- gstreamer1.0-libav: 1.18.5 -> 1.18.6 +- gstreamer1.0-omx: 1.18.5 -> 1.18.6 +- gstreamer1.0-plugins-bad: 1.18.5 -> 1.18.6 +- gstreamer1.0-plugins-base: 1.18.5 -> 1.18.6 +- gstreamer1.0-plugins-good: 1.18.5 -> 1.18.6 +- gstreamer1.0-plugins-ugly: 1.18.5 -> 1.18.6 +- gstreamer1.0-python: 1.18.5 -> 1.18.6 +- gstreamer1.0-rtsp-server: 1.18.5 -> 1.18.6 +- gstreamer1.0-vaapi: 1.18.5 -> 1.18.6 +- gstreamer1.0: 1.18.5 -> 1.18.6 +- harfbuzz: upgrade 2.9.0 -> 2.9.1 +- initramfs-framework: unmount automounts before switch_root +- kernel-devsrc: do not copy Module.symvers file during install +- libarchive : update to 3.5.3 +- libpcap: Disable DPDK explicitly +- libxml-parser-perl: Add missing :term:`RDEPENDS` +- linux-firmware: upgrade 20211216 -> 20220209 +- linux-yocto/5.10: Fix ramoops/ftrace +- linux-yocto/5.10: features/zram: remove CONFIG_ZRAM_DEF_COMP +- linux-yocto/5.10: fix dssall build error with binutils 2.3.8 +- linux-yocto/5.10: ppc/riscv: fix build with binutils 2.3.8 +- linux-yocto/5.10: update genericx86* machines to v5.10.99 +- linux-yocto/5.10: update to v5.10.103 +- mc: fix build if ncurses have been configured without wide characters +- oeqa/buildtools: Switch to our webserver instead of example.com +- patch.py: Prevent git repo reinitialization +- perl: Improve and update module RPDEPENDS +- poky.conf: bump version for 3.4.3 honister release +- qemuboot: Fix build error if UNINATIVE_LOADER is unset +- quilt: Disable external sendmail for deterministic build +- recipetool: Fix circular reference in :term:`SRC_URI` +- releases: update to include 3.3.5 +- releases: update to include 3.4.2 +- rootfs-postcommands: amend systemd_create_users add user to group check +- ruby: update 3.0.2 -> 3.0.3 +- scripts/runqemu-ifdown: Don't treat the last iptables command as special +- sdk: fix search for dynamic loader +- selftest: recipetool: Correct the URI for socat +- sstate: inside the threadedpool don't write to the shared localdata +- uninative: Upgrade to 3.5 +- util-linux: upgrade to 2.37.4 +- vim: Update to 8.2.4524 for further CVE fixes +- wic: Use custom kernel path if provided +- wireless-regdb: upgrade 2021.08.28 -> 2022.02.18 +- zip: modify when match.S is built + +Contributors to 3.4.3 +~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Anuj Mittal +- Bill Pittman +- Bruce Ashfield +- Chee Yang Lee +- Christian Eggers +- Daniel Gomez +- Daniel Müller +- Daniel Wagenknecht +- Florian Amstutz +- Joe Slater +- Jose Quaresma +- Justin Bronder +- Lee Chee Yang +- Michael Halstead +- Michael Opdenacker +- Oleksandr Ocheretnyi +- Oleksandr Suvorov +- Pavel Zhukov +- Peter Kjellerstedt +- Richard Purdie +- Robert Yang +- Ross Burton +- Sakib Sajal +- Saul Wold +- Sean Anderson +- Stefan Herbrechtsmeier +- Tamizharasan Kumar +- Tean Cunningham +- Zoltán Böszörményi +- pgowda +- Wang Mingyu + +Repositories / Downloads for 3.4.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`honister </poky/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.3 </poky/tag/?h=yocto-3.4.3>` +- Git Revision: :yocto_git:`ee68ae307fd951b9de6b31dc6713ea29186b7749 </poky/commit/?id=ee68ae307fd951b9de6b31dc6713ea29186b7749>` +- Release Artefact: poky-ee68ae307fd951b9de6b31dc6713ea29186b7749 +- sha: 92c3d73c3e74f0e1d5c2ab2836ce3a3accbe47772cea70df3755845e0db1379b +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.3/poky-ee68ae307fd951b9de6b31dc6713ea29186b7749.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.3/poky-ee68ae307fd951b9de6b31dc6713ea29186b7749.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`honister </openembedded-core/log/?h=honister>` +- Tag: :oe_git:`yocto-3.4.3 </openembedded-core/tag/?h=yocto-3.4.3>` +- Git Revision: :oe_git:`ebca8f3ac9372b7ebb3d39e8f7f930b63b481448 </openembedded-core/commit/?id=ebca8f3ac9372b7ebb3d39e8f7f930b63b481448>` +- Release Artefact: oecore-ebca8f3ac9372b7ebb3d39e8f7f930b63b481448 +- sha: f28e503f6f6c0bcd9192dbd528f8e3c7bcea504c089117e0094d9a4f315f4b9f +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.3/oecore-ebca8f3ac9372b7ebb3d39e8f7f930b63b481448.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.3/oecore-ebca8f3ac9372b7ebb3d39e8f7f930b63b481448.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`honister </meta-mingw/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.3 </meta-mingw/tag/?h=yocto-3.4.3>` +- Git Revision: :yocto_git:`f5d761cbd5c957e4405c5d40b0c236d263c916a8 </meta-mingw/commit/?id=f5d761cbd5c957e4405c5d40b0c236d263c916a8>` +- Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8 +- sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.3/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.3/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`honister </meta-gplv2/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.3 </meta-gplv2/tag/?h=yocto-3.4.3>` +- Git Revision: :yocto_git:`f04e4369bf9dd3385165281b9fa2ed1043b0e400 </meta-gplv2/commit/?id=f04e4369bf9dd3385165281b9fa2ed1043b0e400>` +- Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400 +- sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.3/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.3/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`1.52 </bitbake/log/?h=1.52>` +- Tag: :oe_git:`yocto-3.4.3 </bitbake/tag/?h=yocto-3.4.3>` +- Git Revision: :oe_git:`43dcb2b2a2b95a5c959be57bca94fb7190ea6257 </bitbake/commit/?id=43dcb2b2a2b95a5c959be57bca94fb7190ea6257>` +- Release Artefact: bitbake-43dcb2b2a2b95a5c959be57bca94fb7190ea6257 +- sha: 92497ff97fed81dcc6d3e202969fb63ca983a8f5d9d91cafc6aee88312f79cf9 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.3/bitbake-43dcb2b2a2b95a5c959be57bca94fb7190ea6257.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.3/bitbake-43dcb2b2a2b95a5c959be57bca94fb7190ea6257.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`honister </yocto-docs/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.3 </yocto-docs/tag/?h=yocto-3.4.3>` +- Git Revision: :yocto_git:`15f46f97d9cad558c19fc1dc19cfbe3720271d04 </yocto-docs/commit/?15f46f97d9cad558c19fc1dc19cfbe3720271d04>` diff --git a/documentation/migration-guides/release-notes-3.4.4.rst b/documentation/migration-guides/release-notes-3.4.4.rst new file mode 100644 index 0000000000..0bf9a16209 --- /dev/null +++ b/documentation/migration-guides/release-notes-3.4.4.rst @@ -0,0 +1,157 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 3.4.4 (honister) +---------------------------------- + +Security Fixes in 3.4.4 +~~~~~~~~~~~~~~~~~~~~~~~ + +- tiff: fix :cve:`2022-0865`, :cve:`2022-0891`, :cve:`2022-0907`, :cve:`2022-0908`, :cve:`2022-0909` and :cve:`2022-0924` +- xz: fix `CVE-2022-1271 <https://security-tracker.debian.org/tracker/CVE-2022-1271>`__ +- unzip: fix `CVE-2021-4217 <https://security-tracker.debian.org/tracker/CVE-2021-4217>`__ +- zlib: fix :cve:`2018-25032` +- grub: ignore :cve:`2021-46705` + +Fixes in 3.4.4 +~~~~~~~~~~~~~~ + +- alsa-tools: Ensure we install correctly +- bitbake.conf: mark all directories as safe for git to read +- bitbake: knotty: display active tasks when printing keepAlive() message +- bitbake: knotty: reduce keep-alive timeout from 5000s (83 minutes) to 10 minutes +- bitbake: server/process: Disable gc around critical section +- bitbake: server/xmlrpcserver: Add missing xmlrpcclient import +- bitbake: toaster: Fix :term:`IMAGE_INSTALL` issues with _append vs :append +- bitbake: toaster: fixtures replace gatesgarth +- build-appliance-image: Update to honister head revision +- conf.py/poky.yaml: Move version information to poky.yaml and read in conf.py +- conf/machine: fix QEMU x86 sound options +- devupstream: fix handling of :term:`SRC_URI` +- documentation: update for 3.4.4 release +- externalsrc/devtool: Fix to work with fixed export funcition flags handling +- gmp: add missing COPYINGv3 +- gnu-config: update :term:`SRC_URI` +- libxml2: fix CVE-2022-23308 regression +- libxml2: move to gitlab.gnome.org +- libxml2: update to 2.9.13 +- libxshmfence: Correct :term:`LICENSE` to HPND +- license_image.bbclass: close package.manifest file +- linux-firmware: correct license for ar3k firmware +- linux-firmware: upgrade 20220310 -> 20220411 +- linux-yocto-rt/5.10: update to -rt61 +- linux-yocto/5.10: cfg/debug: add configs for kcsan +- linux-yocto/5.10: split vtpm for more granular inclusion +- linux-yocto/5.10: update to v5.10.109 +- linux-yocto: nohz_full boot arg fix +- oe-pkgdata-util: Adapt to the new variable override syntax +- oeqa/selftest/devtool: ensure Git username is set before upgrade tests +- poky.conf: bump version for 3.4.4 release +- pseudo: Add patch to workaround paths with crazy lengths +- pseudo: Fix handling of absolute links +- sanity: Add warning for local hasheqiv server with remote sstate mirrors +- scripts/runqemu: Fix memory limits for qemux86-64 +- shadow-native: Simplify and fix syslog disable patch +- tiff: Add marker for CVE-2022-1056 being fixed +- toaster: Fix broken overrides usage +- u-boot: Inherit pkgconfig +- uninative: Upgrade to 3.6 with gcc 12 support +- vim: Upgrade 8.2.4524 -> 8.2.4681 +- virglrenderer: update :term:`SRC_URI` +- webkitgtk: update to 2.32.4 +- wireless-regdb: upgrade 2022.02.18 -> 2022.04.08 + +Known Issues +~~~~~~~~~~~~ + +There were a couple of known autobuilder intermittent bugs that occurred during release testing but these are not regressions in the release. + +Contributors to 3.4.4 +~~~~~~~~~~~~~~~~~~~~~ + +- Alexandre Belloni +- Anuj Mittal +- Bruce Ashfield +- Chee Yang Lee +- Dmitry Baryshkov +- Joe Slater +- Konrad Weihmann +- Martin Jansa +- Michael Opdenacker +- Minjae Kim +- Peter Kjellerstedt +- Ralph Siemsen +- Richard Purdie +- Ross Burton +- Tim Orling +- Wang Mingyu +- Zheng Ruoqin + +Repositories / Downloads for 3.4.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`honister </poky/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.4 </poky/tag/?h=yocto-3.4.4>` +- Git Revision: :yocto_git:`780eeec8851950ee6ac07a2a398ba937206bd2e4 </poky/commit/?id=780eeec8851950ee6ac07a2a398ba937206bd2e4>` +- Release Artefact: poky-780eeec8851950ee6ac07a2a398ba937206bd2e4 +- sha: 09558927064454ec2492da376156b716d9fd14aae57196435d742db7bfdb4b95 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.4/poky-780eeec8851950ee6ac07a2a398ba937206bd2e4.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.4/poky-780eeec8851950ee6ac07a2a398ba937206bd2e4.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`honister </openembedded-core/log/?h=honister>` +- Tag: :oe_git:`yocto-3.4.4 </openembedded-core/tag/?h=yocto-3.4.4>` +- Git Revision: :oe_git:`1a6f5e27249afb6fb4d47c523b62b5dd2482a69d </openembedded-core/commit/?id=1a6f5e27249afb6fb4d47c523b62b5dd2482a69d>` +- Release Artefact: oecore-1a6f5e27249afb6fb4d47c523b62b5dd2482a69d +- sha: b8354ca457756384139a579b9e51f1ba854013c99add90c0c4c6ef68421fede5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.4/oecore-1a6f5e27249afb6fb4d47c523b62b5dd2482a69d.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.4/oecore-1a6f5e27249afb6fb4d47c523b62b5dd2482a69d.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`honister </meta-mingw/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.4 </meta-mingw/tag/?h=yocto-3.4.4>` +- Git Revision: :yocto_git:`f5d761cbd5c957e4405c5d40b0c236d263c916a8 </meta-mingw/commit/?id=f5d761cbd5c957e4405c5d40b0c236d263c916a8>` +- Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8 +- sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.4/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.4/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`honister </meta-gplv2/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.4 </meta-gplv2/tag/?h=yocto-3.4.4>` +- Git Revision: :yocto_git:`f04e4369bf9dd3385165281b9fa2ed1043b0e400 </meta-gplv2/commit/?id=f04e4369bf9dd3385165281b9fa2ed1043b0e400>` +- Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400 +- sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.4/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.4/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`1.52 </bitbake/log/?h=1.52>` +- Tag: :oe_git:`yocto-3.4.4 </bitbake/tag/?h=yocto-3.4.3>` +- Git Revision: :oe_git:`c2d8f9b2137bd4a98eb0f51519493131773e7517 </bitbake/commit/?id=c2d8f9b2137bd4a98eb0f51519493131773e7517>` +- Release Artefact: bitbake-c2d8f9b2137bd4a98eb0f51519493131773e7517 +- sha: a8b6217f2d63975bbf49f430e11046608023ee2827faa893b15d9a0d702cf833 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4.4/bitbake-c2d8f9b2137bd4a98eb0f51519493131773e7517.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4.4/bitbake-c2d8f9b2137bd4a98eb0f51519493131773e7517.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`honister </yocto-docs/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4.4 </yocto-docs/tag/?h=yocto-3.4.4>` +- Git Revision: :yocto_git:`5ead7d39aaf9044078dff27f462e29a8e31d89e4 </yocto-docs/commit/?5ead7d39aaf9044078dff27f462e29a8e31d89e4>` diff --git a/documentation/migration-guides/release-notes-3.4.rst b/documentation/migration-guides/release-notes-3.4.rst new file mode 100644 index 0000000000..d76bb004b1 --- /dev/null +++ b/documentation/migration-guides/release-notes-3.4.rst @@ -0,0 +1,804 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 3.4 (honister) +-------------------------------- + +New Features / Enhancements in 3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 5.14, glibc 2.34 and ~280 other recipe upgrades +- Switched override character to ':' (replacing '_') for more robust parsing and improved performance --- see the above migration guide for help +- Rust integrated into core, providing rust support for cross-compilation and SDK +- New :ref:`ref-classes-create-spdx` class for creating SPDX SBoM documents +- New recipes: cargo, core-image-ptest-all, core-image-ptest-fast, core-image-weston-sdk, erofs-utils, gcompat, gi-docgen, libmicrohttpd, libseccomp, libstd-rs, perlcross, python3-markdown, python3-pyyaml, python3-smartypants, python3-typogrify, rust, rust-cross, rust-cross-canadian, rust-hello-world, rust-llvm, rust-tools-cross-canadian, rustfmt, xwayland +- Several optimisations to reduce unnecessary task dependencies for faster builds +- seccomp integrated into core, with additional enabling for gnutls, systemd, qemu +- New overlayfs class to help generate overlayfs mount units +- debuginfod support now enabled by default +- Switched several recipes over to using OpenSSL instead of GnuTLS (wpa-supplicant, curl, glib-networking) or disable GnuTLS (cups) by default +- Improvements to LTO plugin installation and reproducibility +- Architecture-specific enhancements: + + - glibc: Enable memory tagging for aarch64 + - testimage: remove aarch64 xorg exclusion + - arch-arm*: add better support for gcc march extensions + - tune-cortexm*: add support for all Arm Cortex-M processors + - tune-cortexr*: add support for all Arm Cortex-R processors + - arch-armv4: Allow -march=armv4 + - qemuarm*: use virtio graphics + - baremetal-helloworld: Enable RISC-V 64/32 port + - ldconfig-native: Add RISC-V support + - qemuriscv: Enable 4 core emulation + - Add ARC support in gdb, dpkg, dhcpcd + - conf/machine-sdk: Add ppc64 SDK machine + - libjpeg-turbo: Handle powerpc64le without Altivec + - pixman: Handle PowerPC without Altivec + - mesa: enable gallium Intel drivers when building for x86 + - mesa: enable crocus driver for older Intel graphics + +- Kernel-related enhancements: + + - Support zstd-compressed modules and :term:`Initramfs` images + - Allow opt-out of split kernel modules + - linux-yocto-dev: base :term:`AUTOREV` on specified version + - kernel-yocto: provide debug / summary information for metadata + - kernel-uboot: Handle gzip and lzo compression options + - linux-yocto/5.14: added devupstream support + - linux-yocto: add vfat to :term:`KERNEL_FEATURES` when :term:`MACHINE_FEATURES` include vfat + - linux-yocto: enable TYPEC_TCPCI in usbc fragment + +- Image-related enhancements: + + - New erofs, erofs-lz4 and erofs-lz4hc image types + - New squashfs-zst and cpio.zst image types + - New lic-pkgs :term:`IMAGE_FEATURES` item to install all license packages + - Added zsync metadata conversion support + - Use xargs to set file timestamps for significant (>90%) do_image speedup + - Find .ko.gz and .ko.xz kernel modules as well when determining need to run depmod on an image + - Show formatted error messages instead of tracebacks for systemctl errors + - No longer ignore installation failures in complementary package installation + - Remove ldconfig auxiliary cache when not needed + +- wic enhancements: + + - Added erofs filesystem support + - Added ``--extra-space argument`` to leave extra space after last partition + - Added ``--no-fstab-update`` part option to allow using the stock fstab + - bootimg-efi: added Unified Kernel Image option + - bootimg-pcbios: use label provided when formatting a DOS partition + +- SDK-related enhancements: + + - Enable :ref:`ref-tasks-populate_sdk` with multilibs + - New ``SDKPATHINSTALL`` variable decouples default install path from + built in path to avoid rebuilding :ref:`ref-classes-nativesdk` + components on e.g. :term:`DISTRO_VERSION` changes + - eSDK: Error if trying to generate an eSDK from a multiconfig + - eSDK: introduce :term:`TOOLCHAIN_HOST_TASK_ESDK` to be used in place of :term:`TOOLCHAIN_HOST_TASK` to add components to the host part of the eSDK + +- BitBake enhancements: + + - New bitbake-getvar helper command to query a variable value (with history) + - bitbake-layers: layerindex-fetch: add ``--fetchdir`` parameter + - bitbake-layers: show-recipes: add skip reason to output + - bitbake-diffsigs: sort diff output for consistency + - Allow setting upstream for local hash equivalence server + - fetch2/s3: allow to use credentials and switch profile from environment variables + - fetch2/s3: Add progress handler for S3 cp command + - fetch2/npm: Support npm archives with missing search directory mode + - fetch2/npmsw: Add support for local tarball and link sources + - fetch2/svn: Allow peg-revision functionality to be disabled + - fetch2/wget: verify certificates for HTTPS/FTPS by default + - fetch2/wget: Enable FTPS + - prserv: added read-only mode + - prserv: replaced XML RPC with modern asyncrpc implementation + - Numerous warning/error message improvements + +- New :term:`PACKAGECONFIG` options in btrfs-tools, ccache, coreutils, cups, dbus, elfutils, ffmpeg, findutils, glib-2.0, gstreamer1.0-plugins-bad, gstreamer1.0-plugins-base, libarchive, libnotify, libpsl, man-db, mesa, ovmf, parted, prelink, qemu, rpm, shadow, systemd, tar, vim, weston +- u-boot enhancements: + + - Make SPL suffix configurable + - Make ``UBOOT_BINARYNAME`` configurable + - Package ``extlinux.conf`` separately + - Allow deploying the u-boot DTB + +- opensbi: Add support for specifying a device tree +- busybox enhancements: + + - Added tmpdir option into mktemp applet + - Support mounting swap via labels + - Enable long options for enabled applets + +- Move tune files to architecture subdirectories +- buildstats: log host data on failure separately to task specific file +- buildstats: collect "at interval" and "on failure" logs in the same file +- Ptest enhancements: + + - ptest-runner: install script to collect system data on failure + - Added ptest support to python3-hypothesis, python3-jinja2, python3-markupsafe + - Enhanced ptest support in lttng, util-linux, and others + - New leaner ptest image recipes based upon core-image-minimal + +- scripts/contrib/image-manifest: add new script +- Add beginnings of Android target support +- devtool upgrade: rebase override-only patches as well +- devtool: print a warning on upgrades if :term:`PREFERRED_VERSION` is set +- systemd: set zstd as default compression option +- init-manager-systemd: add a weak VIRTUAL-RUNTIME_dev_manager assignment +- Add proper unpack dependency for .zst compressed archives +- util-linux: build chfn and chsh by default +- qemu: use 4 cores in qemu guests +- runqemu: decouple bios and kernel options +- qemu: add a hint on how to enable CPU render nodes when a suitable GPU is absent +- devupstream: Allow support of native class extensions +- Prelinking now disabled in default configuration +- python3: statistics module moved to its own python3-statistics package +- pypi: allow override of PyPI archive name +- Allow global override of golang GO_DYNLINK +- buildhistory enhancements: + + - Add option to strip path prefix + - Add output file listing package information + - Label packages providing per-file dependencies in depends.dot + +- New gi-docgen class for GNOME library documentation +- meson.bbclass: Make the default buildtype "debug" if :term:`DEBUG_BUILD` is 1 +- distro_features_check: expand with :term:`IMAGE_FEATURES` +- Add extended packagedata in JSON format +- local.conf.sample: Update sstate mirror entry with new hash equivalence setting +- poky: Use https in default :term:`PREMIRRORS` +- reproducible_build.bbclass: Enable -Wdate-time +- yocto-check-layer: ensure that all layer dependencies are tested too +- core-image-multilib-example: base on weston, and not sato +- npm.bbclass: Allow nodedir to be overridden by ``NPM_NODEDIR`` +- cve-extra-exclusions.inc: add exclusion list for intractable CVE's +- license_image.bbclass: Detect broken symlinks +- sysstat: make the service start automatically +- sanity: Add error check for '%' in build path +- sanity: Further improve directory sanity tests +- sanity.bbclass: mention ``CONNECTIVITY_CHECK_URIS`` in network failure message +- tzdata: Allow controlling zoneinfo binary format +- oe-time-dd-test.sh: add options and refactor +- vim: add option to disable NLS support +- zstd: Include pzstd in the build +- mirrors.bbclass: provide additional rule for git repo fallbacks +- own-mirrors: Add support for s3:// scheme in :term:`SOURCE_MIRROR_URL` +- common-licenses: add missing SPDX licences +- Add MAINTAINERS.md file to record subsystem maintainers + +Known Issues in 3.4 +~~~~~~~~~~~~~~~~~~~ + +- Build failures have been reported when running on host Linux systems with FIPS enabled (such as RHEL 8.0 with the FIPS mode enabled). For more details please see :yocto_bugs:`bug #14609 </show_bug.cgi?id=14609>`. + +Recipe Licenses changes in 3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +- acpica: correct :term:`LICENSE` to "Intel | BSD-3-Clause | GPLv2" +- dtc: correct :term:`LICENSE` to "GPLv2 | BSD-2-Clause" +- e2fsprogs: correct :term:`LICENSE` to "GPLv2 & LGPLv2 & BSD-3-Clause & MIT" +- ffmpeg: correct :term:`LICENSE` to "GPLv2+ & LGPLv2.1+ & ISC & MIT & BSD-2-Clause & BSD-3-Clause & IJG" +- flac: correct :term:`LICENSE` to "GFDL-1.2 & GPLv2+ & LGPLv2.1+ & BSD-3-Clause" +- flex: correct :term:`LICENSE` to "BSD-3-Clause & LGPL-2.0+" +- font-util: correct :term:`LICENSE` to "MIT & MIT-style & BSD-4-Clause & BSD-2-Clause" +- glib-2.0: correct :term:`LICENSE` to "LGPLv2.1+ & BSD-3-Clause & PD" +- gobject-introspection: correct :term:`LICENSE` to "LGPLv2+ & GPLv2+ & MIT" (add MIT license) +- hdparm: correct :term:`LICENSE` to "BSD-2-Clause & GPLv2 & hdparm" +- iputils: correct :term:`LICENSE` to "BSD-3-Clause & GPLv2+" +- libcap: correct :term:`LICENSE` to "BSD-3-Clause | GPLv2" +- libevent: correct :term:`LICENSE` to "BSD-3-Clause & MIT" +- libjitterentropy: correct :term:`LICENSE` to "GPLv2+ | BSD-3-Clause" +- libpam: correct :term:`LICENSE` to "GPLv2+ | BSD-3-Clause" +- libwpe: correct :term:`LICENSE` to "BSD-2-Clause" +- libx11-compose-data: correct :term:`LICENSE` to "MIT & MIT-style & BSD-4-Clause & BSD-2-Clause" +- libx11: correct :term:`LICENSE` to "MIT & MIT-style & BSD-4-Clause & BSD-2-Clause" +- libxfont2: correct :term:`LICENSE` to "MIT & MIT-style & BSD-4-Clause & BSD-2-Clause" +- libxfont: correct :term:`LICENSE` to "MIT & MIT-style & BSD-3-Clause" +- lsof: correct :term:`LICENSE` to reflect that it uses a BSD-like (but not exactly BSD) license ("Spencer-94") +- nfs-utils: correct :term:`LICENSE` to "MIT & GPLv2+ & BSD-3-Clause" +- ovmf: correct license to "BSD-2-Clause-Patent" +- ppp: correct :term:`LICENSE` to "BSD-3-Clause & BSD-3-Clause-Attribution & GPLv2+ & LGPLv2+ & PD" +- python3-packaging: correct :term:`LICENSE` to "Apache-2.0 | BSD-2-Clause" +- python-async-test: correct :term:`LICENSE` to "BSD-3-Clause" +- quota: remove BSD license (only BSD licensed part of the code was removed in 4.05) +- shadow: correct :term:`LICENSE` to "BSD-3-Clause | Artistic-1.0" +- shadow-sysroot: set :term:`LICENSE` the same as shadow +- sudo: correct :term:`LICENSE` to "ISC & BSD-3-Clause & BSD-2-Clause & Zlib" +- swig: correct :term:`LICENSE` to "BSD-3-Clause & GPLv3" +- valgrind: correct license to "GPLv2 & GPLv2+ & BSD-3-Clause" +- webkitgtk: correct :term:`LICENSE` to "BSD-2-Clause & LGPLv2+" +- wpebackend-fdo: correct :term:`LICENSE` to "BSD-2-Clause" +- xinetd: correct :term:`LICENSE` to reflect that it uses a unique BSD-like (but not exactly BSD) license + +Other license-related notes: + +- When creating recipes for Python software, recipetool will now treat "BSD" as "BSD-3-Clause" for the purposes of setting :term:`LICENSE`, as that is the most common understanding. +- Please be aware that an :term:`Initramfs` bundled with the kernel using :term:`INITRAMFS_IMAGE_BUNDLE` should only contain GPLv2-compatible software; this is now mentioned in the documentation. + +Security Fixes in 3.4 +~~~~~~~~~~~~~~~~~~~~~ + +- apr: :cve:`2021-35940` +- aspell: :cve:`2019-25051` +- avahi: :cve:`2021-3468`, :cve:`2021-36217` +- binutils: :cve:`2021-20197` +- bluez: :cve:`2021-3658` +- busybox: :cve:`2021-28831` +- cairo: :cve:`2020-35492` +- cpio: :cve:`2021-38185` +- expat: :cve:`2013-0340` +- ffmpeg: :cve:`2020-20446`, :cve:`2020-22015`, :cve:`2020-22021`, :cve:`2020-22033`, :cve:`2020-22019`, :cve:`2021-33815`, :cve:`2021-38171`, :cve:`2020-20453` +- glibc: :cve:`2021-33574`, :cve:`2021-38604` +- inetutils: :cve:`2021-40491` +- libgcrypt: :cve:`2021-40528` +- linux-yocto/5.10, 5.14: :cve:`2021-3653`, :cve:`2021-3656` +- lz4: :cve:`2021-3520` +- nettle: :cve:`2021-20305` +- openssl: :cve:`2021-3711`, :cve:`2021-3712` +- perl: :cve:`2021-36770` +- python3: :cve:`2021-29921` +- python3-pip: :cve:`2021-3572` +- qemu: :cve:`2020-27821`, :cve:`2020-29443`, :cve:`2020-35517`, :cve:`2021-3392`, :cve:`2021-3409`, :cve:`2021-3416`, :cve:`2021-3527`, :cve:`2021-3544`, :cve:`2021-3545`, :cve:`2021-3546`, :cve:`2021-3682`, :cve:`2021-20181`, :cve:`2021-20221`, :cve:`2021-20257`, :cve:`2021-20263` +- rpm: :cve:`2021-3421`, :cve:`2021-20271` +- rsync: :cve:`2020-14387` +- util-linux: :cve:`2021-37600` +- vim: :cve:`2021-3770`, :cve:`2021-3778` +- wpa-supplicant: :cve:`2021-30004` +- xdg-utils: :cve:`2020-27748` +- xserver-xorg: :cve:`2021-3472` + +Recipe Upgrades in 3.4 +~~~~~~~~~~~~~~~~~~~~~~ + +- acl 2.2.53 -> 2.3.1 +- acpica 20210105 -> 20210730 +- alsa-lib 1.2.4 -> 1.2.5.1 +- alsa-plugins 1.2.2 -> 1.2.5 +- alsa-tools 1.2.2 -> 1.2.5 +- alsa-topology-conf 1.2.4 -> 1.2.5.1 +- alsa-ucm-conf 1.2.4 -> 1.2.5.1 +- alsa-utils 1.2.4 -> 1.2.5.1 +- alsa-utils-scripts 1.2.4 -> 1.2.5.1 +- apt 2.2.2 -> 2.2.4 +- at 3.2.1 -> 3.2.2 +- at-spi2-core 2.38.0 -> 2.40.3 +- autoconf-archive 2019.01.06 -> 2021.02.19 +- babeltrace2 2.0.3 -> 2.0.4 +- bash 5.1 -> 5.1.8 +- bind 9.16.16 -> 9.16.20 +- binutils 2.36.1 -> 2.37 +- binutils-cross 2.36.1 -> 2.37 +- binutils-cross-canadian 2.36.1 -> 2.37 +- binutils-cross-testsuite 2.36.1 -> 2.37 +- binutils-crosssdk 2.36.1 -> 2.37 +- bison 3.7.5 -> 3.7.6 +- blktrace 1.2.0+gitX -> 1.3.0+gitX +- bluez5 5.56 -> 5.61 +- boost 1.75.0 -> 1.77.0 +- boost-build-native 4.3.0 -> 4.4.1 +- btrfs-tools 5.10.1 -> 5.13.1 +- busybox 1.33.1 -> 1.34.0 +- busybox-inittab 1.33.0 -> 1.34.0 +- ccache 4.2 -> 4.4 +- cmake 3.19.5 -> 3.21.1 +- cmake-native 3.19.5 -> 3.21.1 +- connman 1.39 -> 1.40 +- createrepo-c 0.17.0 -> 0.17.4 +- cronie 1.5.5 -> 1.5.7 +- cross-localedef-native 2.33 -> 2.34 +- cups 2.3.3 -> 2.3.3op2 +- curl 7.75.0 -> 7.78.0 +- dbus-glib 0.110 -> 0.112 +- dejagnu 1.6.2 -> 1.6.3 +- diffoscope 172 -> 181 +- diffutils 3.7 -> 3.8 +- distcc 3.3.5 -> 3.4 +- dnf 4.6.0 -> 4.8.0 +- dpkg 1.20.7.1 -> 1.20.9 +- dtc 1.6.0 -> 1.6.1 +- e2fsprogs 1.46.1 -> 1.46.4 +- elfutils 0.183 -> 0.185 +- ell 0.38 -> 0.43 +- enchant2 2.2.15 -> 2.3.1 +- epiphany 3.38.2 -> 40.3 +- ethtool 5.10 -> 5.13 +- expat 2.2.10 -> 2.4.1 +- ffmpeg 4.3.2 -> 4.4 +- file 5.39 -> 5.40 +- freetype 2.10.4 -> 2.11.0 +- gcc 10.2.0 -> 11.2.0 +- gcc-cross 10.2.0 -> 11.2.0 +- gcc-cross-canadian 10.2.0 -> 11.2.0 +- gcc-crosssdk 10.2.0 -> 11.2.0 +- gcc-runtime 10.2.0 -> 11.2.0 +- gcc-sanitizers 10.2.0 -> 11.2.0 +- gcc-source 10.2.0 -> 11.2.0 +- gcr 3.38.1 -> 3.40.0 +- gdb 10.1 -> 10.2 +- gdb-cross 10.1 -> 10.2 +- gdb-cross-canadian 10.1 -> 10.2 +- gdk-pixbuf 2.40.0 -> 2.42.6 +- ghostscript 9.53.3 -> 9.54.0 +- git 2.31.1 -> 2.33.0 +- glib-2.0 2.66.7 -> 2.68.4 +- glib-networking 2.66.0 -> 2.68.2 +- glibc 2.33 -> 2.34 +- glibc-locale 2.33 -> 2.34 +- glibc-mtrace 2.33 -> 2.34 +- glibc-scripts 2.33 -> 2.34 +- glibc-testsuite 2.33 -> 2.34 +- glslang 11.2.0 -> 11.5.0 +- gnome-desktop-testing 2018.1 -> 2021.1 +- gnu-config 20210125+gitX -> 20210722+gitX +- gnu-efi 3.0.12 -> 3.0.14 +- gnupg 2.2.27 -> 2.3.1 +- gobject-introspection 1.66.1 -> 1.68.0 +- gpgme 1.15.1 -> 1.16.0 +- gptfdisk 1.0.7 -> 1.0.8 +- grep 3.6 -> 3.7 +- grub 2.04+2.06~rc1 -> 2.06 +- grub-efi 2.04+2.06~rc1 -> 2.06 +- gsettings-desktop-schemas 3.38.0 -> 40.0 +- gtk+3 3.24.25 -> 3.24.30 +- harfbuzz 2.7.4 -> 2.9.0 +- hdparm 9.60 -> 9.62 +- help2man 1.48.2 -> 1.48.4 +- hwlatdetect 1.10 -> 2.1 +- i2c-tools 4.2 -> 4.3 +- icu 68.2 -> 69.1 +- igt-gpu-tools 1.25+gitX -> 1.26 +- inetutils 2.0 -> 2.1 +- iproute2 5.11.0 -> 5.13.0 +- iputils s20200821 -> 20210722 +- json-glib 1.6.2 -> 1.6.4 +- kexec-tools 2.0.21 -> 2.0.22 +- kmod 28 -> 29 +- kmod-native 28 -> 29 +- less 563 -> 590 +- libassuan 2.5.4 -> 2.5.5 +- libcap 2.48 -> 2.51 +- libcgroup 0.41 -> 2.0 +- libcomps 0.1.15 -> 0.1.17 +- libconvert-asn1-perl 0.27 -> 0.31 +- libdazzle 3.38.0 -> 3.40.0 +- libdnf 0.58.0 -> 0.63.1 +- libdrm 2.4.104 -> 2.4.107 +- libedit 20210216-3.1 -> 20210714-3.1 +- libepoxy 1.5.5 -> 1.5.9 +- liberation-fonts 2.00.1 -> 2.1.4 +- libffi 3.3 -> 3.4.2 +- libfm 1.3.1 -> 1.3.2 +- libgcc 10.2.0 -> 11.2.0 +- libgcc-initial 10.2.0 -> 11.2.0 +- libgcrypt 1.9.3 -> 1.9.4 +- libgfortran 10.2.0 -> 11.2.0 +- libgit2 1.1.0 -> 1.1.1 +- libglu 9.0.1 -> 9.0.2 +- libgpg-error 1.41 -> 1.42 +- libgudev 234 -> 237 +- libhandy 1.2.0 -> 1.2.3 +- libical 3.0.9 -> 3.0.10 +- libidn2 2.3.0 -> 2.3.2 +- libinput 1.16.4 -> 1.18.1 +- libjitterentropy 3.0.1 -> 3.1.0 +- libjpeg-turbo 2.0.6 -> 2.1.1 +- libksba 1.5.0 -> 1.6.0 +- libmodulemd 2.12.0 -> 2.13.0 +- libnsl2 1.3.0 -> 2.0.0 +- libnss-mdns 0.14.1 -> 0.15.1 +- libogg 1.3.4 -> 1.3.5 +- libpcap 1.10.0 -> 1.10.1 +- libpcre 8.44 -> 8.45 +- libpcre2 10.36 -> 10.37 +- libportal 0.3 -> 0.4 +- librepo 1.13.0 -> 1.14.1 +- libsdl2 2.0.14 -> 2.0.16 +- libsolv 0.7.17 -> 0.7.19 +- libtasn1 4.16.0 -> 4.17.0 +- libtest-needs-perl 0.002006 -> 0.002009 +- libtirpc 1.3.1 -> 1.3.2 +- libubootenv 0.3.1 -> 0.3.2 +- libucontext 0.10+X -> 1.1+X +- liburcu 0.12.2 -> 0.13.0 +- libuv 1.41.0 -> 1.42.0 +- libva 2.10.0 -> 2.12.0 +- libva-initial 2.10.0 -> 2.12.0 +- libva-utils 2.10.0 -> 2.12.0 +- libwebp 1.2.0 -> 1.2.1 +- libwpe 1.8.0 -> 1.10.1 +- libx11 1.7.0 -> 1.7.2 +- libxcrypt 4.4.18 -> 4.4.25 +- libxcrypt-compat 4.4.18 -> 4.4.25 +- libxfixes 5.0.3 -> 6.0.0 +- libxfont2 2.0.4 -> 2.0.5 +- libxft 2.3.3 -> 2.3.4 +- libxi 1.7.10 -> 1.7.99.2 +- libxkbcommon 1.0.3 -> 1.3.0 +- libxml2 2.9.10 -> 2.9.12 +- libxres 1.2.0 -> 1.2.1 +- linux-libc-headers 5.10 -> 5.14 +- linux-yocto 5.4.144+gitX, 5.10.63+gitX -> 5.10.70+gitX, 5.14.9+gitX +- linux-yocto-dev 5.12++gitX -> 5.15++gitX +- linux-yocto-rt 5.4.144+gitX, 5.10.63+gitX -> 5.10.70+gitX, 5.14.9+gitX +- linux-yocto-tiny 5.4.144+gitX, 5.10.63+gitX -> 5.10.70+gitX, 5.14.9+gitX +- llvm 11.1.0 -> 12.0.1 +- log4cplus 2.0.6 -> 2.0.7 +- logrotate 3.18.0 -> 3.18.1 +- ltp 20210121 -> 20210524 +- lttng-modules 2.12.6 -> 2.13.0 +- lttng-tools 2.12.4 -> 2.13.0 +- lttng-ust 2.12.1 -> 2.13.0 +- m4 1.4.18 -> 1.4.19 +- m4-native 1.4.18 -> 1.4.19 +- man-pages 5.10 -> 5.12 +- mc 4.8.26 -> 4.8.27 +- mesa 21.0.3 -> 21.2.1 +- mesa-gl 21.0.3 -> 21.2.1 +- meson 0.57.1 -> 0.58.1 +- mmc-utils 0.1+gitX (73d6c59af8d1...) -> 0.1+gitX (43282e80e174...) +- mobile-broadband-provider-info 20201225 -> 20210805 +- mpg123 1.26.4 -> 1.28.2 +- mtd-utils 2.1.2 -> 2.1.3 +- mtools 4.0.26 -> 4.0.35 +- musl 1.2.2+gitX (e5d2823631bb...) -> 1.2.2+gitX (3f701faace7a...) +- nativesdk-meson 0.57.1 -> 0.58.1 +- netbase 6.2 -> 6.3 +- nfs-utils 2.5.3 -> 2.5.4 +- ofono 1.31 -> 1.32 +- openssh 8.5p1 -> 8.7p1 +- opkg 0.4.4 -> 0.4.5 +- opkg-utils 0.4.3 -> 0.4.5 +- ovmf edk2-stable202102 -> edk2-stable202105 +- p11-kit 0.23.22 -> 0.24.0 +- pango 1.48.2 -> 1.48.9 +- patchelf 0.12 -> 0.13 +- perl 5.32.1 -> 5.34.0 +- piglit 1.0+gitrX (d4d9353b7290...) -> 1.0+gitrX (6a4be9e9946d...) +- pkgconf 1.7.3 -> 1.8.0 +- powertop 2.13 -> 2.14 +- pseudo 1.9.0+gitX (b988b0a6b8af...) -> 1.9.0+gitX (0cda3ba5f94a...) +- pulseaudio 14.2 -> 15.0 +- puzzles 0.0+gitX (84cb4c6701e0...) -> 0.0+gitX (8f3413c31ffd...) +- python3 3.9.5 -> 3.9.6 +- python3-attrs 20.3.0 -> 21.2.0 +- python3-cython 0.29.22 -> 0.29.24 +- python3-dbus 1.2.16 -> 1.2.18 +- python3-dbusmock 0.22.0 -> 0.23.1 +- python3-docutils 0.16 -> 0.17.1 +- python3-git 3.1.14 -> 3.1.20 +- python3-gitdb 4.0.5 -> 4.0.7 +- python3-hypothesis 6.2.0 -> 6.15.0 +- python3-importlib-metadata 3.4.0 -> 4.6.4 +- python3-iniparse 0.4 -> 0.5 +- python3-jinja2 2.11.3 -> 3.0.1 +- python3-libarchive-c 2.9 -> 3.1 +- python3-magic 0.4.22 -> 0.4.24 +- python3-mako 1.1.4 -> 1.1.5 +- python3-markupsafe 1.1.1 -> 2.0.1 +- python3-more-itertools 8.7.0 -> 8.8.0 +- python3-numpy 1.20.1 -> 1.21.2 +- python3-packaging 20.9 -> 21.0 +- python3-pathlib2 2.3.5 -> 2.3.6 +- python3-pbr 5.4.4 -> 5.6.0 +- python3-pip 20.0.2 -> 21.2.4 +- python3-pluggy 0.13.1 -> 1.0.0 +- python3-pycairo 1.20.0 -> 1.20.1 +- python3-pygments 2.8.1 -> 2.10.0 +- python3-pygobject 3.38.0 -> 3.40.1 +- python3-pytest 6.2.2 -> 6.2.4 +- python3-scons 3.1.2 -> 4.2.0 +- python3-scons-native 3.1.2 -> 4.2.0 +- python3-setuptools 54.1.1 -> 57.4.0 +- python3-setuptools-scm 5.0.1 -> 6.0.1 +- python3-six 1.15.0 -> 1.16.0 +- python3-sortedcontainers 2.3.0 -> 2.4.0 +- python3-testtools 2.4.0 -> 2.5.0 +- python3-zipp 3.4.1 -> 3.5.0 +- qemu 5.2.0 -> 6.0.0 +- qemu-native 5.2.0 -> 6.0.0 +- qemu-system-native 5.2.0 -> 6.0.0 +- re2c 2.0.3 -> 2.2 +- rng-tools 6.11 -> 6.14 +- rpcbind 1.2.5 -> 1.2.6 +- rt-tests 1.10 -> 2.1 +- ruby 3.0.1 -> 3.0.2 +- rxvt-unicode 9.22 -> 9.26 +- shaderc 2020.5 -> 2021.1 +- shadow 4.8.1 -> 4.9 +- spirv-tools 2020.7 -> 2021.2 +- sqlite3 3.35.0 -> 3.36.0 +- squashfs-tools 4.4 -> 4.5 +- strace 5.11 -> 5.14 +- stress-ng 0.12.05 -> 0.13.00 +- sudo 1.9.6p1 -> 1.9.7p2 +- swig 3.0.12 -> 4.0.2 +- sysklogd 2.2.2 -> 2.2.3 +- systemd 247.6 -> 249.3 +- systemd-boot 247.6 -> 249.3 +- systemd-conf 247.6 -> 1.0 +- systemtap 4.4 -> 4.5 +- systemtap-native 4.4 -> 4.5 +- systemtap-uprobes 4.4 -> 4.5 +- tcf-agent 1.7.0+gitX (a022ef2f1acf...) -> 1.7.0+gitX (2735e3d6b7ec...) +- texinfo 6.7 -> 6.8 +- tiff 4.2.0 -> 4.3.0 +- u-boot 2021.01 -> 2021.07 +- u-boot-tools 2021.01 -> 2021.07 +- usbutils 013 -> 014 +- util-linux 2.36.2 -> 2.37.2 +- util-linux-libuuid 2.36.2 -> 2.37.2 +- vala 0.50.4 -> 0.52.5 +- valgrind 3.16.1 -> 3.17.0 +- virglrenderer 0.8.2 -> 0.9.1 +- vte 0.62.2 -> 0.64.2 +- vulkan-headers 1.2.170.0 -> 1.2.182.0 +- vulkan-loader 1.2.170.0 -> 1.2.182.0 +- vulkan-samples git (55cebd9e7cc4...) -> git (d2187278cb66...) +- vulkan-tools 1.2.170.0 -> 1.2.182.0 +- wayland-protocols 1.20 -> 1.21 +- webkitgtk 2.30.5 -> 2.32.3 +- wireless-regdb 2021.04.21 -> 2021.07.14 +- wpebackend-fdo 1.8.0 -> 1.10.0 +- x264 r3039+gitX (544c61f08219...) -> r3039+gitX (5db6aa6cab1b...) +- xeyes 1.1.2 -> 1.2.0 +- xf86-input-libinput 0.30.0 -> 1.1.0 +- xkbcomp 1.4.4 -> 1.4.5 +- xkeyboard-config 2.32 -> 2.33 +- xorgproto 2020.1 -> 2021.4.99.2 +- xserver-xorg 1.20.10 -> 1.20.13 +- zstd 1.4.9 -> 1.5.0 + +Contributors to 3.4 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Adam Romanek +- Alejandro Hernandez Samaniego +- Alexander Kanavin +- Alexandre Belloni +- Alexey Brodkin +- Alex Stewart +- Alistair Francis +- Anatol Belski +- Anders Wallin +- Andrea Adami +- Andreas Müller +- Andrej Valek +- Andres Beltran +- Andrey Zhizhikin +- Anibal Limon +- Anthony Bagwell +- Anton Blanchard +- Anuj Mittal +- Armin Kuster +- Asfak Rahman +- Bastian Krause +- Bernhard Rosenkränzer +- Bruce Ashfield +- Carlos Rafael Giani +- Chandana kalluri +- Changhyeok Bae +- Changqing Li +- Chanho Park +- Chen Qi +- Chris Laplante +- Christophe Chapuis +- Christoph Muellner +- Claudius Heine +- Damian Wrobel +- Daniel Ammann +- Daniel Gomez +- Daniel McGregor +- Daniel Wagenknecht +- Denys Dmytriyenko +- Devendra Tewari +- Diego Sueiro +- Dmitry Baryshkov +- Douglas Royds +- Dragos-Marian Panait +- Drew Moseley +- Enrico Scholz +- Fabio Berton +- Florian Amstutz +- Gavin Li +- Guillaume Champagne +- Harald Brinkmann +- Henning Schild +- He Zhe +- Hongxu Jia +- Hsia-Jun (Randy) Li +- Jean Bouchard +- Joe Slater +- Jonas Höppner +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Justin Bronder +- Kai Kang +- Kenfe-Mickael Laventure +- Kevin Hao +- Khairul Rohaizzat Jamaluddin +- Khem Raj +- Kiran Surendran +- Konrad Weihmann +- Kristian Klausen +- Kyle Russell +- Lee Chee Yang +- Lei Maohui +- Luca Boccassi +- Marco Felsch +- Marcus Comstedt +- Marek Vasut +- Mark Hatle +- Markus Volk +- Marta Rybczynska +- Martin Jansa +- Matthias Klein +- Matthias Schiffer +- Matt Madison +- Matt Spencer +- Max Krummenacher +- Michael Halstead +- Michael Ho +- Michael Opdenacker +- Mike Crowe +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Minjae Kim +- Nicolas Dechesne +- Niels Avonds +- Nikolay Papenkov +- Nisha Parrakat +- Olaf Mandel +- Oleksandr Kravchuk +- Oleksandr Popovych +- Oliver Kranz +- Otavio Salvador +- Patrick Williams +- Paul Barker +- Paul Eggleton +- Paul Gortmaker +- Paulo Cesar Zaneti +- Peter Bergin +- Peter Budny +- Peter Kjellerstedt +- Petr Vorel +- Przemyslaw Gorszkowski +- Purushottam Choudhary +- Qiang Zhang +- Quentin Schulz +- Ralph Siemsen +- Randy MacLeod +- Ranjitsinh Rathod +- Rasmus Villemoes +- Reto Schneider +- Richard Purdie +- Richard Weinberger +- Robert Joslyn +- Robert P. J. Day +- Robert Yang +- Romain Naour +- Ross Burton +- Sakib Sajal +- Samuli Piippo +- Saul Wold +- Scott Murray +- Scott Weaver +- Stefan Ghinea +- Stefan Herbrechtsmeier +- Stefano Babic +- Stefan Wiehler +- Steve Sakoman +- Teoh Jay Shen +- Thomas Perrot +- Tim Orling +- Tom Pollard +- Tom Rini +- Tony Battersby +- Tony Tascioglu +- Trevor Gamblin +- Trevor Woerner +- Ulrich Ölmann +- Valentin Danaila +- Vinay Kumar +- Vineela Tummalapalli +- Vinícius Ossanes Aquino +- Vivien Didelot +- Vyacheslav Yurkov +- Wang Mingyu +- Wes Lindauer +- William A. Kennington III +- Yanfei Xu +- Yann Dirson +- Yi Fan Yu +- Yi Zhao +- Zang Ruochen +- Zheng Ruoqin +- Zoltan Boszormenyi + +Repositories / Downloads for 3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`honister </poky/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4 </poky/tag/?h=yocto-3.4>` +- Git Revision: :yocto_git:`f6d1126fff213460dc6954a5d5fc168606d76b66 </poky/commit/?id=f6d1126fff213460dc6954a5d5fc168606d76b66>` +- Release Artefact: poky-f6d1126fff213460dc6954a5d5fc168606d76b66 +- sha: 11e8f5760f704eed1ac37a5b09b1a831b5254d66459be75b06a72128c63e0411 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/poky-f6d1126fff213460dc6954a5d5fc168606d76b66.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/poky-f6d1126fff213460dc6954a5d5fc168606d76b66.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`honister </openembedded-core/log/?h=honister>` +- Tag: :oe_git:`2021-10-honister </openembedded-core/tag/?h=2021-10-honister>` +- Git Revision: :oe_git:`bb1dea6806f084364b6017db2567f438e805aef0 </openembedded-core/commit/?id=bb1dea6806f084364b6017db2567f438e805aef0>` +- Release Artefact: oecore-bb1dea6806f084364b6017db2567f438e805aef0 +- sha: 9a356c407c567b1c26e535cad235204b0462cb79321fefb0844324a6020b31f4 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/oecore-bb1dea6806f084364b6017db2567f438e805aef0.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/oecore-bb1dea6806f084364b6017db2567f438e805aef0.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`honister </meta-mingw/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4 </meta-mingw/tag/?h=yocto-3.4>` +- Git Revision: :yocto_git:`f5d761cbd5c957e4405c5d40b0c236d263c916a8 </meta-mingw/commit/?id=f5d761cbd5c957e4405c5d40b0c236d263c916a8>` +- Release Artefact: meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8 +- sha: d4305d638ef80948584526c8ca386a8cf77933dffb8a3b8da98d26a5c40fcc11 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/meta-mingw-f5d761cbd5c957e4405c5d40b0c236d263c916a8.tar.bz2 + +meta-intel + +- Repository Location: :yocto_git:`/meta-intel` +- Branch: :yocto_git:`honister </meta-intel/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4 </meta-intel/tag/?h=yocto-3.4>` +- Git Revision: :yocto_git:`90170cf85fe35b4e8dc00eee50053c0205276b63 </meta-intel/commit/?id=90170cf85fe35b4e8dc00eee50053c0205276b63>` +- Release Artefact: meta-intel-90170cf85fe35b4e8dc00eee50053c0205276b63 +- sha: 2b3b43386dfcaaa880d819c1ae88b1251b55fb12c622af3d0936c3dc338491fc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/meta-intel-90170cf85fe35b4e8dc00eee50053c0205276b63.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/meta-intel-90170cf85fe35b4e8dc00eee50053c0205276b63.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`honister </meta-gplv2/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4 </meta-gplv2/tag/?h=yocto-3.4>` +- Git Revision: :yocto_git:`f04e4369bf9dd3385165281b9fa2ed1043b0e400 </meta-gplv2/commit/?id=f04e4369bf9dd3385165281b9fa2ed1043b0e400>` +- Release Artefact: meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400 +- sha: ef8e2b1ec1fb43dbee4ff6990ac736315c7bc2d8c8e79249e1d337558657d3fe +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/meta-gplv2-f04e4369bf9dd3385165281b9fa2ed1043b0e400.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`1.52 </bitbake/log/?h=1.52>` +- Tag: :oe_git:`2021-10-honister </bitbake/tag/?h=2021-10-honister>` +- Git Revision: :oe_git:`c78ebac71ec976fdf27ea24767057882870f5c60 </bitbake/commit/?id=c78ebac71ec976fdf27ea24767057882870f5c60>` +- Release Artefact: bitbake-c78ebac71ec976fdf27ea24767057882870f5c60 +- sha: 8077c7e7528cd73ef488ef74de3943ec66cae361459e5b630fb3cbe89c498d3d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-3.4/bitbake-c78ebac71ec976fdf27ea24767057882870f5c60.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-3.4/bitbake-c78ebac71ec976fdf27ea24767057882870f5c60.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`honister </yocto-docs/log/?h=honister>` +- Tag: :yocto_git:`yocto-3.4 </yocto-docs/tag/?h=yocto-3.4>` +- Git Revision: :yocto_git:`d75c5450ecf56c8ac799a633ee9ac459e88f91fc </yocto-docs/commit/?id=d75c5450ecf56c8ac799a633ee9ac459e88f91fc>` + diff --git a/documentation/migration-guides/release-notes-4.0.1.rst b/documentation/migration-guides/release-notes-4.0.1.rst new file mode 100644 index 0000000000..5529f71c6f --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.1.rst @@ -0,0 +1,250 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 4.0.1 (kirkstone) +----------------------------------- + +Security Fixes in 4.0.1 +~~~~~~~~~~~~~~~~~~~~~~~ + +- linux-yocto/5.15: fix :cve:`2022-28796` +- python3: ignore :cve:`2015-20107` +- e2fsprogs: fix :cve:`2022-1304` +- lua: fix :cve:`2022-28805` +- busybox: fix :cve:`2022-28391` + +Fixes in 4.0.1 +~~~~~~~~~~~~~~ + +- abi_version/sstate: Bump hashequiv and sstate versions due to git changes +- apt: add apt selftest to test signed package feeds +- apt: upgrade 2.4.4 -> 2.4.5 +- arch-armv8-2a.inc: fix a typo in TUNEVALID variable +- babeltrace: Disable warnings as errors +- base: Avoid circular references to our own scripts +- base: Drop git intercept +- build-appliance-image: Update to kirkstone head revision +- build-appliance: Switch to kirkstone branch +- buildtools-tarball: Only add cert envvars if certs are included +- busybox: Use base_bindir instead of hardcoding /bin path +- cases/buildepoxy.py: fix typo +- create-spdx: delete virtual/kernel dependency to fix FreeRTOS build +- create-spdx: fix error when symlink cannot be created +- cve-check: add JSON format to summary output +- cve-check: fix symlinks where link and output path are equal +- cve-check: no need to depend on the fetch task +- cve-update-db-native: let the user to drive the update interval +- cve-update-db-native: update the CVE database once a day only +- cve_check: skip remote patches that haven't been fetched when searching for CVE tags +- dev-manual: add command used to add the signed-off-by line. +- devshell.bbclass: Allow devshell & pydevshell to use the network +- docs: conf.py: fix cve extlinks caption for sphinx <4.0 +- docs: migration-guides: migration-3.4: mention that hardcoded password are supported if hashed +- docs: migration-guides: release-notes-4.0: fix risc-v typo +- docs: migration-guides: release-notes-4.0: replace kernel placeholder with correct recipe name +- docs: ref-manual: variables: add hashed password example in :term:`EXTRA_USERS_PARAMS` +- docs: set_versions.py: add information about obsolescence of a release +- docs: set_versions.py: fix latest release of a branch being shown twice in switchers.js +- docs: set_versions.py: fix latest version of an active release shown as obsolete +- docs: set_versions.py: mark as obsolete only branches and old tags from obsolete releases +- docs: sphinx-static: switchers.js.in: do not mark branches as outdated +- docs: sphinx-static: switchers.js.in: fix broken switcher for branches +- docs: sphinx-static: switchers.js.in: improve obsolete version detection +- docs: sphinx-static: switchers.js.in: remove duplicate for outdated versions +- docs: sphinx-static: switchers.js.in: rename all_versions to switcher_versions +- docs: update Bitbake objects.inv location for master branch +- documentation/brief-yoctoprojectqs: add directory for local.conf +- gcompat: Fix build when usrmerge distro feature is enabled +- git: correct license +- git: upgrade 2.35.2 -> 2.35.3 +- glib: upgrade 2.72.0 -> 2.72.1 +- glibc: ptest: Fix glibc-tests package issue +- gnupg: Disable FORTIFY_SOURCES on mips +- go.bbclass: disable the use of the default configuration file +- gstreamer1.0-plugins-bad: drop patch +- gstreamer1.0-plugins-good: Fix libsoup dependency +- gstreamer1.0: Minor documentation addition +- install/devshell: Introduce git intercept script due to fakeroot issues +- kernel-yocto.bbclass: Fixup do_kernel_configcheck usage of KMETA +- libc-glibc: Use libxcrypt to provide virtual/crypt +- libgit2: upgrade 1.4.2 -> 1.4.3 +- libsoup: upgrade 3.0.5 -> 3.0.6 +- libusb1: upgrade 1.0.25 -> 1.0.26 +- linux-firmware: correct license for ar3k firmware +- linux-firmware: upgrade 20220310 -> 20220411 +- linux-yocto/5.10: base: enable kernel crypto userspace API +- linux-yocto/5.10: update to v5.10.112 +- linux-yocto/5.15: arm: poky-tiny cleanup and fixes +- linux-yocto/5.15: base: enable kernel crypto userspace API +- linux-yocto/5.15: fix -standard kernel build issue +- linux-yocto/5.15: fix ppc boot +- linux-yocto/5.15: fix qemuarm graphical boot +- linux-yocto/5.15: kasan: fix BUG: sleeping function called from invalid context +- linux-yocto/5.15: netfilter: conntrack: avoid useless indirection during conntrack destruction +- linux-yocto/5.15: update to v5.15.36 +- linux-yocto: enable powerpc-debug fragment +- mdadm: Drop clang specific cflags +- migration-3.4: add missing entry on :term:`EXTRA_USERS_PARAMS` +- migration-guides: add release notes for 4.0 +- migration-guides: complete migration guide for 4.0 +- migration-guides: release-notes-4.0: mention :term:`LTS` release +- migration-guides: release-notes-4.0: update 'Repositories / Downloads' section +- migration-guides: stop including documents with ".. include" +- musl: Fix build when usrmerge distro feature is enabled +- ncurses: use COPYING file +- neard: Switch :term:`SRC_URI` to git repo +- oeqa/selftest: add test for git working correctly inside pseudo +- openssl: minor security upgrade 3.0.2 -> 3.0.3 +- package.bbclass: Prevent perform_packagecopy from removing /sysroot-only +- package: Ensure we track whether PRSERV was active or not +- package_manager: fix missing dependency on gnupg when signing deb package feeds +- poky-tiny: enable qemuarmv5/qemuarm64 and cleanups +- poky.conf: bump version for 4.0.1 release +- qemu.bbclass: Extend ppc/ppc64 extra options +- qemuarm64: use virtio pci interfaces +- qemuarmv5: use arm-versatile-926ejs :term:`KMACHINE` +- ref-manual: Add :term:`XZ_THREADS` and :term:`XZ_MEMLIMIT` +- ref-manual: add :term:`KERNEL_DEBUG_TIMESTAMPS` +- ref-manual: add :term:`ZSTD_THREADS` +- ref-manual: add a note about hard-coded passwords +- ref-manual: add empty-dirs QA check and QA_EMPTY_DIRS* +- ref-manual: add mention of vendor filtering to :term:`CVE_PRODUCT` +- ref-manual: mention wildcarding support in :term:`INCOMPATIBLE_LICENSE` +- releases: update for yocto 4.0 +- rootfs-postcommands: fix symlinks where link and output path are equal +- ruby: upgrade 3.1.1 -> 3.1.2 +- sanity: skip make 4.2.1 warning for debian +- scripts/git: Ensure we don't have circular references +- scripts: Make git intercept global +- seatd: Disable overflow warning as error on ppc64/musl +- selftest/lic_checksum: Add test for filename containing space +- set_versions: update for 4.0 release +- staging: Ensure we filter out ourselves +- strace: fix ptest failure in landlock +- subversion: upgrade to 1.14.2 +- systemd-boot: remove outdated EFI_LD comment +- systemtap: Fix build with gcc-12 +- terminal.py: Restore error output from Terminal +- u-boot: Correct the :term:`SRC_URI` +- u-boot: Inherit pkgconfig +- update_udev_hwdb: fix multilib issue with systemd +- util-linux: Create u-a symlink for findfs utility +- virgl: skip headless test on alma 8.6 +- webkitgtk: adjust patch status +- wic: do not use PARTLABEL for msdos partition tables +- wireless-regdb: upgrade 2022.02.18 -> 2022.04.08 +- xserver-xorg: Fix build with gcc12 +- yocto-bsps: update to v5.15.36 + +Contributors to 4.0.1 +~~~~~~~~~~~~~~~~~~~~~ + +- Abongwa Amahnui Bonalais +- Alexander Kanavin +- Bruce Ashfield +- Carlos Rafael Giani +- Chen Qi +- Davide Gardenal +- Dmitry Baryshkov +- Ferry Toth +- Henning Schild +- Jon Mason +- Justin Bronder +- Kai Kang +- Khem Raj +- Konrad Weihmann +- Lee Chee Yang +- Marta Rybczynska +- Martin Jansa +- Matt Madison +- Michael Halstead +- Michael Opdenacker +- Naveen Saini +- Nicolas Dechesne +- Paul Eggleton +- Paul Gortmaker +- Paulo Neves +- Peter Kjellerstedt +- Peter Marko +- Pgowda +- Portia +- Quentin Schulz +- Rahul Kumar +- Richard Purdie +- Robert Joslyn +- Robert Yang +- Roland Hieber +- Ross Burton +- Russ Dill +- Steve Sakoman +- Wang Mingyu +- Zheng Ruoqin + +Repositories / Downloads for 4.0.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.1 </poky/tag/?h=yocto-4.0.1>` +- Git Revision: :yocto_git:`8c489602f218bcf21de0d3c9f8cf620ea5f06430 </poky/commit/?id=8c489602f218bcf21de0d3c9f8cf620ea5f06430>` +- Release Artefact: poky-8c489602f218bcf21de0d3c9f8cf620ea5f06430 +- sha: 65c545a316bd8efb13ae1358eeccc8953543be908008103b51f7f90aed960d00 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/poky-8c489602f218bcf21de0d3c9f8cf620ea5f06430.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/poky-8c489602f218bcf21de0d3c9f8cf620ea5f06430.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.1 </openembedded-core/tag/?h=yocto-4.0>` +- Git Revision: :oe_git:`cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee </openembedded-core/commit/?id=cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee>` +- Release Artefact: oecore-cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee +- sha: 43981b8fad82f601618a133dffbec839524f0d0a055efc3d8f808cbfd811ab17 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/oecore-cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/oecore-cb8647c08959abb1d6b7c2b3a34b4b415f66d7ee.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.1 </meta-mingw/tag/?h=yocto-4.0.1>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.1 </meta-gplv2/tag/?h=yocto-4.0.1>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-mingw/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0 </bitbake/tag/?h=yocto-4.0>` +- Git Revision: :oe_git:`59c16ae6c55c607c56efd2287537a1b97ba2bf52 </bitbake/commit/?id=59c16ae6c55c607c56efd2287537a1b97ba2bf52>` +- Release Artefact: bitbake-59c16ae6c55c607c56efd2287537a1b97ba2bf52 +- sha: 3ae466c31f738fc45c3d7c6f665952d59f01697f2667ea42f0544d4298dd6ef0 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.1/bitbake-59c16ae6c55c607c56efd2287537a1b97ba2bf52.tar.bz2, + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.1/bitbake-59c16ae6c55c607c56efd2287537a1b97ba2bf52.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.1 </yocto-docs/tag/?h=yocto-4.0>` +- Git Revision: :yocto_git:`4ec9df3336a425719a9a35532504731ce56984ca </yocto-docs/commit/?id=4ec9df3336a425719a9a35532504731ce56984ca>` diff --git a/documentation/migration-guides/release-notes-4.0.10.rst b/documentation/migration-guides/release-notes-4.0.10.rst new file mode 100644 index 0000000000..f37c3471ea --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.10.rst @@ -0,0 +1,180 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.10 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.10 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils: Fix :cve:`2023-1579`, :cve:`2023-1972`, :cve_mitre:`2023-25584`, :cve_mitre:`2023-25585` and :cve_mitre:`2023-25588` +- cargo : Ignore :cve:`2022-46176` +- connman: Fix :cve:`2023-28488` +- curl: Fix :cve:`2023-27533`, :cve:`2023-27534`, :cve:`2023-27535`, :cve:`2023-27536` and :cve:`2023-27538` +- ffmpeg: Fix :cve:`2022-48434` +- freetype: Fix :cve:`2023-2004` +- ghostscript: Fix :cve_mitre:`2023-29979` +- git: Fix :cve:`2023-25652` and :cve:`2023-29007` +- go: Fix :cve:`2022-41722`, :cve:`2022-41724`, :cve:`2022-41725`, :cve:`2023-24534`, :cve:`2023-24537` and :cve:`2023-24538` +- go: Ignore :cve:`2022-41716` +- libxml2: Fix :cve:`2023-28484` and :cve:`2023-29469` +- libxpm: Fix :cve:`2022-44617`, :cve:`2022-46285` and :cve:`2022-4883` +- linux-yocto: Ignore :cve:`2021-3759`, :cve:`2021-4135`, :cve:`2021-4155`, :cve:`2022-0168`, :cve:`2022-0171`, :cve:`2022-1016`, :cve:`2022-1184`, :cve:`2022-1198`, :cve:`2022-1199`, :cve:`2022-1462`, :cve:`2022-1734`, :cve:`2022-1852`, :cve:`2022-1882`, :cve:`2022-1998`, :cve:`2022-2078`, :cve:`2022-2196`, :cve:`2022-2318`, :cve:`2022-2380`, :cve:`2022-2503`, :cve:`2022-26365`, :cve:`2022-2663`, :cve:`2022-2873`, :cve:`2022-2905`, :cve:`2022-2959`, :cve:`2022-3028`, :cve:`2022-3078`, :cve:`2022-3104`, :cve:`2022-3105`, :cve:`2022-3106`, :cve:`2022-3107`, :cve:`2022-3111`, :cve:`2022-3112`, :cve:`2022-3113`, :cve:`2022-3115`, :cve:`2022-3202`, :cve:`2022-32250`, :cve:`2022-32296`, :cve:`2022-32981`, :cve:`2022-3303`, :cve:`2022-33740`, :cve:`2022-33741`, :cve:`2022-33742`, :cve:`2022-33743`, :cve:`2022-33744`, :cve:`2022-33981`, :cve:`2022-3424`, :cve:`2022-3435`, :cve:`2022-34918`, :cve:`2022-3521`, :cve:`2022-3545`, :cve:`2022-3564`, :cve:`2022-3586`, :cve:`2022-3594`, :cve:`2022-36123`, :cve:`2022-3621`, :cve:`2022-3623`, :cve:`2022-3629`, :cve:`2022-3633`, :cve:`2022-3635`, :cve:`2022-3646`, :cve:`2022-3649`, :cve:`2022-36879`, :cve:`2022-36946`, :cve:`2022-3707`, :cve:`2022-39188`, :cve:`2022-39190`, :cve:`2022-39842`, :cve:`2022-40307`, :cve:`2022-40768`, :cve:`2022-4095`, :cve:`2022-41218`, :cve:`2022-4139`, :cve:`2022-41849`, :cve:`2022-41850`, :cve:`2022-41858`, :cve:`2022-42328`, :cve:`2022-42329`, :cve:`2022-42703`, :cve:`2022-42721`, :cve:`2022-42722`, :cve:`2022-42895`, :cve:`2022-4382`, :cve:`2022-4662`, :cve:`2022-47518`, :cve:`2022-47519`, :cve:`2022-47520`, :cve:`2022-47929`, :cve:`2023-0179`, :cve:`2023-0394`, :cve:`2023-0461`, :cve:`2023-0590`, :cve:`2023-1073`, :cve:`2023-1074`, :cve:`2023-1077`, :cve:`2023-1078`, :cve:`2023-1079`, :cve:`2023-1095`, :cve:`2023-1118`, :cve:`2023-1249`, :cve:`2023-1252`, :cve:`2023-1281`, :cve:`2023-1382`, :cve:`2023-1513`, :cve:`2023-1829`, :cve:`2023-1838`, :cve:`2023-1998`, :cve:`2023-2006`, :cve:`2023-2008`, :cve:`2023-2162`, :cve:`2023-2166`, :cve:`2023-2177`, :cve:`2023-22999`, :cve:`2023-23002`, :cve:`2023-23004`, :cve:`2023-23454`, :cve:`2023-23455`, :cve:`2023-23559`, :cve:`2023-25012`, :cve:`2023-26545`, :cve:`2023-28327` and :cve:`2023-28328` +- nasm: Fix :cve:`2022-44370` +- python3-cryptography: Fix :cve:`2023-23931` +- qemu: Ignore :cve:`2023-0664` +- ruby: Fix :cve:`2023-28755` and :cve:`2023-28756` +- screen: Fix :cve:`2023-24626` +- shadow: Fix :cve:`2023-29383` +- tiff: Fix :cve:`2022-4645` +- webkitgtk: Fix :cve:`2022-32888` and :cve:`2022-32923` +- xserver-xorg: Fix :cve:`2023-1393` + + +Fixes in Yocto-4.0.10 +~~~~~~~~~~~~~~~~~~~~~ + +- bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system +- build-appliance-image: Update to kirkstone head revision +- cmake: add CMAKE_SYSROOT to generated toolchain file +- glibc: stable 2.35 branch updates. +- kernel-devsrc: depend on python3-core instead of python3 +- kernel: improve initramfs bundle processing time +- libarchive: Enable acls, xattr for native as well as target +- libbsd: Add correct license for all packages +- libpam: Fix the xtests/tst-pam_motd[1|3] failures +- libxpm: upgrade to 3.5.15 +- linux-firmware: upgrade to 20230404 +- linux-yocto/5.15: upgrade to v5.15.108 +- migration-guides: add release-notes for 4.0.9 +- oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set +- openssl: Move microblaze to linux-latomic config +- package.bbclass: correct check for /build in copydebugsources() +- poky.conf: bump version for 4.0.10 +- populate_sdk_base: add zip options +- populate_sdk_ext.bbclass: set :term:`METADATA_REVISION` with an :term:`DISTRO` override +- run-postinsts: Set dependency for ldconfig to avoid boot issues +- update-alternatives.bbclass: fix old override syntax +- wic/bootimg-efi: if fixed-size is set then use that for mkdosfs +- wpebackend-fdo: upgrade to 1.14.2 +- xorg-lib-common: Add variable to set tarball type +- xserver-xorg: upgrade to 21.1.8 + + +Known Issues in Yocto-4.0.10 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.10 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Archana Polampalli +- Arturo Buzarra +- Bruce Ashfield +- Christoph Lauer +- Deepthi Hemraj +- Dmitry Baryshkov +- Frank de Brabander +- Hitendra Prajapati +- Joe Slater +- Kai Kang +- Kyle Russell +- Lee Chee Yang +- Mark Hatle +- Martin Jansa +- Mingli Yu +- Narpat Mali +- Pascal Bach +- Pawan Badganchi +- Peter Bergin +- Peter Marko +- Piotr Łobacz +- Randolph Sapp +- Ranjitsinh Rathod +- Ross Burton +- Shubham Kulkarni +- Siddharth Doshi +- Steve Sakoman +- Sundeep KOKKONDA +- Thomas Roos +- Virendra Thakur +- Vivek Kumbhar +- Wang Mingyu +- Xiangyu Chen +- Yash Shinde +- Yoann Congal +- Yogita Urade +- Zhixiong Chi + + +Repositories / Downloads for Yocto-4.0.10 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.10 </poky/log/?h=yocto-4.0.10>` +- Git Revision: :yocto_git:`f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f </poky/commit/?id=f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f>` +- Release Artefact: poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f +- sha: 8820aeac857ce6bbd1c7ef26cadbb86eca02be93deded253b4a5f07ddd69255d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.10 </openembedded-core/log/?h=yocto-4.0.10>` +- Git Revision: :oe_git:`d2713785f9cd2d58731df877bc8b7bcc71b6c8e6 </openembedded-core/commit/?id=d2713785f9cd2d58731df877bc8b7bcc71b6c8e6>` +- Release Artefact: oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6 +- sha: 78e084a1aceaaa6ec022702f29f80eaffade3159e9c42b6b8985c1b7ddd2fbab +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.10 </meta-mingw/log/?h=yocto-4.0.10>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.10 </meta-gplv2/log/?h=yocto-4.0.10>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.10 </bitbake/log/?h=yocto-4.0.10>` +- Git Revision: :oe_git:`0c6f86b60cfba67c20733516957c0a654eb2b44c </bitbake/commit/?id=0c6f86b60cfba67c20733516957c0a654eb2b44c>` +- Release Artefact: bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c +- sha: 4caa94ee4d644017b0cc51b702e330191677f7d179018cbcec8b1793949ebc74 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.10 </yocto-docs/log/?h=yocto-4.0.10>` +- Git Revision: :yocto_git:`8388be749806bd0bf4fccf1005dae8f643aa4ef4 </yocto-docs/commit/?id=8388be749806bd0bf4fccf1005dae8f643aa4ef4>` + diff --git a/documentation/migration-guides/release-notes-4.0.11.rst b/documentation/migration-guides/release-notes-4.0.11.rst new file mode 100644 index 0000000000..8a15884908 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.11.rst @@ -0,0 +1,214 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.11 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.11 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- cups: Fix :cve:`2023-32324` +- curl: Fix :cve:`2023-28319`, :cve:`2023-28320`, :cve:`2023-28321` and :cve:`2023-28322` +- git: Ignore :cve:`2023-25815` +- go: Fix :cve:`2023-24539` and :cve:`2023-24540` +- nasm: Fix :cve:`2022-46457` +- openssh: Fix :cve:`2023-28531` +- openssl: Fix :cve:`2023-1255` and :cve:`2023-2650` +- perl: Fix :cve:`2023-31484` +- python3-requests: Fix for :cve:`2023-32681` +- sysstat: Fix :cve:`2023-33204` +- vim: Fix :cve:`2023-2426` +- webkitgtk: fix :cve:`2022-42867`, :cve:`2022-46691`, :cve:`2022-46699` and :cve:`2022-46700` + + +Fixes in Yocto-4.0.11 +~~~~~~~~~~~~~~~~~~~~~ + +- Revert "docs: conf.py: fix cve extlinks caption for sphinx <4.0" +- Revert "ipk: Decode byte data to string in manifest handling" +- avahi: fix D-Bus introspection +- build-appliance-image: Update to kirkstone head revision +- conf.py: add macro for Mitre CVE links +- conf: add nice level to the hash config ignred variables +- cpio: Fix wrong CRC with ASCII CRC for large files +- cve-update-nvd2-native: added the missing http import +- cve-update-nvd2-native: new CVE database fetcher +- dhcpcd: use git instead of tarballs +- e2fsprogs: fix ptest bug for second running +- gcc-runtime: Use static dummy libstdc++ +- glibc: stable 2.35 branch updates (cbceb903c4d7) +- go.bbclass: don't use test to check output from ls +- gstreamer1.0: Upgrade to 1.20.6 +- iso-codes: Upgrade to 4.15.0 +- kernel-devicetree: allow specification of dtb directory +- kernel-devicetree: make shell scripts posix compliant +- kernel-devicetree: recursively search for dtbs +- kernel: don't force PAHOLE=false +- kmscube: Correct :term:`DEPENDS` to avoid overwrite +- lib/terminal.py: Add urxvt terminal +- license.bbclass: Include :term:`LICENSE` in the output when it fails to parse +- linux-yocto/5.10: Upgrade to v5.10.180 +- linux-yocto/5.15: Upgrade to v5.15.113 +- llvm: backport a fix for build with gcc-13 +- maintainers.inc: Fix email address typo +- maintainers.inc: Move repo to unassigned +- migration-guides: add release notes for 4.0.10 +- migration-guides: use new cve_mitre macro +- nghttp2: Deleted the entries for -client and -server, and removed a dependency on them from the main package. +- oeqa/selftest/cases/devtool.py: skip all tests require folder a git repo +- openssh: Remove BSD-4-clause contents completely from codebase +- openssl: Upgrade to 3.0.9 +- overview-manual: concepts.rst: Fix a typo +- p11-kit: add native to :term:`BBCLASSEXTEND` +- package: enable recursion on file globs +- package_manager/ipk: fix config path generation in _create_custom_config() +- piglit: Add :term:`PACKAGECONFIG` for glx and opencl +- piglit: Add missing glslang dependencies +- piglit: Fix build time dependency +- poky.conf: bump version for 4.0.11 +- profile-manual: fix blktrace remote usage instructions +- quilt: Fix merge.test race condition +- ref-manual: add clarification for :term:`SRCREV` +- selftest/reproducible: Allow native/cross reuse in test +- staging.bbclass: do not add extend_recipe_sysroot to prefuncs of prepare_recipe_sysroot +- systemd-networkd: backport fix for rm unmanaged wifi +- systemd-systemctl: fix instance template WantedBy symlink construction +- systemd-systemctl: support instance expansion in WantedBy +- uninative: Upgrade to 3.10 to support gcc 13 +- uninative: Upgrade to 4.0 to include latest gcc 13.1.1 +- vim: Upgrade to 9.0.1527 +- waffle: Upgrade to 1.7.2 +- weston: add xwayland to :term:`DEPENDS` for :term:`PACKAGECONFIG` xwayland + + +Known Issues in Yocto-4.0.11 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.11 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Andrew Jeffery +- Archana Polampalli +- Bhabu Bindu +- Bruce Ashfield +- C. Andy Martin +- Chen Qi +- Daniel Ammann +- Deepthi Hemraj +- Ed Beroset +- Eero Aaltonen +- Enrico Jörns +- Hannu Lounento +- Hitendra Prajapati +- Ian Ray +- Jan Luebbe +- Jan Vermaete +- Khem Raj +- Lee Chee Yang +- Lei Maohui +- Lorenzo Arena +- Marek Vasut +- Marta Rybczynska +- Martin Jansa +- Martin Siegumfeldt +- Michael Halstead +- Michael Opdenacker +- Ming Liu +- Narpat Mali +- Omkar Patil +- Pablo Saavedra +- Pavel Zhukov +- Peter Kjellerstedt +- Peter Marko +- Qiu Tingting +- Quentin Schulz +- Randolph Sapp +- Randy MacLeod +- Ranjitsinh Rathod +- Richard Purdie +- Riyaz Khan +- Sakib Sajal +- Sanjay Chitroda +- Soumya Sambu +- Steve Sakoman +- Thomas Roos +- Tom Hochstein +- Vivek Kumbhar +- Wang Mingyu +- Yogita Urade +- Zoltan Boszormenyi + + +Repositories / Downloads for Yocto-4.0.11 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.11 </poky/log/?h=yocto-4.0.11>` +- Git Revision: :yocto_git:`fc697fe87412b9b179ae3a68d266ace85bb1fcc6 </poky/commit/?id=fc697fe87412b9b179ae3a68d266ace85bb1fcc6>` +- Release Artefact: poky-fc697fe87412b9b179ae3a68d266ace85bb1fcc6 +- sha: d42ab1b76b9d8ab164d86dc0882c908658f6b5be0742b13a71531068f6a5ee98 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.11/poky-fc697fe87412b9b179ae3a68d266ace85bb1fcc6.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.11/poky-fc697fe87412b9b179ae3a68d266ace85bb1fcc6.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.11 </openembedded-core/log/?h=yocto-4.0.11>` +- Git Revision: :oe_git:`7949e786cf8e50f716ff1f1c4797136637205e0c </openembedded-core/commit/?id=7949e786cf8e50f716ff1f1c4797136637205e0c>` +- Release Artefact: oecore-7949e786cf8e50f716ff1f1c4797136637205e0c +- sha: 3bda3f7d15961bad5490faf3194709528591a97564b5eae3da7345b63be20334 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.11/oecore-7949e786cf8e50f716ff1f1c4797136637205e0c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.11/oecore-7949e786cf8e50f716ff1f1c4797136637205e0c.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.11 </meta-mingw/log/?h=yocto-4.0.11>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.11/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.11/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.11 </meta-gplv2/log/?h=yocto-4.0.11>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.11/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.11/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.11 </bitbake/log/?h=yocto-4.0.11>` +- Git Revision: :oe_git:`0c6f86b60cfba67c20733516957c0a654eb2b44c </bitbake/commit/?id=0c6f86b60cfba67c20733516957c0a654eb2b44c>` +- Release Artefact: bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c +- sha: 4caa94ee4d644017b0cc51b702e330191677f7d179018cbcec8b1793949ebc74 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.11/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.11/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.11 </yocto-docs/log/?h=yocto-4.0.11>` +- Git Revision: :yocto_git:`6d16d2bde0aa32276a035ee49703e6eea7c7b29a </yocto-docs/commit/?id=6d16d2bde0aa32276a035ee49703e6eea7c7b29a>` + diff --git a/documentation/migration-guides/release-notes-4.0.12.rst b/documentation/migration-guides/release-notes-4.0.12.rst new file mode 100644 index 0000000000..0ea92a453d --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.12.rst @@ -0,0 +1,277 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.12 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.12 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-2828` and :cve:`2023-2911` +- cups: Fix :cve:`2023-34241` +- curl: Added :cve:`2023-28320` Follow-up patch +- dbus: Fix :cve:`2023-34969` +- dmidecode: fix :cve:`2023-30630` +- ghostscript: fix :cve:`2023-36664` +- go: fix :cve_mitre:`2023-24531`, :cve:`2023-24536`, :cve:`2023-29400`, :cve:`2023-29402`, :cve:`2023-29404`, :cve:`2023-29405` and :cve:`2023-29406` +- libarchive: Ignore :cve:`2023-30571` +- libcap: Fix :cve:`2023-2602` and :cve:`2023-2603` +- libjpeg-turbo: Fix :cve:`2023-2804` +- libpcre2: Fix :cve:`2022-41409` +- libtiff: fix :cve:`2023-26965` +- libwebp: Fix :cve:`2023-1999` +- libx11: Fix :cve:`2023-3138` +- libxpm: Fix :cve:`2022-44617` +- ninja: Ignore :cve:`2021-4336` +- openssh: Fix :cve:`2023-38408` +- openssl: Fix :cve:`2023-2975`, :cve:`2023-3446` and :cve:`2023-3817` +- perl: Fix :cve:`2023-31486` +- python3: Ignore :cve:`2023-36632` +- qemu: Fix :cve:`2023-0330`, :cve_mitre:`2023-2861`, :cve_mitre:`2023-3255` and :cve_mitre:`2023-3301` +- sqlite3: Fix :cve:`2023-36191` +- tiff: Fix :cve:`2023-0795`, :cve:`2023-0796`, :cve:`2023-0797`, :cve:`2023-0798`, :cve:`2023-0799`, :cve:`2023-25433`, :cve:`2023-25434` and :cve:`2023-25435` +- vim: :cve:`2023-2609` and :cve:`2023-2610` + + +Fixes in Yocto-4.0.12 +~~~~~~~~~~~~~~~~~~~~~ + +- babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature +- babeltrace2: upgrade to 2.0.5 +- bitbake.conf: add unzstd in :term:`HOSTTOOLS` +- bitbake: bitbake-layers: initialize tinfoil before registering command line arguments +- bitbake: runqueue: Fix deferred task/multiconfig race issue +- blktrace: ask for python3 specifically +- build-appliance-image: Update to kirkstone head revision +- cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK +- connman: fix warning by specifying runstatedir at configure time +- cpio: Replace fix wrong CRC with ASCII CRC for large files with upstream backport +- cve-update-nvd2-native: actually use API keys +- cve-update-nvd2-native: always pass str for json.loads() +- cve-update-nvd2-native: fix cvssV3 metrics +- cve-update-nvd2-native: handle all configuration nodes, not just first +- cve-update-nvd2-native: increase retry count +- cve-update-nvd2-native: log a little more +- cve-update-nvd2-native: retry all errors and sleep between retries +- cve-update-nvd2-native: use exact times, don't truncate +- dbus: upgrade to 1.14.8 +- devtool: Fix the wrong variable in srcuri_entry +- diffutils: upgrade to 3.10 +- docs: ref-manual: terms: fix typos in :term:`SPDX` term +- fribidi: upgrade to 1.0.13 +- gcc: upgrade to v11.4 +- gcc-testsuite: Fix ppc cpu specification +- gcc: don't pass --enable-standard-branch-protection +- gcc: fix runpath errors in cc1 binary +- grub: submit determinism.patch upstream +- image_types: Fix reproducible builds for initramfs and UKI img +- kernel: add missing path to search for debug files +- kmod: remove unused ptest.patch +- layer.conf: Add missing dependency exclusion +- libassuan: upgrade to 2.5.6 +- libksba: upgrade to 1.6.4 +- libpng: Add ptest for libpng +- libxcrypt: fix build with perl-5.38 and use master branch +- libxcrypt: fix hard-coded ".so" extension +- libxpm: upgrade to 3.5.16 +- linux-firmware: upgrade to 20230515 +- linux-yocto/5.10: cfg: fix DECNET configuration warning +- linux-yocto/5.10: update to v5.10.185 +- linux-yocto/5.15: cfg: fix DECNET configuration warning +- linux-yocto/5.15: update to v5.15.120 +- logrotate: Do not create logrotate.status file +- lttng-ust: upgrade to 2.13.6 +- machine/arch-arm64: add -mbranch-protection=standard +- maintainers.inc: correct Carlos Rafael Giani's email address +- maintainers.inc: correct unassigned entries +- maintainers.inc: unassign Adrian Bunk from wireless-regdb +- maintainers.inc: unassign Alistair Francis from opensbi +- maintainers.inc: unassign Andreas Müller from itstool entry +- maintainers.inc: unassign Pascal Bach from cmake entry +- maintainers.inc: unassign Ricardo Neri from ovmf +- maintainers.inc: unassign Richard Weinberger from erofs-utils entry +- mdadm: fix 07revert-inplace ptest +- mdadm: fix segfaults when running ptests +- mdadm: fix util-linux ptest dependency +- mdadm: skip running known broken ptests +- meson.bbclass: Point to llvm-config from native sysroot +- meta: lib: oe: npm_registry: Add more safe caracters +- migration-guides: add release notes for 4.0.11 +- minicom: remove unused patch files +- mobile-broadband-provider-info: upgrade to 20230416 +- oe-depends-dot: Handle new format for task-depends.dot +- oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case +- oeqa/selftest/bbtests: add non-existent prefile/postfile tests +- oeqa/selftest/devtool: add unit test for "devtool add -b" +- openssl: Upgrade to 3.0.10 +- openssl: add PERLEXTERNAL path to test its existence +- openssl: use a glob on the PERLEXTERNAL to track updates on the path +- package.bbclass: moving field data process before variable process in process_pkgconfig +- pm-utils: fix multilib conflictions +- poky.conf: bump version for 4.0.12 +- psmisc: Set :term:`ALTERNATIVE` for pstree to resolve conflict with busybox +- pybootchartgui: show elapsed time for each task +- python3: fix missing comma in get_module_deps3.py +- python3: upgrade to 3.10.12 +- recipetool: Fix inherit in created -native* recipes +- ref-manual: add LTS and Mixin terms +- ref-manual: document image-specific variant of :term:`INCOMPATIBLE_LICENSE` +- ref-manual: release-process: update for LTS releases +- rust-llvm: backport a fix for build with gcc-13 +- scripts/runqemu: allocate unfsd ports in a way that doesn't race or clash with unrelated processes +- scripts/runqemu: split lock dir creation into a reusable function +- sdk.py: error out when moving file fails +- sdk.py: fix moving dnf contents +- selftest reproducible.py: support different build targets +- selftest/license: Exclude from world +- selftest/reproducible: Allow chose the package manager +- serf: upgrade to 1.3.10 +- strace: Disable failing test +- strace: Merge two similar patches +- strace: Update patches/tests with upstream fixes +- sysfsutils: fetch a supported fork from github +- systemd-systemctl: fix errors in instance name expansion +- systemd: Backport nspawn: make sure host root can write to the uidmapped mounts we prepare for the container payload +- tzdata: upgrade to 2023c +- uboot-extlinux-config.bbclass: fix old override syntax in comment +- unzip: fix configure check for cross compilation +- useradd-staticids.bbclass: improve error message +- util-linux: add alternative links for ipcs,ipcrm +- v86d: Improve kernel dependency +- vim: upgrade to 9.0.1592 +- wget: upgrade to 1.21.4 +- wic: Add dependencies for erofs-utils +- wireless-regdb: upgrade to 2023.05.03 +- xdpyinfo: upgrade to 1.3.4 +- zip: fix configure check by using _Static_assert + + +Known Issues in Yocto-4.0.12 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.12 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alberto Planas +- Alexander Kanavin +- Alexander Sverdlin +- Andrej Valek +- Archana Polampalli +- BELOUARGA Mohamed +- Benjamin Bouvier +- Bruce Ashfield +- Charlie Wu +- Chen Qi +- Etienne Cordonnier +- Fabien Mahot +- Frieder Paape +- Frieder Schrempf +- Heiko Thole +- Hitendra Prajapati +- Jermain Horsman +- Jose Quaresma +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Marc Ferland +- Marek Vasut +- Martin Jansa +- Mauro Queiros +- Michael Opdenacker +- Mikko Rapeli +- Nikhil R +- Ovidiu Panait +- Peter Marko +- Poonam Jadhav +- Quentin Schulz +- Richard Purdie +- Ross Burton +- Rusty Howell +- Sakib Sajal +- Soumya Sambu +- Steve Sakoman +- Sundeep KOKKONDA +- Tim Orling +- Tom Hochstein +- Trevor Gamblin +- Vijay Anusuri +- Vivek Kumbhar +- Wang Mingyu +- Xiangyu Chen +- Yoann Congal +- Yogita Urade +- Yuta Hayama + + +Repositories / Downloads for Yocto-4.0.12 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.12 </poky/log/?h=yocto-4.0.12>` +- Git Revision: :yocto_git:`d6b8790370500b99ca11f0d8a05c39b661ab2ba6 </poky/commit/?id=d6b8790370500b99ca11f0d8a05c39b661ab2ba6>` +- Release Artefact: poky-d6b8790370500b99ca11f0d8a05c39b661ab2ba6 +- sha: 35f0390e0c5a12f403ed471c0b1254c13cbb9d7c7b46e5a3538e63e36c1ac280 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/poky-d6b8790370500b99ca11f0d8a05c39b661ab2ba6.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/poky-d6b8790370500b99ca11f0d8a05c39b661ab2ba6.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.12 </openembedded-core/log/?h=yocto-4.0.12>` +- Git Revision: :oe_git:`e1a604db8d2cf8782038b4016cc2e2052467333b </openembedded-core/commit/?id=e1a604db8d2cf8782038b4016cc2e2052467333b>` +- Release Artefact: oecore-e1a604db8d2cf8782038b4016cc2e2052467333b +- sha: 8b302eb3f3ffe5643f88bc6e4ae8f9a5cda63544d67e04637ecc4197e9750a1d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/oecore-e1a604db8d2cf8782038b4016cc2e2052467333b.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/oecore-e1a604db8d2cf8782038b4016cc2e2052467333b.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.12 </meta-mingw/log/?h=yocto-4.0.12>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.12 </meta-gplv2/log/?h=yocto-4.0.12>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.12 </bitbake/log/?h=yocto-4.0.12>` +- Git Revision: :oe_git:`41b6684489d0261753344956042be2cc4adb0159 </bitbake/commit/?id=41b6684489d0261753344956042be2cc4adb0159>` +- Release Artefact: bitbake-41b6684489d0261753344956042be2cc4adb0159 +- sha: efa2b1c4d0be115ed3960750d1e4ed958771b2db6d7baee2d13ad386589376e8 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.12 </yocto-docs/log/?h=yocto-4.0.12>` +- Git Revision: :yocto_git:`4dfef81ac6164764c6541e39a9fef81d49227096 </yocto-docs/commit/?id=4dfef81ac6164764c6541e39a9fef81d49227096>` + diff --git a/documentation/migration-guides/release-notes-4.0.13.rst b/documentation/migration-guides/release-notes-4.0.13.rst new file mode 100644 index 0000000000..3c096c356f --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.13.rst @@ -0,0 +1,271 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.13 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.13 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-2829` +- binutils: Fix :cve:`2022-48065` +- busybox: Fix :cve:`2022-48174` +- cups: Fix :cve:`2023-32360` +- curl: Fix :cve:`2023-32001` +- dmidecode: Fix :cve:`2023-30630` +- dropbear: Fix :cve:`2023-36328` +- ffmpeg: Ignored :cve:`2023-39018` +- file: Fix :cve:`2022-48554` +- flac: Fix :cve:`2020-22219` +- gcc: Fix :cve:`2023-4039` +- gdb: Fix :cve:`2023-39128` +- ghostscript: Fix :cve:`2023-38559` +- glib-2.0: Fix :cve:`2023-29499`, :cve:`2023-32611`, :cve:`2023-32636`, :cve:`2023-32643` and :cve:`2023-32665` +- go: Fix :cve:`2023-29409` and :cve:`2023-39319` +- gstreamer1.0-plugins-bad: Fix :cve_mitre:`2023-37329` +- gstreamer1.0-plugins-base: Fix :cve_mitre:`2023-37328` +- gstreamer1.0-plugins-good: Fix :cve_mitre:`2023-37327` +- inetutils: Fix :cve:`2023-40303` +- json-c: Fix :cve:`2021-32292` +- librsvg: Fix :cve:`2023-38633` +- libssh2: Fix :cve:`2020-22218` +- libtiff: Fix :cve:`2023-26966` +- libxml2: Fix :cve:`2023-39615` +- linux-yocto/5.15: Ignore :cve:`2003-1604`, :cve:`2004-0230`, :cve:`2006-3635`, :cve:`2006-5331`, :cve:`2006-6128`, :cve:`2007-4774`, :cve:`2007-6761`, :cve:`2007-6762`, :cve:`2008-7316`, :cve:`2009-2692`, :cve:`2010-0008`, :cve:`2010-3432`, :cve:`2010-4648`, :cve:`2010-5313`, :cve:`2010-5328`, :cve:`2010-5329`, :cve:`2010-5331`, :cve:`2010-5332`, :cve:`2011-4098`, :cve:`2011-4131`, :cve:`2011-4915`, :cve:`2011-5321`, :cve:`2011-5327`, :cve:`2012-0957`, :cve:`2012-2119`, :cve:`2012-2136`, :cve:`2012-2137`, :cve:`2012-2313`, :cve:`2012-2319`, :cve:`2012-2372`, :cve:`2012-2375`, :cve:`2012-2390`, :cve:`2012-2669`, :cve:`2012-2744`, :cve:`2012-2745`, :cve:`2012-3364`, :cve:`2012-3375`, :cve:`2012-3400`, :cve:`2012-3412`, :cve:`2012-3430`, :cve:`2012-3510`, :cve:`2012-3511`, :cve:`2012-3520`, :cve:`2012-3552`, :cve:`2012-4398`, :cve:`2012-4444`, :cve:`2012-4461`, :cve:`2012-4467`, :cve:`2012-4508`, :cve:`2012-4530`, :cve:`2012-4565`, :cve:`2012-5374`, :cve:`2012-5375`, :cve:`2012-5517`, :cve:`2012-6536`, :cve:`2012-6537`, :cve:`2012-6538`, :cve:`2012-6539`, :cve:`2012-6540`, :cve:`2012-6541`, :cve:`2012-6542`, :cve:`2012-6543`, :cve:`2012-6544`, :cve:`2012-6545`, :cve:`2012-6546`, :cve:`2012-6547`, :cve:`2012-6548`, :cve:`2012-6549`, :cve:`2012-6638`, :cve:`2012-6647`, :cve:`2012-6657`, :cve:`2012-6689`, :cve:`2012-6701`, :cve:`2012-6703`, :cve:`2012-6704`, :cve:`2012-6712`, :cve:`2013-0160`, :cve:`2013-0190`, :cve:`2013-0216`, :cve:`2013-0217`, :cve:`2013-0228`, :cve:`2013-0231`, :cve:`2013-0268`, :cve:`2013-0290`, :cve:`2013-0309`, :cve:`2013-0310`, :cve:`2013-0311`, :cve:`2013-0313`, :cve:`2013-0343`, :cve:`2013-0349`, :cve:`2013-0871`, :cve:`2013-0913`, :cve:`2013-0914`, :cve:`2013-1059`, :cve:`2013-1763`, :cve:`2013-1767`, :cve:`2013-1772`, :cve:`2013-1773`, :cve:`2013-1774`, :cve:`2013-1792`, :cve:`2013-1796`, :cve:`2013-1797`, :cve:`2013-1798`, :cve:`2013-1819`, :cve:`2013-1826`, :cve:`2013-1827`, :cve:`2013-1828`, :cve:`2013-1848`, :cve:`2013-1858`, :cve:`2013-1860`, :cve:`2013-1928`, :cve:`2013-1929`, :cve:`2013-1943`, :cve:`2013-1956`, :cve:`2013-1957`, :cve:`2013-1958`, :cve:`2013-1959`, :cve:`2013-1979`, :cve:`2013-2015`, :cve:`2013-2017`, :cve:`2013-2058`, :cve:`2013-2094`, :cve:`2013-2128`, :cve:`2013-2140`, :cve:`2013-2141`, :cve:`2013-2146`, :cve:`2013-2147`, :cve:`2013-2148`, :cve:`2013-2164`, :cve:`2013-2206`, :cve:`2013-2232`, :cve:`2013-2234`, :cve:`2013-2237`, :cve:`2013-2546`, :cve:`2013-2547`, :cve:`2013-2548`, :cve:`2013-2596`, :cve:`2013-2634`, :cve:`2013-2635`, :cve:`2013-2636`, :cve:`2013-2850`, :cve:`2013-2851`, :cve:`2013-2852`, :cve:`2013-2888`, :cve:`2013-2889`, :cve:`2013-2890`, :cve:`2013-2891`, :cve:`2013-2892`, :cve:`2013-2893`, :cve:`2013-2894`, :cve:`2013-2895`, :cve:`2013-2896`, :cve:`2013-2897`, :cve:`2013-2898`, :cve:`2013-2899`, :cve:`2013-2929`, :cve:`2013-2930`, :cve:`2013-3076`, :cve:`2013-3222`, :cve:`2013-3223`, :cve:`2013-3224`, :cve:`2013-3225`, :cve:`2013-3226`, :cve:`2013-3227`, :cve:`2013-3228`, :cve:`2013-3229`, :cve:`2013-3230`, :cve:`2013-3231`, :cve:`2013-3232`, :cve:`2013-3233`, :cve:`2013-3234`, :cve:`2013-3235`, :cve:`2013-3236`, :cve:`2013-3237`, :cve:`2013-3301`, :cve:`2013-3302`, :cve:`2013-4125`, :cve:`2013-4127`, :cve:`2013-4129`, :cve:`2013-4162`, :cve:`2013-4163`, :cve:`2013-4205`, :cve:`2013-4220`, :cve:`2013-4247`, :cve:`2013-4254`, :cve:`2013-4270`, :cve:`2013-4299`, :cve:`2013-4300`, :cve:`2013-4312`, :cve:`2013-4343`, :cve:`2013-4345`, :cve:`2013-4348`, :cve:`2013-4350`, :cve:`2013-4387`, :cve:`2013-4470`, :cve:`2013-4483`, :cve:`2013-4511`, :cve:`2013-4512`, :cve:`2013-4513`, :cve:`2013-4514`, :cve:`2013-4515`, :cve:`2013-4516`, :cve:`2013-4563`, :cve:`2013-4579`, :cve:`2013-4587`, :cve:`2013-4588`, :cve:`2013-4591`, :cve:`2013-4592`, :cve:`2013-5634`, :cve:`2013-6282`, :cve:`2013-6367`, :cve:`2013-6368`, :cve:`2013-6376`, :cve:`2013-6378`, :cve:`2013-6380`, :cve:`2013-6381`, :cve:`2013-6382`, :cve:`2013-6383`, :cve:`2013-6431`, :cve:`2013-6432`, :cve:`2013-6885`, :cve:`2013-7026`, :cve:`2013-7027`, :cve:`2013-7263`, :cve:`2013-7264`, :cve:`2013-7265`, :cve:`2013-7266`, :cve:`2013-7267`, :cve:`2013-7268`, :cve:`2013-7269`, :cve:`2013-7270`, :cve:`2013-7271`, :cve:`2013-7281`, :cve:`2013-7339`, :cve:`2013-7348`, :cve:`2013-7421`, :cve:`2013-7446`, :cve:`2013-7470`, :cve:`2014-0038`, :cve:`2014-0049`, :cve:`2014-0055`, :cve:`2014-0069`, :cve:`2014-0077`, :cve:`2014-0100`, :cve:`2014-0101`, :cve:`2014-0102`, :cve:`2014-0131`, :cve:`2014-0155`, :cve:`2014-0181`, :cve:`2014-0196`, :cve:`2014-0203`, :cve:`2014-0205`, :cve:`2014-0206`, :cve:`2014-1438`, :cve:`2014-1444`, :cve:`2014-1445`, :cve:`2014-1446`, :cve:`2014-1690`, :cve:`2014-1737`, :cve:`2014-1738`, :cve:`2014-1739`, :cve:`2014-1874`, :cve:`2014-2038`, :cve:`2014-2039`, :cve:`2014-2309`, :cve:`2014-2523`, :cve:`2014-2568`, :cve:`2014-2580`, :cve:`2014-2672`, :cve:`2014-2673`, :cve:`2014-2678`, :cve:`2014-2706`, :cve:`2014-2739`, :cve:`2014-2851`, :cve:`2014-2889`, :cve:`2014-3122`, :cve:`2014-3144`, :cve:`2014-3145`, :cve:`2014-3153`, :cve:`2014-3180`, :cve:`2014-3181`, :cve:`2014-3182`, :cve:`2014-3183`, :cve:`2014-3184`, :cve:`2014-3185`, :cve:`2014-3186`, :cve:`2014-3534`, :cve:`2014-3535`, :cve:`2014-3601`, :cve:`2014-3610`, :cve:`2014-3611`, :cve:`2014-3631`, :cve:`2014-3645`, :cve:`2014-3646`, :cve:`2014-3647`, :cve:`2014-3673`, :cve:`2014-3687`, :cve:`2014-3688`, :cve:`2014-3690`, :cve:`2014-3917`, :cve:`2014-3940`, :cve:`2014-4014`, :cve:`2014-4027`, :cve:`2014-4157`, :cve:`2014-4171`, :cve:`2014-4508`, :cve:`2014-4608`, :cve:`2014-4611`, :cve:`2014-4652`, :cve:`2014-4653`, :cve:`2014-4654`, :cve:`2014-4655`, :cve:`2014-4656`, :cve:`2014-4667`, :cve:`2014-4699`, :cve:`2014-4943`, :cve:`2014-5045`, :cve:`2014-5077`, :cve:`2014-5206`, :cve:`2014-5207`, :cve:`2014-5471`, :cve:`2014-5472`, :cve:`2014-6410`, :cve:`2014-6416`, :cve:`2014-6417`, :cve:`2014-6418`, :cve:`2014-7145`, :cve:`2014-7283`, :cve:`2014-7284`, :cve:`2014-7822`, :cve:`2014-7825`, :cve:`2014-7826`, :cve:`2014-7841`, :cve:`2014-7842`, :cve:`2014-7843`, :cve:`2014-7970`, :cve:`2014-7975`, :cve:`2014-8086`, :cve:`2014-8133`, :cve:`2014-8134`, :cve:`2014-8159`, :cve:`2014-8160`, :cve:`2014-8171`, :cve:`2014-8172`, :cve:`2014-8173`, :cve:`2014-8369`, :cve:`2014-8480`, :cve:`2014-8481`, :cve:`2014-8559`, :cve:`2014-8709`, :cve:`2014-8884`, :cve:`2014-8989`, :cve:`2014-9090`, :cve:`2014-9322`, :cve:`2014-9419`, :cve:`2014-9420`, :cve:`2014-9428`, :cve:`2014-9529`, :cve:`2014-9584`, :cve:`2014-9585`, :cve:`2014-9644`, :cve:`2014-9683`, :cve:`2014-9710`, :cve:`2014-9715`, :cve:`2014-9717`, :cve:`2014-9728`, :cve:`2014-9729`, :cve:`2014-9730`, :cve:`2014-9731`, :cve:`2014-9803`, :cve:`2014-9870`, :cve:`2014-9888`, :cve:`2014-9895`, :cve:`2014-9903`, :cve:`2014-9904`, :cve:`2014-9914`, :cve:`2014-9922`, :cve:`2014-9940`, :cve:`2015-0239`, :cve:`2015-0274`, :cve:`2015-0275`, :cve:`2015-1333`, :cve:`2015-1339`, :cve:`2015-1350`, :cve:`2015-1420`, :cve:`2015-1421`, :cve:`2015-1465`, :cve:`2015-1573`, :cve:`2015-1593`, :cve:`2015-1805`, :cve:`2015-2041`, :cve:`2015-2042`, :cve:`2015-2150`, :cve:`2015-2666`, :cve:`2015-2672`, :cve:`2015-2686`, :cve:`2015-2830`, :cve:`2015-2922`, :cve:`2015-2925`, :cve:`2015-3212`, :cve:`2015-3214`, :cve:`2015-3288`, :cve:`2015-3290`, :cve:`2015-3291`, :cve:`2015-3331`, :cve:`2015-3339`, :cve:`2015-3636`, :cve:`2015-4001`, :cve:`2015-4002`, :cve:`2015-4003`, :cve:`2015-4004`, :cve:`2015-4036`, :cve:`2015-4167`, :cve:`2015-4170`, :cve:`2015-4176`, :cve:`2015-4177`, :cve:`2015-4178`, :cve:`2015-4692`, :cve:`2015-4700`, :cve:`2015-5156`, :cve:`2015-5157`, :cve:`2015-5257`, :cve:`2015-5283`, :cve:`2015-5307`, :cve:`2015-5327`, :cve:`2015-5364`, :cve:`2015-5366`, :cve:`2015-5697`, :cve:`2015-5706`, :cve:`2015-5707`, :cve:`2015-6252`, :cve:`2015-6526`, :cve:`2015-6937`, :cve:`2015-7509`, :cve:`2015-7513`, :cve:`2015-7515`, :cve:`2015-7550`, :cve:`2015-7566`, :cve:`2015-7613`, :cve:`2015-7799`, :cve:`2015-7833`, :cve:`2015-7872`, :cve:`2015-7884`, :cve:`2015-7885`, :cve:`2015-7990`, :cve:`2015-8104`, :cve:`2015-8215`, :cve:`2015-8324`, :cve:`2015-8374`, :cve:`2015-8539`, :cve:`2015-8543`, :cve:`2015-8550`, :cve:`2015-8551`, :cve:`2015-8552`, :cve:`2015-8553`, :cve:`2015-8569`, :cve:`2015-8575`, :cve:`2015-8660`, :cve:`2015-8709`, :cve:`2015-8746`, :cve:`2015-8767`, :cve:`2015-8785`, :cve:`2015-8787`, :cve:`2015-8812`, :cve:`2015-8816`, :cve:`2015-8830`, :cve:`2015-8839`, :cve:`2015-8844`, :cve:`2015-8845`, :cve:`2015-8950`, :cve:`2015-8952`, :cve:`2015-8953`, :cve:`2015-8955`, :cve:`2015-8956`, :cve:`2015-8961`, :cve:`2015-8962`, :cve:`2015-8963`, :cve:`2015-8964`, :cve:`2015-8966`, :cve:`2015-8967`, :cve:`2015-8970`, :cve:`2015-9004`, :cve:`2015-9016`, :cve:`2015-9289`, :cve:`2016-0617`, :cve:`2016-0723`, :cve:`2016-0728`, :cve:`2016-0758`, :cve:`2016-0821`, :cve:`2016-0823`, :cve:`2016-10044`, :cve:`2016-10088`, :cve:`2016-10147`, :cve:`2016-10150`, :cve:`2016-10153`, :cve:`2016-10154`, :cve:`2016-10200`, :cve:`2016-10208`, :cve:`2016-10229`, :cve:`2016-10318`, :cve:`2016-10723`, :cve:`2016-10741`, :cve:`2016-10764`, :cve:`2016-10905`, :cve:`2016-10906`, :cve:`2016-10907`, :cve:`2016-1237`, :cve:`2016-1575`, :cve:`2016-1576`, :cve:`2016-1583`, :cve:`2016-2053`, :cve:`2016-2069`, :cve:`2016-2070`, :cve:`2016-2085`, :cve:`2016-2117`, :cve:`2016-2143`, :cve:`2016-2184`, :cve:`2016-2185`, :cve:`2016-2186`, :cve:`2016-2187`, :cve:`2016-2188`, :cve:`2016-2383`, :cve:`2016-2384`, :cve:`2016-2543`, :cve:`2016-2544`, :cve:`2016-2545`, :cve:`2016-2546`, :cve:`2016-2547`, :cve:`2016-2548`, :cve:`2016-2549`, :cve:`2016-2550`, :cve:`2016-2782`, :cve:`2016-2847`, :cve:`2016-3044`, :cve:`2016-3070`, :cve:`2016-3134`, :cve:`2016-3135`, :cve:`2016-3136`, :cve:`2016-3137`, :cve:`2016-3138`, :cve:`2016-3139`, :cve:`2016-3140`, :cve:`2016-3156`, :cve:`2016-3157`, :cve:`2016-3672`, :cve:`2016-3689`, :cve:`2016-3713`, :cve:`2016-3841`, :cve:`2016-3857`, :cve:`2016-3951`, :cve:`2016-3955`, :cve:`2016-3961`, :cve:`2016-4440`, :cve:`2016-4470`, :cve:`2016-4482`, :cve:`2016-4485`, :cve:`2016-4486`, :cve:`2016-4557`, :cve:`2016-4558`, :cve:`2016-4565`, :cve:`2016-4568`, :cve:`2016-4569`, :cve:`2016-4578`, :cve:`2016-4580`, :cve:`2016-4581`, :cve:`2016-4794`, :cve:`2016-4805`, :cve:`2016-4913`, :cve:`2016-4951`, :cve:`2016-4997`, :cve:`2016-4998`, :cve:`2016-5195`, :cve:`2016-5243`, :cve:`2016-5244`, :cve:`2016-5400`, :cve:`2016-5412`, :cve:`2016-5696`, :cve:`2016-5728`, :cve:`2016-5828`, :cve:`2016-5829`, :cve:`2016-6130`, :cve:`2016-6136`, :cve:`2016-6156`, :cve:`2016-6162`, :cve:`2016-6187`, :cve:`2016-6197`, :cve:`2016-6198`, :cve:`2016-6213`, :cve:`2016-6327`, :cve:`2016-6480`, :cve:`2016-6516`, :cve:`2016-6786`, :cve:`2016-6787`, :cve:`2016-6828`, :cve:`2016-7039`, :cve:`2016-7042`, :cve:`2016-7097`, :cve:`2016-7117`, :cve:`2016-7425`, :cve:`2016-7910`, :cve:`2016-7911`, :cve:`2016-7912`, :cve:`2016-7913`, :cve:`2016-7914`, :cve:`2016-7915`, :cve:`2016-7916`, :cve:`2016-7917`, :cve:`2016-8399`, :cve:`2016-8405`, :cve:`2016-8630`, :cve:`2016-8632`, :cve:`2016-8633`, :cve:`2016-8636`, :cve:`2016-8645`, :cve:`2016-8646`, :cve:`2016-8650`, :cve:`2016-8655`, :cve:`2016-8658`, :cve:`2016-8666`, :cve:`2016-9083`, :cve:`2016-9084`, :cve:`2016-9120`, :cve:`2016-9178`, :cve:`2016-9191`, :cve:`2016-9313`, :cve:`2016-9555`, :cve:`2016-9576`, :cve:`2016-9588`, :cve:`2016-9604`, :cve:`2016-9685`, :cve:`2016-9754`, :cve:`2016-9755`, :cve:`2016-9756`, :cve:`2016-9777`, :cve:`2016-9793`, :cve:`2016-9794`, :cve:`2016-9806`, :cve:`2016-9919`, :cve:`2017-0605`, :cve:`2017-0627`, :cve:`2017-0750`, :cve:`2017-0786`, :cve:`2017-0861`, :cve:`2017-1000`, :cve:`2017-1000111`, :cve:`2017-1000112`, :cve:`2017-1000251`, :cve:`2017-1000252`, :cve:`2017-1000253`, :cve:`2017-1000255`, :cve:`2017-1000363`, :cve:`2017-1000364`, :cve:`2017-1000365`, :cve:`2017-1000370`, :cve:`2017-1000371`, :cve:`2017-1000379`, :cve:`2017-1000380`, :cve:`2017-1000405`, :cve:`2017-1000407`, :cve:`2017-1000410`, :cve:`2017-10661`, :cve:`2017-10662`, :cve:`2017-10663`, :cve:`2017-10810`, :cve:`2017-10911`, :cve:`2017-11089`, :cve:`2017-11176`, :cve:`2017-11472`, :cve:`2017-11473`, :cve:`2017-11600`, :cve:`2017-12134`, :cve:`2017-12146`, :cve:`2017-12153`, :cve:`2017-12154`, :cve:`2017-12168`, :cve:`2017-12188`, :cve:`2017-12190`, :cve:`2017-12192`, :cve:`2017-12193`, :cve:`2017-12762`, :cve:`2017-13080`, :cve:`2017-13166`, :cve:`2017-13167`, :cve:`2017-13168`, :cve:`2017-13215`, :cve:`2017-13216`, :cve:`2017-13220`, :cve:`2017-13305`, :cve:`2017-13686`, :cve:`2017-13695`, :cve:`2017-13715`, :cve:`2017-14051`, :cve:`2017-14106`, :cve:`2017-14140`, :cve:`2017-14156`, :cve:`2017-14340`, :cve:`2017-14489`, :cve:`2017-14497`, :cve:`2017-14954`, :cve:`2017-14991`, :cve:`2017-15102`, :cve:`2017-15115`, :cve:`2017-15116`, :cve:`2017-15121`, :cve:`2017-15126`, :cve:`2017-15127`, :cve:`2017-15128`, :cve:`2017-15129`, :cve:`2017-15265`, :cve:`2017-15274`, :cve:`2017-15299`, :cve:`2017-15306`, :cve:`2017-15537`, :cve:`2017-15649`, :cve:`2017-15868`, :cve:`2017-15951`, :cve:`2017-16525`, :cve:`2017-16526`, :cve:`2017-16527`, :cve:`2017-16528`, :cve:`2017-16529`, :cve:`2017-16530`, :cve:`2017-16531`, :cve:`2017-16532`, :cve:`2017-16533`, :cve:`2017-16534`, :cve:`2017-16535`, :cve:`2017-16536`, :cve:`2017-16537`, :cve:`2017-16538`, :cve:`2017-16643`, :cve:`2017-16644`, :cve:`2017-16645`, :cve:`2017-16646`, :cve:`2017-16647`, :cve:`2017-16648`, :cve:`2017-16649`, :cve:`2017-16650`, :cve:`2017-16911`, :cve:`2017-16912`, :cve:`2017-16913`, :cve:`2017-16914`, :cve:`2017-16939`, :cve:`2017-16994`, :cve:`2017-16995`, :cve:`2017-16996`, :cve:`2017-17052`, :cve:`2017-17053`, :cve:`2017-17448`, :cve:`2017-17449`, :cve:`2017-17450`, :cve:`2017-17558`, :cve:`2017-17712`, :cve:`2017-17741`, :cve:`2017-17805`, :cve:`2017-17806`, :cve:`2017-17807`, :cve:`2017-17852`, :cve:`2017-17853`, :cve:`2017-17854`, :cve:`2017-17855`, :cve:`2017-17856`, :cve:`2017-17857`, :cve:`2017-17862`, :cve:`2017-17863`, :cve:`2017-17864`, :cve:`2017-17975`, :cve:`2017-18017`, :cve:`2017-18075`, :cve:`2017-18079`, :cve:`2017-18174`, :cve:`2017-18193`, :cve:`2017-18200`, :cve:`2017-18202`, :cve:`2017-18203`, :cve:`2017-18204`, :cve:`2017-18208`, :cve:`2017-18216`, :cve:`2017-18218`, :cve:`2017-18221`, :cve:`2017-18222`, :cve:`2017-18224`, :cve:`2017-18232`, :cve:`2017-18241`, :cve:`2017-18249`, :cve:`2017-18255`, :cve:`2017-18257`, :cve:`2017-18261`, :cve:`2017-18270`, :cve:`2017-18344`, :cve:`2017-18360`, :cve:`2017-18379`, :cve:`2017-18509`, :cve:`2017-18549`, :cve:`2017-18550`, :cve:`2017-18551`, :cve:`2017-18552`, :cve:`2017-18595`, :cve:`2017-2583`, :cve:`2017-2584`, :cve:`2017-2596`, :cve:`2017-2618`, :cve:`2017-2634`, :cve:`2017-2636`, :cve:`2017-2647`, :cve:`2017-2671`, :cve:`2017-5123`, :cve:`2017-5546`, :cve:`2017-5547`, :cve:`2017-5548`, :cve:`2017-5549`, :cve:`2017-5550`, :cve:`2017-5551`, :cve:`2017-5576`, :cve:`2017-5577`, :cve:`2017-5669`, :cve:`2017-5715`, :cve:`2017-5753`, :cve:`2017-5754`, :cve:`2017-5897`, :cve:`2017-5967`, :cve:`2017-5970`, :cve:`2017-5972`, :cve:`2017-5986`, :cve:`2017-6001`, :cve:`2017-6074`, :cve:`2017-6214`, :cve:`2017-6345`, :cve:`2017-6346`, :cve:`2017-6347`, :cve:`2017-6348`, :cve:`2017-6353`, :cve:`2017-6874`, :cve:`2017-6951`, :cve:`2017-7184`, :cve:`2017-7187`, :cve:`2017-7261`, :cve:`2017-7273`, :cve:`2017-7277`, :cve:`2017-7294`, :cve:`2017-7308`, :cve:`2017-7346`, :cve:`2017-7374`, :cve:`2017-7472`, :cve:`2017-7477`, :cve:`2017-7482`, :cve:`2017-7487`, :cve:`2017-7495`, :cve:`2017-7518`, :cve:`2017-7533`, :cve:`2017-7541`, :cve:`2017-7542`, :cve:`2017-7558`, :cve:`2017-7616`, :cve:`2017-7618`, :cve:`2017-7645`, :cve:`2017-7889`, :cve:`2017-7895`, :cve:`2017-7979`, :cve:`2017-8061`, :cve:`2017-8062`, :cve:`2017-8063`, :cve:`2017-8064`, :cve:`2017-8065`, :cve:`2017-8066`, :cve:`2017-8067`, :cve:`2017-8068`, :cve:`2017-8069`, :cve:`2017-8070`, :cve:`2017-8071`, :cve:`2017-8072`, :cve:`2017-8106`, :cve:`2017-8240`, :cve:`2017-8797`, :cve:`2017-8824`, :cve:`2017-8831`, :cve:`2017-8890`, :cve:`2017-8924`, :cve:`2017-8925`, :cve:`2017-9059`, :cve:`2017-9074`, :cve:`2017-9075`, :cve:`2017-9076`, :cve:`2017-9077`, :cve:`2017-9150`, :cve:`2017-9211`, :cve:`2017-9242`, :cve:`2017-9605`, :cve:`2017-9725`, :cve:`2017-9984`, :cve:`2017-9985`, :cve:`2017-9986`, :cve:`2018-1000004`, :cve:`2018-1000026`, :cve:`2018-1000028`, :cve:`2018-1000199`, :cve:`2018-1000200`, :cve:`2018-1000204`, :cve:`2018-10021`, :cve:`2018-10074`, :cve:`2018-10087`, :cve:`2018-10124`, :cve:`2018-10322`, :cve:`2018-10323`, :cve:`2018-1065`, :cve:`2018-1066`, :cve:`2018-10675`, :cve:`2018-1068`, :cve:`2018-10840`, :cve:`2018-10853`, :cve:`2018-1087`, :cve:`2018-10876`, :cve:`2018-10877`, :cve:`2018-10878`, :cve:`2018-10879`, :cve:`2018-10880`, :cve:`2018-10881`, :cve:`2018-10882`, :cve:`2018-10883`, :cve:`2018-10901`, :cve:`2018-10902`, :cve:`2018-1091`, :cve:`2018-1092`, :cve:`2018-1093`, :cve:`2018-10938`, :cve:`2018-1094`, :cve:`2018-10940`, :cve:`2018-1095`, :cve:`2018-1108`, :cve:`2018-1118`, :cve:`2018-1120`, :cve:`2018-11232`, :cve:`2018-1128`, :cve:`2018-1129`, :cve:`2018-1130`, :cve:`2018-11412`, :cve:`2018-11506`, :cve:`2018-11508`, :cve:`2018-12126`, :cve:`2018-12127`, :cve:`2018-12130`, :cve:`2018-12207`, :cve:`2018-12232`, :cve:`2018-12233`, :cve:`2018-12633`, :cve:`2018-12714`, :cve:`2018-12896`, :cve:`2018-12904`, :cve:`2018-13053`, :cve:`2018-13093`, :cve:`2018-13094`, :cve:`2018-13095`, :cve:`2018-13096`, :cve:`2018-13097`, :cve:`2018-13098`, :cve:`2018-13099`, :cve:`2018-13100`, :cve:`2018-13405`, :cve:`2018-13406`, :cve:`2018-14609`, :cve:`2018-14610`, :cve:`2018-14611`, :cve:`2018-14612`, :cve:`2018-14613`, :cve:`2018-14614`, :cve:`2018-14615`, :cve:`2018-14616`, :cve:`2018-14617`, :cve:`2018-14619`, :cve:`2018-14625`, :cve:`2018-14633`, :cve:`2018-14634`, :cve:`2018-14641`, :cve:`2018-14646`, :cve:`2018-14656`, :cve:`2018-14678`, :cve:`2018-14734`, :cve:`2018-15471`, :cve:`2018-15572`, :cve:`2018-15594`, :cve:`2018-16276`, :cve:`2018-16597`, :cve:`2018-16658`, :cve:`2018-16862`, :cve:`2018-16871`, :cve:`2018-16880`, :cve:`2018-16882`, :cve:`2018-16884`, :cve:`2018-17182`, :cve:`2018-17972`, :cve:`2018-18021`, :cve:`2018-18281`, :cve:`2018-18386`, :cve:`2018-18397`, :cve:`2018-18445`, :cve:`2018-18559`, :cve:`2018-18690`, :cve:`2018-18710`, :cve:`2018-18955`, :cve:`2018-19406`, :cve:`2018-19407`, :cve:`2018-19824`, :cve:`2018-19854`, :cve:`2018-19985`, :cve:`2018-20169`, :cve:`2018-20449`, :cve:`2018-20509`, :cve:`2018-20510`, :cve:`2018-20511`, :cve:`2018-20669`, :cve:`2018-20784`, :cve:`2018-20836`, :cve:`2018-20854`, :cve:`2018-20855`, :cve:`2018-20856`, :cve:`2018-20961`, :cve:`2018-20976`, :cve:`2018-21008`, :cve:`2018-25015`, :cve:`2018-25020`, :cve:`2018-3620`, :cve:`2018-3639`, :cve:`2018-3646`, :cve:`2018-3665`, :cve:`2018-3693`, :cve:`2018-5332`, :cve:`2018-5333`, :cve:`2018-5344`, :cve:`2018-5390`, :cve:`2018-5391`, :cve:`2018-5703`, :cve:`2018-5750`, :cve:`2018-5803`, :cve:`2018-5814`, :cve:`2018-5848`, :cve:`2018-5873`, :cve:`2018-5953`, :cve:`2018-5995`, :cve:`2018-6412`, :cve:`2018-6554`, :cve:`2018-6555`, :cve:`2018-6927`, :cve:`2018-7191`, :cve:`2018-7273`, :cve:`2018-7480`, :cve:`2018-7492`, :cve:`2018-7566`, :cve:`2018-7740`, :cve:`2018-7754`, :cve:`2018-7755`, :cve:`2018-7757`, :cve:`2018-7995`, :cve:`2018-8043`, :cve:`2018-8087`, :cve:`2018-8781`, :cve:`2018-8822`, :cve:`2018-8897`, :cve:`2018-9363`, :cve:`2018-9385`, :cve:`2018-9415`, :cve:`2018-9422`, :cve:`2018-9465`, :cve:`2018-9516`, :cve:`2018-9517`, :cve:`2018-9518`, :cve:`2018-9568`, :cve:`2019-0136`, :cve:`2019-0145`, :cve:`2019-0146`, :cve:`2019-0147`, :cve:`2019-0148`, :cve:`2019-0149`, :cve:`2019-0154`, :cve:`2019-0155`, :cve:`2019-10124`, :cve:`2019-10125`, :cve:`2019-10126`, :cve:`2019-10142`, :cve:`2019-10207`, :cve:`2019-10220`, :cve:`2019-10638`, :cve:`2019-10639`, :cve:`2019-11085`, :cve:`2019-11091`, :cve:`2019-11135`, :cve:`2019-11190`, :cve:`2019-11191`, :cve:`2019-1125`, :cve:`2019-11477`, :cve:`2019-11478`, :cve:`2019-11479`, :cve:`2019-11486`, :cve:`2019-11487`, :cve:`2019-11599`, :cve:`2019-11683`, :cve:`2019-11810`, :cve:`2019-11811`, :cve:`2019-11815`, :cve:`2019-11833`, :cve:`2019-11884`, :cve:`2019-12378`, :cve:`2019-12379`, :cve:`2019-12380`, :cve:`2019-12381`, :cve:`2019-12382`, :cve:`2019-12454`, :cve:`2019-12455`, :cve:`2019-12614`, :cve:`2019-12615`, :cve:`2019-12817`, :cve:`2019-12818`, :cve:`2019-12819`, :cve:`2019-12881`, :cve:`2019-12984`, :cve:`2019-13233`, :cve:`2019-13272`, :cve:`2019-13631`, :cve:`2019-13648`, :cve:`2019-14283`, :cve:`2019-14284`, :cve:`2019-14615`, :cve:`2019-14763`, :cve:`2019-14814`, :cve:`2019-14815`, :cve:`2019-14816`, :cve:`2019-14821`, :cve:`2019-14835`, :cve:`2019-14895`, :cve:`2019-14896`, :cve:`2019-14897`, :cve:`2019-14901`, :cve:`2019-15030`, :cve:`2019-15031`, :cve:`2019-15090`, :cve:`2019-15098`, :cve:`2019-15099`, :cve:`2019-15117`, :cve:`2019-15118`, :cve:`2019-15211`, :cve:`2019-15212`, :cve:`2019-15213`, :cve:`2019-15214`, :cve:`2019-15215`, :cve:`2019-15216`, :cve:`2019-15217`, :cve:`2019-15218`, :cve:`2019-15219`, :cve:`2019-15220`, :cve:`2019-15221`, :cve:`2019-15222`, :cve:`2019-15223`, :cve:`2019-15291`, :cve:`2019-15292`, :cve:`2019-15504`, :cve:`2019-15505`, :cve:`2019-15538`, :cve:`2019-15666`, :cve:`2019-15794`, :cve:`2019-15807`, :cve:`2019-15916`, :cve:`2019-15917`, :cve:`2019-15918`, :cve:`2019-15919`, :cve:`2019-15920`, :cve:`2019-15921`, :cve:`2019-15922`, :cve:`2019-15923`, :cve:`2019-15924`, :cve:`2019-15925`, :cve:`2019-15926`, :cve:`2019-15927`, :cve:`2019-16229`, :cve:`2019-16230`, :cve:`2019-16231`, :cve:`2019-16232`, :cve:`2019-16233`, :cve:`2019-16234`, :cve:`2019-16413`, :cve:`2019-16714`, :cve:`2019-16746`, :cve:`2019-16921`, :cve:`2019-16994`, :cve:`2019-16995`, :cve:`2019-17052`, :cve:`2019-17053`, :cve:`2019-17054`, :cve:`2019-17055`, :cve:`2019-17056`, :cve:`2019-17075`, :cve:`2019-17133`, :cve:`2019-17351`, :cve:`2019-17666`, :cve:`2019-18198`, :cve:`2019-18282`, :cve:`2019-18660`, :cve:`2019-18675`, :cve:`2019-18683`, :cve:`2019-18786`, :cve:`2019-18805`, :cve:`2019-18806`, :cve:`2019-18807`, :cve:`2019-18808`, :cve:`2019-18809`, :cve:`2019-18810`, :cve:`2019-18811`, :cve:`2019-18812`, :cve:`2019-18813`, :cve:`2019-18814`, :cve:`2019-18885`, :cve:`2019-19036`, :cve:`2019-19037`, :cve:`2019-19039`, :cve:`2019-19043`, :cve:`2019-19044`, :cve:`2019-19045`, :cve:`2019-19046`, :cve:`2019-19047`, :cve:`2019-19048`, :cve:`2019-19049`, :cve:`2019-19050`, :cve:`2019-19051`, :cve:`2019-19052`, :cve:`2019-19053`, :cve:`2019-19054`, :cve:`2019-19055`, :cve:`2019-19056`, :cve:`2019-19057`, :cve:`2019-19058`, :cve:`2019-19059`, :cve:`2019-19060`, :cve:`2019-19061`, :cve:`2019-19062`, :cve:`2019-19063`, :cve:`2019-19064`, :cve:`2019-19065`, :cve:`2019-19066`, :cve:`2019-19067`, :cve:`2019-19068`, :cve:`2019-19069`, :cve:`2019-19070`, :cve:`2019-19071`, :cve:`2019-19072`, :cve:`2019-19073`, :cve:`2019-19074`, :cve:`2019-19075`, :cve:`2019-19076`, :cve:`2019-19077`, :cve:`2019-19078`, :cve:`2019-19079`, :cve:`2019-19080`, :cve:`2019-19081`, :cve:`2019-19082`, :cve:`2019-19083`, :cve:`2019-19227`, :cve:`2019-19241`, :cve:`2019-19252`, :cve:`2019-19318`, :cve:`2019-19319`, :cve:`2019-19332`, :cve:`2019-19338`, :cve:`2019-19377`, :cve:`2019-19447`, :cve:`2019-19448`, :cve:`2019-19449`, :cve:`2019-19462`, :cve:`2019-19523`, :cve:`2019-19524`, :cve:`2019-19525`, :cve:`2019-19526`, :cve:`2019-19527`, :cve:`2019-19528`, :cve:`2019-19529`, :cve:`2019-19530`, :cve:`2019-19531`, :cve:`2019-19532`, :cve:`2019-19533`, :cve:`2019-19534`, :cve:`2019-19535`, :cve:`2019-19536`, :cve:`2019-19537`, :cve:`2019-19543`, :cve:`2019-19602`, :cve:`2019-19767`, :cve:`2019-19768`, :cve:`2019-19769`, :cve:`2019-19770`, :cve:`2019-19807`, :cve:`2019-19813`, :cve:`2019-19815`, :cve:`2019-19816`, :cve:`2019-19922`, :cve:`2019-19927`, :cve:`2019-19947`, :cve:`2019-19965` and :cve:`2019-1999` +- nasm: Fix :cve:`2020-21528` +- ncurses: Fix :cve:`2023-29491` +- nghttp2: Fix :cve:`2023-35945` +- procps: Fix :cve:`2023-4016` +- python3-certifi: Fix :cve:`2023-37920` +- python3-git: Fix :cve:`2022-24439` and :cve:`2023-40267` +- python3-pygments: Fix :cve:`2022-40896` +- python3: Fix :cve:`2023-40217` +- qemu: Fix :cve:`2020-14394`, :cve:`2021-3638`, :cve_mitre:`2023-2861`, :cve:`2023-3180` and :cve:`2023-3354` +- tiff: fix :cve:`2023-2908`, :cve:`2023-3316` and :cve:`2023-3618` +- vim: Fix :cve:`2023-3896`, :cve:`2023-4733`, :cve:`2023-4734`, :cve:`2023-4735`, :cve:`2023-4736`, :cve:`2023-4738`, :cve:`2023-4750` and :cve:`2023-4752` +- webkitgtk: fix :cve:`2022-48503` and :cve:`2023-23529` + + + +Fixes in Yocto-4.0.13 +~~~~~~~~~~~~~~~~~~~~~ + +- acl/attr: ptest fixes and improvements +- automake: fix buildtest patch +- bind: Upgrade to 9.18.17 +- binutils: stable 2.38 branch updates +- build-appliance-image: Update to kirkstone head revision +- build-sysroots: Add :term:`SUMMARY` field +- cargo.bbclass: set up cargo environment in common do_compile +- contributor-guide: recipe-style-guide: add Upstream-Status +- dbus: Specify runstatedir configure option +- dev-manual: common-tasks: mention faster "find" command to trim sstate cache +- dev-manual: disk-space: improve wording for obsolete sstate cache files +- dev-manual: licenses: mention :term:`SPDX` for license compliance +- dev-manual: licenses: update license manifest location +- dev-manual: new-recipe.rst fix inconsistency with contributor guide +- dev-manual: split common-tasks.rst +- dev-manual: wic.rst: Update native tools build command +- documentation/README: align with master +- efivar: backport 5 patches to fix build with gold +- externalsrc: fix dependency chain issues +- glibc-locale: use stricter matching for metapackages' runtime dependencies +- glibc/check-test-wrapper: don't emit warnings from ssh +- glibc: stable 2.35 branch updates +- gst-devtools: Upgrade to 1.20.7 +- gstreamer1.0-libav: Upgrade to 1.20.7 +- gstreamer1.0-omx: Upgrade to 1.20.7 +- gstreamer1.0-plugins-bad: Upgrade to 1.20.7 +- gstreamer1.0-plugins-base: Upgrade to 1.20.7 +- gstreamer1.0-plugins-good: Upgrade to 1.20.7 +- gstreamer1.0-plugins-ugly: Upgrade to 1.20.7 +- gstreamer1.0-python: Upgrade to 1.20.7 +- gstreamer1.0-rtsp-server: Upgrade to 1.20.7 +- gstreamer1.0-vaapi: Upgrade to 1.20.7 +- gstreamer1.0: Upgrade to 1.20.7 +- kernel: Fix path comparison in kernel staging dir symlinking +- lib/package_manager: Improve repo artefact filtering +- libdnf: resolve cstdint inclusion for newer gcc versions +- libnss-nis: Upgrade to 3.2 +- librsvg: Upgrade to 2.52.10 +- libxcrypt: update :term:`PV` to match :term:`SRCREV` +- linux-firmware : Add firmware of RTL8822 serie +- linux-firmware: Fix mediatek mt7601u firmware path +- linux-firmware: package firmware for Dragonboard 410c +- linux-firmware: split platform-specific Adreno shaders to separate packages +- linux-firmware: Upgrade to 20230625 +- linux-yocto/5.10: update to v5.10.188 +- linux-yocto/5.15: update to v5.15.124 +- linux-yocto: add script to generate kernel :term:`CVE_CHECK_IGNORE` entries +- linux/cve-exclusion: add generated CVE_CHECK_IGNORES. +- linux/cve-exclusion: remove obsolete manual entries +- manuals: add new contributor guide +- manuals: document "mime-xdg" class and :term:`MIME_XDG_PACKAGES` +- manuals: update former references to dev-manual/common-tasks +- mdadm: add util-linux-blockdev ptest dependency +- migration-guides: add release notes for 4.0.12 +- npm.bbclass: avoid DeprecationWarning with new python +- oeqa/runtime/ltp: Increase ltp test output timeout +- oeqa/ssh: Further improve process exit handling +- oeqa/target/ssh: Ensure EAGAIN doesn't truncate output +- oeqa/utils/nfs: allow requesting non-udp ports +- pixman: Remove duplication of license MIT +- poky.conf: bump version for 4.0.13 +- poky.conf: update :term:`SANITY_TESTED_DISTROS` to match autobuilder +- pseudo: Fix to work with glibc 2.38 +- python3-git: Upgrade to 3.1.32 +- python3: upgrade to 3.10.13 +- ref-manual: add Initramfs term +- ref-manual: add meson class and variables +- ref-manual: add new variables +- ref-manual: qa-checks: align with master +- ref-manual: system-requirements: update supported distros +- resulttool/report: Avoid divide by zero +- resulttool/resultutils: allow index generation despite corrupt json +- rootfs: Add debugfs package db file copy and cleanup +- rpm2cpio.sh: update to the last 4.x version +- rpm: Pick debugfs package db files/dirs explicitly +- scripts/create-pull-request: update URLs to git repositories +- scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2 +- sdk-manual: extensible.rst: align with master branch +- selftest/cases/glibc.py: fix the override syntax +- selftest/cases/glibc.py: increase the memory for testing +- selftest/cases/glibc.py: switch to using NFS over TCP +- shadow-sysroot: add license information +- sysklogd: fix integration with systemd-journald +- tar: Upgrade to 1.35 +- target/ssh: Ensure exit code set for commands +- tcl: prevent installing another copy of tzdata +- template: fix typo in section header +- vim: Upgrade to 9.0.1894 +- vim: update obsolete comment +- wic: fix wrong attempt to create file system in unpartitioned regions +- yocto-uninative: Update to 4.2 for glibc 2.38 +- yocto-uninative: Update to 4.3 + + +Known Issues in Yocto-4.0.13 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.13 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Abe Kohandel +- Adrian Freihofer +- Alberto Planas +- Alex Kiernan +- Alexander Kanavin +- Alexis Lothoré +- Anuj Mittal +- Archana Polampalli +- Ashish Sharma +- BELOUARGA Mohamed +- Bruce Ashfield +- Changqing Li +- Dmitry Baryshkov +- Enrico Scholz +- Etienne Cordonnier +- Hitendra Prajapati +- Julien Stephan +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Marek Vasut +- Markus Niebel +- Martin Jansa +- Meenali Gupta +- Michael Halstead +- Michael Opdenacker +- Narpat Mali +- Ovidiu Panait +- Pavel Zhukov +- Peter Marko +- Peter Suti +- Poonam Jadhav +- Richard Purdie +- Roland Hieber +- Ross Burton +- Sanjana +- Siddharth Doshi +- Soumya Sambu +- Staffan Rydén +- Steve Sakoman +- Trevor Gamblin +- Vijay Anusuri +- Vivek Kumbhar +- Wang Mingyu +- Yogita Urade + + +Repositories / Downloads for Yocto-4.0.13 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.13 </poky/log/?h=yocto-4.0.13>` +- Git Revision: :yocto_git:`e51bf557f596c4da38789a948a3228ba11455e3c </poky/commit/?id=e51bf557f596c4da38789a948a3228ba11455e3c>` +- Release Artefact: poky-e51bf557f596c4da38789a948a3228ba11455e3c +- sha: afddadb367a90154751f04993077bceffdc1413f9ba9b8c03acb487d0437286e +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/poky-e51bf557f596c4da38789a948a3228ba11455e3c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/poky-e51bf557f596c4da38789a948a3228ba11455e3c.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.13 </openembedded-core/log/?h=yocto-4.0.13>` +- Git Revision: :oe_git:`d90e4d5e3cca9cffe8f60841afc63667a9ac39fa </openembedded-core/commit/?id=d90e4d5e3cca9cffe8f60841afc63667a9ac39fa>` +- Release Artefact: oecore-d90e4d5e3cca9cffe8f60841afc63667a9ac39fa +- sha: 56e3bdac81b3628e74dfef2132a54be4db7d87373139a00ed64f5c9a354d716a +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/oecore-d90e4d5e3cca9cffe8f60841afc63667a9ac39fa.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/oecore-d90e4d5e3cca9cffe8f60841afc63667a9ac39fa.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.13 </meta-mingw/log/?h=yocto-4.0.13>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.13 </meta-gplv2/log/?h=yocto-4.0.13>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.13 </bitbake/log/?h=yocto-4.0.13>` +- Git Revision: :oe_git:`41b6684489d0261753344956042be2cc4adb0159 </bitbake/commit/?id=41b6684489d0261753344956042be2cc4adb0159>` +- Release Artefact: bitbake-41b6684489d0261753344956042be2cc4adb0159 +- sha: efa2b1c4d0be115ed3960750d1e4ed958771b2db6d7baee2d13ad386589376e8 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.13/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.13/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.13 </yocto-docs/log/?h=yocto-4.0.13>` +- Git Revision: :yocto_git:`8f02741de867125f11a37822b2d206be180d4ee3 </yocto-docs/commit/?id=8f02741de867125f11a37822b2d206be180d4ee3>` + diff --git a/documentation/migration-guides/release-notes-4.0.14.rst b/documentation/migration-guides/release-notes-4.0.14.rst new file mode 100644 index 0000000000..02253f33f7 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.14.rst @@ -0,0 +1,227 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.14 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.14 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-3341` and :cve:`2023-4236` +- binutils: Fix :cve:`2022-44840`, :cve:`2022-45703`, :cve:`2022-47008`, :cve:`2022-47011`, :cve:`2022-47673`, :cve:`2022-47695`, :cve:`2022-47696` and :cve:`2022-48063` +- cups: Fix :cve:`2023-4504` +- curl: Fix :cve:`2023-38545` and :cve:`2023-38546` +- gawk: Fix :cve:`2023-4156` +- ghostscript: Fix :cve:`2023-43115` +- glibc: Fix :cve:`2023-4806`, :cve:`2023-4813`, :cve:`2023-4911` and :cve:`2023-5156` +- glibc: Ignore :cve:`2023-4527` +- go: Fix :cve:`2023-24538` and :cve:`2023-39318` +- gstreamer1.0-plugins-bad: fix :cve_mitre:`2023-40474`, :cve_mitre:`2023-40475` and :cve_mitre:`2023-40476` +- libtiff: Fix :cve:`2022-40090` and :cve:`2023-1916` +- libwebp: Fix :cve:`2023-5129` +- libx11: Fix :cve:`2023-43785`, :cve:`2023-43786` and :cve:`2023-43787` +- libxml2: Fix :cve:`2023-45322` +- libxpm: Fix :cve:`2023-43788` and :cve:`2023-43789` +- linux-firmware: Fix :cve:`2022-40982`, :cve:`2023-20569` and :cve:`2023-20593` +- linux-yocto: update CVE exclusions +- linux-yocto/5.10: Ignore :cve:`2003-1604`, :cve:`2004-0230`, :cve:`2006-3635`, :cve:`2006-5331`, :cve:`2006-6128`, :cve:`2007-4774`, :cve:`2007-6761`, :cve:`2007-6762`, :cve:`2008-7316`, :cve:`2009-2692`, :cve:`2010-0008`, :cve:`2010-3432`, :cve:`2010-4648`, :cve:`2010-5313`, :cve:`2010-5328`, :cve:`2010-5329`, :cve:`2010-5331`, :cve:`2010-5332`, :cve:`2011-4098`, :cve:`2011-4131`, :cve:`2011-4915`, :cve:`2011-5321`, :cve:`2011-5327`, :cve:`2012-0957`, :cve:`2012-2119`, :cve:`2012-2136`, :cve:`2012-2137`, :cve:`2012-2313`, :cve:`2012-2319`, :cve:`2012-2372`, :cve:`2012-2375`, :cve:`2012-2390`, :cve:`2012-2669`, :cve:`2012-2744`, :cve:`2012-2745`, :cve:`2012-3364`, :cve:`2012-3375`, :cve:`2012-3400`, :cve:`2012-3412`, :cve:`2012-3430`, :cve:`2012-3510`, :cve:`2012-3511`, :cve:`2012-3520`, :cve:`2012-3552`, :cve:`2012-4398`, :cve:`2012-4444`, :cve:`2012-4461`, :cve:`2012-4467`, :cve:`2012-4508`, :cve:`2012-4530`, :cve:`2012-4565`, :cve:`2012-5374`, :cve:`2012-5375`, :cve:`2012-5517`, :cve:`2012-6536`, :cve:`2012-6537`, :cve:`2012-6538`, :cve:`2012-6539`, :cve:`2012-6540`, :cve:`2012-6541`, :cve:`2012-6542`, :cve:`2012-6543`, :cve:`2012-6544`, :cve:`2012-6545`, :cve:`2012-6546`, :cve:`2012-6547`, :cve:`2012-6548`, :cve:`2012-6549`, :cve:`2012-6638`, :cve:`2012-6647`, :cve:`2012-6657`, :cve:`2012-6689`, :cve:`2012-6701`, :cve:`2012-6703`, :cve:`2012-6704`, :cve:`2012-6712`, :cve:`2013-0160`, :cve:`2013-0190`, :cve:`2013-0216`, :cve:`2013-0217`, :cve:`2013-0228`, :cve:`2013-0231`, :cve:`2013-0268`, :cve:`2013-0290`, :cve:`2013-0309`, :cve:`2013-0310`, :cve:`2013-0311`, :cve:`2013-0313`, :cve:`2013-0343`, :cve:`2013-0349`, :cve:`2013-0871`, :cve:`2013-0913`, :cve:`2013-0914`, :cve:`2013-1059`, :cve:`2013-1763`, :cve:`2013-1767`, :cve:`2013-1772`, :cve:`2013-1773`, :cve:`2013-1774`, :cve:`2013-1792`, :cve:`2013-1796`, :cve:`2013-1797`, :cve:`2013-1798`, :cve:`2013-1819`, :cve:`2013-1826`, :cve:`2013-1827`, :cve:`2013-1828`, :cve:`2013-1848`, :cve:`2013-1858`, :cve:`2013-1860`, :cve:`2013-1928`, :cve:`2013-1929`, :cve:`2013-1943`, :cve:`2013-1956`, :cve:`2013-1957`, :cve:`2013-1958`, :cve:`2013-1959`, :cve:`2013-1979`, :cve:`2013-2015`, :cve:`2013-2017`, :cve:`2013-2058`, :cve:`2013-2094`, :cve:`2013-2128`, :cve:`2013-2140`, :cve:`2013-2141`, :cve:`2013-2146`, :cve:`2013-2147`, :cve:`2013-2148`, :cve:`2013-2164`, :cve:`2013-2206`, :cve:`2013-2232`, :cve:`2013-2234`, :cve:`2013-2237`, :cve:`2013-2546`, :cve:`2013-2547`, :cve:`2013-2548`, :cve:`2013-2596`, :cve:`2013-2634`, :cve:`2013-2635`, :cve:`2013-2636`, :cve:`2013-2850`, :cve:`2013-2851`, :cve:`2013-2852`, :cve:`2013-2888`, :cve:`2013-2889`, :cve:`2013-2890`, :cve:`2013-2891`, :cve:`2013-2892`, :cve:`2013-2893`, :cve:`2013-2894`, :cve:`2013-2895`, :cve:`2013-2896`, :cve:`2013-2897`, :cve:`2013-2898`, :cve:`2013-2899`, :cve:`2013-2929`, :cve:`2013-2930`, :cve:`2013-3076`, :cve:`2013-3222`, :cve:`2013-3223`, :cve:`2013-3224`, :cve:`2013-3225`, :cve:`2013-3226`, :cve:`2013-3227`, :cve:`2013-3228`, :cve:`2013-3229`, :cve:`2013-3230`, :cve:`2013-3231`, :cve:`2013-3232`, :cve:`2013-3233`, :cve:`2013-3234`, :cve:`2013-3235`, :cve:`2013-3236`, :cve:`2013-3237`, :cve:`2013-3301`, :cve:`2013-3302`, :cve:`2013-4125`, :cve:`2013-4127`, :cve:`2013-4129`, :cve:`2013-4162`, :cve:`2013-4163`, :cve:`2013-4205`, :cve:`2013-4220`, :cve:`2013-4247`, :cve:`2013-4254`, :cve:`2013-4270`, :cve:`2013-4299`, :cve:`2013-4300`, :cve:`2013-4312`, :cve:`2013-4343`, :cve:`2013-4345`, :cve:`2013-4348`, :cve:`2013-4350`, :cve:`2013-4387`, :cve:`2013-4470`, :cve:`2013-4483`, :cve:`2013-4511`, :cve:`2013-4512`, :cve:`2013-4513`, :cve:`2013-4514`, :cve:`2013-4515`, :cve:`2013-4516`, :cve:`2013-4563`, :cve:`2013-4579`, :cve:`2013-4587`, :cve:`2013-4588`, :cve:`2013-4591`, :cve:`2013-4592`, :cve:`2013-5634`, :cve:`2013-6282`, :cve:`2013-6367`, :cve:`2013-6368`, :cve:`2013-6376`, :cve:`2013-6378`, :cve:`2013-6380`, :cve:`2013-6381`, :cve:`2013-6382`, :cve:`2013-6383`, :cve:`2013-6431`, :cve:`2013-6432`, :cve:`2013-6885`, :cve:`2013-7026`, :cve:`2013-7027`, :cve:`2013-7263`, :cve:`2013-7264`, :cve:`2013-7265`, :cve:`2013-7266`, :cve:`2013-7267`, :cve:`2013-7268`, :cve:`2013-7269`, :cve:`2013-7270`, :cve:`2013-7271`, :cve:`2013-7281`, :cve:`2013-7339`, :cve:`2013-7348`, :cve:`2013-7421`, :cve:`2013-7446`, :cve:`2013-7470`, :cve:`2014-0038`, :cve:`2014-0049`, :cve:`2014-0055`, :cve:`2014-0069`, :cve:`2014-0077`, :cve:`2014-0100`, :cve:`2014-0101`, :cve:`2014-0102`, :cve:`2014-0131`, :cve:`2014-0155`, :cve:`2014-0181`, :cve:`2014-0196`, :cve:`2014-0203`, :cve:`2014-0205`, :cve:`2014-0206`, :cve:`2014-1438`, :cve:`2014-1444`, :cve:`2014-1445`, :cve:`2014-1446`, :cve:`2014-1690`, :cve:`2014-1737`, :cve:`2014-1738`, :cve:`2014-1739`, :cve:`2014-1874`, :cve:`2014-2038`, :cve:`2014-2039`, :cve:`2014-2309`, :cve:`2014-2523`, :cve:`2014-2568`, :cve:`2014-2580`, :cve:`2014-2672`, :cve:`2014-2673`, :cve:`2014-2678`, :cve:`2014-2706`, :cve:`2014-2739`, :cve:`2014-2851`, :cve:`2014-2889`, :cve:`2014-3122`, :cve:`2014-3144`, :cve:`2014-3145`, :cve:`2014-3153`, :cve:`2014-3180`, :cve:`2014-3181`, :cve:`2014-3182`, :cve:`2014-3183`, :cve:`2014-3184`, :cve:`2014-3185`, :cve:`2014-3186`, :cve:`2014-3534`, :cve:`2014-3535`, :cve:`2014-3601`, :cve:`2014-3610`, :cve:`2014-3611`, :cve:`2014-3631`, :cve:`2014-3645`, :cve:`2014-3646`, :cve:`2014-3647`, :cve:`2014-3673`, :cve:`2014-3687`, :cve:`2014-3688`, :cve:`2014-3690`, :cve:`2014-3917`, :cve:`2014-3940`, :cve:`2014-4014`, :cve:`2014-4027`, :cve:`2014-4157`, :cve:`2014-4171`, :cve:`2014-4508`, :cve:`2014-4608`, :cve:`2014-4611`, :cve:`2014-4652`, :cve:`2014-4653`, :cve:`2014-4654`, :cve:`2014-4655`, :cve:`2014-4656`, :cve:`2014-4667`, :cve:`2014-4699`, :cve:`2014-4943`, :cve:`2014-5045`, :cve:`2014-5077`, :cve:`2014-5206`, :cve:`2014-5207`, :cve:`2014-5471`, :cve:`2014-5472`, :cve:`2014-6410`, :cve:`2014-6416`, :cve:`2014-6417`, :cve:`2014-6418`, :cve:`2014-7145`, :cve:`2014-7283`, :cve:`2014-7284`, :cve:`2014-7822`, :cve:`2014-7825`, :cve:`2014-7826`, :cve:`2014-7841`, :cve:`2014-7842`, :cve:`2014-7843`, :cve:`2014-7970`, :cve:`2014-7975`, :cve:`2014-8086`, :cve:`2014-8133`, :cve:`2014-8134`, :cve:`2014-8159`, :cve:`2014-8160`, :cve:`2014-8171`, :cve:`2014-8172`, :cve:`2014-8173`, :cve:`2014-8369`, :cve:`2014-8480`, :cve:`2014-8481`, :cve:`2014-8559`, :cve:`2014-8709`, :cve:`2014-8884`, :cve:`2014-8989`, :cve:`2014-9090`, :cve:`2014-9322`, :cve:`2014-9419`, :cve:`2014-9420`, :cve:`2014-9428`, :cve:`2014-9529`, :cve:`2014-9584`, :cve:`2014-9585`, :cve:`2014-9644`, :cve:`2014-9683`, :cve:`2014-9710`, :cve:`2014-9715`, :cve:`2014-9717`, :cve:`2014-9728`, :cve:`2014-9729`, :cve:`2014-9730`, :cve:`2014-9731`, :cve:`2014-9803`, :cve:`2014-9870`, :cve:`2014-9888`, :cve:`2014-9895`, :cve:`2014-9903`, :cve:`2014-9904`, :cve:`2014-9914`, :cve:`2014-9922`, :cve:`2014-9940`, :cve:`2015-0239`, :cve:`2015-0274`, :cve:`2015-0275`, :cve:`2015-1333`, :cve:`2015-1339`, :cve:`2015-1350`, :cve:`2015-1420`, :cve:`2015-1421`, :cve:`2015-1465`, :cve:`2015-1573`, :cve:`2015-1593`, :cve:`2015-1805`, :cve:`2015-2041`, :cve:`2015-2042`, :cve:`2015-2150`, :cve:`2015-2666`, :cve:`2015-2672`, :cve:`2015-2686`, :cve:`2015-2830`, :cve:`2015-2922`, :cve:`2015-2925`, :cve:`2015-3212`, :cve:`2015-3214`, :cve:`2015-3288`, :cve:`2015-3290`, :cve:`2015-3291`, :cve:`2015-3331`, :cve:`2015-3339`, :cve:`2015-3636`, :cve:`2015-4001`, :cve:`2015-4002`, :cve:`2015-4003`, :cve:`2015-4004`, :cve:`2015-4036`, :cve:`2015-4167`, :cve:`2015-4170`, :cve:`2015-4176`, :cve:`2015-4177`, :cve:`2015-4178`, :cve:`2015-4692`, :cve:`2015-4700`, :cve:`2015-5156`, :cve:`2015-5157`, :cve:`2015-5257`, :cve:`2015-5283`, :cve:`2015-5307`, :cve:`2015-5327`, :cve:`2015-5364`, :cve:`2015-5366`, :cve:`2015-5697`, :cve:`2015-5706`, :cve:`2015-5707`, :cve:`2015-6252`, :cve:`2015-6526`, :cve:`2015-6937`, :cve:`2015-7509`, :cve:`2015-7513`, :cve:`2015-7515`, :cve:`2015-7550`, :cve:`2015-7566`, :cve:`2015-7613`, :cve:`2015-7799`, :cve:`2015-7833`, :cve:`2015-7872`, :cve:`2015-7884`, :cve:`2015-7885`, :cve:`2015-7990`, :cve:`2015-8104`, :cve:`2015-8215`, :cve:`2015-8324`, :cve:`2015-8374`, :cve:`2015-8539`, :cve:`2015-8543`, :cve:`2015-8550`, :cve:`2015-8551`, :cve:`2015-8552`, :cve:`2015-8553`, :cve:`2015-8569`, :cve:`2015-8575`, :cve:`2015-8660`, :cve:`2015-8709`, :cve:`2015-8746`, :cve:`2015-8767`, :cve:`2015-8785`, :cve:`2015-8787`, :cve:`2015-8812`, :cve:`2015-8816`, :cve:`2015-8830`, :cve:`2015-8839`, :cve:`2015-8844`, :cve:`2015-8845`, :cve:`2015-8950`, :cve:`2015-8952`, :cve:`2015-8953`, :cve:`2015-8955`, :cve:`2015-8956`, :cve:`2015-8961`, :cve:`2015-8962`, :cve:`2015-8963`, :cve:`2015-8964`, :cve:`2015-8966`, :cve:`2015-8967`, :cve:`2015-8970`, :cve:`2015-9004`, :cve:`2015-9016`, :cve:`2015-9289`, :cve:`2016-0617`, :cve:`2016-0723`, :cve:`2016-0728`, :cve:`2016-0758`, :cve:`2016-0821`, :cve:`2016-0823`, :cve:`2016-10044`, :cve:`2016-10088`, :cve:`2016-10147`, :cve:`2016-10150`, :cve:`2016-10153`, :cve:`2016-10154`, :cve:`2016-10200`, :cve:`2016-10208`, :cve:`2016-10229`, :cve:`2016-10318`, :cve:`2016-10723`, :cve:`2016-10741`, :cve:`2016-10764`, :cve:`2016-10905`, :cve:`2016-10906`, :cve:`2016-10907`, :cve:`2016-1237`, :cve:`2016-1575`, :cve:`2016-1576`, :cve:`2016-1583`, :cve:`2016-2053`, :cve:`2016-2069`, :cve:`2016-2070`, :cve:`2016-2085`, :cve:`2016-2117`, :cve:`2016-2143`, :cve:`2016-2184`, :cve:`2016-2185`, :cve:`2016-2186`, :cve:`2016-2187`, :cve:`2016-2188`, :cve:`2016-2383`, :cve:`2016-2384`, :cve:`2016-2543`, :cve:`2016-2544`, :cve:`2016-2545`, :cve:`2016-2546`, :cve:`2016-2547`, :cve:`2016-2548`, :cve:`2016-2549`, :cve:`2016-2550`, :cve:`2016-2782`, :cve:`2016-2847`, :cve:`2016-3044`, :cve:`2016-3070`, :cve:`2016-3134`, :cve:`2016-3135`, :cve:`2016-3136`, :cve:`2016-3137`, :cve:`2016-3138`, :cve:`2016-3139`, :cve:`2016-3140`, :cve:`2016-3156`, :cve:`2016-3157`, :cve:`2016-3672`, :cve:`2016-3689`, :cve:`2016-3713`, :cve:`2016-3841`, :cve:`2016-3857`, :cve:`2016-3951`, :cve:`2016-3955`, :cve:`2016-3961`, :cve:`2016-4440`, :cve:`2016-4470`, :cve:`2016-4482`, :cve:`2016-4485`, :cve:`2016-4486`, :cve:`2016-4557`, :cve:`2016-4558`, :cve:`2016-4565`, :cve:`2016-4568`, :cve:`2016-4569`, :cve:`2016-4578`, :cve:`2016-4580`, :cve:`2016-4581`, :cve:`2016-4794`, :cve:`2016-4805`, :cve:`2016-4913`, :cve:`2016-4951`, :cve:`2016-4997`, :cve:`2016-4998`, :cve:`2016-5195`, :cve:`2016-5243`, :cve:`2016-5244`, :cve:`2016-5400`, :cve:`2016-5412`, :cve:`2016-5696`, :cve:`2016-5728`, :cve:`2016-5828`, :cve:`2016-5829`, :cve:`2016-6130`, :cve:`2016-6136`, :cve:`2016-6156`, :cve:`2016-6162`, :cve:`2016-6187`, :cve:`2016-6197`, :cve:`2016-6198`, :cve:`2016-6213`, :cve:`2016-6327`, :cve:`2016-6480`, :cve:`2016-6516`, :cve:`2016-6786`, :cve:`2016-6787`, :cve:`2016-6828`, :cve:`2016-7039`, :cve:`2016-7042`, :cve:`2016-7097`, :cve:`2016-7117`, :cve:`2016-7425`, :cve:`2016-7910`, :cve:`2016-7911`, :cve:`2016-7912`, :cve:`2016-7913`, :cve:`2016-7914`, :cve:`2016-7915`, :cve:`2016-7916`, :cve:`2016-7917`, :cve:`2016-8399`, :cve:`2016-8405`, :cve:`2016-8630`, :cve:`2016-8632`, :cve:`2016-8633`, :cve:`2016-8636`, :cve:`2016-8645`, :cve:`2016-8646`, :cve:`2016-8650`, :cve:`2016-8655`, :cve:`2016-8658`, :cve:`2016-8666`, :cve:`2016-9083`, :cve:`2016-9084`, :cve:`2016-9120`, :cve:`2016-9178`, :cve:`2016-9191`, :cve:`2016-9313`, :cve:`2016-9555`, :cve:`2016-9576`, :cve:`2016-9588`, :cve:`2016-9604`, :cve:`2016-9685`, :cve:`2016-9754`, :cve:`2016-9755`, :cve:`2016-9756`, :cve:`2016-9777`, :cve:`2016-9793`, :cve:`2016-9794`, :cve:`2016-9806`, :cve:`2016-9919`, :cve:`2017-0605`, :cve:`2017-0627`, :cve:`2017-0750`, :cve:`2017-0786`, :cve:`2017-0861`, :cve:`2017-1000`, :cve:`2017-1000111`, :cve:`2017-1000112`, :cve:`2017-1000251`, :cve:`2017-1000252`, :cve:`2017-1000253`, :cve:`2017-1000255`, :cve:`2017-1000363`, :cve:`2017-1000364`, :cve:`2017-1000365`, :cve:`2017-1000370`, :cve:`2017-1000371`, :cve:`2017-1000379`, :cve:`2017-1000380`, :cve:`2017-1000405`, :cve:`2017-1000407`, :cve:`2017-1000410`, :cve:`2017-10661`, :cve:`2017-10662`, :cve:`2017-10663`, :cve:`2017-10810`, :cve:`2017-10911`, :cve:`2017-11089`, :cve:`2017-11176`, :cve:`2017-11472`, :cve:`2017-11473`, :cve:`2017-11600`, :cve:`2017-12134`, :cve:`2017-12146`, :cve:`2017-12153`, :cve:`2017-12154`, :cve:`2017-12168`, :cve:`2017-12188`, :cve:`2017-12190`, :cve:`2017-12192`, :cve:`2017-12193`, :cve:`2017-12762`, :cve:`2017-13080`, :cve:`2017-13166`, :cve:`2017-13167`, :cve:`2017-13168`, :cve:`2017-13215`, :cve:`2017-13216`, :cve:`2017-13220`, :cve:`2017-13305`, :cve:`2017-13686`, :cve:`2017-13695`, :cve:`2017-13715`, :cve:`2017-14051`, :cve:`2017-14106`, :cve:`2017-14140`, :cve:`2017-14156`, :cve:`2017-14340`, :cve:`2017-14489`, :cve:`2017-14497`, :cve:`2017-14954`, :cve:`2017-14991`, :cve:`2017-15102`, :cve:`2017-15115`, :cve:`2017-15116`, :cve:`2017-15121`, :cve:`2017-15126`, :cve:`2017-15127`, :cve:`2017-15128`, :cve:`2017-15129`, :cve:`2017-15265`, :cve:`2017-15274`, :cve:`2017-15299`, :cve:`2017-15306`, :cve:`2017-15537`, :cve:`2017-15649`, :cve:`2017-15868`, :cve:`2017-15951`, :cve:`2017-16525`, :cve:`2017-16526`, :cve:`2017-16527`, :cve:`2017-16528`, :cve:`2017-16529`, :cve:`2017-16530`, :cve:`2017-16531`, :cve:`2017-16532`, :cve:`2017-16533`, :cve:`2017-16534`, :cve:`2017-16535`, :cve:`2017-16536`, :cve:`2017-16537`, :cve:`2017-16538`, :cve:`2017-16643`, :cve:`2017-16644`, :cve:`2017-16645`, :cve:`2017-16646`, :cve:`2017-16647`, :cve:`2017-16648`, :cve:`2017-16649`, :cve:`2017-16650`, :cve:`2017-16911`, :cve:`2017-16912`, :cve:`2017-16913`, :cve:`2017-16914`, :cve:`2017-16939`, :cve:`2017-16994`, :cve:`2017-16995`, :cve:`2017-16996`, :cve:`2017-17052`, :cve:`2017-17053`, :cve:`2017-17448`, :cve:`2017-17449`, :cve:`2017-17450`, :cve:`2017-17558`, :cve:`2017-17712`, :cve:`2017-17741`, :cve:`2017-17805`, :cve:`2017-17806`, :cve:`2017-17807`, :cve:`2017-17852`, :cve:`2017-17853`, :cve:`2017-17854`, :cve:`2017-17855`, :cve:`2017-17856`, :cve:`2017-17857`, :cve:`2017-17862`, :cve:`2017-17863`, :cve:`2017-17864`, :cve:`2017-17975`, :cve:`2017-18017`, :cve:`2017-18075`, :cve:`2017-18079`, :cve:`2017-18174`, :cve:`2017-18193`, :cve:`2017-18200`, :cve:`2017-18202`, :cve:`2017-18203`, :cve:`2017-18204`, :cve:`2017-18208`, :cve:`2017-18216`, :cve:`2017-18218`, :cve:`2017-18221`, :cve:`2017-18222`, :cve:`2017-18224`, :cve:`2017-18232`, :cve:`2017-18241`, :cve:`2017-18249`, :cve:`2017-18255`, :cve:`2017-18257`, :cve:`2017-18261`, :cve:`2017-18270`, :cve:`2017-18344`, :cve:`2017-18360`, :cve:`2017-18379`, :cve:`2017-18509`, :cve:`2017-18549`, :cve:`2017-18550`, :cve:`2017-18551`, :cve:`2017-18552`, :cve:`2017-18595`, :cve:`2017-2583`, :cve:`2017-2584`, :cve:`2017-2596`, :cve:`2017-2618`, :cve:`2017-2634`, :cve:`2017-2636`, :cve:`2017-2647`, :cve:`2017-2671`, :cve:`2017-5123`, :cve:`2017-5546`, :cve:`2017-5547`, :cve:`2017-5548`, :cve:`2017-5549`, :cve:`2017-5550`, :cve:`2017-5551`, :cve:`2017-5576`, :cve:`2017-5577`, :cve:`2017-5669`, :cve:`2017-5715`, :cve:`2017-5753`, :cve:`2017-5754`, :cve:`2017-5897`, :cve:`2017-5967`, :cve:`2017-5970`, :cve:`2017-5972`, :cve:`2017-5986`, :cve:`2017-6001`, :cve:`2017-6074`, :cve:`2017-6214`, :cve:`2017-6345`, :cve:`2017-6346`, :cve:`2017-6347`, :cve:`2017-6348`, :cve:`2017-6353`, :cve:`2017-6874`, :cve:`2017-6951`, :cve:`2017-7184`, :cve:`2017-7187`, :cve:`2017-7261`, :cve:`2017-7273`, :cve:`2017-7277`, :cve:`2017-7294`, :cve:`2017-7308`, :cve:`2017-7346`, :cve:`2017-7374`, :cve:`2017-7472`, :cve:`2017-7477`, :cve:`2017-7482`, :cve:`2017-7487`, :cve:`2017-7495`, :cve:`2017-7518`, :cve:`2017-7533`, :cve:`2017-7541`, :cve:`2017-7542`, :cve:`2017-7558`, :cve:`2017-7616`, :cve:`2017-7618`, :cve:`2017-7645`, :cve:`2017-7889`, :cve:`2017-7895`, :cve:`2017-7979`, :cve:`2017-8061`, :cve:`2017-8062`, :cve:`2017-8063`, :cve:`2017-8064`, :cve:`2017-8065`, :cve:`2017-8066`, :cve:`2017-8067`, :cve:`2017-8068`, :cve:`2017-8069`, :cve:`2017-8070`, :cve:`2017-8071`, :cve:`2017-8072`, :cve:`2017-8106`, :cve:`2017-8240`, :cve:`2017-8797`, :cve:`2017-8824`, :cve:`2017-8831`, :cve:`2017-8890`, :cve:`2017-8924`, :cve:`2017-8925`, :cve:`2017-9059`, :cve:`2017-9074`, :cve:`2017-9075`, :cve:`2017-9076`, :cve:`2017-9077`, :cve:`2017-9150`, :cve:`2017-9211`, :cve:`2017-9242`, :cve:`2017-9605`, :cve:`2017-9725`, :cve:`2017-9984`, :cve:`2017-9985`, :cve:`2017-9986`, :cve:`2018-1000004`, :cve:`2018-1000026`, :cve:`2018-1000028`, :cve:`2018-1000199`, :cve:`2018-1000200`, :cve:`2018-1000204`, :cve:`2018-10021`, :cve:`2018-10074`, :cve:`2018-10087`, :cve:`2018-10124`, :cve:`2018-10322`, :cve:`2018-10323`, :cve:`2018-1065`, :cve:`2018-1066`, :cve:`2018-10675`, :cve:`2018-1068`, :cve:`2018-10840`, :cve:`2018-10853`, :cve:`2018-1087`, :cve:`2018-10876`, :cve:`2018-10877`, :cve:`2018-10878`, :cve:`2018-10879`, :cve:`2018-10880`, :cve:`2018-10881`, :cve:`2018-10882`, :cve:`2018-10883`, :cve:`2018-10901`, :cve:`2018-10902`, :cve:`2018-1091`, :cve:`2018-1092`, :cve:`2018-1093`, :cve:`2018-10938`, :cve:`2018-1094`, :cve:`2018-10940`, :cve:`2018-1095`, :cve:`2018-1108`, :cve:`2018-1118`, :cve:`2018-1120`, :cve:`2018-11232`, :cve:`2018-1128`, :cve:`2018-1129`, :cve:`2018-1130`, :cve:`2018-11412`, :cve:`2018-11506`, :cve:`2018-11508`, :cve:`2018-12126`, :cve:`2018-12127`, :cve:`2018-12130`, :cve:`2018-12207`, :cve:`2018-12232`, :cve:`2018-12233`, :cve:`2018-12633`, :cve:`2018-12714`, :cve:`2018-12896`, :cve:`2018-12904`, :cve:`2018-13053`, :cve:`2018-13093`, :cve:`2018-13094`, :cve:`2018-13095`, :cve:`2018-13096`, :cve:`2018-13097`, :cve:`2018-13098`, :cve:`2018-13099`, :cve:`2018-13100`, :cve:`2018-13405`, :cve:`2018-13406`, :cve:`2018-14609`, :cve:`2018-14610`, :cve:`2018-14611`, :cve:`2018-14612`, :cve:`2018-14613`, :cve:`2018-14614`, :cve:`2018-14615`, :cve:`2018-14616`, :cve:`2018-14617`, :cve:`2018-14619`, :cve:`2018-14625`, :cve:`2018-14633`, :cve:`2018-14634`, :cve:`2018-14641`, :cve:`2018-14646`, :cve:`2018-14656`, :cve:`2018-14678`, :cve:`2018-14734`, :cve:`2018-15471`, :cve:`2018-15572`, :cve:`2018-15594`, :cve:`2018-16276`, :cve:`2018-16597`, :cve:`2018-16658`, :cve:`2018-16862`, :cve:`2018-16871`, :cve:`2018-16880`, :cve:`2018-16882`, :cve:`2018-16884`, :cve:`2018-17182`, :cve:`2018-17972`, :cve:`2018-18021`, :cve:`2018-18281`, :cve:`2018-18386`, :cve:`2018-18397`, :cve:`2018-18445`, :cve:`2018-18559`, :cve:`2018-18690`, :cve:`2018-18710`, :cve:`2018-18955`, :cve:`2018-19406`, :cve:`2018-19407`, :cve:`2018-19824`, :cve:`2018-19854`, :cve:`2018-19985`, :cve:`2018-20169`, :cve:`2018-20449`, :cve:`2018-20509`, :cve:`2018-20510`, :cve:`2018-20511`, :cve:`2018-20669`, :cve:`2018-20784`, :cve:`2018-20836`, :cve:`2018-20854`, :cve:`2018-20855`, :cve:`2018-20856`, :cve:`2018-20961`, :cve:`2018-20976`, :cve:`2018-21008`, :cve:`2018-25015`, :cve:`2018-25020`, :cve:`2018-3620`, :cve:`2018-3639`, :cve:`2018-3646`, :cve:`2018-3665`, :cve:`2018-3693`, :cve:`2018-5332`, :cve:`2018-5333`, :cve:`2018-5344`, :cve:`2018-5390`, :cve:`2018-5391`, :cve:`2018-5703`, :cve:`2018-5750`, :cve:`2018-5803`, :cve:`2018-5814`, :cve:`2018-5848`, :cve:`2018-5873`, :cve:`2018-5953`, :cve:`2018-5995`, :cve:`2018-6412`, :cve:`2018-6554`, :cve:`2018-6555`, :cve:`2018-6927`, :cve:`2018-7191`, :cve:`2018-7273`, :cve:`2018-7480`, :cve:`2018-7492`, :cve:`2018-7566`, :cve:`2018-7740`, :cve:`2018-7754`, :cve:`2018-7755`, :cve:`2018-7757`, :cve:`2018-7995`, :cve:`2018-8043`, :cve:`2018-8087`, :cve:`2018-8781`, :cve:`2018-8822`, :cve:`2018-8897`, :cve:`2018-9363`, :cve:`2018-9385`, :cve:`2018-9415`, :cve:`2018-9422`, :cve:`2018-9465`, :cve:`2018-9516`, :cve:`2018-9517`, :cve:`2018-9518`, :cve:`2018-9568`, :cve:`2019-0136`, :cve:`2019-0145`, :cve:`2019-0146`, :cve:`2019-0147`, :cve:`2019-0148`, :cve:`2019-0149`, :cve:`2019-0154`, :cve:`2019-0155`, :cve:`2019-10124`, :cve:`2019-10125`, :cve:`2019-10126`, :cve:`2019-10142`, :cve:`2019-10207`, :cve:`2019-10220`, :cve:`2019-10638`, :cve:`2019-10639`, :cve:`2019-11085`, :cve:`2019-11091`, :cve:`2019-11135`, :cve:`2019-11190`, :cve:`2019-11191`, :cve:`2019-1125`, :cve:`2019-11477`, :cve:`2019-11478`, :cve:`2019-11479`, :cve:`2019-11486`, :cve:`2019-11487`, :cve:`2019-11599`, :cve:`2019-11683`, :cve:`2019-11810`, :cve:`2019-11811`, :cve:`2019-11815`, :cve:`2019-11833`, :cve:`2019-11884`, :cve:`2019-12378`, :cve:`2019-12379`, :cve:`2019-12380`, :cve:`2019-12381`, :cve:`2019-12382`, :cve:`2019-12454`, :cve:`2019-12455`, :cve:`2019-12614`, :cve:`2019-12615`, :cve:`2019-12817`, :cve:`2019-12818`, :cve:`2019-12819`, :cve:`2019-12881`, :cve:`2019-12984`, :cve:`2019-13233`, :cve:`2019-13272`, :cve:`2019-13631`, :cve:`2019-13648`, :cve:`2019-14283`, :cve:`2019-14284`, :cve:`2019-14615`, :cve:`2019-14763`, :cve:`2019-14814`, :cve:`2019-14815`, :cve:`2019-14816`, :cve:`2019-14821`, :cve:`2019-14835`, :cve:`2019-14895`, :cve:`2019-14896`, :cve:`2019-14897`, :cve:`2019-14901`, :cve:`2019-15030`, :cve:`2019-15031`, :cve:`2019-15090`, :cve:`2019-15098`, :cve:`2019-15099`, :cve:`2019-15117`, :cve:`2019-15118`, :cve:`2019-15211`, :cve:`2019-15212`, :cve:`2019-15213`, :cve:`2019-15214`, :cve:`2019-15215`, :cve:`2019-15216`, :cve:`2019-15217`, :cve:`2019-15218`, :cve:`2019-15219`, :cve:`2019-15220`, :cve:`2019-15221`, :cve:`2019-15222`, :cve:`2019-15223`, :cve:`2019-15291`, :cve:`2019-15292`, :cve:`2019-15504`, :cve:`2019-15505`, :cve:`2019-15538`, :cve:`2019-15666`, :cve:`2019-15807`, :cve:`2019-15916`, :cve:`2019-15917`, :cve:`2019-15918`, :cve:`2019-15919`, :cve:`2019-15920`, :cve:`2019-15921`, :cve:`2019-15922`, :cve:`2019-15923`, :cve:`2019-15924`, :cve:`2019-15925`, :cve:`2019-15926`, :cve:`2019-15927`, :cve:`2019-16229`, :cve:`2019-16230`, :cve:`2019-16231`, :cve:`2019-16232`, :cve:`2019-16233`, :cve:`2019-16234`, :cve:`2019-16413`, :cve:`2019-16714`, :cve:`2019-16746`, :cve:`2019-16921`, :cve:`2019-16994`, :cve:`2019-16995`, :cve:`2019-17052`, :cve:`2019-17053`, :cve:`2019-17054`, :cve:`2019-17055`, :cve:`2019-17056`, :cve:`2019-17075`, :cve:`2019-17133`, :cve:`2019-17351`, :cve:`2019-17666`, :cve:`2019-18198`, :cve:`2019-18282`, :cve:`2019-18660`, :cve:`2019-18675`, :cve:`2019-18683`, :cve:`2019-18786`, :cve:`2019-18805`, :cve:`2019-18806`, :cve:`2019-18807`, :cve:`2019-18808`, :cve:`2019-18809`, :cve:`2019-18810`, :cve:`2019-18811`, :cve:`2019-18812`, :cve:`2019-18813`, :cve:`2019-18814`, :cve:`2019-18885`, :cve:`2019-19036`, :cve:`2019-19037`, :cve:`2019-19039`, :cve:`2019-19043`, :cve:`2019-19044`, :cve:`2019-19045`, :cve:`2019-19046`, :cve:`2019-19047`, :cve:`2019-19048`, :cve:`2019-19049`, :cve:`2019-19050`, :cve:`2019-19051`, :cve:`2019-19052`, :cve:`2019-19053`, :cve:`2019-19054`, :cve:`2019-19055`, :cve:`2019-19056`, :cve:`2019-19057`, :cve:`2019-19058`, :cve:`2019-19059`, :cve:`2019-19060`, :cve:`2019-19061`, :cve:`2019-19062`, :cve:`2019-19063`, :cve:`2019-19064`, :cve:`2019-19065`, :cve:`2019-19066`, :cve:`2019-19067`, :cve:`2019-19068`, :cve:`2019-19069`, :cve:`2019-19070`, :cve:`2019-19071`, :cve:`2019-19072`, :cve:`2019-19073`, :cve:`2019-19074`, :cve:`2019-19075`, :cve:`2019-19076`, :cve:`2019-19077`, :cve:`2019-19078`, :cve:`2019-19079`, :cve:`2019-19080`, :cve:`2019-19081`, :cve:`2019-19082`, :cve:`2019-19083`, :cve:`2019-19227`, :cve:`2019-19241`, :cve:`2019-19252`, :cve:`2019-19318`, :cve:`2019-19319`, :cve:`2019-19332`, :cve:`2019-19338`, :cve:`2019-19377`, :cve:`2019-19447`, :cve:`2019-19448`, :cve:`2019-19449`, :cve:`2019-19462`, :cve:`2019-19523`, :cve:`2019-19524`, :cve:`2019-19525`, :cve:`2019-19526`, :cve:`2019-19527`, :cve:`2019-19528`, :cve:`2019-19529`, :cve:`2019-19530`, :cve:`2019-19531`, :cve:`2019-19532`, :cve:`2019-19533`, :cve:`2019-19534`, :cve:`2019-19535`, :cve:`2019-19536`, :cve:`2019-19537`, :cve:`2019-19543`, :cve:`2019-19602`, :cve:`2019-19767`, :cve:`2019-19768`, :cve:`2019-19769`, :cve:`2019-19770`, :cve:`2019-19807`, :cve:`2019-19813`, :cve:`2019-19815`, :cve:`2019-19816`, :cve:`2019-19922`, :cve:`2019-19927`, :cve:`2019-19947`, :cve:`2019-19965`, :cve:`2019-19966`, :cve:`2019-1999`, :cve:`2019-20054`, :cve:`2019-20095`, :cve:`2019-20096`, :cve:`2019-2024`, :cve:`2019-2025`, :cve:`2019-20422`, :cve:`2019-2054`, :cve:`2019-20636`, :cve:`2019-20806`, :cve:`2019-20810`, :cve:`2019-20811`, :cve:`2019-20812`, :cve:`2019-20908`, :cve:`2019-20934`, :cve:`2019-2101`, :cve:`2019-2181`, :cve:`2019-2182`, :cve:`2019-2213`, :cve:`2019-2214`, :cve:`2019-2215`, :cve:`2019-25044`, :cve:`2019-25045`, :cve:`2019-3016`, :cve:`2019-3459`, :cve:`2019-3460`, :cve:`2019-3701`, :cve:`2019-3819`, :cve:`2019-3837`, :cve:`2019-3846`, :cve:`2019-3874`, :cve:`2019-3882`, :cve:`2019-3887`, :cve:`2019-3892`, :cve:`2019-3896`, :cve:`2019-3900`, :cve:`2019-3901`, :cve:`2019-5108`, :cve:`2019-6133`, :cve:`2019-6974`, :cve:`2019-7221`, :cve:`2019-7222`, :cve:`2019-7308`, :cve:`2019-8912`, :cve:`2019-8956`, :cve:`2019-8980`, :cve:`2019-9003`, :cve:`2019-9162`, :cve:`2019-9213`, :cve:`2019-9245`, :cve:`2019-9444`, :cve:`2019-9445`, :cve:`2019-9453`, :cve:`2019-9454`, :cve:`2019-9455`, :cve:`2019-9456`, :cve:`2019-9457`, :cve:`2019-9458`, :cve:`2019-9466`, :cve:`2019-9500`, :cve:`2019-9503`, :cve:`2019-9506`, :cve:`2019-9857`, :cve:`2020-0009`, :cve:`2020-0030`, :cve:`2020-0041`, :cve:`2020-0066`, :cve:`2020-0067`, :cve:`2020-0110`, :cve:`2020-0255`, :cve:`2020-0305`, :cve:`2020-0404`, :cve:`2020-0423`, :cve:`2020-0427`, :cve:`2020-0429`, :cve:`2020-0430`, :cve:`2020-0431`, :cve:`2020-0432`, :cve:`2020-0433`, :cve:`2020-0435`, :cve:`2020-0444`, :cve:`2020-0465`, :cve:`2020-0466`, :cve:`2020-0543`, :cve:`2020-10135`, :cve:`2020-10690`, :cve:`2020-10711`, :cve:`2020-10720`, :cve:`2020-10732`, :cve:`2020-10742`, :cve:`2020-10751`, :cve:`2020-10757`, :cve:`2020-10766`, :cve:`2020-10767`, :cve:`2020-10768`, :cve:`2020-10769`, :cve:`2020-10773`, :cve:`2020-10781`, :cve:`2020-10942`, :cve:`2020-11494`, :cve:`2020-11565`, :cve:`2020-11608`, :cve:`2020-11609`, :cve:`2020-11668`, :cve:`2020-11669`, :cve:`2020-11884`, :cve:`2020-12114`, :cve:`2020-12351`, :cve:`2020-12352`, :cve:`2020-12464`, :cve:`2020-12465`, :cve:`2020-12652`, :cve:`2020-12653`, :cve:`2020-12654`, :cve:`2020-12655`, :cve:`2020-12656`, :cve:`2020-12657`, :cve:`2020-12659`, :cve:`2020-12768`, :cve:`2020-12769`, :cve:`2020-12770`, :cve:`2020-12771`, :cve:`2020-12826`, :cve:`2020-12888`, :cve:`2020-12912`, :cve:`2020-13143`, :cve:`2020-13974`, :cve:`2020-14305`, :cve:`2020-14314`, :cve:`2020-14331`, :cve:`2020-14351`, :cve:`2020-14353`, :cve:`2020-14356`, :cve:`2020-14381`, :cve:`2020-14385`, :cve:`2020-14386`, :cve:`2020-14390`, :cve:`2020-14416`, :cve:`2020-15393`, :cve:`2020-15436`, :cve:`2020-15437`, :cve:`2020-15780`, :cve:`2020-15852`, :cve:`2020-16119`, :cve:`2020-16120`, :cve:`2020-16166`, :cve:`2020-1749`, :cve:`2020-24394`, :cve:`2020-24490`, :cve:`2020-24586`, :cve:`2020-24587`, :cve:`2020-24588`, :cve:`2020-25211`, :cve:`2020-25212`, :cve:`2020-25221`, :cve:`2020-25284`, :cve:`2020-25285`, :cve:`2020-25639`, :cve:`2020-25641`, :cve:`2020-25643`, :cve:`2020-25645`, :cve:`2020-25656`, :cve:`2020-25668`, :cve:`2020-25669`, :cve:`2020-25670`, :cve:`2020-25671`, :cve:`2020-25672`, :cve:`2020-25673`, :cve:`2020-25704`, :cve:`2020-25705`, :cve:`2020-26088`, :cve:`2020-26139`, :cve:`2020-26141`, :cve:`2020-26145`, :cve:`2020-26147`, :cve:`2020-26541`, :cve:`2020-26555`, :cve:`2020-26558`, :cve:`2020-27066`, :cve:`2020-27067`, :cve:`2020-27068`, :cve:`2020-27152`, :cve:`2020-27170`, :cve:`2020-27171`, :cve:`2020-27194`, :cve:`2020-2732`, :cve:`2020-27418`, :cve:`2020-27673`, :cve:`2020-27675`, :cve:`2020-27777`, :cve:`2020-27784`, :cve:`2020-27786`, :cve:`2020-27815`, :cve:`2020-27820`, :cve:`2020-27825`, :cve:`2020-27830`, :cve:`2020-27835`, :cve:`2020-28097`, :cve:`2020-28374`, :cve:`2020-28588`, :cve:`2020-28915`, :cve:`2020-28941`, :cve:`2020-28974`, :cve:`2020-29368`, :cve:`2020-29369`, :cve:`2020-29370`, :cve:`2020-29371`, :cve:`2020-29372`, :cve:`2020-29373`, :cve:`2020-29374`, :cve:`2020-29534`, :cve:`2020-29568`, :cve:`2020-29569`, :cve:`2020-29660`, :cve:`2020-29661`, :cve:`2020-35499`, :cve:`2020-35508`, :cve:`2020-35513`, :cve:`2020-35519`, :cve:`2020-36158`, :cve:`2020-36310`, :cve:`2020-36311`, :cve:`2020-36312`, :cve:`2020-36313`, :cve:`2020-36322`, :cve:`2020-36385`, :cve:`2020-36386`, :cve:`2020-36387`, :cve:`2020-36516`, :cve:`2020-36557`, :cve:`2020-36558`, :cve:`2020-36691`, :cve:`2020-36694`, :cve:`2020-36766`, :cve:`2020-3702`, :cve:`2020-4788`, :cve:`2020-7053`, :cve:`2020-8428`, :cve:`2020-8647`, :cve:`2020-8648`, :cve:`2020-8649`, :cve:`2020-8694`, :cve:`2020-8834`, :cve:`2020-8835`, :cve:`2020-8992`, :cve:`2020-9383`, :cve:`2020-9391`, :cve:`2021-0129`, :cve:`2021-0342`, :cve_mitre:`2021-0447`, :cve_mitre:`2021-0448`, :cve:`2021-0512`, :cve:`2021-0605`, :cve:`2021-0707`, :cve:`2021-0920`, :cve:`2021-0929`, :cve:`2021-0935`, :cve_mitre:`2021-0937`, :cve:`2021-0938`, :cve:`2021-0941`, :cve:`2021-1048`, :cve:`2021-20177`, :cve:`2021-20194`, :cve:`2021-20226`, :cve:`2021-20239`, :cve:`2021-20261`, :cve:`2021-20265`, :cve:`2021-20268`, :cve:`2021-20292`, :cve:`2021-20317`, :cve:`2021-20320`, :cve:`2021-20321`, :cve:`2021-20322`, :cve:`2021-21781`, :cve:`2021-22543`, :cve:`2021-22555`, :cve:`2021-22600`, :cve:`2021-23133`, :cve:`2021-23134`, :cve:`2021-26401`, :cve:`2021-26708`, :cve:`2021-26930`, :cve:`2021-26931`, :cve:`2021-26932`, :cve:`2021-27363`, :cve:`2021-27364`, :cve:`2021-27365`, :cve:`2021-28038`, :cve:`2021-28039`, :cve:`2021-28375`, :cve:`2021-28660`, :cve:`2021-28688`, :cve:`2021-28691`, :cve:`2021-28711`, :cve:`2021-28712`, :cve:`2021-28713`, :cve:`2021-28714`, :cve:`2021-28715`, :cve:`2021-28950`, :cve:`2021-28951`, :cve:`2021-28952`, :cve:`2021-28964`, :cve:`2021-28971`, :cve:`2021-28972`, :cve:`2021-29154`, :cve:`2021-29155`, :cve:`2021-29264`, :cve:`2021-29265`, :cve:`2021-29266`, :cve:`2021-29646`, :cve:`2021-29647`, :cve:`2021-29648`, :cve:`2021-29649`, :cve:`2021-29650`, :cve:`2021-29657`, :cve:`2021-30002`, :cve:`2021-30178`, :cve:`2021-31440`, :cve:`2021-3178`, :cve:`2021-31829`, :cve:`2021-31916`, :cve:`2021-32399`, :cve:`2021-32606`, :cve:`2021-33033`, :cve:`2021-33034`, :cve:`2021-33098`, :cve:`2021-33135`, :cve:`2021-33200`, :cve:`2021-3347`, :cve:`2021-3348`, :cve:`2021-33624`, :cve:`2021-33655`, :cve:`2021-33656`, :cve:`2021-33909`, :cve:`2021-3411`, :cve:`2021-3428`, :cve:`2021-3444`, :cve:`2021-34556`, :cve:`2021-34693`, :cve:`2021-3483`, :cve:`2021-34866`, :cve:`2021-3489`, :cve:`2021-3490`, :cve:`2021-3491`, :cve_mitre:`2021-34981`, :cve:`2021-3501`, :cve:`2021-35039`, :cve:`2021-3506`, :cve:`2021-3543`, :cve:`2021-35477`, :cve:`2021-3564`, :cve:`2021-3573`, :cve:`2021-3587`, :cve_mitre:`2021-3600`, :cve:`2021-3609`, :cve:`2021-3612`, :cve:`2021-3635`, :cve:`2021-3640`, :cve:`2021-3653`, :cve:`2021-3655`, :cve:`2021-3656`, :cve:`2021-3659`, :cve:`2021-3679`, :cve:`2021-3715`, :cve:`2021-37159`, :cve:`2021-3732`, :cve:`2021-3736`, :cve:`2021-3739`, :cve:`2021-3743`, :cve:`2021-3744`, :cve:`2021-3752`, :cve:`2021-3753`, :cve:`2021-37576`, :cve:`2021-3759`, :cve:`2021-3760`, :cve:`2021-3764`, :cve:`2021-3772`, :cve:`2021-38160`, :cve:`2021-38166`, :cve:`2021-38198`, :cve:`2021-38199`, :cve:`2021-38200`, :cve:`2021-38201`, :cve:`2021-38202`, :cve:`2021-38203`, :cve:`2021-38204`, :cve:`2021-38205`, :cve:`2021-38206`, :cve:`2021-38207`, :cve:`2021-38208`, :cve:`2021-38209`, :cve:`2021-38300`, :cve:`2021-3894`, :cve:`2021-3896`, :cve:`2021-3923`, :cve:`2021-39633`, :cve:`2021-39634`, :cve:`2021-39636`, :cve:`2021-39648`, :cve:`2021-39656`, :cve:`2021-39657`, :cve:`2021-39685`, :cve:`2021-39686`, :cve:`2021-39698`, :cve:`2021-39711`, :cve:`2021-39713`, :cve:`2021-39714`, :cve:`2021-4001`, :cve:`2021-4002`, :cve:`2021-4028`, :cve:`2021-4032`, :cve:`2021-4037`, :cve:`2021-40490`, :cve:`2021-4083`, :cve:`2021-4090`, :cve:`2021-4093`, :cve:`2021-4095`, :cve:`2021-41073`, :cve:`2021-4135`, :cve:`2021-4148`, :cve:`2021-4149`, :cve:`2021-4154`, :cve:`2021-4155`, :cve:`2021-4157`, :cve:`2021-4159`, :cve:`2021-41864`, :cve:`2021-4197`, :cve:`2021-42008`, :cve:`2021-4202`, :cve:`2021-4203`, :cve:`2021-4218`, :cve:`2021-42252`, :cve:`2021-42327`, :cve:`2021-42739`, :cve:`2021-43056`, :cve:`2021-43057`, :cve:`2021-43267`, :cve:`2021-43389`, :cve:`2021-43975`, :cve:`2021-43976`, :cve:`2021-44733`, :cve:`2021-45095`, :cve:`2021-45100`, :cve:`2021-45402`, :cve:`2021-45469`, :cve:`2021-45480`, :cve:`2021-45485`, :cve:`2021-45486`, :cve:`2021-45868`, :cve:`2021-46283`, :cve:`2022-0001`, :cve:`2022-0002`, :cve:`2022-0168`, :cve:`2022-0171`, :cve:`2022-0185`, :cve:`2022-0264`, :cve:`2022-0286`, :cve:`2022-0322`, :cve:`2022-0330`, :cve:`2022-0433`, :cve:`2022-0435`, :cve:`2022-0487`, :cve:`2022-0492`, :cve:`2022-0494`, :cve:`2022-0516`, :cve:`2022-0617`, :cve:`2022-0644`, :cve:`2022-0646`, :cve:`2022-0742`, :cve:`2022-0812`, :cve:`2022-0847`, :cve:`2022-0850`, :cve:`2022-0854`, :cve:`2022-0995`, :cve:`2022-1011`, :cve:`2022-1012`, :cve:`2022-1015`, :cve:`2022-1016`, :cve:`2022-1043`, :cve:`2022-1048`, :cve:`2022-1055`, :cve:`2022-1158`, :cve:`2022-1184`, :cve:`2022-1195`, :cve:`2022-1198`, :cve:`2022-1199`, :cve:`2022-1204`, :cve:`2022-1205`, :cve:`2022-1353`, :cve:`2022-1419`, :cve:`2022-1462`, :cve:`2022-1516`, :cve:`2022-1651`, :cve:`2022-1652`, :cve:`2022-1671`, :cve:`2022-1678`, :cve:`2022-1679`, :cve:`2022-1729`, :cve:`2022-1734`, :cve:`2022-1786`, :cve:`2022-1789`, :cve:`2022-1836`, :cve:`2022-1852`, :cve:`2022-1882`, :cve:`2022-1943`, :cve:`2022-1966`, :cve:`2022-1972`, :cve:`2022-1973`, :cve:`2022-1974`, :cve:`2022-1975`, :cve:`2022-1976`, :cve:`2022-1998`, :cve:`2022-20008`, :cve:`2022-20132`, :cve:`2022-20141`, :cve:`2022-20153`, :cve:`2022-20154`, :cve:`2022-20158`, :cve:`2022-20166`, :cve:`2022-20368`, :cve:`2022-20369`, :cve:`2022-20421`, :cve:`2022-20422`, :cve:`2022-20423`, :cve_mitre:`2022-20565`, :cve:`2022-20566`, :cve:`2022-20567`, :cve:`2022-20572`, :cve:`2022-2078`, :cve:`2022-21123`, :cve:`2022-21125`, :cve:`2022-21166`, :cve:`2022-21385`, :cve:`2022-21499`, :cve_mitre:`2022-21505`, :cve:`2022-2153`, :cve:`2022-2196`, :cve_mitre:`2022-22942`, :cve:`2022-23036`, :cve:`2022-23037`, :cve:`2022-23038`, :cve:`2022-23039`, :cve:`2022-23040`, :cve:`2022-23041`, :cve:`2022-23042`, :cve:`2022-2308`, :cve:`2022-2318`, :cve:`2022-2380`, :cve:`2022-23816`, :cve:`2022-23960`, :cve:`2022-24122`, :cve:`2022-24448`, :cve:`2022-24958`, :cve:`2022-24959`, :cve:`2022-2503`, :cve:`2022-25258`, :cve:`2022-25375`, :cve:`2022-25636`, :cve_mitre:`2022-2585`, :cve_mitre:`2022-2586`, :cve_mitre:`2022-2588`, :cve:`2022-2590`, :cve_mitre:`2022-2602`, :cve:`2022-26365`, :cve:`2022-26373`, :cve:`2022-2639`, :cve:`2022-26490`, :cve:`2022-2663`, :cve:`2022-26966`, :cve:`2022-27223`, :cve:`2022-27666`, :cve:`2022-2785`, :cve:`2022-27950`, :cve:`2022-28356`, :cve:`2022-28388`, :cve:`2022-28389`, :cve:`2022-28390`, :cve:`2022-2873`, :cve:`2022-28796`, :cve:`2022-28893`, :cve:`2022-2905`, :cve:`2022-29156`, :cve:`2022-2938`, :cve:`2022-29581`, :cve:`2022-29582`, :cve:`2022-2959`, :cve:`2022-2964`, :cve:`2022-2977`, :cve:`2022-2978`, :cve:`2022-29900`, :cve:`2022-29901`, :cve:`2022-29968`, :cve:`2022-3028`, :cve:`2022-30594`, :cve:`2022-3061`, :cve:`2022-3077`, :cve:`2022-3078`, :cve:`2022-3103`, :cve:`2022-3104`, :cve:`2022-3105`, :cve:`2022-3106`, :cve:`2022-3107`, :cve:`2022-3110`, :cve:`2022-3111`, :cve:`2022-3112`, :cve:`2022-3113`, :cve:`2022-3114`, :cve:`2022-3115`, :cve:`2022-3169`, :cve:`2022-3170`, :cve:`2022-3202`, :cve:`2022-32250`, :cve:`2022-32296`, :cve:`2022-3239`, :cve:`2022-32981`, :cve:`2022-3303`, :cve:`2022-33740`, :cve:`2022-33741`, :cve:`2022-33742`, :cve:`2022-33743`, :cve:`2022-33744`, :cve:`2022-33981`, :cve:`2022-3424`, :cve:`2022-3435`, :cve:`2022-34494`, :cve:`2022-34495`, :cve:`2022-34918`, :cve:`2022-3521`, :cve:`2022-3524`, :cve:`2022-3526`, :cve:`2022-3531`, :cve:`2022-3532`, :cve:`2022-3534`, :cve:`2022-3535`, :cve:`2022-3541`, :cve:`2022-3542`, :cve:`2022-3543`, :cve:`2022-3545`, :cve:`2022-3564`, :cve:`2022-3565`, :cve:`2022-3577`, :cve:`2022-3586`, :cve:`2022-3594`, :cve:`2022-36123`, :cve:`2022-3619`, :cve:`2022-3621`, :cve:`2022-3623`, :cve:`2022-3625`, :cve:`2022-3628`, :cve:`2022-36280`, :cve:`2022-3629`, :cve:`2022-3630`, :cve:`2022-3633`, :cve:`2022-3635`, :cve:`2022-3640`, :cve:`2022-3643`, :cve:`2022-3646`, :cve:`2022-3649`, :cve:`2022-36879`, :cve:`2022-36946`, :cve:`2022-3707`, :cve:`2022-3910`, :cve:`2022-39189`, :cve:`2022-39190`, :cve:`2022-3977`, :cve:`2022-39842`, :cve:`2022-40307`, :cve:`2022-40476`, :cve:`2022-40768`, :cve:`2022-4095`, :cve:`2022-40982`, :cve:`2022-41218`, :cve:`2022-41222`, :cve:`2022-4127`, :cve:`2022-4128`, :cve:`2022-4129`, :cve:`2022-4139`, :cve:`2022-41674`, :cve:`2022-41849`, :cve:`2022-41850`, :cve:`2022-41858`, :cve:`2022-42328`, :cve:`2022-42329`, :cve:`2022-42432`, :cve:`2022-4269`, :cve:`2022-42703`, :cve:`2022-42719`, :cve:`2022-42720`, :cve:`2022-42721`, :cve:`2022-42722`, :cve:`2022-42895`, :cve:`2022-42896`, :cve:`2022-43750`, :cve:`2022-4378`, :cve:`2022-4379`, :cve:`2022-4382`, :cve:`2022-43945`, :cve:`2022-45869`, :cve:`2022-45886`, :cve:`2022-45887`, :cve:`2022-45888`, :cve:`2022-45919`, :cve:`2022-45934`, :cve:`2022-4662`, :cve:`2022-4744`, :cve:`2022-47518`, :cve:`2022-47519`, :cve:`2022-47520`, :cve:`2022-47521`, :cve:`2022-47929`, :cve:`2022-47938`, :cve:`2022-47939`, :cve:`2022-47940`, :cve:`2022-47941`, :cve:`2022-47942`, :cve:`2022-47943`, :cve:`2022-4842`, :cve:`2022-48423`, :cve:`2022-48424`, :cve:`2022-48425`, :cve:`2022-48502`, :cve:`2023-0030`, :cve:`2023-0045`, :cve:`2023-0047`, :cve:`2023-0122`, :cve:`2023-0160`, :cve:`2023-0179`, :cve:`2023-0210`, :cve:`2023-0240`, :cve:`2023-0266`, :cve:`2023-0394`, :cve:`2023-0458`, :cve:`2023-0459`, :cve:`2023-0461`, :cve:`2023-0468`, :cve:`2023-0469`, :cve:`2023-0590`, :cve:`2023-0615`, :cve_mitre:`2023-1032`, :cve:`2023-1073`, :cve:`2023-1074`, :cve:`2023-1076`, :cve:`2023-1077`, :cve:`2023-1078`, :cve:`2023-1079`, :cve:`2023-1095`, :cve:`2023-1118`, :cve:`2023-1192`, :cve:`2023-1194`, :cve:`2023-1195`, :cve:`2023-1206`, :cve:`2023-1249`, :cve:`2023-1252`, :cve:`2023-1281`, :cve:`2023-1380`, :cve:`2023-1382`, :cve:`2023-1390`, :cve:`2023-1513`, :cve:`2023-1582`, :cve:`2023-1583`, :cve:`2023-1611`, :cve:`2023-1637`, :cve:`2023-1652`, :cve:`2023-1670`, :cve:`2023-1829`, :cve:`2023-1838`, :cve:`2023-1855`, :cve:`2023-1859`, :cve:`2023-1989`, :cve:`2023-1990`, :cve:`2023-1998`, :cve:`2023-2002`, :cve:`2023-2006`, :cve:`2023-2008`, :cve:`2023-2019`, :cve:`2023-20569`, :cve:`2023-20588`, :cve:`2023-20593`, :cve:`2023-20938`, :cve:`2023-21102`, :cve:`2023-21106`, :cve:`2023-2124`, :cve:`2023-21255`, :cve:`2023-21264`, :cve:`2023-2156`, :cve:`2023-2162`, :cve:`2023-2163`, :cve:`2023-2166`, :cve:`2023-2177`, :cve:`2023-2194`, :cve:`2023-2235`, :cve:`2023-2236`, :cve:`2023-2248`, :cve:`2023-2269`, :cve:`2023-22996`, :cve:`2023-22997`, :cve:`2023-22998`, :cve:`2023-22999`, :cve:`2023-23001`, :cve:`2023-23002`, :cve:`2023-23003`, :cve:`2023-23004`, :cve:`2023-23005`, :cve:`2023-23006`, :cve:`2023-23454`, :cve:`2023-23455`, :cve:`2023-23559`, :cve:`2023-2483`, :cve:`2023-25012`, :cve:`2023-2513`, :cve:`2023-25775`, :cve:`2023-2598`, :cve:`2023-26544`, :cve:`2023-26545`, :cve:`2023-26605`, :cve:`2023-26606`, :cve:`2023-26607`, :cve:`2023-28327`, :cve:`2023-28328`, :cve:`2023-28410`, :cve:`2023-28464`, :cve:`2023-28466`, :cve:`2023-2860`, :cve:`2023-28772`, :cve:`2023-28866`, :cve:`2023-2898`, :cve:`2023-2985`, :cve:`2023-3006`, :cve:`2023-30456`, :cve:`2023-30772`, :cve:`2023-3090`, :cve:`2023-3106`, :cve:`2023-3111`, :cve:`2023-3117`, :cve:`2023-31248`, :cve:`2023-3141`, :cve:`2023-31436`, :cve:`2023-3159`, :cve:`2023-3161`, :cve:`2023-3212`, :cve:`2023-3220`, :cve:`2023-32233`, :cve:`2023-32247`, :cve:`2023-32248`, :cve:`2023-32250`, :cve:`2023-32252`, :cve:`2023-32254`, :cve:`2023-32257`, :cve:`2023-32258`, :cve:`2023-32269`, :cve:`2023-3268`, :cve:`2023-3269`, :cve:`2023-3312`, :cve:`2023-3317`, :cve:`2023-33203`, :cve:`2023-33250`, :cve:`2023-33288`, :cve:`2023-3338`, :cve:`2023-3355`, :cve:`2023-3357`, :cve:`2023-3358`, :cve:`2023-3359`, :cve:`2023-3390`, :cve:`2023-33951`, :cve:`2023-33952`, :cve:`2023-34255`, :cve:`2023-34256`, :cve:`2023-34319`, :cve:`2023-3439`, :cve:`2023-35001`, :cve:`2023-3567`, :cve:`2023-35788`, :cve:`2023-35823`, :cve:`2023-35824`, :cve:`2023-35826`, :cve:`2023-35828`, :cve:`2023-35829`, :cve:`2023-3609`, :cve:`2023-3610`, :cve:`2023-3611`, :cve:`2023-37453`, :cve:`2023-3772`, :cve:`2023-3773`, :cve:`2023-3776`, :cve:`2023-3777`, :cve:`2023-3812`, :cve:`2023-38409`, :cve:`2023-38426`, :cve:`2023-38427`, :cve:`2023-38428`, :cve:`2023-38429`, :cve:`2023-38430`, :cve:`2023-38431`, :cve:`2023-38432`, :cve:`2023-3863`, :cve_mitre:`2023-3865`, :cve_mitre:`2023-3866`, :cve_mitre:`2023-3867`, :cve:`2023-39189`, :cve:`2023-39192`, :cve:`2023-39193`, :cve:`2023-39194`, :cve:`2023-4004`, :cve:`2023-4015`, :cve:`2023-40283`, :cve:`2023-4128`, :cve:`2023-4132`, :cve:`2023-4147`, :cve:`2023-4155`, :cve:`2023-4194`, :cve:`2023-4206`, :cve:`2023-4207`, :cve:`2023-4208`, :cve:`2023-4273`, :cve:`2023-42752`, :cve:`2023-42753`, :cve:`2023-42755`, :cve:`2023-42756`, :cve:`2023-4385`, :cve:`2023-4387`, :cve:`2023-4389`, :cve:`2023-4394`, :cve:`2023-44466`, :cve:`2023-4459`, :cve:`2023-4569`, :cve:`2023-45862`, :cve:`2023-45871`, :cve:`2023-4611`, :cve:`2023-4623`, :cve:`2023-4732`, :cve:`2023-4921` and :cve:`2023-5345` +- linux-yocto/5.15: Ignore :cve:`2022-45886`, :cve:`2022-45887`, :cve:`2022-45919`, :cve:`2022-48502`, :cve:`2023-0160`, :cve:`2023-1206`, :cve:`2023-20593`, :cve:`2023-21264`, :cve:`2023-2898`, :cve:`2023-31248`, :cve:`2023-33250`, :cve:`2023-34319`, :cve:`2023-35001`, :cve:`2023-3611`, :cve:`2023-37453`, :cve:`2023-3773`, :cve:`2023-3776`, :cve:`2023-3777`, :cve:`2023-38432`, :cve:`2023-3863`, :cve_mitre:`2023-3865`, :cve_mitre:`2023-3866`, :cve:`2023-4004`, :cve:`2023-4015`, :cve:`2023-4132`, :cve:`2023-4147`, :cve:`2023-4194`, :cve:`2023-4385`, :cve:`2023-4387`, :cve:`2023-4389`, :cve:`2023-4394`, :cve:`2023-4459` and :cve:`2023-4611` +- openssl: Fix :cve:`2023-4807` and :cve:`2023-5363` +- python3-git: Fix :cve:`2023-40590` and :cve:`2023-41040` +- python3-urllib3: Fix :cve:`2023-43804` +- qemu: Ignore :cve:`2023-2680` +- ruby: Fix :cve:`2023-36617` +- shadow: Fix :cve_mitre:`2023-4641` +- tiff: Fix :cve:`2023-3576` and :cve:`2023-40745` +- vim: Fix :cve:`2023-5441` and :cve:`2023-5535` +- webkitgtk: Fix :cve:`2023-32439` +- xdg-utils: Fix :cve:`2022-4055` +- xserver-xorg: ignore :cve:`2022-3553` (XQuartz-specific) +- zlib: Fix :cve:`2023-45853` + + + +Fixes in Yocto-4.0.14 +~~~~~~~~~~~~~~~~~~~~~ + +- SECURITY.md: Add file +- apt: add missing <cstdint> for uint16_t +- bind: update to 9.18.19 +- bitbake: SECURITY.md: add file +- bitbake: bitbake-getvar: Add a quiet command line argument +- bitbake: bitbake-worker/runqueue: Avoid unnecessary bytes object copies +- brief-yoctoprojectqs: use new CDN mirror for sstate +- bsp-guide: bsp.rst: replace reference to wiki +- bsp-guide: bsp: skip Intel machines no longer supported in Poky +- build-appliance-image: Update to kirkstone head revision +- ccache: fix build with gcc-13 +- cml1: Fix KCONFIG_CONFIG_COMMAND not conveyed fully in do_menuconfig +- contributor-guide/style-guide: Add a note about task idempotence +- contributor-guide/style-guide: Refer to recipes, not packages +- contributor-guide: deprecate "Accepted" patch status +- contributor-guide: discourage marking patches as Inappropriate +- contributor-guide: recipe-style-guide: add more patch tagging examples +- contributor-guide: recipe-style-guide: add section about CVE patches +- contributor-guide: style-guide: discourage using Pending patch status +- dev-manual: add security team processes +- dev-manual: fix testimage usage instructions +- dev-manual: layers: Add notes about layer.conf +- dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section +- dev-manual: new-recipe.rst: replace reference to wiki +- dev-manual: start.rst: remove obsolete reference +- dev-manual: wic: update "wic list images" output +- dev/ref-manual: Document :term:`INIT_MANAGER` +- fontcache.bbclass: avoid native recipes depending on target fontconfig +- glibc: Update to latest on stable 2.35 branch (c84018a05aec..) +- json-c: define :term:`CVE_VERSION` +- kernel.bbclass: Add force flag to rm calls +- libxpm: upgrade to 3.5.17 +- linux-firmware: create separate packages +- linux-firmware: upgrade to 20230804 +- linux-yocto/5.10: update to v5.10.197 +- linux-yocto: update CVE exclusions +- manuals: correct "yocto-linux" by "linux-yocto" +- manuals: update linux-yocto append examples +- migration-guides: add release notes for 4.0.13 +- openssl: Upgrade to 3.0.12 +- overview: Add note about non-reproducibility side effects +- package_rpm: Allow compression mode override +- poky.conf: bump version for 4.0.14 +- profile-manual: aesthetic cleanups +- python3-git: upgrade to 3.1.37 +- python3-jinja2: fix for the ptest result format +- python3-urllib3: upgrade to 1.26.17 +- ref-manual: Fix :term:`PACKAGECONFIG` term and add an example +- ref-manual: Warn about :term:`COMPATIBLE_MACHINE` skipping native recipes +- ref-manual: releases.svg: Scarthgap is now version 5.0 +- ref-manual: variables: add :term:`RECIPE_SYSROOT` and :term:`RECIPE_SYSROOT_NATIVE` +- ref-manual: variables: add :term:`TOOLCHAIN_OPTIONS` variable +- ref-manual: variables: add example for :term:`SYSROOT_DIRS` variable +- ref-manual: variables: provide no-match example for :term:`COMPATIBLE_MACHINE` +- sdk-manual: appendix-obtain: improve and update descriptions +- test-manual: reproducible-builds: stop mentioning LTO bug +- uboot-extlinux-config.bbclass: fix missed override syntax migration +- vim: Upgrade to 9.0.2048 + + +Known Issues in Yocto-4.0.14 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.14 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Archana Polampalli +- Armin Kuster +- Arne Schwerdt +- BELHADJ SALEM Talel +- Bruce Ashfield +- Chaitanya Vadrevu +- Colin McAllister +- Deepthi Hemraj +- Etienne Cordonnier +- Fahad Arslan +- Hitendra Prajapati +- Jaeyoon Jung +- Joshua Watt +- Khem Raj +- Lee Chee Yang +- Marta Rybczynska +- Martin Jansa +- Meenali Gupta +- Michael Opdenacker +- Narpat Mali +- Niko Mauno +- Paul Eggleton +- Paulo Neves +- Peter Marko +- Quentin Schulz +- Richard Purdie +- Robert P. J. Day +- Roland Hieber +- Ross Burton +- Ryan Eatmon +- Shubham Kulkarni +- Siddharth Doshi +- Soumya Sambu +- Steve Sakoman +- Tim Orling +- Trevor Gamblin +- Vijay Anusuri +- Wang Mingyu +- Yash Shinde +- Yogita Urade + + +Repositories / Downloads for Yocto-4.0.14 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.14 </poky/log/?h=yocto-4.0.14>` +- Git Revision: :yocto_git:`d8d6d921fad14b82167d9f031d4fca06b5e01883 </poky/commit/?id=d8d6d921fad14b82167d9f031d4fca06b5e01883>` +- Release Artefact: poky-d8d6d921fad14b82167d9f031d4fca06b5e01883 +- sha: 46a6301e3921ee67cfe6be7ea544d6257f0c0f02ef15c5091287e024ff02d5f5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.14/poky-d8d6d921fad14b82167d9f031d4fca06b5e01883.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.14/poky-d8d6d921fad14b82167d9f031d4fca06b5e01883.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.14 </openembedded-core/log/?h=yocto-4.0.14>` +- Git Revision: :oe_git:`0eb8e67aa6833df0cde29833568a70e65c21d7e5 </openembedded-core/commit/?id=0eb8e67aa6833df0cde29833568a70e65c21d7e5>` +- Release Artefact: oecore-0eb8e67aa6833df0cde29833568a70e65c21d7e5 +- sha: d510a7067b87ba935b8a7c9f9608d0e06b057009ea753ed190ddfacc7195ecc5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.14/oecore-0eb8e67aa6833df0cde29833568a70e65c21d7e5.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.14/oecore-0eb8e67aa6833df0cde29833568a70e65c21d7e5.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.14 </meta-mingw/log/?h=yocto-4.0.14>` +- Git Revision: :yocto_git:`f6b38ce3c90e1600d41c2ebb41e152936a0357d7 </meta-mingw/commit/?id=f6b38ce3c90e1600d41c2ebb41e152936a0357d7>` +- Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7 +- sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.14/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.14/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.14 </meta-gplv2/log/?h=yocto-4.0.14>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.14/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.14/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.14 </bitbake/log/?h=yocto-4.0.14>` +- Git Revision: :oe_git:`6c1ffa9091d0c53a100e8c8c15122d28642034bd </bitbake/commit/?id=6c1ffa9091d0c53a100e8c8c15122d28642034bd>` +- Release Artefact: bitbake-6c1ffa9091d0c53a100e8c8c15122d28642034bd +- sha: 1ceffc3b3359063341530c989a3606c897d862b61111538e683f101b02a360a2 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.14/bitbake-6c1ffa9091d0c53a100e8c8c15122d28642034bd.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.14/bitbake-6c1ffa9091d0c53a100e8c8c15122d28642034bd.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.14 </yocto-docs/log/?h=yocto-4.0.14>` +- Git Revision: :yocto_git:`260b446a1a75d99399a3421cd8d6ba276f508f37 </yocto-docs/commit/?id=260b446a1a75d99399a3421cd8d6ba276f508f37>` + diff --git a/documentation/migration-guides/release-notes-4.0.15.rst b/documentation/migration-guides/release-notes-4.0.15.rst new file mode 100644 index 0000000000..b2731530e8 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.15.rst @@ -0,0 +1,189 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.15 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.15 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- avahi: Fix :cve:`2023-1981`, :cve:`2023-38469`, :cve:`2023-38470`, :cve:`2023-38471`, :cve:`2023-38472` and :cve:`2023-38473` +- binutils: Fix :cve:`2022-47007`, :cve:`2022-47010` and :cve:`2022-48064` +- bluez5: Fix :cve:`2023-45866` +- ghostscript: Ignore GhostPCL :cve:`2023-38560` +- gnutls: Fix :cve:`2023-5981` +- go: Ignore :cve:`2023-45283` and :cve:`2023-45284` +- grub: Fix :cve:`2023-4692` and :cve:`2023-4693` +- gstreamer1.0-plugins-bad: Fix :cve_mitre:`2023-44429` +- libsndfile: Fix :cve:`2022-33065` +- libwebp: Fix :cve:`2023-4863` +- openssl: Fix :cve:`2023-5678` +- python3-cryptography: Fix :cve:`2023-49083` +- qemu: Fix :cve:`2023-1544` +- sudo: :cve:`2023-42456` and :cve_mitre:`2023-42465` +- tiff: Fix :cve:`2023-41175` +- vim: Fix :cve:`2023-46246`, :cve:`2023-48231`, :cve:`2023-48232`, :cve:`2023-48233`, :cve:`2023-48234`, :cve:`2023-48235`, :cve:`2023-48236`, :cve:`2023-48237` and :cve:`2023-48706` +- xserver-xorg: Fix :cve:`2023-5367` and :cve:`2023-5380` +- xwayland: Fix :cve:`2023-5367` + + +Fixes in Yocto-4.0.15 +~~~~~~~~~~~~~~~~~~~~~ + +- bash: changes to SIGINT handler while waiting for a child +- bitbake: Fix disk space monitoring on cephfs +- bitbake: bitbake-getvar: Make --quiet work with --recipe +- bitbake: runqueue.py: fix PSI check logic +- bitbake: runqueue: Add pressure change logging +- bitbake: runqueue: convert deferral messages from bb.note to bb.debug +- bitbake: runqueue: fix PSI check calculation +- bitbake: runqueue: show more pressure data +- bitbake: runqueue: show number of currently running bitbake threads when pressure changes +- bitbake: tinfoil: Do not fail when logging is disabled and full config is used +- build-appliance-image: Update to kirkstone head revision +- cve-check: don't warn if a patch is remote +- cve-check: slightly more verbose warning when adding the same package twice +- cve-check: sort the package list in the JSON report +- cve-exclusion_5.10.inc: update for 5.10.202 +- go: Fix issue in DNS resolver +- goarch: Move Go architecture mapping to a library +- gstreamer1.0-plugins-base: enable glx/opengl support +- linux-yocto/5.10: update to v5.10.202 +- manuals: update class references +- migration-guide: add release notes for 4.0.14 +- native: Clear TUNE_FEATURES/ABIEXTENSION +- openssh: drop sudo from ptest dependencies +- overview-manual: concepts: Add Bitbake Tasks Map +- poky.conf: bump version for 4.0.15 +- python3-jinja2: Fixed ptest result output as per the standard +- ref-manual: classes: explain cml1 class name +- ref-manual: update :term:`SDK_NAME` variable documentation +- ref-manual: variables: add :term:`RECIPE_MAINTAINER` +- ref-manual: variables: document OEQA_REPRODUCIBLE_* variables +- ref-manual: variables: mention new CDN for :term:`SSTATE_MIRRORS` +- rust-common: Set llvm-target correctly for cross SDK targets +- rust-cross-canadian: Fix ordering of target json config generation +- rust-cross/rust-common: Merge arm target handling code to fix cross-canadian +- rust-cross: Simplfy the rust_gen_target calls +- rust-llvm: Allow overriding LLVM target archs +- sdk-manual: extensible.rst: remove instructions for using SDK functionality directly in a yocto build +- sudo: upgrade to 1.9.15p2 +- systemtap_git: fix used uninitialized error +- vim: Improve locale handling +- vim: Upgrade to 9.0.2130 +- vim: use upstream generated .po files + + +Known Issues in Yocto-4.0.15 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.15 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Archana Polampalli +- BELHADJ SALEM Talel +- Bruce Ashfield +- Chaitanya Vadrevu +- Chen Qi +- Deepthi Hemraj +- Denys Dmytriyenko +- Hitendra Prajapati +- Lee Chee Yang +- Li Wang +- Martin Jansa +- Meenali Gupta +- Michael Opdenacker +- Mikko Rapeli +- Narpat Mali +- Niko Mauno +- Ninad Palsule +- Niranjan Pradhan +- Paul Eggleton +- Peter Kjellerstedt +- Peter Marko +- Richard Purdie +- Ross Burton +- Samantha Jalabert +- Sanjana +- Soumya Sambu +- Steve Sakoman +- Tim Orling +- Vijay Anusuri +- Vivek Kumbhar +- Wenlin Kang +- Yogita Urade + + +Repositories / Downloads for Yocto-4.0.15 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.15 </poky/log/?h=yocto-4.0.15>` +- Git Revision: :yocto_git:`755632c2fcab43aa05cdcfa529727064b045073c </poky/commit/?id=755632c2fcab43aa05cdcfa529727064b045073c>` +- Release Artefact: poky-755632c2fcab43aa05cdcfa529727064b045073c +- sha: b40b43bd270d21a420c399981f9cfe0eb999f15e051fc2c89d124f249cdc0bd5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.15/poky-755632c2fcab43aa05cdcfa529727064b045073c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.15/poky-755632c2fcab43aa05cdcfa529727064b045073c.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.15 </openembedded-core/log/?h=yocto-4.0.15>` +- Git Revision: :oe_git:`eea685e1caafd8e8121006d3f8b5d0b8a4f2a933 </openembedded-core/commit/?id=eea685e1caafd8e8121006d3f8b5d0b8a4f2a933>` +- Release Artefact: oecore-eea685e1caafd8e8121006d3f8b5d0b8a4f2a933 +- sha: ddc3d4a2c8a097f2aa7132ae716affacc44b119c616a1eeffb7db56caa7fc79e +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.15/oecore-eea685e1caafd8e8121006d3f8b5d0b8a4f2a933.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.15/oecore-eea685e1caafd8e8121006d3f8b5d0b8a4f2a933.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.15 </meta-mingw/log/?h=yocto-4.0.15>` +- Git Revision: :yocto_git:`f6b38ce3c90e1600d41c2ebb41e152936a0357d7 </meta-mingw/commit/?id=f6b38ce3c90e1600d41c2ebb41e152936a0357d7>` +- Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7 +- sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.15/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.15/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.15 </meta-gplv2/log/?h=yocto-4.0.15>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.15/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.15/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.15 </bitbake/log/?h=yocto-4.0.15>` +- Git Revision: :oe_git:`42a1c9fe698a03feb34c5bba223c6e6e0350925b </bitbake/commit/?id=42a1c9fe698a03feb34c5bba223c6e6e0350925b>` +- Release Artefact: bitbake-42a1c9fe698a03feb34c5bba223c6e6e0350925b +- sha: 64c684ccd661fa13e25c859dfc68d66bec79281da0f4f81b0d6a9995acb659b5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.15/bitbake-42a1c9fe698a03feb34c5bba223c6e6e0350925b.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.15/bitbake-42a1c9fe698a03feb34c5bba223c6e6e0350925b.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.15 </yocto-docs/log/?h=yocto-4.0.15>` +- Git Revision: :yocto_git:`08fda7a5601393617b1ecfe89229459e14a90b1d </yocto-docs/commit/?id=08fda7a5601393617b1ecfe89229459e14a90b1d>` + diff --git a/documentation/migration-guides/release-notes-4.0.16.rst b/documentation/migration-guides/release-notes-4.0.16.rst new file mode 100644 index 0000000000..0eb31832ab --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.16.rst @@ -0,0 +1,191 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.16 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.16 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- cpio: Fix :cve_mitre:`2023-7207` +- curl: Revert "curl: Backport fix CVE-2023-32001" +- curl: Fix :cve:`2023-46218` +- dropbear:Fix :cve:`2023-48795` +- ffmpeg: Fix :cve:`2022-3964` and :cve:`2022-3965` +- ghostscript: Fix :cve:`2023-46751` +- gnutls: Fix :cve:`2024-0553` and :cve:`2024-0567` +- go: Fix :cve:`2023-39326` +- openssh: Fix :cve:`2023-48795`, :cve:`2023-51384` and :cve:`2023-51385` +- openssl: Fix :cve:`2023-6129` and :cve_mitre:`2023-6237` +- pam: Fix :cve_mitre:`2024-22365` +- perl: Fix :cve:`2023-47038` +- qemu: Fix :cve:`2023-5088` +- sqlite3: Fix :cve:`2023-7104` +- systemd: Fix :cve:`2023-7008` +- tiff: Fix :cve:`2023-6228` +- xserver-xorg: Fix :cve:`2023-6377`, :cve:`2023-6478`, :cve:`2023-6816`, :cve_mitre:`2024-0229`, :cve:`2024-0408`, :cve:`2024-0409`, :cve_mitre:`2024-21885` and :cve_mitre:`2024-21886` +- zlib: Ignore :cve:`2023-6992` + + +Fixes in Yocto-4.0.16 +~~~~~~~~~~~~~~~~~~~~~ + +- bitbake: asyncrpc: Add context manager API +- bitbake: data: Add missing dependency handling of remove operator +- bitbake: lib/bb: Add workaround for libgcc issues with python 3.8 and 3.9 +- bitbake: toastergui: verify that an existing layer path is given +- build-appliance-image: Update to kirkstone head revision +- contributor-guide: add License-Update tag +- contributor-guide: fix command option +- contributor-guide: use "apt" instead of "aptitude" +- cpio: upgrade to 2.14 +- cve-update-nvd2-native: faster requests with API keys +- cve-update-nvd2-native: increase the delay between subsequent request failures +- cve-update-nvd2-native: make number of fetch attemtps configurable +- cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT +- dev-manual: Discourage the use of SRC_URI[md5sum] +- dev-manual: layers: update link to YP Compatible form +- dev-manual: runtime-testing: fix test module name +- dev-manual: start.rst: update use of Download page +- docs:what-i-wish-id-known.rst: fix URL +- docs: document VSCode extension +- docs:brief-yoctoprojectqs:index.rst: align variable order with default local.conf +- docs:migration-guides: add release notes for 4.0.15 +- docs:migration-guides: release 3.5 is actually 4.0 +- elfutils: Disable stringop-overflow warning for build host +- externalsrc: Ensure :term:`SRCREV` is processed before accessing :term:`SRC_URI` +- linux-firmware: upgrade to 20231030 +- manuals: Add :term:`CONVERSION_CMD` definition +- manuals: Add :term:`UBOOT_BINARY`, extend :term:`UBOOT_CONFIG` +- perl: upgrade to 5.34.3 +- poky.conf: bump version for 4.0.16 +- pybootchartgui: fix 2 SyntaxWarnings +- python3-ptest: skip test_storlines +- ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults +- ref-manual: classes: remove insserv bbclass +- ref-manual: releases.svg: update nanbield release status +- ref-manual: resources: sync with master branch +- ref-manual: update tested and supported distros +- test-manual: add links to python unittest +- test-manual: add or improve hyperlinks +- test-manual: explicit or fix file paths +- test-manual: resource updates +- test-manual: text and formatting fixes +- test-manual: use working example +- testimage: Exclude wtmp from target-dumper commands +- testimage: drop target_dumper, host_dumper, and monitor_dumper +- tzdata: Upgrade to 2023d + + +Known Issues in Yocto-4.0.16 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.16 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Aatir Manzur +- Archana Polampalli +- Dhairya Nagodra +- Dmitry Baryshkov +- Enguerrand de Ribaucourt +- Hitendra Prajapati +- Insu Park +- Joshua Watt +- Justin Bronder +- Jörg Sommer +- Khem Raj +- Lee Chee Yang +- mark.yang +- Marta Rybczynska +- Martin Jansa +- Maxin B. John +- Michael Opdenacker +- Paul Barker +- Peter Kjellerstedt +- Peter Marko +- Poonam Jadhav +- Richard Purdie +- Shubham Kulkarni +- Simone Weiß +- Soumya Sambu +- Sourav Pramanik +- Steve Sakoman +- Trevor Gamblin +- Vijay Anusuri +- Vivek Kumbhar +- Yoann Congal +- Yogita Urade + + +Repositories / Downloads for Yocto-4.0.16 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.16 </poky/log/?h=yocto-4.0.16>` +- Git Revision: :yocto_git:`54af8c5e80ebf63707ef4e51cc9d374f716da603 </poky/commit/?id=54af8c5e80ebf63707ef4e51cc9d374f716da603>` +- Release Artefact: poky-54af8c5e80ebf63707ef4e51cc9d374f716da603 +- sha: a53ec3a661cf56ca40c0fbf1500288c2c20abe94896d66a572bc5ccf5d92e9d6 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.16/poky-54af8c5e80ebf63707ef4e51cc9d374f716da603.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.16/poky-54af8c5e80ebf63707ef4e51cc9d374f716da603.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.16 </openembedded-core/log/?h=yocto-4.0.16>` +- Git Revision: :oe_git:`a744a897f0ea7d34c31c024c13031221f9a85f24 </openembedded-core/commit/?id=a744a897f0ea7d34c31c024c13031221f9a85f24>` +- Release Artefact: oecore-a744a897f0ea7d34c31c024c13031221f9a85f24 +- sha: 8c2bc9487597b0caa9f5a1d72b18cfcd1ddc7e6d91f0f051313563d6af95aeec +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.16/oecore-a744a897f0ea7d34c31c024c13031221f9a85f24.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.16/oecore-a744a897f0ea7d34c31c024c13031221f9a85f24.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.16 </meta-mingw/log/?h=yocto-4.0.16>` +- Git Revision: :yocto_git:`f6b38ce3c90e1600d41c2ebb41e152936a0357d7 </meta-mingw/commit/?id=f6b38ce3c90e1600d41c2ebb41e152936a0357d7>` +- Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7 +- sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.16/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.16/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.16 </meta-gplv2/log/?h=yocto-4.0.16>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.16/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.16/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.16 </bitbake/log/?h=yocto-4.0.16>` +- Git Revision: :oe_git:`ee090484cc25d760b8c20f18add17b5eff485b40 </bitbake/commit/?id=ee090484cc25d760b8c20f18add17b5eff485b40>` +- Release Artefact: bitbake-ee090484cc25d760b8c20f18add17b5eff485b40 +- sha: 479e3a57ae9fbc2aa95292a7554caeef113bbfb28c226ed19547b8dde1c95314 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.16/bitbake-ee090484cc25d760b8c20f18add17b5eff485b40.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.16/bitbake-ee090484cc25d760b8c20f18add17b5eff485b40.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.16 </yocto-docs/log/?h=yocto-4.0.16>` +- Git Revision: :yocto_git:`aba67b58711019a6ba439b2b77337f813ed799ac </yocto-docs/commit/?id=aba67b58711019a6ba439b2b77337f813ed799ac>` + diff --git a/documentation/migration-guides/release-notes-4.0.17.rst b/documentation/migration-guides/release-notes-4.0.17.rst new file mode 100644 index 0000000000..07242584b8 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.17.rst @@ -0,0 +1,238 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.17 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.17 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-4408`, :cve:`2023-5517`, :cve:`2023-5679`, :cve:`2023-50868` and :cve:`2023-50387` +- binutils: Fix :cve:`2023-39129` and :cve:`2023-39130` +- curl: Fix :cve:`2023-46219` +- curl: Ignore :cve:`2023-42915` +- gcc: Ignore :cve:`2023-4039` +- gdb: Fix :cve:`2023-39129` and :cve:`2023-39130` +- glibc: Ignore :cve:`2023-0687` +- go: Fix :cve:`2023-29406`, :cve:`2023-45285`, :cve:`2023-45287`, :cve:`2023-45289`, :cve:`2023-45290`, :cve:`2024-24784` and :cve:`2024-24785` +- less: Fix :cve:`2022-48624` +- libgit2: Fix :cve:`2024-24575` and :cve:`2024-24577` +- libuv: fix :cve:`2024-24806` +- libxml2: Fix for :cve:`2024-25062` +- linux-yocto/5.15: Fix :cve:`2022-36402`, :cve:`2022-40982`, :cve:`2022-47940`, :cve:`2023-1193`, :cve:`2023-1194`, :cve:`2023-3772`, :cve_mitre:`2023-3867`, :cve:`2023-4128`, :cve:`2023-4206`, :cve:`2023-4207`, :cve:`2023-4208`, :cve:`2023-4244`, :cve:`2023-4273`, :cve:`2023-4563`, :cve:`2023-4569`, :cve:`2023-4623`, :cve:`2023-4881`, :cve:`2023-4921`, :cve:`2023-5158`, :cve:`2023-5717`, :cve:`2023-6040`, :cve:`2023-6121`, :cve:`2023-6176`, :cve:`2023-6546`, :cve:`2023-6606`, :cve:`2023-6622`, :cve:`2023-6817`, :cve:`2023-6915`, :cve:`2023-6931`, :cve:`2023-6932`, :cve:`2023-20569`, :cve:`2023-20588`, :cve:`2023-25775`, :cve:`2023-31085`, :cve:`2023-32247`, :cve:`2023-32250`, :cve:`2023-32252`, :cve:`2023-32254`, :cve:`2023-32257`, :cve:`2023-32258`, :cve:`2023-34324`, :cve:`2023-35827`, :cve:`2023-38427`, :cve:`2023-38430`, :cve:`2023-38431`, :cve:`2023-39189`, :cve:`2023-39192`, :cve:`2023-39193`, :cve:`2023-39194`, :cve:`2023-39198`, :cve:`2023-40283`, :cve:`2023-42752`, :cve:`2023-42753`, :cve:`2023-42754`, :cve:`2023-42755`, :cve:`2023-45871`, :cve:`2023-46343`, :cve:`2023-46813`, :cve:`2023-46838`, :cve:`2023-46862`, :cve:`2023-51042`, :cve:`2023-51779`, :cve_mitre:`2023-52340`, :cve:`2023-52429`, :cve:`2023-52435`, :cve:`2023-52436`, :cve:`2023-52438`, :cve:`2023-52439`, :cve:`2023-52441`, :cve:`2023-52442`, :cve:`2023-52443`, :cve:`2023-52444`, :cve:`2023-52445`, :cve:`2023-52448`, :cve:`2023-52449`, :cve:`2023-52451`, :cve:`2023-52454`, :cve:`2023-52456`, :cve:`2023-52457`, :cve:`2023-52458`, :cve:`2023-52463`, :cve:`2023-52464`, :cve:`2024-0340`, :cve:`2024-0584`, :cve:`2024-0607`, :cve:`2024-0641`, :cve:`2024-0646`, :cve:`2024-1085`, :cve:`2024-1086`, :cve:`2024-1151`, :cve:`2024-22705`, :cve:`2024-23849`, :cve:`2024-23850`, :cve:`2024-23851`, :cve:`2024-24860`, :cve:`2024-26586`, :cve:`2024-26589`, :cve:`2024-26591`, :cve:`2024-26592`, :cve:`2024-26593`, :cve:`2024-26594`, :cve:`2024-26597` and :cve:`2024-26598` +- linux-yocto/5.15: Ignore :cve:`2020-27418`, :cve:`2020-36766`, :cve:`2021-33630`, :cve:`2021-33631`, :cve:`2022-48619`, :cve:`2023-2430`, :cve:`2023-4610`, :cve:`2023-4732`, :cve:`2023-5090`, :cve:`2023-5178`, :cve:`2023-5197`, :cve:`2023-5345`, :cve:`2023-5633`, :cve:`2023-5972`, :cve:`2023-6111`, :cve:`2023-6200`, :cve:`2023-6531`, :cve:`2023-6679`, :cve:`2023-7192`, :cve:`2023-40791`, :cve:`2023-42756`, :cve:`2023-44466`, :cve:`2023-45862`, :cve:`2023-45863`, :cve:`2023-45898`, :cve:`2023-51043`, :cve:`2023-51780`, :cve:`2023-51781`, :cve:`2023-51782`, :cve:`2023-52433`, :cve:`2023-52440`, :cve:`2023-52446`, :cve:`2023-52450`, :cve:`2023-52453`, :cve:`2023-52455`, :cve:`2023-52459`, :cve:`2023-52460`, :cve:`2023-52461`, :cve:`2023-52462`, :cve:`2024-0193`, :cve:`2024-0443`, :cve:`2024-0562`, :cve:`2024-0582`, :cve:`2024-0639`, :cve:`2024-0775`, :cve:`2024-26581`, :cve:`2024-26582`, :cve:`2024-26590`, :cve:`2024-26596` and :cve:`2024-26599` +- linux-yocto/5.10: Fix :cve:`2023-6040`, :cve:`2023-6121`, :cve:`2023-6606`, :cve:`2023-6817`, :cve:`2023-6915`, :cve:`2023-6931`, :cve:`2023-6932`, :cve:`2023-39198`, :cve:`2023-46838`, :cve:`2023-51779`, :cve:`2023-51780`, :cve:`2023-51781`, :cve:`2023-51782`, :cve_mitre:`2023-52340`, :cve:`2024-0584` and :cve:`2024-0646` +- linux-yocto/5.10: Ignore :cve:`2021-33630`, :cve:`2021-33631`, :cve:`2022-1508`, :cve:`2022-36402`, :cve:`2022-48619`, :cve:`2023-2430`, :cve:`2023-4610`, :cve:`2023-5972`, :cve:`2023-6039`, :cve:`2023-6200`, :cve:`2023-6531`, :cve:`2023-6546`, :cve:`2023-6622`, :cve:`2023-6679`, :cve:`2023-7192`, :cve:`2023-46343`, :cve:`2023-51042`, :cve:`2023-51043`, :cve:`2024-0193`, :cve:`2024-0443`, :cve:`2024-0562`, :cve:`2024-0582`, :cve:`2024-0639`, :cve:`2024-0641`, :cve:`2024-0775`, :cve:`2024-1085` and :cve:`2024-22705` +- openssl: Fix :cve:`2024-0727` +- python3-pycryptodome: Fix :cve:`2023-52323` +- qemu: Fix :cve:`2023-6693`, :cve:`2023-42467` and :cve:`2024-24474` +- vim: Fix :cve:`2024-22667` +- xwayland: Fix :cve:`2023-6377` and :cve:`2023-6478` + + +Fixes in Yocto-4.0.17 +~~~~~~~~~~~~~~~~~~~~~ + +- bind: Upgrade to 9.18.24 +- bitbake: bitbake/codeparser.py: address ast module deprecations in py 3.12 +- bitbake: bitbake/lib/bs4/tests/test_tree.py: python 3.12 regex +- bitbake: codeparser: replace deprecated ast.Str and 's' +- bitbake: fetch2: Ensure that git LFS objects are available +- bitbake: tests/fetch: Add real git lfs tests and decorator +- bitbake: tests/fetch: git-lfs restore _find_git_lfs +- bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer +- build-appliance-image: Update to kirkstone head revision +- cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES +- contributor-guide: fix lore URL +- curl: don't enable debug builds +- cve_check: cleanup logging +- dbus: Add missing :term:`CVE_PRODUCT` +- dev-manual: sbom: Rephrase spdx creation +- dev-manual: runtime-testing: gen-tapdevs need iptables installed +- dev-manual: packages: clarify shared :term:`PR` service constraint +- dev-manual: packages: need enough free space +- dev-manual: start: remove idle line +- feature-microblaze-versions.inc: python 3.12 regex +- ghostscript: correct :term:`LICENSE` with AGPLv3 +- image-live.bbclass: LIVE_ROOTFS_TYPE support compression +- kernel.bbclass: Set pkg-config variables for building modules +- kernel.bbclass: introduce KERNEL_LOCALVERSION +- kernel: fix localversion in v6.3+ +- kernel: make LOCALVERSION consistent between recipes +- ldconfig-native: Fix to point correctly on the DT_NEEDED entries in an ELF file +- librsvg: Fix do_package_qa error for librsvg +- linux-firmware: upgrade to 20231211 +- linux-yocto/5.10: update to v5.10.210 +- linux-yocto/5.15: update to v5.15.150 +- manuals: add minimum RAM requirements +- manuals: suppress excess use of "following" word +- manuals: update disk space requirements +- manuals: update references to buildtools +- manuals: updates for building on Windows (WSL 2) +- meta/lib/oeqa: python 3.12 regex +- meta/recipes: python 3.12 regex +- migration-guide: add release notes for 4.0.16 +- oeqa/selftest/oelib/buildhistory: git default branch +- oeqa/selftest/recipetool: downgrade meson version to not use pyproject.toml +- oeqa/selftest/recipetool: expect meson.bb +- oeqa/selftest/recipetool: fix for python 3.12 +- oeqa/selftest/runtime_test: only run the virgl tests on qemux86-64 +- oeqa: replace deprecated assertEquals +- openssl: Upgrade to 3.0.13 +- poky.conf: bump version for 4.0.17 +- populate_sdk_ext: use ConfigParser instead of SafeConfigParser +- python3-jinja2: upgrade to 3.1.3 +- recipetool/create_buildsys_python: use importlib instead of imp +- ref-manual: system-requirements: recommend buildtools for not supported distros +- ref-manual: system-requirements: add info on buildtools-make-tarball +- ref-manual: release-process: grammar fix +- ref-manual: system-requirements: fix AlmaLinux variable name +- ref-manual: system-requirements: modify anchor +- ref-manual: system-requirements: remove outdated note +- ref-manual: system-requirements: simplify supported distro requirements +- ref-manual: system-requirements: update packages to build docs +- scripts/runqemu: add qmp socket support +- scripts/runqemu: direct mesa to use its own drivers, rather than ones provided by host distro +- scripts/runqemu: fix regex escape sequences +- scripts: python 3.12 regex +- selftest: skip virgl gtk/sdl test on ubuntu 18.04 +- systemd: Only add myhostname to nsswitch.conf if in :term:`PACKAGECONFIG` +- tzdata : Upgrade to 2024a +- u-boot: Move UBOOT_INITIAL_ENV back to u-boot.inc +- useradd-example: do not use unsupported clear text password +- vim: upgrade to v9.0.2190 +- yocto-bsp: update to v5.15.150 + + +Known Issues in Yocto-4.0.17 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.17 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Adrian Freihofer +- Alassane Yattara +- Alexander Kanavin +- Alexander Sverdlin +- Archana Polampalli +- Baruch Siach +- Bruce Ashfield +- Chen Qi +- Chris Laplante +- Deepthi Hemraj +- Dhairya Nagodra +- Fabien Mahot +- Fabio Estevam +- Hitendra Prajapati +- Hugo SIMELIERE +- Jermain Horsman +- Kai Kang +- Lee Chee Yang +- Ludovic Jozeau +- Michael Opdenacker +- Ming Liu +- Munehisa Kamata +- Narpat Mali +- Nikhil R +- Paul Eggleton +- Paulo Neves +- Peter Marko +- Philip Lorenz +- Poonam Jadhav +- Priyal Doshi +- Ross Burton +- Simone Weiß +- Soumya Sambu +- Steve Sakoman +- Tim Orling +- Trevor Gamblin +- Vijay Anusuri +- Vivek Kumbhar +- Wang Mingyu +- Zahir Hussain + + +Repositories / Downloads for Yocto-4.0.17 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.17 </poky/log/?h=yocto-4.0.17>` +- Git Revision: :yocto_git:`6d1a878bbf24c66f7186b270f823fcdf82e35383 </poky/commit/?id=6d1a878bbf24c66f7186b270f823fcdf82e35383>` +- Release Artefact: poky-6d1a878bbf24c66f7186b270f823fcdf82e35383 +- sha: 3bc3010340b674f7b0dd0a7997f0167b2240b794fbd4aa28c0c4217bddd15e30 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/poky-6d1a878bbf24c66f7186b270f823fcdf82e35383.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/poky-6d1a878bbf24c66f7186b270f823fcdf82e35383.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.17 </openembedded-core/log/?h=yocto-4.0.17>` +- Git Revision: :oe_git:`2501534c9581c6c3439f525d630be11554a57d24 </openembedded-core/commit/?id=2501534c9581c6c3439f525d630be11554a57d24>` +- Release Artefact: oecore-2501534c9581c6c3439f525d630be11554a57d24 +- sha: 52cc6cce9e920bdce078584b89136e81cc01e0c55616fab5fca6c3e04264c88e +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/oecore-2501534c9581c6c3439f525d630be11554a57d24.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/oecore-2501534c9581c6c3439f525d630be11554a57d24.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.17 </meta-mingw/log/?h=yocto-4.0.17>` +- Git Revision: :yocto_git:`f6b38ce3c90e1600d41c2ebb41e152936a0357d7 </meta-mingw/commit/?id=f6b38ce3c90e1600d41c2ebb41e152936a0357d7>` +- Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7 +- sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.17 </meta-gplv2/log/?h=yocto-4.0.17>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +meta-clang + +- Repository Location: :yocto_git:`/meta-clang` +- Branch: :yocto_git:`kirkstone </meta-clang/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.17 </meta-clang/log/?h=yocto-4.0.17>` +- Git Revision: :yocto_git:`eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52 </meta-clang/commit/?id=eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52>` +- Release Artefact: meta-clang-eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52 +- sha: 3299e96e069a22c0971e903fbc191f2427efffc83d910ac51bf0237caad01d17 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/meta-clang-eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/meta-clang-eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.17 </bitbake/log/?h=yocto-4.0.17>` +- Git Revision: :oe_git:`40fd5f4eef7460ca67f32cfce8e229e67e1ff607 </bitbake/commit/?id=40fd5f4eef7460ca67f32cfce8e229e67e1ff607>` +- Release Artefact: bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607 +- sha: 5d20a0e4c5d0fce44bd84778168714a261a30a4b83f67c88df3b8a7e7115e444 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.17 </yocto-docs/log/?h=yocto-4.0.17>` +- Git Revision: :yocto_git:`08ce7db2aa3a38deb8f5aa59bafc78542986babb </yocto-docs/commit/?id=08ce7db2aa3a38deb8f5aa59bafc78542986babb>` + diff --git a/documentation/migration-guides/release-notes-4.0.18.rst b/documentation/migration-guides/release-notes-4.0.18.rst new file mode 100644 index 0000000000..d5a2a7f6ce --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.18.rst @@ -0,0 +1,191 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.18 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- curl: Fix :cve:`2024-2398` +- expat: fix :cve:`2023-52426` and :cve:`2024-28757` +- libssh2: fix :cve:`2023-48795` +- ncurses: Fix :cve:`2023-50495` +- nghttp2: Fix :cve:`2024-28182` and :cve:`2023-44487` +- openssh: Ignore :cve:`2023-51767` +- openssl: Fix :cve:`2024-2511` +- perl: Ignore :cve:`2023-47100` +- python3-cryptography: Fix :cve:`2024-26130` +- python3-urllib3: Fix :cve:`2023-45803` +- qemu: Fix :cve:`2023-6683` +- ruby: fix :cve_mitre:`2024-27281` +- rust: Ignore :cve:`2024-24576` +- tiff: Fix :cve:`2023-52356` and :cve:`2023-6277` +- xserver-xorg: Fix :cve:`2024-31080` and :cve:`2024-31081` +- xwayland: Fix :cve:`2023-6816`, :cve:`2024-0408` and :cve:`2024-0409` + + +Fixes in Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~ + +- build-appliance-image: Update to kirkstone head revision +- common-licenses: backport LGPL-3.0-with-zeromq-exception license +- contributor-guide: add notes for tests +- contributor-guide: be more specific about meta-* trees +- cups: fix typo in :cve:`2023-32360` backport patch +- cve-update-nvd2-native: Add an age threshold for incremental update +- cve-update-nvd2-native: Fix CVE configuration update +- cve-update-nvd2-native: Fix typo in comment +- cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition +- cve-update-nvd2-native: Remove rejected CVE from database +- cve-update-nvd2-native: nvd_request_next: Improve comment +- dev-manual: improve descriptions of 'bitbake -S printdiff' +- dev-manual: packages: fix capitalization +- docs: conf.py: properly escape backslashes for latex_elements +- gcc: Backport sanitizer fix for 32-bit ALSR +- glibc: Fix subscript typos for get_nscd_addresses +- kernel-dev: join mkdir commands with -p +- linux-firmware: Upgrade to 20240220 +- manuals: add initial sphinx-lint support +- manuals: add initial stylechecks with Vale +- manuals: document VIRTUAL-RUNTIME variables +- manuals: fix duplicate "stylecheck" target +- manuals: fix incorrect double backticks +- manuals: fix trailing spaces +- manuals: refer to new yocto-patches mailing list wherever appropriate +- manuals: remove tab characters +- manuals: replace hyphens with em dashes +- manuals: use "manual page(s)" +- migration-guides: add release notes for 4.0.17 +- poky.conf: bump version for 4.0.18 +- profile-manual: usage.rst: fix reference to bug report +- profile-manual: usage.rst: formatting fixes +- profile-manual: usage.rst: further style improvements +- python3-urllib3: Upgrade to v1.26.18 +- ref-manual: add documentation of the variable :term:`SPDX_NAMESPACE_PREFIX` +- ref-manual: tasks: do_cleanall: recommend using '-f' instead +- ref-manual: tasks: do_cleansstate: recommend using '-f' instead for a shared sstate +- ref-manual: variables: adding multiple groups in :term:`GROUPADD_PARAM` +- ref-manual: variables: correct sdk installation default path +- stress-ng: avoid calling sync during do_compile +- systemd: Fix vlan qos mapping +- tcl: Add a way to skip ptests +- tcl: skip async and event tests in run-ptest +- tcl: skip timing-dependent tests in run-ptest +- valgrind: skip intermittently failing ptest +- wireless-regdb: Upgrade to 2024.01.23 +- yocto-uninative: Update to 4.4 for glibc 2.39 + + +Known Issues in Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alex Kiernan +- Alex Stewart +- Alexander Kanavin +- BELOUARGA Mohamed +- Claus Stovgaard +- Colin McAllister +- Geoff Parker +- Haitao Liu +- Harish Sadineni +- Johan Bezem +- Jonathan GUILLOT +- Jörg Sommer +- Khem Raj +- Lee Chee Yang +- Luca Ceresoli +- Martin Jansa +- Meenali Gupta +- Michael Halstead +- Michael Opdenacker +- Peter Marko +- Quentin Schulz +- Ross Burton +- Sana Kazi +- Simone Weiß +- Soumya Sambu +- Steve Sakoman +- Tan Wen Yan +- Vijay Anusuri +- Wang Mingyu +- Yoann Congal +- Yogita Urade +- Zahir Hussain + + +Repositories / Downloads for Yocto-4.0.18 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </poky/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`31751bba1c789f15f574773a659b8017d7bcf440 </poky/commit/?id=31751bba1c789f15f574773a659b8017d7bcf440>` +- Release Artefact: poky-31751bba1c789f15f574773a659b8017d7bcf440 +- sha: 72d5aa65c3c37766ebc24b212740272c1d52342468548f9c070241d3522ad2ca +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/poky-31751bba1c789f15f574773a659b8017d7bcf440.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/poky-31751bba1c789f15f574773a659b8017d7bcf440.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.18 </openembedded-core/log/?h=yocto-4.0.18>` +- Git Revision: :oe_git:`b7182571242dc4e23e5250a449d90348e62a6abc </openembedded-core/commit/?id=b7182571242dc4e23e5250a449d90348e62a6abc>` +- Release Artefact: oecore-b7182571242dc4e23e5250a449d90348e62a6abc +- sha: 6f257e50c10ebae673dcf61a833b3270db6d22781f02f6794a370aac839f1020 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/oecore-b7182571242dc4e23e5250a449d90348e62a6abc.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/oecore-b7182571242dc4e23e5250a449d90348e62a6abc.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </meta-mingw/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`f6b38ce3c90e1600d41c2ebb41e152936a0357d7 </meta-mingw/commit/?id=f6b38ce3c90e1600d41c2ebb41e152936a0357d7>` +- Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7 +- sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </meta-gplv2/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.18 </bitbake/log/?h=yocto-4.0.18>` +- Git Revision: :oe_git:`40fd5f4eef7460ca67f32cfce8e229e67e1ff607 </bitbake/commit/?id=40fd5f4eef7460ca67f32cfce8e229e67e1ff607>` +- Release Artefact: bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607 +- sha: 5d20a0e4c5d0fce44bd84778168714a261a30a4b83f67c88df3b8a7e7115e444 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.18/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.18/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.18 </yocto-docs/log/?h=yocto-4.0.18>` +- Git Revision: :yocto_git:`fd1423141e7458ba557db465c171b0b4e9063987 </yocto-docs/commit/?id=fd1423141e7458ba557db465c171b0b4e9063987>` + diff --git a/documentation/migration-guides/release-notes-4.0.2.rst b/documentation/migration-guides/release-notes-4.0.2.rst new file mode 100644 index 0000000000..2f724e33c4 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.2.rst @@ -0,0 +1,298 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.2 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- libxslt: Mark :cve:`2022-29824` as not applying +- tiff: Add jbig :term:`PACKAGECONFIG` and clarify IGNORE :cve:`2022-1210` +- tiff: mark :cve:`2022-1622` and :cve:`2022-1623` as invalid +- pcre2:fix :cve:`2022-1586` Out-of-bounds read +- curl: fix :cve:`2022-22576`, :cve:`2022-27775`, :cve:`2022-27776`, :cve:`2022-27774`, :cve:`2022-30115`, :cve:`2022-27780`, :cve:`2022-27781`, :cve:`2022-27779` and :cve:`2022-27782` +- qemu: fix :cve:`2021-4206` and :cve:`2021-4207` +- freetype: fix :cve:`2022-27404`, :cve:`2022-27405` and :cve:`2022-27406` + +Fixes in Yocto-4.0.2 +~~~~~~~~~~~~~~~~~~~~ + +- alsa-plugins: fix libavtp vs. avtp packageconfig +- archiver: don't use machine variables in shared recipes +- archiver: use bb.note instead of echo +- baremetal-image: fix broken symlink in do_rootfs +- base-passwd: Disable shell for default users +- bash: submit patch upstream +- bind: upgrade 9.18.1 -> 9.18.2 +- binutils: Bump to latest 2.38 release branch +- bitbake.conf: Make :term:`TCLIBC` and :term:`TCMODE` lazy assigned +- bitbake: build: Add clean_stamp API function to allow removal of task stamps +- bitbake: data: Do not depend on vardepvalueexclude flag +- bitbake: fetch2/osc: Small fixes for osc fetcher +- bitbake: server/process: Fix logging issues where only the first message was displayed +- build-appliance-image: Update to kirkstone head revision +- buildhistory.bbclass: fix shell syntax when using dash +- cairo: Add missing GPLv3 license checksum entry +- classes: rootfs-postcommands: add skip option to overlayfs_qa_check +- cronie: upgrade 1.6.0 -> 1.6.1 +- cups: upgrade 2.4.1 -> 2.4.2 +- cve-check.bbclass: Added do_populate_sdk[recrdeptask]. +- cve-check: Add helper for symlink handling +- cve-check: Allow warnings to be disabled +- cve-check: Fix report generation +- cve-check: Only include installed packages for rootfs manifest +- cve-check: add support for Ignored CVEs +- cve-check: fix return type in check_cves +- cve-check: move update_symlinks to a library +- cve-check: write empty fragment files in the text mode +- cve-extra-exclusions: Add kernel CVEs +- cve-update-db-native: make it possible to disable database updates +- devtool: Fix _copy_file() TypeError +- e2fsprogs: add alternatives handling of lsattr as well +- e2fsprogs: update upstream status +- efivar: add musl libc compatibility +- epiphany: upgrade 42.0 -> 42.2 +- ffmpeg: upgrade 5.0 -> 5.0.1 +- fribidi: upgrade 1.0.11 -> 1.0.12 +- gcc-cross-canadian: Add nativesdk-zstd dependency +- gcc-source: Fix incorrect task dependencies from ${B} +- gcc: Upgrade to 11.3 release +- gcc: depend on zstd-native +- git: fix override syntax in :term:`RDEPENDS` +- glib-2.0: upgrade 2.72.1 -> 2.72.2 +- glibc: Drop make-native dependency +- go: upgrade 1.17.8 -> 1.17.10 +- gst-devtools: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2 +- gstreamer1.0: upgrade 1.20.1 -> 1.20.2 +- gtk+3: upgrade 3.24.33 -> 3.24.34 +- gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2 +- image.bbclass: allow overriding dependency on virtual/kernel:do_deploy +- insane.bbclass: make sure to close .patch files +- iso-codes: upgrade 4.9.0 -> 4.10.0 +- kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task +- libcgroup: upgrade 2.0.1 -> 2.0.2 +- liberror-perl: Update sstate/equiv versions to clean cache +- libinput: upgrade 1.19.3 -> 1.19.4 +- libpcre2: upgrade 10.39 -> 10.40 +- librepo: upgrade 1.14.2 -> 1.14.3 +- libseccomp: Add missing files for ptests +- libseccomp: Correct :term:`LIC_FILES_CHKSUM` +- libxkbcommon: upgrade 1.4.0 -> 1.4.1 +- libxml2: Upgrade 2.9.13 -> 2.9.14 +- license.bbclass: Bound beginline and endline in copy_license_files() +- license_image.bbclass: Make QA errors fail the build +- linux-firmware: add support for building snapshots +- linux-firmware: package new Qualcomm firmware +- linux-firmware: replace mkdir by install +- linux-firmware: split ath3k firmware +- linux-firmware: upgrade to 20220610 +- linux-yocto/5.10: update to v5.10.119 +- linux-yocto/5.15: Enable MDIO bus config +- linux-yocto/5.15: bpf: explicitly disable unpriv eBPF by default +- linux-yocto/5.15: cfg/xen: Move x86 configs to separate file +- linux-yocto/5.15: update to v5.15.44 +- local.conf.sample: Update sstate url to new 'all' path +- logrotate: upgrade 3.19.0 -> 3.20.1 +- lttng-modules: Fix build failure for 5.10.119+ and 5.15.44+ kernel +- lttng-modules: fix build against 5.18-rc7+ +- lttng-modules: fix shell syntax +- lttng-ust: upgrade 2.13.2 -> 2.13.3 +- lzo: Add further info to a patch and mark as Inactive-Upstream +- makedevs: Don't use COPYING.patch just to add license file into ${S} +- manuals: switch to the sstate mirror shared between all versions +- mesa.inc: package 00-radv-defaults.conf +- mesa: backport a patch to support compositors without zwp_linux_dmabuf_v1 again +- mesa: upgrade to 22.0.3 +- meson.bbclass: add cython binary to cross/native toolchain config +- mmc-utils: upgrade to latest revision +- mobile-broadband-provider-info: upgrade 20220315 -> 20220511 +- ncurses: update to patchlevel 20220423 +- oeqa/selftest/cve_check: add tests for Ignored and partial reports +- oeqa/selftest/cve_check: add tests for recipe and image reports +- oescripts: change compare logic in OEListPackageconfigTests +- openssl: Backport fix for ptest cert expiry +- overlayfs: add docs about skipping QA check & service dependencies +- ovmf: Fix native build with gcc-12 +- patch.py: make sure that patches/series file exists before quilt pop +- pciutils: avoid lspci conflict with busybox +- perl: Add dependency on make-native to avoid race issues +- perl: Fix build with gcc-12 +- poky.conf: bump version for 4.0.2 +- popt: fix override syntax in :term:`RDEPENDS` +- pypi.bbclass: Set :term:`CVE_PRODUCT` to :term:`PYPI_PACKAGE` +- python3: Ensure stale empty python module directories don't break the build +- python3: Remove problematic paths from sysroot files +- python3: fix reproducibility issue with python3-core +- python3: use built-in distutils for ptest, rather than setuptools' 'fork' +- python: Avoid shebang overflow on python-config.py +- rootfs-postcommands.bbclass: correct comments +- rootfs.py: close kernel_abi_ver_file +- rootfs.py: find .ko.zst kernel modules +- rust-common: Drop LLVM_TARGET and simplify +- rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets +- rust-common: Fix for target definitions returning 'NoneType' for arm +- rust-common: Fix native signature dependency issues +- rust-common: Fix sstate signatures between arm hf and non-hf +- sanity: Don't warn about make 4.2.1 for mint +- sanity: Switch to make 4.0 as a minimum version +- sed: Specify shell for "nobody" user in run-ptest +- selftest/imagefeatures/overlayfs: Always append to :term:`DISTRO_FEATURES` +- selftest/multiconfig: Test that multiconfigs in separate layers works +- sqlite3: upgrade to 3.38.5 +- staging.bbclass: process direct dependencies in deterministic order +- staging: Fix rare sysroot corruption issue +- strace: Don't run ptest as "nobody" +- systemd: Correct 0001-pass-correct-parameters-to-getdents64.patch +- systemd: Correct path returned in sd_path_lookup() +- systemd: Document future actions needed for set of musl patches +- systemd: Drop 0001-test-parse-argument-Include-signal.h.patch +- systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch +- systemd: Drop 0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch +- systemd: Drop redundant musl patches +- systemd: Fix build regression with latest update +- systemd: Remove __compare_fn_t type in musl-specific patch +- systemd: Update patch status +- systemd: systemd-systemctl: Support instance conf files during enable +- systemd: update ``0008-add-missing-FTW_-macros-for-musl.patch`` +- systemd: upgrade 250.4 -> 250.5 +- uboot-sign: Fix potential index error issues +- valgrind: submit arm patches upstream +- vim: Upgrade to 8.2.5083 +- webkitgtk: upgrade to 2.36.3 +- wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions +- xwayland: upgrade 22.1.0 -> 22.1.1 +- xxhash: fix build with gcc 12 +- zip/unzip: mark all submittable patches as Inactive-Upstream + +Known Issues in Yocto-4.0.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- There were build failures at the autobuilder due to a known scp issue on Fedora-36 hosts. + +Contributors to Yocto-4.0.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alex Kiernan +- Alexander Kanavin +- Aryaman Gupta +- Bruce Ashfield +- Claudius Heine +- Davide Gardenal +- Dmitry Baryshkov +- Ernst Sjöstrand +- Felix Moessbauer +- Gunjan Gupta +- He Zhe +- Hitendra Prajapati +- Jack Mitchell +- Jeremy Puhlman +- Jiaqing Zhao +- Joerg Vehlow +- Jose Quaresma +- Kai Kang +- Khem Raj +- Konrad Weihmann +- Marcel Ziswiler +- Markus Volk +- Marta Rybczynska +- Martin Jansa +- Michael Opdenacker +- Mingli Yu +- Naveen Saini +- Nick Potenski +- Paulo Neves +- Pavel Zhukov +- Peter Kjellerstedt +- Rasmus Villemoes +- Richard Purdie +- Robert Joslyn +- Ross Burton +- Samuli Piippo +- Sean Anderson +- Stefan Wiehler +- Steve Sakoman +- Sundeep Kokkonda +- Tomasz Dziendzielski +- Xiaobing Luo +- Yi Zhao +- leimaohui +- Wang Mingyu + +Repositories / Downloads for Yocto-4.0.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.2 </poky/log/?h=yocto-4.0.2>` +- Git Revision: :yocto_git:`a5ea426b1da472fc8549459fff3c1b8c6e02f4b5 </poky/commit/?id=a5ea426b1da472fc8549459fff3c1b8c6e02f4b5>` +- Release Artefact: poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5 +- sha: 474ddfacfed6661be054c161597a1a5273188dfe021b31d6156955d93c6b7359 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.2 </openembedded-core/log/?h=yocto-4.0.2>` +- Git Revision: :oe_git:`eea52e0c3d24c79464f4afdbc3c397e1cb982231 </openembedded-core/commit/?id=eea52e0c3d24c79464f4afdbc3c397e1cb982231>` +- Release Artefact: oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231 +- sha: 252d5c2c2db7e14e7365fcc69d32075720b37d629894bae36305eba047a39907 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.2 </meta-mingw/log/?h=yocto-4.0.2>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.2 </meta-gplv2/log/?h=yocto-4.0.2>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.2 </bitbake/log/?h=yocto-4.0.2>` +- Git Revision: :oe_git:`b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 </bitbake/commit/?id=b8fd6f5d9959d27176ea016c249cf6d35ac8ba03>` +- Release Artefact: bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 +- sha: 373818b1dee2c502264edf654d6d8f857b558865437f080e02d5ba6bb9e72cc3 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.2 </yocto-docs/log/?h=yocto-4.0.2>` +- Git Revision: :yocto_git:`662294dccd028828d5c7e9fd8f5c8e14df53df4b </yocto-docs/commit/?id=662294dccd028828d5c7e9fd8f5c8e14df53df4b>` diff --git a/documentation/migration-guides/release-notes-4.0.3.rst b/documentation/migration-guides/release-notes-4.0.3.rst new file mode 100644 index 0000000000..46fe858cb7 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.3.rst @@ -0,0 +1,316 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.3 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils: fix :cve:`2019-1010204` +- busybox: fix :cve:`2022-30065` +- cups: ignore :cve:`2022-26691` +- curl: Fix :cve:`2022-32205`, :cve:`2022-32206`, :cve:`2022-32207` and :cve:`2022-32208` +- dpkg: fix :cve:`2022-1664` +- ghostscript: fix :cve:`2022-2085` +- harfbuzz: fix :cve:`2022-33068` +- libtirpc: fix :cve:`2021-46828` +- lua: fix :cve:`2022-33099` +- nasm: ignore :cve:`2020-18974` +- qemu: fix :cve:`2022-35414` +- qemu: ignore :cve:`2021-20255` and :cve:`2019-12067` +- tiff: fix :cve:`2022-1354`, :cve:`2022-1355`, :cve:`2022-2056`, :cve:`2022-2057` and :cve:`2022-2058` +- u-boot: fix :cve:`2022-34835` +- unzip: fix :cve:`2022-0529` and :cve:`2022-0530` + + +Fixes in Yocto-4.0.3 +~~~~~~~~~~~~~~~~~~~~ + +- alsa-state: correct license +- at: take tarballs from debian +- base.bbclass: Correct the test for obsolete license exceptions +- base/reproducible: Change Source Date Epoch generation methods +- bin_package: install into base_prefix +- bind: Remove legacy python3 :term:`PACKAGECONFIG` code +- bind: upgrade to 9.18.4 +- binutils: stable 2.38 branch updates +- build-appliance-image: Update to kirkstone head revision +- cargo_common.bbclass: enable bitbake vendoring for externalsrc +- coreutils: Tweak packaging variable names for coreutils-dev +- curl: backport openssl fix CN check error code +- cve-check: hook cleanup to the BuildCompleted event, not CookerExit +- cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm) +- devtool: finish: handle patching when :term:`S` points to subdir of a git repo +- devtool: ignore pn- overrides when determining :term:`SRC_URI` overrides +- docs: BB_HASHSERVE_UPSTREAM: update to new host +- dropbear: break dependency on base package for -dev package +- efivar: fix import functionality +- encodings: update to 1.0.6 +- epiphany: upgrade to 42.3 +- externalsrc.bbclass: support crate fetcher on externalsrc +- font-util: update 1.3.2 -> 1.3.3 +- gcc-runtime: Fix build when using gold +- gcc-runtime: Fix missing :term:`MLPREFIX` in debug mappings +- gcc-runtime: Pass -nostartfiles when building dummy libstdc++.so +- gcc: Backport a fix for gcc bug 105039 +- git: upgrade to v2.35.4 +- glib-2.0: upgrade to 2.72.3 +- glib-networking: upgrade to 2.72.1 +- glibc : stable 2.35 branch updates +- glibc-tests: Avoid reproducibility issues +- glibc-tests: not clear :term:`BBCLASSEXTEND` +- glibc: revert one upstream change to work around broken :term:`DEBUG_BUILD` build +- glibc: stable 2.35 branch updates +- gnupg: upgrade to 2.3.7 +- go: upgrade to v1.17.12 +- gobject-introspection-data: Disable cache for g-ir-scanner +- gperf: Add a patch to work around reproducibility issues +- gperf: Switch to upstream patch +- gst-devtools: upgrade to 1.20.3 +- gstreamer1.0-libav: upgrade to 1.20.3 +- gstreamer1.0-omx: upgrade to 1.20.3 +- gstreamer1.0-plugins-bad: upgrade to 1.20.3 +- gstreamer1.0-plugins-base: upgrade to 1.20.3 +- gstreamer1.0-plugins-good: upgrade to 1.20.3 +- gstreamer1.0-plugins-ugly: upgrade to 1.20.3 +- gstreamer1.0-python: upgrade to 1.20.3 +- gstreamer1.0-rtsp-server: upgrade to 1.20.3 +- gstreamer1.0-vaapi: upgrade to 1.20.3 +- gstreamer1.0: upgrade to 1.20.3 +- gtk-doc: Remove hardcoded buildpath +- harfbuzz: Fix compilation with clang +- initramfs-framework: move storage mounts to actual rootfs +- initscripts: run umountnfs as a KILL script +- insane.bbclass: host-user-contaminated: Correct per package home path +- insane: Fix buildpaths test to work with special devices +- kernel-arch: Fix buildpaths leaking into external module compiles +- kernel-devsrc: fix reproducibility and buildpaths QA warning +- kernel-devsrc: ppc32: fix reproducibility +- kernel-uboot.bbclass: Use vmlinux.initramfs when :term:`INITRAMFS_IMAGE_BUNDLE` set +- kernel.bbclass: pass :term:`LD` also in savedefconfig +- libffi: fix native build being not portable +- libgcc: Fix standalone target builds with usrmerge distro feature +- libmodule-build-perl: Use env utility to find perl interpreter +- libsoup: upgrade to 3.0.7 +- libuv: upgrade to 1.44.2 +- linux-firmware: upgrade to 20220708 +- linux-firwmare: restore WHENCE_CHKSUM variable +- linux-yocto-rt/5.15: update to -rt48 (and fix -stable merge) +- linux-yocto/5.10: fix build_OID_registry/conmakehash buildpaths warning +- linux-yocto/5.10: fix buildpaths issue with gen-mach-types +- linux-yocto/5.10: fix buildpaths issue with pnmtologo +- linux-yocto/5.10: update to v5.10.135 +- linux-yocto/5.15: drop obselete GPIO sysfs ABI +- linux-yocto/5.15: fix build_OID_registry buildpaths warning +- linux-yocto/5.15: fix buildpaths issue with gen-mach-types +- linux-yocto/5.15: fix buildpaths issue with pnmtologo +- linux-yocto/5.15: fix qemuppc buildpaths warning +- linux-yocto/5.15: fix reproducibility issues +- linux-yocto/5.15: update to v5.15.59 +- log4cplus: upgrade to 2.0.8 +- lttng-modules: Fix build failure for kernel v5.15.58 +- lttng-modules: upgrade to 2.13.4 +- lua: Fix multilib buildpath reproducibility issues +- mkfontscale: upgrade to 1.2.2 +- oe-selftest-image: Ensure the image has sftp as well as dropbear +- oe-selftest: devtool: test modify git recipe building from a subdir +- oeqa/runtime/scp: Disable scp test for dropbear +- oeqa/runtime: add test that the kernel has CONFIG_PREEMPT_RT enabled +- oeqa/sdk: drop the nativesdk-python 2.x test +- openssh: Add openssh-sftp-server to openssh :term:`RDEPENDS` +- openssh: break dependency on base package for -dev package +- openssl: update to 3.0.5 +- package.bbclass: Avoid stripping signed kernel modules in splitdebuginfo +- package.bbclass: Fix base directory for debugsource files when using externalsrc +- package.bbclass: Fix kernel source handling when not using externalsrc +- package_manager/ipk: do not pipe stderr to stdout +- packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation +- patch: handle if :term:`S` points to a subdirectory of a git repo +- perf: fix reproducibility in 5.19+ +- perf: fix reproduciblity in older releases of Linux +- perf: sort-pmuevents: really keep array terminators +- perl: don't install Makefile.old into perl-ptest +- poky.conf: bump version for 4.0.3 +- pulseaudio: add m4-native to :term:`DEPENDS` +- python3: Backport patch to fix an issue in subinterpreters +- qemu: Add :term:`PACKAGECONFIG` for brlapi +- qemu: Avoid accidental librdmacm linkage +- qemu: Avoid accidental libvdeplug linkage +- qemu: Fix slirp determinism issue +- qemu: add :term:`PACKAGECONFIG` for capstone +- recipetool/devtool: Fix python egg whitespace issues in :term:`PACKAGECONFIG` +- ref-manual: variables: remove sphinx directive from literal block +- rootfs-postcommands.bbclass: move host-user-contaminated.txt to ${S} +- ruby: add :term:`PACKAGECONFIG` for capstone +- rust: fix issue building cross-canadian tools for aarch64 on x86_64 +- sanity.bbclass: Add ftps to accepted URI protocols for mirrors sanity +- selftest/runtime_test/virgl: Disable for all almalinux +- sstatesig: Include all dependencies in SPDX task signatures +- strace: set :term:`COMPATIBLE_HOST` for riscv32 +- systemd: Added base_bindir into pkg_postinst:udev-hwdb. +- udev-extraconf/initrdscripts/parted: Rename mount.blacklist -> mount.ignorelist +- udev-extraconf/mount.sh: add LABELs to mountpoints +- udev-extraconf/mount.sh: ignore lvm in automount +- udev-extraconf/mount.sh: only mount devices on hotplug +- udev-extraconf/mount.sh: save mount name in our tmp filecache +- udev-extraconf: fix some systemd automount issues +- udev-extraconf: force systemd-udevd to use shared MountFlags +- udev-extraconf: let automount base directory configurable +- udev-extraconf:mount.sh: fix a umount issue +- udev-extraconf:mount.sh: fix path mismatching issues +- vala: Fix on target wrapper buildpaths issue +- vala: upgrade to 0.56.2 +- vim: upgrade to 9.0.0063 +- waffle: correctly request wayland-scanner executable +- webkitgtk: upgrade to 2.36.4 +- weston: upgrade to 10.0.1 +- wic/plugins/rootfs: Fix NameError for 'orig_path' +- wic: fix WicError message +- wireless-regdb: upgrade to 2022.06.06 +- xdpyinfo: upgrade to 1.3.3 +- xev: upgrade to 1.2.5 +- xf86-input-synaptics: upgrade to 1.9.2 +- xmodmap: upgrade to 1.0.11 +- xorg-app: Tweak handling of compression changes in :term:`SRC_URI` +- xserver-xorg: upgrade to 21.1.4 +- xwayland: upgrade to 22.1.3 +- yocto-bsps/5.10: fix buildpaths issue with gen-mach-types +- yocto-bsps/5.10: fix buildpaths issue with pnmtologo +- yocto-bsps/5.15: fix buildpaths issue with gen-mach-types +- yocto-bsps/5.15: fix buildpaths issue with pnmtologo +- yocto-bsps: buildpaths fixes +- yocto-bsps: update to v5.10.130 +- yocto-bsps: buildpaths fixes +- yocto-bsps: update to v5.15.54 + + +Known Issues in Yocto-4.0.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Ahmed Hossam +- Alejandro Hernandez Samaniego +- Alex Kiernan +- Alexander Kanavin +- Bruce Ashfield +- Chanho Park +- Christoph Lauer +- David Bagonyi +- Dmitry Baryshkov +- He Zhe +- Hitendra Prajapati +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Lucas Stach +- Markus Volk +- Martin Jansa +- Maxime Roussin-Bélanger +- Michael Opdenacker +- Mihai Lindner +- Ming Liu +- Mingli Yu +- Muhammad Hamza +- Naveen +- Pascal Bach +- Paul Eggleton +- Pavel Zhukov +- Peter Bergin +- Peter Kjellerstedt +- Peter Marko +- Pgowda +- Raju Kumar Pothuraju +- Richard Purdie +- Robert Joslyn +- Ross Burton +- Sakib Sajal +- Shruthi Ravichandran +- Steve Sakoman +- Sundeep Kokkonda +- Thomas Roos +- Tom Hochstein +- Wentao Zhang +- Yi Zhao +- Yue Tao +- gr embeter +- leimaohui +- Wang Mingyu + + +Repositories / Downloads for Yocto-4.0.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.3 </poky/log/?h=yocto-4.0.3>` +- Git Revision: :yocto_git:`387ab5f18b17c3af3e9e30dc58584641a70f359f </poky/commit/?id=387ab5f18b17c3af3e9e30dc58584641a70f359f>` +- Release Artefact: poky-387ab5f18b17c3af3e9e30dc58584641a70f359f +- sha: fe674186bdb0684313746caa9472134fc19e6f1443c274fe02c06cb1e675b404 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/poky-387ab5f18b17c3af3e9e30dc58584641a70f359f.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.3 </openembedded-core/log/?h=yocto-4.0.3>` +- Git Revision: :oe_git:`2cafa6ed5f0aa9df5a120b6353755d56c7c7800d </openembedded-core/commit/?id=2cafa6ed5f0aa9df5a120b6353755d56c7c7800d>` +- Release Artefact: oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d +- sha: 5181d3e8118c6112936637f01a07308b715e0e3d12c7eba338556747dfcabe92 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/oecore-2cafa6ed5f0aa9df5a120b6353755d56c7c7800d.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.3 </meta-mingw/log/?h=yocto-4.0.3>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.3 </meta-gplv2/log/?h=yocto-4.0.3>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.3 </bitbake/log/?h=yocto-4.0.3>` +- Git Revision: :oe_git:`b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 </bitbake/commit/?id=b8fd6f5d9959d27176ea016c249cf6d35ac8ba03>` +- Release Artefact: bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 +- sha: 373818b1dee2c502264edf654d6d8f857b558865437f080e02d5ba6bb9e72cc3 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.3/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.3/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.3 </yocto-docs/log/?h=yocto-4.0.3>` +- Git Revision: :yocto_git:`d9b3dcf65ef25c06f552482aba460dd16862bf96 </yocto-docs/commit/?id=d9b3dcf65ef25c06f552482aba460dd16862bf96>` + diff --git a/documentation/migration-guides/release-notes-4.0.4.rst b/documentation/migration-guides/release-notes-4.0.4.rst new file mode 100644 index 0000000000..1d6e525bbc --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.4.rst @@ -0,0 +1,301 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.4 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils : fix :cve:`2022-38533` +- curl: fix :cve:`2022-35252` +- sqlite: fix :cve:`2022-35737` +- grub2: fix :cve:`2021-3695`, :cve:`2021-3696`, :cve:`2021-3697`, :cve:`2022-28733`, :cve:`2022-28734` and :cve:`2022-28735` +- u-boot: fix :cve:`2022-30552` and :cve:`2022-33967` +- libxml2: Ignore :cve:`2016-3709` +- libtiff: fix :cve:`2022-34526` +- zlib: fix :cve:`2022-37434` +- gnutls: fix :cve:`2022-2509` +- u-boot: fix :cve:`2022-33103` +- qemu: fix :cve:`2021-3507`, :cve:`2021-3929`, :cve:`2021-4158`, :cve:`2022-0216` and :cve:`2022-0358` + + +Fixes in Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~ + +- apr: Cache configure tests which use AC_TRY_RUN +- apr: Use correct strerror_r implementation based on libc type +- apt: fix nativesdk-apt build failure during the second time build +- archiver.bbclass: remove unsed do_deploy_archives[dirs] +- archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared source +- autoconf: Fix strict prototype errors in generated tests +- autoconf: Update K & R stype functions +- bind: upgrade to 9.18.5 +- bitbake.conf: set :term:`BB_DEFAULT_UMASK` using ??= +- bitbake: ConfHandler/BBHandler: Improve comment error messages and add tests +- bitbake: ConfHandler: Remove lingering close +- bitbake: bb/utils: movefile: use the logger for printing +- bitbake: bb/utils: remove: check the path again the expand python glob +- bitbake: bitbake-user-manual: Correct description of the ??= operator +- bitbake: bitbake-user-manual: npm fetcher: improve description of :term:`SRC_URI` format +- bitbake: bitbake: bitbake-user-manual: hashserv can be accessed on a dedicated domain +- bitbake: bitbake: runqueue: add cpu/io pressure regulation +- bitbake: bitbake: runqueue: add memory pressure regulation +- bitbake: cooker: Drop sre_constants usage +- bitbake: doc: bitbake-user-manual: add explicit target for crates fetcher +- bitbake: doc: bitbake-user-manual: document npm and npmsw fetchers +- bitbake: event.py: ignore exceptions from stdout and sterr operations in atexit +- bitbake: fetch2: Ensure directory exists before creating symlink +- bitbake: fetch2: gitsm: fix incorrect handling of git submodule relative urls +- bitbake: runqueue: Change pressure file warning to a note +- bitbake: runqueue: Fix unihash cache mismatch issues +- bitbake: toaster: fix kirkstone version +- bitbake: utils: Pass lock argument in fileslocked +- bluez5: upgrade to 5.65 +- boost: fix install of fiber shared libraries +- cairo: Adapt the license information based on what is being built +- classes: cve-check: Get shared database lock +- cmake: remove CMAKE_ASM_FLAGS variable in toolchain file +- connman: Backports for security fixes +- core-image.bbclass: Exclude openssh complementary packages +- cracklib: Drop using register keyword +- cracklib: upgrade to 2.9.8 +- create-spdx: Fix supplier field +- create-spdx: handle links to inaccessible locations +- create-spdx: ignore packing control files from ipk and deb +- cve-check: Don't use f-strings +- cve-check: close cursors as soon as possible +- devtool/upgrade: catch bb.fetch2.decodeurl errors +- devtool/upgrade: correctly clean up when recipe filename isn't yet known +- devtool: error out when workspace is using old override syntax +- ell: upgrade to 0.50 +- epiphany: upgrade to 42.4 +- externalsrc: Don't wipe out src dir when EXPORT_FUNCTIONS is used. +- gcc-multilib-config: Fix i686 toolchain relocation issues +- gcr: Define _GNU_SOURCE +- gdk-pixbuf: upgrade to 2.42.9 +- glib-networking: upgrade to 2.72.2 +- go: upgrade to v1.17.13 +- insane.bbclass: Skip patches not in oe-core by full path +- iso-codes: upgrade to 4.11.0 +- kernel-fitimage.bbclass: add padding algorithm property in config nodes +- kernel-fitimage.bbclass: only package unique DTBs +- kernel: Always set :term:`CC` and :term:`LD` for the kernel build +- kernel: Use consistent make flags for menuconfig +- lib:npm_registry: initial checkin +- libatomic-ops: upgrade to 7.6.14 +- libcap: upgrade to 2.65 +- libjpeg-turbo: upgrade to 2.1.4 +- libpam: use /run instead of /var/run in systemd tmpfiles +- libtasn1: upgrade to 4.19.0 +- liburcu: upgrade to 0.13.2 +- libwebp: upgrade to 1.2.4 +- libwpe: upgrade to 1.12.3 +- libxml2: Port gentest.py to Python-3 +- lighttpd: upgrade to 1.4.66 +- linux-yocto/5.10: update genericx86* machines to v5.10.135 +- linux-yocto/5.10: update to v5.10.137 +- linux-yocto/5.15: update genericx86* machines to v5.15.59 +- linux-yocto/5.15: update to v5.15.62 +- linux-yocto: Fix :term:`COMPATIBLE_MACHINE` regex match +- linux-yocto: prepend the value with a space when append to :term:`KERNEL_EXTRA_ARGS` +- lttng-modules: fix 5.19+ build +- lttng-modules: fix build against mips and v5.19 kernel +- lttng-modules: fix build for kernel 5.10.137 +- lttng-modules: replace mips compaction fix with upstream change +- lz4: upgrade to 1.9.4 +- maintainers: update opkg maintainer +- meta: introduce :term:`UBOOT_MKIMAGE_KERNEL_TYPE` +- migration guides: add missing release notes +- mobile-broadband-provider-info: upgrade to 20220725 +- nativesdk: Clear :term:`TUNE_FEATURES` +- npm: replace 'npm pack' call by 'tar czf' +- npm: return content of 'package.json' in 'npm_pack' +- npm: take 'version' directly from 'package.json' +- npm: use npm_registry to cache package +- oeqa/gotoolchain: put writable files in the Go module cache +- oeqa/gotoolchain: set CGO_ENABLED=1 +- oeqa/parselogs: add qemuarmv5 arm-charlcd masking +- oeqa/qemurunner: add run_serial() comment +- oeqa/selftest: rename git.py to intercept.py +- oeqa: qemurunner: Report UNIX Epoch timestamp on login +- package_rpm: Do not replace square brackets in %files +- packagegroup-self-hosted: update for strace +- parselogs: Ignore xf86OpenConsole error +- perf: Fix reproducibility issues with 5.19 onwards +- pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses +- poky.conf: add ubuntu-22.04 to tested distros +- poky.conf: bump version for 4.0.4 +- pseudo: Update to include recent upstream minor fixes +- python3-pip: Fix :term:`RDEPENDS` after the update +- ref-manual: add numa to machine features +- relocate_sdk.py: ensure interpreter size error causes relocation to fail +- rootfs-postcommands.bbclass: avoid moving ssh host keys if etc is writable +- rootfs.py: dont try to list installed packages for baremetal images +- rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils +- ruby: drop capstone support +- runqemu: Add missing space on default display option +- runqemu: display host uptime when starting +- sanity: add a comment to ensure CONNECTIVITY_CHECK_URIS is correct +- scripts/oe-setup-builddir: make it known where configurations come from +- scripts/runqemu.README: fix typos and trailing whitespaces +- selftest/wic: Tweak test case to not depend on kernel size +- shadow: Avoid nss warning/error with musl +- shadow: Enable subid support +- system-requirements.rst: Add Ubuntu 22.04 to list of supported distros +- systemd: Add 'no-dns-fallback' :term:`PACKAGECONFIG` option +- systemd: Fix unwritable /var/lock when no sysvinit handling +- sysvinit-inittab/start_getty: Fix respawn too fast +- tcp-wrappers: Fix implicit-function-declaration warnings +- tzdata: upgrade to 2022b +- util-linux: Remove --enable-raw from :term:`EXTRA_OECONF` +- vala: upgrade to 0.56.3 +- vim: Upgrade to 9.0.0453 +- watchdog: Include needed system header for function decls +- webkitgtk: upgrade to 2.36.5 +- weston: upgrade to 10.0.2 +- wic/bootimg-efi: use cross objcopy when building unified kernel image +- wic: add target tools to PATH when executing native commands +- wic: depend on cross-binutils +- wireless-regdb: upgrade to 2022.08.12 +- wpebackend-fdo: upgrade to 1.12.1 +- xinetd: Pass missing -D_GNU_SOURCE +- xz: update to 5.2.6 + + +Known Issues in Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alex Stewart +- Alexander Kanavin +- Alexandre Belloni +- Andrei Gherzan +- Anuj Mittal +- Aryaman Gupta +- Awais Belal +- Beniamin Sandu +- Bertrand Marquis +- Bruce Ashfield +- Changqing Li +- Chee Yang Lee +- Daiane Angolini +- Enrico Scholz +- Ernst Sjöstrand +- Gennaro Iorio +- Hitendra Prajapati +- Jacob Kroon +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Khem Raj +- Kristian Amlie +- LUIS ENRIQUEZ +- Mark Hatle +- Martin Beeger +- Martin Jansa +- Mateusz Marciniec +- Michael Opdenacker +- Mihai Lindner +- Mikko Rapeli +- Ming Liu +- Niko Mauno +- Ola x Nilsson +- Otavio Salvador +- Paul Eggleton +- Pavel Zhukov +- Peter Bergin +- Peter Kjellerstedt +- Peter Marko +- Rajesh Dangi +- Randy MacLeod +- Rasmus Villemoes +- Richard Purdie +- Robert Joslyn +- Roland Hieber +- Ross Burton +- Sakib Sajal +- Shubham Kulkarni +- Steve Sakoman +- Ulrich Ölmann +- Yang Xu +- Yongxin Liu +- ghassaneben +- pgowda +- Wang Mingyu + +Repositories / Downloads for Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.4 </poky/log/?h=yocto-4.0.4>` +- Git Revision: :yocto_git:`d64bef1c7d713b92a51228e5ade945835e5a94a4 </poky/commit/?id=d64bef1c7d713b92a51228e5ade945835e5a94a4>` +- Release Artefact: poky-d64bef1c7d713b92a51228e5ade945835e5a94a4 +- sha: b5e92506b31f88445755bad2f45978b747ad1a5bea66ca897370542df5f1e7db +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.4 </openembedded-core/log/?h=yocto-4.0.4>` +- Git Revision: :oe_git:`f7766da462905ec67bf549d46b8017be36cd5b2a </openembedded-core/commit/?id=f7766da462905ec67bf549d46b8017be36cd5b2a>` +- Release Artefact: oecore-f7766da462905ec67bf549d46b8017be36cd5b2a +- sha: ce0ac011474db5e5f0bb1be3fb97f890a02e46252a719dbcac5813268e48ff16 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.4 </meta-mingw/log/?h=yocto-4.0.4>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.4 </meta-gplv2/log/?h=yocto-4.0.4>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.4 </bitbake/log/?h=yocto-4.0.4>` +- Git Revision: :oe_git:`ac576d6fad6bba0cfea931883f25264ea83747ca </bitbake/commit/?id=ac576d6fad6bba0cfea931883f25264ea83747ca>` +- Release Artefact: bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca +- sha: 526c2768874eeda61ade8c9ddb3113c90d36ef44a026d6690f02de6f3dd0ea12 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.4 </yocto-docs/log/?h=yocto-4.0.4>` +- Git Revision: :yocto_git:`f632dad24c39778f948014029e74db3c871d9d21 </yocto-docs/commit/?id=f632dad24c39778f948014029e74db3c871d9d21>` diff --git a/documentation/migration-guides/release-notes-4.0.5.rst b/documentation/migration-guides/release-notes-4.0.5.rst new file mode 100644 index 0000000000..cdfe85b750 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.5.rst @@ -0,0 +1,198 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.5 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- qemu: fix :cve:`2021-3750`, :cve:`2021-3611` and :cve:`2022-2962` +- binutils : fix :cve:`2022-38126`, :cve:`2022-38127` and :cve:`2022-38128` +- tff: fix :cve:`2022-2867`, :cve:`2022-2868` and :cve:`2022-2869` +- inetutils: fix :cve:`2022-39028` +- go: fix :cve:`2022-27664` + +Fixes in Yocto-4.0.5 +~~~~~~~~~~~~~~~~~~~~ + +- Revert "gcc-cross-canadian: Add symlink to real-ld alongside other symlinks" +- bind: upgrade to 9.18.7 +- binutils: stable 2.38 branch updates (dc2474e7) +- bitbake: Fix npm to use https rather than http +- bitbake: asyncrpc/client: Fix unix domain socket chdir race issues +- bitbake: bitbake: Add copyright headers where missing +- bitbake: gitsm: Error out if submodule refers to parent repo +- bitbake: runqueue: Drop deadlock breaking force fail +- bitbake: runqueue: Ensure deferred tasks are sorted by multiconfig +- bitbake: runqueue: Improve deadlock warning messages +- bitbake: siggen: Fix insufficent entropy in sigtask file names +- bitbake: tests/fetch: Allow handling of a file:// url within a submodule +- build-appliance-image: Update to kirkstone head revision (4a88ada) +- busybox: add devmem 128-bit support +- classes: files: Extend overlayfs-etc class +- coreutils: add openssl :term:`PACKAGECONFIG` +- create-pull-request: don't switch the git remote protocol to git:// +- dev-manual: fix reference to BitBake user manual +- expat: upgrade 2.4.8 -> 2.4.9 +- files: overlayfs-etc: refactor preinit template +- gcc-cross-canadian: add default plugin linker +- gcc: add arm-v9 support +- git: upgrade 2.35.4 -> 2.35.5 +- glibc-locale: explicitly remove empty dirs in ${libdir} +- glibc-tests: use += instead of :append +- glibc: stable 2.35 branch updates.(8d125a1f) +- go-native: switch from SRC_URI:append to :term:`SRC_URI` += +- image_types_wic.bbclass: fix cross binutils dependency +- kern-tools: allow 'y' or 'm' to avoid config audit warnings +- kern-tools: fix queue processing in relative :term:`TOPDIR` configurations +- kernel-yocto: allow patch author date to be commit date +- libpng: upgrade to 1.6.38 +- linux-firmware: package new Qualcomm firmware +- linux-firmware: upgrade 20220708 -> 20220913 +- linux-libc-headers: switch from SRC_URI:append to :term:`SRC_URI` += +- linux-yocto-dev: add qemuarm64 +- linux-yocto/5.10: update to v5.10.149 +- linux-yocto/5.15: cfg: fix ACPI warnings for -tiny +- linux-yocto/5.15: update to v5.15.68 +- local.conf.sample: correct the location of public hashserv +- ltp: Fix pread02 case trigger the glibc overflow detection +- lttng-modules: Fix crash on powerpc64 +- lttng-tools: Disable on qemuriscv32 +- lttng-tools: Disable on riscv32 +- migration-guides: add 4.0.4 release notes +- oeqa/runtime/dnf: fix typo +- own-mirrors: add crate +- perf: Fix for recent kernel upgrades +- poky.conf: bump version for 4.0.5 +- poky.yaml.in: update version requirements +- python3-rfc3986-validator: switch from SRC_URI:append to :term:`SRC_URI` += +- python3: upgrade 3.10.4 -> 3.10.7 +- qemu: Backport patches from upstream to support float128 on qemu-ppc64 +- rpm: Remove -Wimplicit-function-declaration warnings +- rpm: update to 4.17.1 +- rsync: update to 3.2.5 +- stress-cpu: disable float128 math on powerpc64 to avoid SIGILL +- tune-neoversen2: support tune-neoversen2 base on armv9a +- tzdata: update to 2022d +- u-boot: switch from append to += in :term:`SRC_URI` +- uninative: Upgrade to 3.7 to work with glibc 2.36 +- vim: Upgrade to 9.0.0598 +- webkitgtk: Update to 2.36.7 + + +Known Issues in Yocto-4.0.5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- There are recent CVEs in key components such as openssl. They are not included in this release as it was built before the issues were known and fixes were available but these are now available on the kirkstone branch. + + +Contributors to Yocto-4.0.5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Adrian Freihofer +- Alexander Kanavin +- Alexandre Belloni +- Bhabu Bindu +- Bruce Ashfield +- Chen Qi +- Daniel McGregor +- Denys Dmytriyenko +- Dmitry Baryshkov +- Florin Diaconescu +- He Zhe +- Joshua Watt +- Khem Raj +- Martin Jansa +- Michael Halstead +- Michael Opdenacker +- Mikko Rapeli +- Mingli Yu +- Neil Horman +- Pavel Zhukov +- Richard Purdie +- Robert Joslyn +- Ross Burton +- Ruiqiang Hao +- Samuli Piippo +- Steve Sakoman +- Sundeep KOKKONDA +- Teoh Jay Shen +- Tim Orling +- Virendra Thakur +- Vyacheslav Yurkov +- Xiangyu Chen +- Yash Shinde +- pgowda +- Wang Mingyu + + +Repositories / Downloads for Yocto-4.0.5 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.5 </poky/log/?h=yocto-4.0.5>` +- Git Revision: :yocto_git:`2e79b199114b25d81bfaa029ccfb17676946d20d </poky/commit/?id=2e79b199114b25d81bfaa029ccfb17676946d20d>` +- Release Artefact: poky-2e79b199114b25d81bfaa029ccfb17676946d20d +- sha: 7bcf3f901d4c5677fc95944ab096e9e306f4c758a658dde5befd16861ad2b8ea +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.5/poky-2e79b199114b25d81bfaa029ccfb17676946d20d.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.5/poky-2e79b199114b25d81bfaa029ccfb17676946d20d.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.5 </openembedded-core/log/?h=yocto-4.0.5>` +- Git Revision: :oe_git:`fbdf93f43ff4b876487e1f26752598ec8abcb46e </openembedded-core/commit/?id=fbdf93f43ff4b876487e1f26752598ec8abcb46e>` +- Release Artefact: oecore-fbdf93f43ff4b876487e1f26752598ec8abcb46e +- sha: 2d9b5a8e9355b633bb57633cc8c2d319ba13fe4721f79204e61116b3faa6cbf1 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.5/oecore-fbdf93f43ff4b876487e1f26752598ec8abcb46e.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.5/oecore-fbdf93f43ff4b876487e1f26752598ec8abcb46e.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.5 </meta-mingw/log/?h=yocto-4.0.5>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.5/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.5/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.5 </meta-gplv2/log/?h=yocto-4.0.5>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.5/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.5/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.5 </bitbake/log/?h=yocto-4.0.5>` +- Git Revision: :oe_git:`c90d57497b9bcd237c3ae810ee8edb5b0d2d575a </bitbake/commit/?id=c90d57497b9bcd237c3ae810ee8edb5b0d2d575a>` +- Release Artefact: bitbake-c90d57497b9bcd237c3ae810ee8edb5b0d2d575a +- sha: 5698d548ce179036e46a24f80b213124c8825a4f443fa1d6be7ab0f70b01a9ff +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.5/bitbake-c90d57497b9bcd237c3ae810ee8edb5b0d2d575a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.5/bitbake-c90d57497b9bcd237c3ae810ee8edb5b0d2d575a.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.5 </yocto-docs/log/?h=yocto-4.0.5>` +- Git Revision: :yocto_git:`8c2f9f54e29781f4ee72e81eeaa12ceaa82dc2d3 </yocto-docs/commit/?id=8c2f9f54e29781f4ee72e81eeaa12ceaa82dc2d3>` + diff --git a/documentation/migration-guides/release-notes-4.0.6.rst b/documentation/migration-guides/release-notes-4.0.6.rst new file mode 100644 index 0000000000..76d23fcf0c --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.6.rst @@ -0,0 +1,313 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.6 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bash: Fix :cve:`2022-3715` +- curl: Fix :cve:`2022-32221`, :cve:`2022-42915` and :cve:`2022-42916` +- dbus: Fix :cve:`2022-42010`, :cve:`2022-42011` and :cve:`2022-42012` +- dropbear: Fix :cve:`2021-36369` +- ffmpeg: Fix :cve:`2022-3964`, :cve:`2022-3965` +- go: Fix :cve:`2022-2880` +- grub2: Fix :cve:`2022-2601`, :cve:`2022-3775` and :cve:`2022-28736` +- libarchive: Fix :cve:`2022-36227` +- libpam: Fix :cve:`2022-28321` +- libsndfile1: Fix :cve:`2021-4156` +- lighttpd: Fix :cve:`2022-41556` +- openssl: Fix :cve:`2022-3358` +- pixman: Fix :cve:`2022-44638` +- python3-mako: Fix :cve:`2022-40023` +- python3: Fix :cve:`2022-42919` +- qemu: Fix :cve:`2022-3165` +- sysstat: Fix :cve:`2022-39377` +- systemd: Fix :cve:`2022-3821` +- tiff: Fix :cve:`2022-2953`, :cve:`2022-3599`, :cve:`2022-3597`, :cve:`2022-3626`, :cve:`2022-3627`, :cve:`2022-3570`, :cve:`2022-3598` and :cve:`2022-3970` +- vim: Fix :cve:`2022-3352`, :cve:`2022-3705` and :cve:`2022-4141` +- wayland: Fix :cve:`2021-3782` +- xserver-xorg: Fix :cve:`2022-3550` and :cve:`2022-3551` + + +Fixes in Yocto-4.0.6 +~~~~~~~~~~~~~~~~~~~~ + +- archiver: avoid using machine variable as it breaks multiconfig +- babeltrace: upgrade to 1.5.11 +- bind: upgrade to 9.18.8 +- bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK +- bitbake: gitsm: Fix regression in gitsm submodule path parsing +- bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse +- bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware +- bluez5: add dbus to RDEPENDS +- build-appliance-image: Update to kirkstone head revision +- buildtools-tarball: export certificates to python and curl +- cargo_common.bbclass: Fix typos +- classes: make TOOLCHAIN more permissive for kernel +- cmake-native: Fix host tool contamination (Bug: 14951) +- common-tasks.rst: fix oeqa runtime test path +- create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED +- create-spdx: Remove ";name=..." for downloadLocation +- create-spdx: default share_src for shared sources +- cve-update-db-native: add timeout to urlopen() calls +- dbus: upgrade to 1.14.4 +- dhcpcd: fix to work with systemd +- expat: upgrade to 2.5.0 +- externalsrc.bbclass: Remove a trailing slash from ${B} +- externalsrc.bbclass: fix git repo detection +- externalsrc: git submodule--helper list unsupported +- gcc-shared-source: Fix source date epoch handling +- gcc-source: Drop gengtype manipulation +- gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change +- gcc-source: Fix gengtypes race +- gdk-pixbuf: upgrade to 2.42.10 +- get_module_deps3.py: Check attribute '__file__' +- glib-2.0: fix rare GFileInfo test case failure +- glibc-locale: Do not INHIBIT_DEFAULT_DEPS +- gnomebase.bbclass: return the whole version for tarball directory if it is a number +- gnutls: Unified package names to lower-case +- groff: submit patches upstream +- gstreamer1.0-libav: fix errors with ffmpeg 5.x +- gstreamer1.0: upgrade to 1.20.4 +- ifupdown: upgrade to 0.8.39 +- insane.bbclass: Allow hashlib version that only accepts on parameter +- iso-codes: upgrade to 4.12.0 +- kea: submit patch upstream (fix-multilib-conflict.patch) +- kern-tools: fix relative path processing +- kern-tools: integrate ZFS speedup patch +- kernel-yocto: improve fatal error messages of symbol_why.py +- kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR +- kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild +- kernel: Clear SYSROOT_DIRS instead of replacing sysroot_stage_all +- libcap: upgrade to 2.66 +- libepoxy: convert to git +- libepoxy: update to 1.5.10 +- libffi: submit patch upstream (0001-arm-sysv-reverted-clang-VFP-mitigation.patch ) +- libffi: upgrade to 3.4.4 +- libical: upgrade to 3.0.16 +- libksba: upgrade to 1.6.2 +- libuv: fixup SRC_URI +- libxcrypt: upgrade to 4.4.30 +- lighttpd: upgrade to 1.4.67 +- linux-firmware: add new fw file to ${PN}-qcom-adreno-a530 +- linux-firmware: don't put the firmware into the sysroot +- linux-firmware: package amdgpu firmware +- linux-firmware: split rtl8761 firmware +- linux-firmware: upgrade to 20221109 +- linux-yocto/5.10: update genericx86* machines to v5.10.149 +- linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings +- linux-yocto/5.15: update genericx86* machines to v5.15.72 +- linux-yocto/5.15: update to v5.15.78 +- ltp: backport clock_gettime04 fix from upstream +- lttng-modules: upgrade to 2.13.7 +- lttng-tools: Upgrade to 2.13.8 +- lttng-tools: submit determinism.patch upstream +- lttng-ust: upgrade to 2.13.5 +- meson: make wrapper options sub-command specific +- meta-selftest/staticids: add render group for systemd +- mirrors.bbclass: update CPAN_MIRROR +- mirrors.bbclass: use shallow tarball for binutils-native +- mobile-broadband-provider-info: upgrade 20220725 -> 20221107 +- mtd-utils: upgrade 2.1.4 -> 2.1.5 +- numactl: upgrade to 2.0.16 +- oe/packagemanager/rpm: don't leak file objects +- oeqa/selftest/lic_checksum: Cleanup changes to emptytest include +- oeqa/selftest/minidebuginfo: Create selftest for minidebuginfo +- oeqa/selftest/tinfoil: Add test for separate config_data with recipe_parse_file() +- openssl: Fix SSL_CERT_FILE to match ca-certs location +- openssl: upgrade to 3.0.7 +- openssl: export necessary env vars in SDK +- opkg-utils: use a git clone, not a dynamic snapshot +- opkg: Set correct info_dir and status_file in opkg.conf +- overlayfs: Allow not used mount points +- ovmf: correct patches status +- package: Fix handling of minidebuginfo with newer binutils +- perf: Depend on native setuptools3 +- poky.conf: bump version for 4.0.6 +- psplash: add psplash-default in rdepends +- psplash: consider the situation of psplash not exist for systemd +- python3: advance to version 3.10.8 +- qemu-helper-native: Correctly pass program name as argv[0] +- qemu-helper-native: Re-write bridge helper as C program +- qemu-native: Add PACKAGECONFIG option for jack +- qemu: add io_uring PACKAGECONFIG +- quilt: backport a patch to address grep 3.8 failures +- resolvconf: make it work +- rm_work: exclude the SSTATETASKS from the rm_work tasks sinature +- runqemu: Do not perturb script environment +- runqemu: Fix gl-es argument from causing other arguments to be ignored +- sanity: Drop data finalize call +- sanity: check for GNU tar specifically +- scripts/oe-check-sstate: cleanup +- scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot +- scripts: convert-overrides: Allow command-line customizations +- socat: upgrade to 1.7.4.4 +- SPDX and CVE documentation updates +- sstate: Allow optimisation of do_deploy_archives task dependencies +- sstatesig: emit more helpful error message when not finding sstate manifest +- sstatesig: skip the rm_work task signature +- sudo: upgrade to 1.9.12p1 +- systemd: Consider PACKAGECONFIG in RRECOMMENDS +- systemd: add group render to udev package +- tcl: correct patch status +- tiff: refresh with devtool +- tiff: add CVE tag to b258ed69a485a9cfb299d9f060eb2a46c54e5903.patch +- u-boot: Remove duplicate inherit of cml1 +- uboot-sign: Fix using wrong KEY_REQ_ARGS +- vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that +- valgrind: remove most hidden tests for arm64 +- vim: Upgrade to 9.0.0947 +- vulkan-samples: add lfs=0 to SRC_URI to avoid git smudge errors in do_unpack +- wic: honor the SOURCE_DATE_EPOCH in case of updated fstab +- wic: make ext2/3/4 images reproducible +- wic: swap partitions are not added to fstab +- wpebackend-fdo: upgrade to 1.14.0 +- xserver-xorg: move some recommended dependencies in required +- xwayland: upgrade to 22.1.5 + + +Known Issues in Yocto-4.0.6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alex Kiernan +- Alexander Kanavin +- Alexey Smirnov +- Bartosz Golaszewski +- Bernhard Rosenkränzer +- Bhabu Bindu +- Bruce Ashfield +- Chee Yang Lee +- Chen Qi +- Christian Eggers +- Claus Stovgaard +- Diego Sueiro +- Dmitry Baryshkov +- Ed Tanous +- Enrico Jörns +- Etienne Cordonnier +- Frank de Brabander +- Harald Seiler +- Hitendra Prajapati +- Jan-Simon Moeller +- Jeremy Puhlman +- Joe Slater +- John Edward Broadbent +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Keiya Nobuta +- Khem Raj +- Konrad Weihmann +- Leon Anavi +- Liam Beguin +- Marek Vasut +- Mark Hatle +- Martin Jansa +- Michael Opdenacker +- Mikko Rapeli +- Narpat Mali +- Nathan Rossi +- Niko Mauno +- Pavel Zhukov +- Peter Kjellerstedt +- Peter Marko +- Polampalli, Archana +- Qiu, Zheng +- Ravula Adhitya Siddartha +- Richard Purdie +- Ross Burton +- Sakib Sajal +- Sean Anderson +- Sergei Zhmylev +- Steve Sakoman +- Teoh Jay Shen +- Thomas Perrot +- Tim Orling +- Vincent Davis Jr +- Vivek Kumbhar +- Vyacheslav Yurkov +- Wang Mingyu +- Xiangyu Chen +- Zheng Qiu +- Ciaran Courtney +- Wang Mingyu + + +Repositories / Downloads for Yocto-4.0.6 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.6 </poky/log/?h=yocto-4.0.6>` +- Git Revision: :yocto_git:`c4e08719a782fd4119eaf643907b80cebf57f88f </poky/commit/?id=c4e08719a782fd4119eaf643907b80cebf57f88f>` +- Release Artefact: poky-c4e08719a782fd4119eaf643907b80cebf57f88f +- sha: 2eb3b323dd2ccd25f9442bfbcbde82bc081fad5afd146a8e6dde439db24a99d4 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.6/poky-c4e08719a782fd4119eaf643907b80cebf57f88f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.6/poky-c4e08719a782fd4119eaf643907b80cebf57f88f.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.6 </openembedded-core/log/?h=yocto-4.0.6>` +- Git Revision: :oe_git:`45a8b4101b14453aa3020d3f2b8a76b4dc0ae3f2 </openembedded-core/commit/?id=45a8b4101b14453aa3020d3f2b8a76b4dc0ae3f2>` +- Release Artefact: oecore-45a8b4101b14453aa3020d3f2b8a76b4dc0ae3f2 +- sha: de8b443365927befe67cc443b60db57563ff0726377223f836a3f3971cf405ec +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.6/oecore-45a8b4101b14453aa3020d3f2b8a76b4dc0ae3f2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.6/oecore-45a8b4101b14453aa3020d3f2b8a76b4dc0ae3f2.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.6 </meta-mingw/log/?h=yocto-4.0.6>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.6/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.6/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.6 </meta-gplv2/log/?h=yocto-4.0.6>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.6/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.6/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.6 </bitbake/log/?h=yocto-4.0.6>` +- Git Revision: :oe_git:`7e268c107bb0240d583d2c34e24a71e373382509 </bitbake/commit/?id=7e268c107bb0240d583d2c34e24a71e373382509>` +- Release Artefact: bitbake-7e268c107bb0240d583d2c34e24a71e373382509 +- sha: c3e2899012358c95962c7a5c85cf98dc30c58eae0861c374124e96d9556bb901 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.6/bitbake-7e268c107bb0240d583d2c34e24a71e373382509.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.6/bitbake-7e268c107bb0240d583d2c34e24a71e373382509.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.6 </yocto-docs/log/?h=yocto-4.0.6>` +- Git Revision: :yocto_git:`c10d65ef3bbdf4fe3abc03e3aef3d4ca8c2ad87f </yocto-docs/commit/?id=c10d65ef3bbdf4fe3abc03e3aef3d4ca8c2ad87f>` + + diff --git a/documentation/migration-guides/release-notes-4.0.7.rst b/documentation/migration-guides/release-notes-4.0.7.rst new file mode 100644 index 0000000000..c3885d9e0e --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.7.rst @@ -0,0 +1,242 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.7 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.7 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils: Fix :cve:`2022-4285` +- curl: Fix :cve:`2022-43551` and :cve_mitre:`2022-43552` +- ffmpeg: Fix :cve:`2022-3109` and :cve:`2022-3341` +- go: Fix :cve:`2022-41715` and :cve:`2022-41717` +- libX11: Fix :cve:`2022-3554` and :cve:`2022-3555` +- libarchive: Fix :cve:`2022-36227` +- libksba: Fix :cve:`2022-47629` +- libpng: Fix :cve:`2019-6129` +- libxml2: Fix :cve:`2022-40303` and :cve:`2022-40304` +- openssl: Fix :cve:`2022-3996` +- python3: Fix :cve:`2022-45061` +- python3-git: Fix :cve:`2022-24439` +- python3-setuptools: Fix :cve:`2022-40897` +- python3-wheel: Fix :cve:`2022-40898` +- qemu: Fix :cve:`2022-4144` +- sqlite: Fix :cve:`2022-46908` +- systemd: Fix :cve:`2022-45873` +- vim: Fix :cve:`2023-0049`, :cve:`2023-0051`, :cve:`2023-0054` and :cve:`2023-0088` +- webkitgtk: Fix :cve:`2022-32886`, :cve_mitre:`2022-32891` and :cve:`2022-32912` + + +Fixes in Yocto-4.0.7 +~~~~~~~~~~~~~~~~~~~~ + +- Revert "gstreamer1.0: disable flaky gstbin:test_watch_for_state_change test" +- at: Change when files are copied +- baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES +- base.bbclass: Fix way to check ccache path +- bc: extend to nativesdk +- bind: upgrade to 9.18.10 +- busybox: always start do_compile with orig config files +- busybox: rm temporary files if do_compile was interrupted +- cairo: fix CVE patches assigned wrong CVE number +- cairo: update patch for :cve:`2019-6461` with upstream solution +- classes/create-spdx: Add SPDX_PRETTY option +- classes: image: Set empty weak default IMAGE_LINGUAS +- combo-layer: add sync-revs command +- combo-layer: dont use bb.utils.rename +- combo-layer: remove unused import +- curl: Correct LICENSE from MIT-open-group to curl +- cve-check: write the cve manifest to IMGDEPLOYDIR +- cve-update-db-native: avoid incomplete updates +- cve-update-db-native: show IP on failure +- dbus: Add missing CVE product name +- devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree +- devtool: process local files only for the main branch +- dhcpcd: backport two patches to fix runtime error +- docs: kernel-dev: faq: update tip on how to not include kernel in image +- docs: migration-4.0: specify variable name change for kernel inclusion in image recipe +- efibootmgr: update compilation with musl +- externalsrc: fix lookup for .gitmodules +- ffmpeg: refresh patches to apply cleanly +- freetype:update mirror site. +- gcc: Refactor linker patches and fix linker on arm with usrmerge +- glibc: stable 2.35 branch updates. +- go-crosssdk: avoid host contamination by GOCACHE +- gstreamer1.0: Fix race conditions in gstbin tests +- gstreamer1.0: upgrade to 1.20.5 +- gtk-icon-cache: Fix GTKIC_CMD if-else condition +- harfbuzz: remove bindir only if it exists +- kernel-fitimage: Adjust order of dtb/dtbo files +- kernel-fitimage: Allow user to select dtb when multiple dtb exists +- kernel.bbclass: remove empty module directories to prevent QA issues +- lib/buildstats: fix parsing of trees with reduced_proc_pressure directories +- lib/oe/reproducible: Use git log without gpg signature +- libepoxy: remove upstreamed patch +- libnewt: update 0.52.21 -> 0.52.23 +- libseccomp: fix typo in DESCRIPTION +- libxcrypt-compat: upgrade 4.4.30 -> 4.4.33 +- libxml2: fix test data checksums +- linux-firmware: upgrade 20221109 -> 20221214 +- linux-yocto/5.10: update to v5.10.152 +- linux-yocto/5.10: update to v5.10.154 +- linux-yocto/5.10: update to v5.10.160 +- linux-yocto/5.15: fix perf build with clang +- linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off +- linux-yocto/5.15: ltp and squashfs fixes +- linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy +- linux-yocto/5.15: update to v5.15.84 +- lsof: add update-alternatives logic +- lttng-modules: update 2.13.7 -> 2.13.8 +- manuals: add 4.0.5 and 4.0.6 release notes +- manuals: document SPDX_PRETTY variable +- mpfr: upgrade 4.1.0 -> 4.1.1 +- oeqa/concurrencytest: Add number of failures to summary output +- oeqa/rpm.py: Increase timeout and add debug output +- oeqa/selftest/externalsrc: add test for srctree_hash_files +- openssh: remove RRECOMMENDS to rng-tools for sshd package +- poky.conf: bump version for 4.0.7 +- qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image +- rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively +- rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work +- ruby: merge .inc into .bb +- ruby: update 3.1.2 -> 3.1.3 +- selftest/virgl: use pkg-config from the host +- tiff: Add packageconfig knob for webp +- toolchain-scripts: compatibility with unbound variable protection +- tzdata: update 2022d -> 2022g +- valgrind: skip the boost_thread test on arm +- xserver-xorg: upgrade 21.1.4 -> 21.1.6 +- xwayland: libxshmfence is needed when dri3 is enabled +- xwayland: upgrade 22.1.5 -> 22.1.7 +- yocto-check-layer: Allow OE-Core to be tested + + +Known Issues in Yocto-4.0.7 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.7 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alex Kiernan +- Alex Stewart +- Alexander Kanavin +- Antonin Godard +- Benoît Mauduit +- Bhabu Bindu +- Bruce Ashfield +- Carlos Alberto Lopez Perez +- Changqing Li +- Chen Qi +- Daniel Gomez +- Florin Diaconescu +- He Zhe +- Hitendra Prajapati +- Jagadeesh Krishnanjanappa +- Jan Kircher +- Jermain Horsman +- Jose Quaresma +- Joshua Watt +- KARN JYE LAU +- Kai Kang +- Khem Raj +- Luis +- Marta Rybczynska +- Martin Jansa +- Mathieu Dubois-Briand +- Michael Opdenacker +- Narpat Mali +- Ovidiu Panait +- Pavel Zhukov +- Peter Marko +- Petr Kubizňák +- Quentin Schulz +- Randy MacLeod +- Ranjitsinh Rathod +- Richard Purdie +- Robert Andersson +- Ross Burton +- Sandeep Gundlupet Raju +- Saul Wold +- Steve Sakoman +- Vivek Kumbhar +- Wang Mingyu +- Xiangyu Chen +- Yash Shinde +- Yogita Urade + + +Repositories / Downloads for Yocto-4.0.7 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.7 </poky/log/?h=yocto-4.0.7>` +- Git Revision: :yocto_git:`65dafea22018052fe7b2e17e6e4d7eb754224d38 </poky/commit/?id=65dafea22018052fe7b2e17e6e4d7eb754224d38>` +- Release Artefact: poky-65dafea22018052fe7b2e17e6e4d7eb754224d38 +- sha: 6b1b67600b84503e2d5d29bcd6038547339f4f9413b830cd2408df825eda642d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/poky-65dafea22018052fe7b2e17e6e4d7eb754224d38.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/poky-65dafea22018052fe7b2e17e6e4d7eb754224d38.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.7 </openembedded-core/log/?h=yocto-4.0.7>` +- Git Revision: :oe_git:`a8c82902384f7430519a31732a4bb631f21693ac </openembedded-core/commit/?id=a8c82902384f7430519a31732a4bb631f21693ac>` +- Release Artefact: oecore-a8c82902384f7430519a31732a4bb631f21693ac +- sha: 6f2dbc4ea1e388620ef77ac3a7bbb2b5956bb8bf9349b0c16cd7610e9996f5ea +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/oecore-a8c82902384f7430519a31732a4bb631f21693ac.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/oecore-a8c82902384f7430519a31732a4bb631f21693ac.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.7 </meta-mingw/log/?h=yocto-4.0.7>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.7 </meta-gplv2/log/?h=yocto-4.0.7>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.7 </bitbake/log/?h=yocto-4.0.7>` +- Git Revision: :oe_git:`7e268c107bb0240d583d2c34e24a71e373382509 </bitbake/commit/?id=7e268c107bb0240d583d2c34e24a71e373382509>` +- Release Artefact: bitbake-7e268c107bb0240d583d2c34e24a71e373382509 +- sha: c3e2899012358c95962c7a5c85cf98dc30c58eae0861c374124e96d9556bb901 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.7/bitbake-7e268c107bb0240d583d2c34e24a71e373382509.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.7/bitbake-7e268c107bb0240d583d2c34e24a71e373382509.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.7 </yocto-docs/log/?h=yocto-4.0.7>` +- Git Revision: :yocto_git:`5883e897c34f25401b358a597fb6e18d80f7f90b </yocto-docs/commit/?id=5883e897c34f25401b358a597fb6e18d80f7f90b>` + + diff --git a/documentation/migration-guides/release-notes-4.0.8.rst b/documentation/migration-guides/release-notes-4.0.8.rst new file mode 100644 index 0000000000..223b74fbaf --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.8.rst @@ -0,0 +1,217 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.8 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- apr-util: Fix :cve:`2022-25147` +- apr: Fix :cve:`2022-24963`, :cve:`2022-28331` and :cve:`2021-35940` +- bind: Fix :cve:`2022-3094`, :cve:`2022-3736` and :cve:`2022-3924` +- git: Ignore :cve:`2022-41953` +- git: Fix :cve:`2022-23521` and :cve:`2022-41903` +- libgit2: Fix :cve:`2023-22742` +- ppp: Fix :cve:`2022-4603` +- python3-certifi: Fix :cve:`2022-23491` +- sudo: Fix :cve:`2023-22809` +- tar: Fix :cve:`2022-48303` + + +Fixes in Yocto-4.0.8 +~~~~~~~~~~~~~~~~~~~~ + +- core-image.bbclass: Fix missing leading whitespace with ':append' +- populate_sdk_ext.bbclass: Fix missing leading whitespace with ':append' +- ptest-packagelists.inc: Fix missing leading whitespace with ':append' +- apr-util: upgrade to 1.6.3 +- apr: upgrade to 1.7.2 +- apt: fix do_package_qa failure +- bind: upgrade to 9.18.11 +- bitbake: bb/utils: include SSL certificate paths in export_proxies +- bitbake: bitbake-diffsigs: Make PEP8 compliant +- bitbake: bitbake-diffsigs: break on first dependent task difference +- bitbake: fetch2/git: Clarify the meaning of namespace +- bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata +- bitbake: fetch2/git: show SRCREV and git repo in error message about fixed SRCREV +- bitbake: siggen: Fix inefficient string concatenation +- bitbake: utils/ply: Update md5 to better report errors with hashlib +- bootchart2: Fix usrmerge support +- bsp-guide: fix broken git URLs and missing word +- build-appliance-image: Update to kirkstone head revision +- buildtools-tarball: set pkg-config search path +- classes/fs-uuid: Fix command output decoding issue +- dev-manual: common-tasks.rst: add link to FOSDEM 2023 video +- dev-manual: fix old override syntax +- devshell: Do not add scripts/git-intercept to PATH +- devtool: fix devtool finish when gitmodules file is empty +- diffutils: upgrade to 3.9 +- gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests +- git: upgrade to 2.35.7 +- glslang: branch rename master -> main +- httpserver: add error handler that write to the logger +- image.bbclass: print all QA functions exceptions +- kernel/linux-kernel-base: Fix kernel build artefact determinism issues +- libc-locale: Fix on target locale generation +- libgit2: upgrade to 1.4.5 +- libjpeg-turbo: upgrade to 2.1.5 +- libtirpc: Check if file exists before operating on it +- libusb1: Link with latomic only if compiler has no atomic builtins +- libusb1: Strip trailing whitespaces +- linux-firmware: upgrade to 20230117 +- linux-yocto/5.15: update to v5.15.91 +- lsof: fix old override syntax +- lttng-modules: Fix for 5.10.163 kernel version +- lttng-tools: upgrade to 2.13.9 +- make-mod-scripts: Ensure kernel build output is deterministic +- manuals: update patchwork instance URL +- meta: remove True option to getVar and getVarFlag calls (again) +- migration-guides: add release-notes for 4.0.7 +- native: Drop special variable handling +- numactl: skip test case when target platform doesn't have 2 CPU node +- oeqa context.py: fix --target-ip comment to include ssh port number +- oeqa dump.py: add error counter and stop after 5 failures +- oeqa qemurunner.py: add timeout to QMP calls +- oeqa qemurunner.py: try to avoid reading one character at a time +- oeqa qemurunner: read more data at a time from serial +- oeqa ssh.py: add connection keep alive options to ssh client +- oeqa ssh.py: move output prints to new line +- oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal +- oeqa/selftest/bbtests: Update message lookup for test_git_unpack_nonetwork_fail +- oeqa/selftest/locales: Add selftest for locale generation/presence +- poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder +- poky.conf: bump version for 4.0.8 +- profile-manual: update WireShark hyperlinks +- python3-pytest: depend on python3-tomli instead of python3-toml +- qemu: fix compile error +- quilt: fix intermittent failure in faildiff.test +- quilt: use upstreamed faildiff.test fix +- recipe_sanity: fix old override syntax +- ref-manual: document SSTATE_EXCLUDEDEPS_SYSROOT +- scons.bbclass: Make MAXLINELENGTH overridable +- scons: Pass MAXLINELENGTH to scons invocation +- sdkext/cases/devtool: pass a logger to HTTPService +- spirv-headers: set correct branch name +- sudo: upgrade to 1.9.12p2 +- system-requirements.rst: add Fedora 36 and AlmaLinux 8.7 to list of supported distros +- testimage: Fix error message to reflect new syntax +- update-alternatives: fix typos +- vulkan-samples: branch rename master -> main + + +Known Issues in Yocto-4.0.8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alexander Kanavin +- Alexandre Belloni +- Armin Kuster +- Arnout Vandecappelle +- Bruce Ashfield +- Changqing Li +- Chee Yang Lee +- Etienne Cordonnier +- Harald Seiler +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Louis Rannou +- Marek Vasut +- Marius Kriegerowski +- Mark Hatle +- Martin Jansa +- Mauro Queiros +- Michael Opdenacker +- Mikko Rapeli +- Mingli Yu +- Narpat Mali +- Niko Mauno +- Pawel Zalewski +- Peter Kjellerstedt +- Richard Purdie +- Rodolfo Quesada Zumbado +- Ross Burton +- Sakib Sajal +- Schmidt, Adriaan +- Steve Sakoman +- Thomas Roos +- Ulrich Ölmann +- Xiangyu Chen + + +Repositories / Downloads for Yocto-4.0.8 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.8 </poky/log/?h=yocto-4.0.8>` +- Git Revision: :yocto_git:`a361fb3df9c87cf12963a9d785a9f99faa839222 </poky/commit/?id=a361fb3df9c87cf12963a9d785a9f99faa839222>` +- Release Artefact: poky-a361fb3df9c87cf12963a9d785a9f99faa839222 +- sha: af4e8d64be27d3a408357c49b7952ce04c6d8bb0b9d7b50c48848d9355de7fc2 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.8/poky-a361fb3df9c87cf12963a9d785a9f99faa839222.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.8/poky-a361fb3df9c87cf12963a9d785a9f99faa839222.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.8 </openembedded-core/log/?h=yocto-4.0.8>` +- Git Revision: :oe_git:`b20e2134daec33fbb8ce358d984751d887752bd5 </openembedded-core/commit/?id=b20e2134daec33fbb8ce358d984751d887752bd5>` +- Release Artefact: oecore-b20e2134daec33fbb8ce358d984751d887752bd5 +- sha: 63cce6f1caf8428eefc1471351ab024affc8a41d8d7777f525e3aa9ea454d2cd +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.8/oecore-b20e2134daec33fbb8ce358d984751d887752bd5.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.8/oecore-b20e2134daec33fbb8ce358d984751d887752bd5.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.8 </meta-mingw/log/?h=yocto-4.0.8>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.8/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.8/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.8 </meta-gplv2/log/?h=yocto-4.0.8>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.8/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.8/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.8 </bitbake/log/?h=yocto-4.0.8>` +- Git Revision: :oe_git:`9bbdedc0ba7ca819b898e2a29a151d6a2014ca11 </bitbake/commit/?id=9bbdedc0ba7ca819b898e2a29a151d6a2014ca11>` +- Release Artefact: bitbake-9bbdedc0ba7ca819b898e2a29a151d6a2014ca11 +- sha: 8e724411f4df00737e81b33eb568f1f97d2a00d5364342c0a212c46abb7b005b +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.8/bitbake-9bbdedc0ba7ca819b898e2a29a151d6a2014ca11.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.8/bitbake-9bbdedc0ba7ca819b898e2a29a151d6a2014ca11.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.8 </yocto-docs/log/?h=yocto-4.0.8>` +- Git Revision: :yocto_git:`16ecbe028f2b9cc021267817a5413054e070b563 </yocto-docs/commit/?id=16ecbe028f2b9cc021267817a5413054e070b563>` + diff --git a/documentation/migration-guides/release-notes-4.0.9.rst b/documentation/migration-guides/release-notes-4.0.9.rst new file mode 100644 index 0000000000..236477443a --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.9.rst @@ -0,0 +1,249 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.0.9 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.9 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils: Fix :cve:`2023-22608` +- curl: Fix :cve:`2023-23914`, :cve:`2023-23915` and :cve:`2023-23916` +- epiphany: Fix :cve:`2023-26081` +- git: Ignore :cve:`2023-22743` +- glibc: Fix :cve:`2023-0687` +- gnutls: Fix :cve:`2023-0361` +- go: Fix :cve:`2022-2879`, :cve:`2022-41720` and :cve:`2022-41723` +- harfbuzz: Fix :cve:`2023-25193` +- less: Fix :cve:`2022-46663` +- libmicrohttpd: Fix :cve:`2023-27371` +- libsdl2: Fix :cve:`2022-4743` +- openssl: Fix :cve:`2022-3996`, :cve:`2023-0464`, :cve:`2023-0465` and :cve:`2023-0466` +- pkgconf: Fix :cve:`2023-24056` +- python3: Fix :cve:`2023-24329` +- shadow: Ignore :cve:`2016-15024` +- systemd: Fix :cve:`2022-4415` +- tiff: Fix :cve:`2023-0800`, :cve:`2023-0801`, :cve:`2023-0802`, :cve:`2023-0803` and :cve:`2023-0804` +- vim: Fix :cve:`2023-0433`, :cve:`2023-0512`, :cve:`2023-1127`, :cve:`2023-1170`, :cve:`2023-1175`, :cve:`2023-1264` and :cve:`2023-1355` +- xserver-xorg: Fix :cve:`2023-0494` +- xwayland: Fix :cve:`2023-0494` + + +Fixes in Yocto-4.0.9 +~~~~~~~~~~~~~~~~~~~~ + +- base-files: Drop localhost.localdomain from hosts file +- binutils: Fix nativesdk ld.so search +- bitbake: cookerdata: Drop dubious exception handling code +- bitbake: cookerdata: Improve early exception handling +- bitbake: cookerdata: Remove incorrect SystemExit usage +- bitbake: fetch/git: Fix local clone url to make it work with repo +- bitbake: utils: Allow to_boolean to support int values +- bmap-tools: switch to main branch +- buildtools-tarball: Handle spaces within user $PATH +- busybox: Fix depmod patch +- cracklib: update github branch to 'main' +- cups: add/fix web interface packaging +- cups: check PACKAGECONFIG for pam feature +- cups: use BUILDROOT instead of DESTDIR +- curl: fix dependencies when building with ldap/ldaps +- cve-check: Fix false negative version issue +- dbus: upgrade to 1.14.6 +- devtool/upgrade: do not delete the workspace/recipes directory +- dhcpcd: Fix install conflict when enable multilib. +- dhcpcd: fix dhcpcd start failure on qemuppc64 +- gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch +- glibc: Add missing binutils dependency +- image_types: fix multiubi var init +- iso-codes: upgrade to 4.13.0 +- json-c: Add ptest for json-c +- kernel-yocto: fix kernel-meta data detection +- lib/buildstats: handle tasks that never finished +- lib/resulttool: fix typo breaking resulttool log --ptest +- libjpeg-turbo: upgrade to 2.1.5.1 +- libmicrohttpd: upgrade to 0.9.76 +- libseccomp: fix for the ptest result format +- libssh2: Clean up ptest patch/coverage +- linux-firmware: add yamato fw files to qcom-adreno-a2xx package +- linux-firmware: properly set license for all Qualcomm firmware +- linux-firmware: upgrade to 20230210 +- linux-yocto-rt/5.15: update to -rt59 +- linux-yocto/5.10: upgrade to v5.10.175 +- linux-yocto/5.15: upgrade to v5.15.103 +- linux: inherit pkgconfig in kernel.bbclass +- lttng-modules: fix for kernel 6.2+ +- lttng-modules: upgrade to v2.13.9 +- lua: Fix install conflict when enable multilib. +- mdadm: Fix raid0, 06wrmostly and 02lineargrow tests +- meson: Fix wrapper handling of implicit setup command +- migration-guides: add 4.0.8 release notes +- nghttp2: never build python bindings +- oeqa rtc.py: skip if read-only-rootfs +- oeqa ssh.py: fix hangs in run() +- oeqa/sdk: Improve Meson test +- oeqa/selftest/prservice: Improve debug output for failure +- oeqa/selftest/resulttooltests: fix minor typo +- openssl: upgrade to 3.0.8 +- package.bbclase: Add check for /build in copydebugsources() +- patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak +- poky.conf: bump version for 4.0.9 +- populate_sdk_ext: Handle spaces within user $PATH +- pybootchartui: Fix python syntax issue +- python3-git: fix indent error +- python3-setuptools-rust-native: Add direct dependency of native python3 modules +- qemu: Revert "fix :cve:`2021-3507`" as not applicable for qemu 6.2 +- rsync: Add missing prototypes to function declarations +- rsync: Turn on -pedantic-errors at the end of 'configure' +- runqemu: kill qemu if it hangs +- scripts/lib/buildstats: handle top-level build_stats not being complete +- selftest/recipetool: Stop test corrupting tinfoil class +- selftest/runtime_test/virgl: Disable for all Rocky Linux +- selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR +- sstatesig: Improve output hash calculation +- staging/multilib: Fix manifest corruption +- staging: Separate out different multiconfig manifests +- sudo: update 1.9.12p2 -> 1.9.13p3 +- systemd.bbclass: Add /usr/lib/systemd to searchpaths as well +- systemd: add group sgx to udev package +- systemd: fix wrong nobody-group assignment +- timezone: use 'tz' subdir instead of ${WORKDIR} directly +- toolchain-scripts: Handle spaces within user $PATH +- tzcode-native: fix build with gcc-13 on host +- tzdata: use separate B instead of WORKDIR for zic output +- uninative: upgrade to 3.9 to include libgcc and glibc 2.37 +- vala: Fix install conflict when enable multilib. +- vim: add missing pkgconfig inherit +- vim: set modified-by to the recipe MAINTAINER +- vim: upgrade to 9.0.1429 +- wic: Fix usage of fstype=none in wic +- wireless-regdb: upgrade to 2023.02.13 +- xserver-xorg: upgrade to 21.1.7 +- xwayland: upgrade to 22.1.8 + + +Known Issues in Yocto-4.0.9 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.9 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Alexis Lothoré +- Bruce Ashfield +- Changqing Li +- Chee Yang Lee +- Dmitry Baryshkov +- Federico Pellegrin +- Geoffrey GIRY +- Hitendra Prajapati +- Hongxu Jia +- Joe Slater +- Kai Kang +- Kenfe-Mickael Laventure +- Khem Raj +- Martin Jansa +- Mateusz Marciniec +- Michael Halstead +- Michael Opdenacker +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Narpat Mali +- Pavel Zhukov +- Pawan Badganchi +- Peter Marko +- Piotr Łobacz +- Poonam Jadhav +- Randy MacLeod +- Richard Purdie +- Robert Yang +- Romuald Jeanne +- Ross Burton +- Sakib Sajal +- Saul Wold +- Shubham Kulkarni +- Siddharth Doshi +- Simone Weiss +- Steve Sakoman +- Tim Orling +- Tom Hochstein +- Trevor Woerner +- Ulrich Ölmann +- Vivek Kumbhar +- Wang Mingyu +- Xiangyu Chen +- Yash Shinde + + +Repositories / Downloads for Yocto-4.0.9 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.9 </poky/log/?h=yocto-4.0.9>` +- Git Revision: :yocto_git:`09def309f91929f47c6cce386016ccb777bd2cfc </poky/commit/?id=09def309f91929f47c6cce386016ccb777bd2cfc>` +- Release Artefact: poky-09def309f91929f47c6cce386016ccb777bd2cfc +- sha: 5c7ce209c8a6b37ec2898e5ca21858234d91999c11fa862880ba98e8bde62f63 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/poky-09def309f91929f47c6cce386016ccb777bd2cfc.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/poky-09def309f91929f47c6cce386016ccb777bd2cfc.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0.9 </openembedded-core/log/?h=yocto-4.0.9>` +- Git Revision: :oe_git:`ff4b57ffff903a93b710284c7c7f916ddd74712f </openembedded-core/commit/?id=ff4b57ffff903a93b710284c7c7f916ddd74712f>` +- Release Artefact: oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f +- sha: 726778ffc291136db1704316b196de979f68df9f96476b785e1791957fbb66b3 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.9 </meta-mingw/log/?h=yocto-4.0.9>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.9 </meta-gplv2/log/?h=yocto-4.0.9>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0.9 </bitbake/log/?h=yocto-4.0.9>` +- Git Revision: :oe_git:`2802adb572eb73a3eb2725a74a9bbdaafc543fa7 </bitbake/commit/?id=2802adb572eb73a3eb2725a74a9bbdaafc543fa7>` +- Release Artefact: bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7 +- sha: 5c6e713b5e26b3835c0773095c7a1bc1f8affa28316b33597220ed86f1f1b643 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0.9 </yocto-docs/log/?h=yocto-4.0.9>` +- Git Revision: :yocto_git:`86d0b38a97941ad52b1af220c7b801a399d50e93 </yocto-docs/commit/?id=86d0b38a97941ad52b1af220c7b801a399d50e93>` + diff --git a/documentation/migration-guides/release-notes-4.0.rst b/documentation/migration-guides/release-notes-4.0.rst new file mode 100644 index 0000000000..a5d66c0410 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.rst @@ -0,0 +1,937 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 4.0 (kirkstone) +--------------------------------- + +This is a Long Term Support release, published in April 2022, and supported at least for two years (April 2024). + +New Features / Enhancements in 4.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 5.15, glibc 2.35 and ~300 other recipe upgrades + +- Reproducibility: this release fixes the reproducibility issues with + ``rust-llvm`` and ``golang``. Recipes in OpenEmbedded-Core are now fully + reproducible. Functionality previously in the optional "reproducible" + class has been merged into the :ref:`ref-classes-base` class. + +- Network access is now disabled by default for tasks other than where it is expected to ensure build integrity (where host kernel supports it) + +- The Yocto Project now allows you to reuse the Shared State cache from + its autobuilder. If the network connection between our server and your + machine is faster than you would build recipes from source, you can + try to speed up your builds by using such Shared State and Hash + Equivalence by setting:: + + BB_SIGNATURE_HANDLER = "OEEquivHash" + BB_HASHSERVE = "auto" + BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687" + SSTATE_MIRRORS ?= "file://.* https://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH" + +- The Python package build process is now based on `wheels <https://pythonwheels.com/>`__ + in line with the upstream direction. + +- New :ref:`ref-classes-overlayfs` and :ref:`ref-classes-overlayfs-etc` classes and + ``overlayroot`` support in the :term:`Initramfs` framework to make it easier to + overlay read-only filesystems (for example) with + :wikipedia:`OverlayFS <OverlayFS>`. + +- Inclusive language adjustments to some variable names - see the + :ref:`4.0 migration guide <migration-4.0-inclusive-language>` for details. + +- New recipes: + + - ``buildtools-docs-tarball`` + - ``libptytty`` + - ``libxcvt`` + - ``lua`` + - ``nghttp2`` + - ``python3-alabaster`` + - ``python3-asn1crypto`` + - ``python3-babel`` + - ``python3-bcrypt`` + - ``python3-certifi`` + - ``python3-cffi`` + - ``python3-chardet`` + - ``python3-cryptography`` + - ``python3-cryptography-vectors`` + - ``python3-dtschema`` + - ``python3-flit-core`` + - ``python3-idna`` + - ``python3-imagesize`` + - ``python3-installer`` + - ``python3-iso8601`` + - ``python3-jsonpointer`` + - ``python3-jsonschema`` + - ``python3-ndg-httpsclient`` + - ``python3-ply`` + - ``python3-poetry-core`` + - ``python3-pretend`` + - ``python3-psutil`` + - ``python3-pyasn1`` + - ``python3-pycparser`` + - ``python3-pyopenssl`` + - ``python3-pyrsistent`` + - ``python3-pysocks`` + - ``python3-pytest-runner`` + - ``python3-pytest-subtests`` + - ``python3-pytz`` + - ``python3-requests`` + - ``python3-rfc3339-validator`` + - ``python3-rfc3986-validator`` + - ``python3-rfc3987`` + - ``python3-ruamel-yaml`` + - ``python3-semantic-version`` + - ``python3-setuptools-rust-native`` + - ``python3-snowballstemmer`` + - ``python3-sphinx`` + - ``python3-sphinxcontrib-applehelp`` + - ``python3-sphinxcontrib-devhelp`` + - ``python3-sphinxcontrib-htmlhelp`` + - ``python3-sphinxcontrib-jsmath`` + - ``python3-sphinxcontrib-qthelp`` + - ``python3-sphinxcontrib-serializinghtml`` + - ``python3-sphinx-rtd-theme`` + - ``python3-strict-rfc3339`` + - ``python3-tomli`` + - ``python3-typing-extensions`` + - ``python3-urllib3`` + - ``python3-vcversioner`` + - ``python3-webcolors`` + - ``python3-wheel`` + - ``repo`` + - ``seatd`` + +- Extended recipes to ``native``: ``wayland``, ``wayland-protocols`` + +- Shared state (sstate) improvements: + + - Switched to :wikipedia:`ZStandard (zstd) <Zstd>` instead + of Gzip, for better performance. + - Allow validation of sstate signatures against a list of keys + - Improved error messages and exception handling + +- BitBake enhancements: + + - Fetcher enhancements: + + - New :ref:`bitbake-user-manual/bitbake-user-manual-fetching:crate fetcher (\`\`crate://\`\`)` for Rust packages + - Added striplevel support to unpack + - git: Add a warning asking users to set a branch in git urls + - git: Allow git fetcher to support subdir param + - git: canonicalize ids in generated tarballs + - git: stop generated tarballs from leaking info + - npm: Put all downloaded files in the npm2 directory + - npmsw: Add support for duplicate dependencies without url + - npmsw: Add support for github prefix in npm shrinkwrap version + - ssh: now supports checkstatus, allows : in URLs (both required for use with sstate) and no longer requires username + - wget: add redirectauth parameter + - wget: add 30s timeout for checkstatus calls + + - Show warnings for append/prepend/remove operators combined with +=/.= + - Add bb.warnonce() and bb.erroronce() log methods + - Improved setscene task display + - Show elapsed time also for tasks with progress bars + - Improved cleanup on forced shutdown (either because of errors or Ctrl+C) + - contrib: Add Dockerfile for building PR service container + - Change file format of siginfo files to use zstd compressed json + - Display active tasks when printing keep-alive message to help debugging + +- Architecture-specific enhancements: + + - ARM: + + - tune-cortexa72: Enable the crc extension by default for cortexa72 + - qemuarm64: Add tiny ktype to qemuarm64 bsp + - armv9a/tune: Add the support for the Neoverse N2 core + - arch-armv8-5a.inc: Add tune include for armv8.5a + - grub-efi: Add xen_boot support when 'xen' is in :term:`DISTRO_FEATURES` for aarch64 + - tune-cortexa73: Introduce cortexa73-crypto tune + - libacpi: Build libacpi also for 'aarch64' machines + - core-image-tiny-initramfs: Mark recipe as 32 bit ARM compatible + + - PowerPC: + + - weston-init: Use pixman rendering for qemuppc64 + - rust: add support for big endian 64-bit PowerPC + - rust: Add snapshot checksums for powerpc64le + + - RISC-V: + + - libunwind: Enable for rv64 + - systemtap: Enable for riscv64 + - linux-yocto-dev: add qemuriscv32 + - packagegroup-core-tools-profile: Enable systemtap for riscv64 + - qemuriscv: Use virtio-tablet-pci for mouse + + - x86: + + - kernel-yocto: conditionally enable stack protection checking on x86-64 + +- Kernel-related enhancements: + + - Allow :term:`Initramfs` to be built from a separate multiconfig + - Make kernel-base recommend kernel-image, not depend (allowing images containing kernel modules without kernel image) + - linux-yocto: split vtpm for more granular inclusion + - linux-yocto: cfg/debug: add configs for kcsan + - linux-yocto: cfg: add kcov feature fragment + - linux-yocto: export pkgconfig variables to devshell + - linux-yocto-dev: use versioned branch as default + - New :term:`KERNEL_DEBUG_TIMESTAMPS` variable (to replace removed ``BUILD_REPRODUCIBLE_BINARIES`` for the kernel) + - Introduce python3-dtschema-wrapper in preparation for mandatory schema checking on dtb files in 5.16 + - Allow disabling kernel artifact symlink creation + - Allow changing default .bin kernel artifact extension + +- FIT image related enhancements: + + - New ``FIT_SUPPORTED_INITRAMFS_FSTYPES`` variable to allow extending :term:`Initramfs` image types to look for + - New ``FIT_CONF_PREFIX`` variable to allow overriding FIT configuration prefix + - Use 'bbnote' for better logging + +- New :term:`PACKAGECONFIG` options in ``curl``, ``dtc``, ``epiphany``, ``git``, ``git``, ``gstreamer1.0-plugins-bad``, ``linux-yocto-dev``, ``kmod``, ``mesa``, ``piglit``, ``qemu``, ``rpm``, ``systemd``, ``webkitgtk``, ``weston-init`` +- ptest enhancements in ``findutils``, ``lttng-tools``, ``openssl``, ``gawk``, ``strace``, ``lttng-tools``, ``valgrind``, ``perl``, ``libxml-parser-perl``, ``openssh``, ``python3-cryptography``, ``popt`` + +- Sysroot dependencies have been further optimised +- Significant effort to upstream / rationalise patches across a variety of recipes +- Allow the creation of block devices on top of UBI volumes +- archiver: new ARCHIVER_MODE[compression] to set tarball compression, and switch default to xz +- yocto-check-layer: add ability to perform tests from a global bbclass +- yocto-check-layer: improved README checks +- cve-check: add json output format +- cve-check: add coverage statistics on recipes with/without CVEs +- Added mirrors for kernel sources and uninative binaries on kernel.org +- glibc and binutils recipes now use shallow mirror tarballs for faster fetching +- When patching fails, show more information on the fatal error + +- wic Image Creator enhancements: + + - Support rootdev identified by partition label + - rawcopy: Add support for packed images + - partition: Support valueless keys in sourceparams + +- QA check enhancements: + + - Allow treating license issues as errors + - Added a check that Upstream-Status patch tag is present and correctly formed + - Added a check for directories that are expected to be empty + - Ensure addition of patch-fuzz retriggers do_qa_patch + - Added a sanity check for allarch packagegroups + +- :ref:`ref-classes-create-spdx` class improvements: + + - Get SPDX-License-Identifier from source files + - Generate manifest also for SDKs + - New SPDX_ORG variable to allow changing the Organization field value + - Added packageSupplier field + - Added create_annotation function + +- devtool add / recipetool create enhancements: + + - Extend curl detection when creating recipes + - Handle GitLab URLs like we do GitHub + - Recognize more standard license text variants + - Separate licenses with & operator + - Detect more known licenses in Python code + - Move license md5sums data into CSV files + - npm: Use README as license fallback + +- SDK-related enhancements: + + - Extended recipes to :ref:`ref-classes-nativesdk`: ``cargo``, + ``librsvg``, ``libstd-rs``, ``libva``, ``python3-docutil``, ``python3-packaging`` + - Enabled :ref:`ref-classes-nativesdk` recipes to find a correct version + of the rust cross compiler + - Support creating per-toolchain cmake file in SDK + +- Rust enhancements: + + - New python_setuptools3_rust class to enable building python extensions in Rust + - classes/meson: Add optional rust definitions + +- QEMU / runqemu enhancements: + + - qemu: Add knob for enabling PMDK pmem support + - qemu: add tpm string section to qemu acpi table + - qemu: Build on musl targets + - runqemu: support rootfs mounted ro + - runqemu: add :term:`DEPLOY_DIR_IMAGE` replacement in QB_OPT_APPEND + - runqemu: Allow auto-detection of the correct graphics options + +- Capped ``cpu_count()`` (used to set parallelisation defaults) to 64 since any higher usually hurts parallelisation +- Adjust some GL-using recipes so that they only require virtual/egl +- package_rpm: use zstd instead of xz +- npm: new ``EXTRA_OENPM`` variable (to set node-gyp variables for example) +- npm: new ``NPM_NODEDIR`` variable +- perl: Enable threading +- u-boot: Convert ${UBOOT_ENV}.cmd into ${UBOOT_ENV}.scr +- u-boot: Split do_configure logic into separate file +- go.bbclass: Allow adding parameters to go ldflags +- go: log build id computations +- scons: support out-of-tree builds +- scripts: Add a conversion script to use SPDX license names +- scripts: Add convert-variable-renames script for inclusive language variable renaming +- binutils-cross-canadian: enable gold for mingw +- grub-efi: Add option to include all available modules +- bitbake.conf: allow wayland distro feature through for native/SDK builds +- weston-init: Pass --continue-without-input when launching weston +- weston: wrapper for weston modules argument +- weston: Add a knob to control simple clients +- uninative: Add version to uninative tarball name +- volatile-binds: SELinux and overlayfs extensions in mount-copybind +- gtk-icon-cache: Allow using gtk4 +- kmod: Add an exclude directive to depmod +- os-release: add os-release-initrd package for use in systemd-based :term:`Initramfs` images +- gstreamer1.0-plugins-base: add support for graphene +- gpg-sign: Add parameters to gpg signature function +- package_manager: sign DEB package feeds +- zstd: add libzstd package +- libical: build gobject and vala introspection +- dhcpcd: add option to set DBDIR location +- rpcbind: install rpcbind.conf +- mdadm: install mdcheck +- boost: add json lib +- libxkbcommon: allow building of API documentation +- libxkbcommon: split libraries and xkbcli into separate packages +- systemd: move systemd shared library into its own package +- systemd: Minimize udev package size if :term:`DISTRO_FEATURES` doen't contain sysvinit + +Known Issues in 4.0 +~~~~~~~~~~~~~~~~~~~ + +- ``make`` version 4.2.1 is known to be buggy on non-Ubuntu systems. If this ``make`` + version is detected on host distributions other than Ubuntu at build start time, + then a warning will be displayed. + +Recipe License changes in 4.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +* cmake: add BSD-1-Clause & MIT & BSD-2-Clause to :term:`LICENSE` due to additional vendored libraries in native/target context +* gettext: extend :term:`LICENSE` conditional upon :term:`PACKAGECONFIG` (due to vendored libraries) +* gstreamer1.0: update licenses of all modules to LGPL-2.1-or-later (with some exceptions that are GPL-2.0-or-later) +* gstreamer1.0-plugins-bad/ugly: use the GPL-2.0-or-later only when it is in use +* kern-tools-native: add missing MIT license due to Kconfiglib +* libcap: add pam_cap license to :term:`LIC_FILES_CHKSUM` if pam is enabled +* libidn2: add Unicode-DFS-2016 license +* libsdl2: add BSD-2-Clause to :term:`LICENSE` due to default yuv2rgb and hidapi inclusion +* libx11-compose-data: update :term:`LICENSE` to "MIT & MIT-style & BSD-1-Clause & HPND & HPND-sell-variant" to better reflect reality +* libx11: update :term:`LICENSE` to "MIT & MIT-style & BSD-1-Clause & HPND & HPND-sell-variant" to better reflect reality +* libxshmfence: correct :term:`LICENSE` - MIT -> HPND +* newlib: add BSD-3-Clause to :term:`LICENSE` +* python3-idna: correct :term:`LICENSE` - Unicode -> Unicode-TOU +* python3-pip: add "Apache-2.0 & MPL-2.0 & LGPL-2.1-only & BSD-3-Clause & PSF-2.0 & BSD-2-Clause" to :term:`LICENSE` due to vendored libraries + +Other license-related notes: + +- The ambiguous "BSD" license has been removed from the ``common-licenses`` directory. + Each recipe that fetches or builds BSD-licensed code should specify the proper + version of the BSD license in its :term:`LICENSE` value. + +- :term:`LICENSE` definitions now have to use `SPDX identifiers <https://spdx.org/licenses/>`__. + A :oe_git:`convert-spdx-licenses.py </openembedded-core/tree/scripts/contrib/convert-spdx-licenses.py>` + script can be used to update your recipes. + + + +Security Fixes in 4.0 +~~~~~~~~~~~~~~~~~~~~~ + +- binutils: :cve:`2021-42574`, :cve:`2021-45078` +- curl: :cve:`2021-22945`, :cve:`2021-22946`, :cve:`2021-22947` +- epiphany: :cve:`2021-45085`, :cve:`2021-45086`, :cve:`2021-45087`, :cve:`2021-45088` +- expat: :cve:`2021-45960`, :cve:`2021-46143`, :cve:`2022-22822`, :cve:`2022-22823`, :cve:`2022-22824`, :cve:`2022-22825`, :cve:`2022-22826`, :cve:`2022-22827`, :cve:`2022-23852`, :cve:`2022-23990`, :cve:`2022-25235`, :cve:`2022-25236`, :cve:`2022-25313`, :cve:`2022-25314`, :cve:`2022-25315` +- ffmpeg: :cve:`2021-38114` +- gcc: :cve:`2021-35465`, :cve:`2021-42574`, :cve:`2021-46195`, :cve:`2022-24765` +- glibc: :cve:`2021-3998`, :cve:`2021-3999`, :cve:`2021-43396`, :cve:`2022-23218`, :cve:`2022-23219` +- gmp: :cve:`2021-43618` +- go: :cve:`2021-41771` and :cve:`2021-41772` +- grub2: :cve:`2021-3981` +- gzip: :cve:`2022-1271` +- libarchive : :cve:`2021-31566`, :cve:`2021-36976` +- libxml2: :cve:`2022-23308` +- libxslt: :cve:`2021-30560` +- lighttpd: :cve:`2022-22707` +- linux-yocto/5.10: amdgpu: :cve:`2021-42327` +- lua: :cve:`2021-43396` +- openssl: :cve:`2021-4044`, :cve:`2022-0778` +- qemu: :cve:`2022-1050`, :cve:`2022-26353`, :cve:`2022-26354` +- rpm: :cve:`2021-3521` +- seatd: :cve:`2022-25643` +- speex: :cve:`2020-23903` +- squashfs-tools: :cve:`2021-41072` +- systemd: :cve:`2021-4034` +- tiff: :cve:`2022-0561`, :cve:`2022-0562`, :cve:`2022-0865`, :cve:`2022-0891`, :cve:`2022-0907`, :cve:`2022-0908`, :cve:`2022-0909`, :cve:`2022-0924`, :cve:`2022-1056`, :cve:`2022-22844` +- unzip: :cve:`2021-4217` +- vim: :cve:`2021-3796`, :cve:`2021-3872`, :cve:`2021-3875`, :cve:`2021-3927`, :cve:`2021-3928`, :cve:`2021-3968`, :cve:`2021-3973`, :cve:`2021-4187`, :cve:`2022-0128`, :cve:`2022-0156`, :cve:`2022-0158`, :cve:`2022-0261`, :cve:`2022-0318`, :cve:`2022-0319`, :cve:`2022-0554`, :cve:`2022-0696`, :cve:`2022-0714`, :cve:`2022-0729`, :cve:`2022-0943` +- virglrenderer: :cve:`2022-0135`, :cve:`2022-0175` +- webkitgtk: :cve:`2022-22589`, :cve:`2022-22590`, :cve:`2022-22592` +- xz: :cve:`2022-1271` +- zlib: :cve:`2018-25032` + + + +Recipe Upgrades in 4.0 +~~~~~~~~~~~~~~~~~~~~~~ + +- acpica: upgrade 20210730 -> 20211217 +- acpid: upgrade 2.0.32 -> 2.0.33 +- adwaita-icon-theme: update 3.34/38 -> 41.0 +- alsa-ucm-conf: upgrade 1.2.6.2 -> 1.2.6.3 +- alsa: upgrade 1.2.5 -> 1.2.6 +- apt: upgrade 2.2.4 -> 2.4.3 +- asciidoc: upgrade 9.1.0 -> 10.0.0 +- atk: upgrade 2.36.0 -> 2.38.0 +- at-spi2-core: upgrade 2.40.3 -> 2.42.0 +- at: update 3.2.2 -> 3.2.5 +- autoconf-archive: upgrade 2021.02.19 -> 2022.02.11 +- automake: update 1.16.3 -> 1.16.5 +- bash: upgrade 5.1.8 -> 5.1.16 +- bind: upgrade 9.16.20 -> 9.18.1 +- binutils: Bump to latest 2.38 release branch +- bison: upgrade 3.7.6 -> 3.8.2 +- bluez5: upgrade 5.61 -> 5.64 +- boost: update 1.77.0 -> 1.78.0 +- btrfs-tools: upgrade 5.13.1 -> 5.16.2 +- buildtools-installer: Update to use 3.4 +- busybox: 1.34.0 -> 1.35.0 +- ca-certificates: update 20210119 -> 20211016 +- cantarell-fonts: update 0.301 -> 0.303.1 +- ccache: upgrade 4.4 -> 4.6 +- cmake: update 3.21.1 -> 3.22.3 +- connman: update 1.40 -> 1.41 +- coreutils: update 8.32 -> 9.0 +- cracklib: update 2.9.5 -> 2.9.7 +- createrepo-c: upgrade 0.17.4 -> 0.19.0 +- cronie: upgrade 1.5.7 -> 1.6.0 +- cups: update 2.3.3op2 -> 2.4.1 +- curl: update 7.78.0 -> 7.82.0 +- dbus: upgrade 1.12.20 -> 1.14.0 +- debianutils: update 4.11.2 -> 5.7 +- dhcpcd: upgrade 9.4.0 -> 9.4.1 +- diffoscope: upgrade 181 -> 208 +- dnf: upgrade 4.8.0 -> 4.11.1 +- dpkg: update 1.20.9 -> 1.21.4 +- e2fsprogs: upgrade 1.46.4 -> 1.46.5 +- ed: upgrade 1.17 -> 1.18 +- efivar: update 37 -> 38 +- elfutils: update 0.185 -> 0.186 +- ell: upgrade 0.43 -> 0.49 +- enchant2: upgrade 2.3.1 -> 2.3.2 +- epiphany: update 40.3 -> 42.0 +- erofs-utils: update 1.3 -> 1.4 +- ethtool: update to 5.16 +- expat: upgrade 2.4.1 -> 2.4.7 +- ffmpeg: update 4.4 -> 5.0 +- file: upgrade 5.40 -> 5.41 +- findutils: upgrade 4.8.0 -> 4.9.0 +- flac: upgrade 1.3.3 -> 1.3.4 +- freetype: upgrade 2.11.0 -> 2.11.1 +- fribidi: upgrade 1.0.10 -> 1.0.11 +- gawk: update 5.1.0 -> 5.1.1 +- gcompat: Update to latest +- gdbm: upgrade 1.19 -> 1.23 +- gdb: Upgrade to 11.2 +- ghostscript: update 9.54.0 -> 9.55.0 +- gi-docgen: upgrade 2021.7 -> 2022.1 +- git: update 2.33.0 -> 2.35.2 +- glib-2.0: update 2.68.4 -> 2.72.0 +- glibc: Upgrade to 2.35 +- glib-networking: update 2.68.2 -> 2.72.0 +- glslang: update 11.5.0 -> 11.8.0 +- gnu-config: update to latest revision +- gnupg: update 2.3.1 -> 2.3.4 +- gnutls: update 3.7.2 -> 3.7.4 +- gobject-introspection: upgrade 1.68.0 -> 1.72.0 +- go-helloworld: update to latest revision +- go: update 1.16.7 -> 1.17.8 +- gpgme: upgrade 1.16.0 -> 1.17.1 +- gsettings-desktop-schemas: upgrade 40.0 -> 42.0 +- gst-devtools: 1.18.4 -> 1.20.1 +- gst-examples: 1.18.4 -> 1.18.6 +- gstreamer1.0: 1.18.4 -> 1.20.1 +- gstreamer1.0-libav: 1.18.4 -> 1.20.1 +- gstreamer1.0-omx: 1.18.4 -> 1.20.1 +- gstreamer1.0-plugins-bad: 1.18.4 1.20.1 +- gstreamer1.0-plugins-base: 1.18.4 -> 1.20.1 +- gstreamer1.0-plugins-good: 1.18.4 -> 1.20.1 +- gstreamer1.0-plugins-ugly: 1.18.4 -> 1.20.1 +- gstreamer1.0-python: 1.18.4 -> 1.20.1 +- gstreamer1.0-rtsp-server: 1.18.4 -> 1.20.1 +- gstreamer1.0-vaapi: 1.18.4 -> 1.20.1 +- gtk+3: upgrade 3.24.30 -> 3.24.33 +- gzip: upgrade 1.10 -> 1.12 +- harfbuzz: upgrade 2.9.0 -> 4.0.1 +- hdparm: upgrade 9.62 -> 9.63 +- help2man: upgrade 1.48.4 -> 1.49.1 +- icu: update 69.1 -> 70.1 +- ifupdown: upgrade 0.8.36 -> 0.8.37 +- inetutils: update 2.1 -> 2.2 +- init-system-helpers: upgrade 1.60 -> 1.62 +- iproute2: update to 5.17.0 +- iputils: update 20210722 to 20211215 +- iso-codes: upgrade 4.6.0 -> 4.9.0 +- itstool: update 2.0.6 -> 2.0.7 +- iw: upgrade 5.9 -> 5.16 +- json-glib: upgrade 1.6.4 -> 1.6.6 +- kea: update 1.8.2 -> 2.0.2 +- kexec-tools: update 2.0.22 -> 2.0.23 +- less: upgrade 590 -> 600 +- libarchive: upgrade 3.5.1 -> 3.6.1 +- libatomic-ops: upgrade 7.6.10 -> 7.6.12 +- libbsd: upgrade 0.11.3 -> 0.11.5 +- libcap: update 2.51 -> 2.63 +- libcgroup: upgrade 2.0 -> 2.0.1 +- libcomps: upgrade 0.1.17 -> 0.1.18 +- libconvert-asn1-perl: upgrade 0.31 -> 0.33 +- libdazzle: upgrade 3.40.0 -> 3.44.0 +- libdnf: update 0.63.1 -> 0.66.0 +- libdrm: upgrade 2.4.107 -> 2.4.110 +- libedit: upgrade 20210714-3.1 -> 20210910-3.1 +- liberation-fonts: update 2.1.4 -> 2.1.5 +- libevdev: upgrade 1.11.0 -> 1.12.1 +- libexif: update 0.6.22 -> 0.6.24 +- libgit2: update 1.1.1 -> 1.4.2 +- libgpg-error: update 1.42 -> 1.44 +- libhandy: update 1.2.3 -> 1.5.0 +- libical: upgrade 3.0.10 -> 3.0.14 +- libinput: update to 1.19.3 +- libjitterentropy: update 3.1.0 -> 3.4.0 +- libjpeg-turbo: upgrade 2.1.1 -> 2.1.3 +- libmd: upgrade 1.0.3 -> 1.0.4 +- libmicrohttpd: upgrade 0.9.73 -> 0.9.75 +- libmodulemd: upgrade 2.13.0 -> 2.14.0 +- libpam: update 1.5.1 -> 1.5.2 +- libpcre2: upgrade 10.37 -> 10.39 +- libpipeline: upgrade 1.5.3 -> 1.5.5 +- librepo: upgrade 1.14.1 -> 1.14.2 +- librsvg: update 2.40.21 -> 2.52.7 +- libsamplerate0: update 0.1.9 -> 0.2.2 +- libsdl2: update 2.0.16 -> 2.0.20 +- libseccomp: update to 2.5.3 +- libsecret: upgrade 0.20.4 -> 0.20.5 +- libsndfile1: bump to version 1.0.31 +- libsolv: upgrade 0.7.19 -> 0.7.22 +- libsoup-2.4: upgrade 2.72.0 -> 2.74.2 +- libsoup: add a recipe for 3.0.5 +- libssh2: update 1.9.0 -> 1.10.0 +- libtasn1: upgrade 4.17.0 -> 4.18.0 +- libtool: Upgrade 2.4.6 -> 2.4.7 +- libucontext: Upgrade to 1.2 release +- libunistring: update 0.9.10 -> 1.0 +- libunwind: upgrade 1.5.0 -> 1.6.2 +- liburcu: upgrade 0.13.0 -> 0.13.1 +- libusb1: upgrade 1.0.24 -> 1.0.25 +- libuv: update 1.42.0 -> 1.44.1 +- libva: update 2.12.0 -> 2.14.0 +- libva-utils: upgrade 2.13.0 -> 2.14.0 +- libwebp: 1.2.1 -> 1.2.2 +- libwpe: upgrade 1.10.1 -> 1.12.0 +- libx11: update to 1.7.3.1 +- libxcrypt: upgrade 4.4.26 -> 4.4.27 +- libxcrypt-compat: upgrade 4.4.26 -> 4.4.27 +- libxi: update to 1.8 +- libxkbcommon: update to 1.4.0 +- libxml2: update to 2.9.13 +- libxslt: update to v1.1.35 +- lighttpd: update 1.4.59 -> 1.4.64 +- linux-firmware: upgrade 20210818 -> 20220310 +- linux-libc-headers: update to v5.16 +- linux-yocto/5.10: update to v5.10.109 +- linux-yocto/5.15: introduce recipes (v5.15.32) +- linux-yocto-dev: update to v5.18+ +- linux-yocto-rt/5.10: update to -rt61 +- linux-yocto-rt/5.15: update to -rt34 +- llvm: update 12.0.1 -> 13.0.1 +- logrotate: update 3.18.1 -> 3.19.0 +- lsof: update 4.91 -> 4.94.0 +- ltp: update 20210927 -> 20220121 +- ltp: Update to 20210927 +- lttng-modules: update devupstream to latest 2.13 +- lttng-modules: update to 2.13.3 +- lttng-tools: upgrade 2.13.0 -> 2.13.4 +- lttng-ust: upgrade 2.13.0 -> 2.13.2 +- lua: update 5.3.6 -> 5.4.4 +- lzip: upgrade 1.22 -> 1.23 +- man-db: upgrade 2.9.4 -> 2.10.2 +- man-pages: update to 5.13 +- mdadm: update 4.1 -> 4.2 +- mesa: upgrade 21.2.1 -> 22.0.0 +- meson: update 0.58.1 -> 0.61.3 +- minicom: Upgrade 2.7.1 -> 2.8 +- mmc-utils: upgrade to latest revision +- mobile-broadband-provider-info: upgrade 20210805 -> 20220315 +- mpg123: upgrade 1.28.2 -> 1.29.3 +- msmtp: upgrade 1.8.15 -> 1.8.20 +- mtd-utils: upgrade 2.1.3 -> 2.1.4 +- mtools: upgrade 4.0.35 -> 4.0.38 +- musl: Update to latest master +- ncurses: update 6.2 -> 6.3 +- newlib: Upgrade 4.1.0 -> 4.2.0 +- nfs-utils: upgrade 2.5.4 -> 2.6.1 +- nghttp2: upgrade 1.45.1 -> 1.47.0 +- ofono: upgrade 1.32 -> 1.34 +- opensbi: Upgrade to 1.0 +- openssh: upgrade 8.7p1 -> 8.9 +- openssl: update 1.1.1l -> 3.0.2 +- opkg: upgrade 0.4.5 -> 0.5.0 +- opkg-utils: upgrade 0.4.5 -> 0.5.0 +- ovmf: update 202105 -> 202202 +- p11-kit: update 0.24.0 -> 0.24.1 +- pango: upgrade 1.48.9 -> 1.50.4 +- patchelf: upgrade 0.13 -> 0.14.5 +- perl-cross: update 1.3.6 -> 1.3.7 +- perl: update 5.34.0 -> 5.34.1 +- piglit: upgrade to latest revision +- pigz: upgrade 2.6 -> 2.7 +- pinentry: update 1.1.1 -> 1.2.0 +- pkgconfig: Update to latest +- psplash: upgrade to latest revision +- puzzles: upgrade to latest revision +- python3-asn1crypto: upgrade 1.4.0 -> 1.5.1 +- python3-attrs: upgrade 21.2.0 -> 21.4.0 +- python3-cryptography: Upgrade to 36.0.2 +- python3-cryptography-vectors: upgrade to 36.0.2 +- python3-cython: upgrade 0.29.24 -> 0.29.28 +- python3-dbusmock: update to 0.27.3 +- python3-docutils: upgrade 0.17.1 0.18.1 +- python3-dtschema: upgrade 2021.10 -> 2022.1 +- python3-gitdb: upgrade 4.0.7 -> 4.0.9 +- python3-git: update to 3.1.27 +- python3-hypothesis: upgrade 6.15.0 -> 6.39.5 +- python3-imagesize: upgrade 1.2.0 -> 1.3.0 +- python3-importlib-metadata: upgrade 4.6.4 -> 4.11.3 +- python3-jinja2: upgrade 3.0.1 -> 3.1.1 +- python3-jsonschema: upgrade 3.2.0 -> 4.4.0 +- python3-libarchive-c: upgrade 3.1 -> 4.0 +- python3-magic: upgrade 0.4.24 -> 0.4.25 +- python3-mako: upgrade 1.1.5 -> 1.1.6 +- python3-markdown: upgrade 3.3.4 -> 3.3.6 +- python3-markupsafe: upgrade 2.0.1 -> 2.1.1 +- python3-more-itertools: upgrade 8.8.0 -> 8.12.0 +- python3-numpy: upgrade 1.21.2 -> 1.22.3 +- python3-packaging: upgrade 21.0 -> 21.3 +- python3-pathlib2: upgrade 2.3.6 -> 2.3.7 +- python3-pbr: upgrade 5.6.0 -> 5.8.1 +- python3-pip: update 21.2.4 -> 22.0.3 +- python3-pycairo: upgrade 1.20.1 -> 1.21.0 +- python3-pycryptodome: upgrade 3.10.1 -> 3.14.1 +- python3-pyelftools: upgrade 0.27 -> 0.28 +- python3-pygments: upgrade 2.10.0 -> 2.11.2 +- python3-pygobject: upgrade 3.40.1 -> 3.42.0 +- python3-pyparsing: update to 3.0.7 +- python3-pyrsistent: upgrade 0.18.0 -> 0.18.1 +- python3-pytest-runner: upgrade 5.3.1 -> 6.0.0 +- python3-pytest-subtests: upgrade 0.6.0 -> 0.7.0 +- python3-pytest: upgrade 6.2.4 -> 7.1.1 +- python3-pytz: upgrade 2021.3 -> 2022.1 +- python3-py: upgrade 1.10.0 -> 1.11.0 +- python3-pyyaml: upgrade 5.4.1 -> 6.0 +- python3-ruamel-yaml: upgrade 0.17.16 -> 0.17.21 +- python3-scons: upgrade 4.2.0 -> 4.3.0 +- python3-setuptools-scm: upgrade 6.0.1 -> 6.4.2 +- python3-setuptools: update to 59.5.0 +- python3-smmap: update to 5.0.0 +- python3-tomli: upgrade 1.2.1 -> 2.0.1 +- python3: update to 3.10.3 +- python3-urllib3: upgrade 1.26.8 -> 1.26.9 +- python3-zipp: upgrade 3.5.0 -> 3.7.0 +- qemu: update 6.0.0 -> 6.2.0 +- quilt: upgrade 0.66 -> 0.67 +- re2c: upgrade 2.2 -> 3.0 +- readline: upgrade 8.1 -> 8.1.2 +- repo: upgrade 2.17.3 -> 2.22 +- resolvconf: update 1.87 -> 1.91 +- rng-tools: upgrade 6.14 -> 6.15 +- rpcsvc-proto: upgrade 1.4.2 -> 1.4.3 +- rpm: update 4.16.1.3 -> 4.17.0 +- rt-tests: update 2.1 -> 2.3 +- ruby: update 3.0.2 -> 3.1.1 +- rust: update 1.54.0 -> 1.59.0 +- rxvt-unicode: upgrade 9.26 -> 9.30 +- screen: upgrade 4.8.0 -> 4.9.0 +- shaderc: update 2021.1 -> 2022.1 +- shadow: upgrade 4.9 -> 4.11.1 +- socat: upgrade 1.7.4.1 -> 1.7.4.3 +- spirv-headers: bump to b42ba6 revision +- spirv-tools: update 2021.2 -> 2022.1 +- sqlite3: upgrade 3.36.0 -> 3.38.2 +- strace: update 5.14 -> 5.16 +- stress-ng: upgrade 0.13.00 -> 0.13.12 +- sudo: update 1.9.7p2 -> 1.9.10 +- sysklogd: upgrade 2.2.3 -> 2.3.0 +- sysstat: upgrade 12.4.3 -> 12.4.5 +- systemd: update 249.3 -> 250.4 +- systemtap: upgrade 4.5 -> 4.6 +- sysvinit: upgrade 2.99 -> 3.01 +- tzdata: update to 2022a +- u-boot: upgrade 2021.07 -> 2022.01 +- uninative: Upgrade to 3.6 with gcc 12 support +- util-linux: update 2.37.2 -> 2.37.4 +- vala: upgrade 0.52.5 -> 0.56.0 +- valgrind: update 3.17.0 -> 3.18.1 +- vim: upgrade to 8.2 patch 4681 +- vte: upgrade 0.64.2 -> 0.66.2 +- vulkan-headers: upgrade 1.2.182 -> 1.2.191 +- vulkan-loader: upgrade 1.2.182 -> 1.2.198.1 +- vulkan-samples: update to latest revision +- vulkan-tools: upgrade 1.2.182 -> 1.2.191 +- vulkan: update 1.2.191.0 -> 1.3.204.1 +- waffle: update 1.6.1 -> 1.7.0 +- wayland-protocols: upgrade 1.21 -> 1.25 +- wayland: upgrade 1.19.0 -> 1.20.0 +- webkitgtk: upgrade 2.34.0 -> 2.36.0 +- weston: upgrade 9.0.0 -> 10.0.0 +- wget: update 1.21.1 -> 1.21.3 +- wireless-regdb: upgrade 2021.07.14 -> 2022.02.18 +- wpa-supplicant: update 2.9 -> 2.10 +- wpebackend-fdo: upgrade 1.10.0 -> 1.12.0 +- xauth: upgrade 1.1 -> 1.1.1 +- xf86-input-libinput: update to 1.2.1 +- xf86-video-intel: update to latest commit +- xkeyboard-config: update to 2.35.1 +- xorgproto: update to 2021.5 +- xserver-xorg: update 1.20.13 -> 21.1.3 +- xwayland: update 21.1.2 -> 22.1.0 +- xxhash: upgrade 0.8.0 -> 0.8.1 +- zstd: update 1.5.0 -> 1.5.2 + + + +Contributors to 4.0 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Abongwa Amahnui Bonalais +- Adriaan Schmidt +- Adrian Freihofer +- Ahmad Fatoum +- Ahmed Hossam +- Ahsan Hussain +- Alejandro Hernandez Samaniego +- Alessio Igor Bogani +- Alexander Kanavin +- Alexandre Belloni +- Alexandru Ardelean +- Alexey Brodkin +- Alex Stewart +- Andreas Müller +- Andrei Gherzan +- Andrej Valek +- Andres Beltran +- Andrew Jeffery +- Andrey Zhizhikin +- Anton Mikanovich +- Anuj Mittal +- Bill Pittman +- Bruce Ashfield +- Caner Altinbasak +- Carlos Rafael Giani +- Chaitanya Vadrevu +- Changhyeok Bae +- Changqing Li +- Chen Qi +- Christian Eggers +- Claudius Heine +- Claus Stovgaard +- Daiane Angolini +- Daniel Ammann +- Daniel Gomez +- Daniel McGregor +- Daniel Müller +- Daniel Wagenknecht +- David Joyner +- David Reyna +- Denys Dmytriyenko +- Dhruva Gole +- Diego Sueiro +- Dmitry Baryshkov +- Ferry Toth +- Florian Amstutz +- Henry Kleynhans +- He Zhe +- Hongxu Jia +- Hsia-Jun(Randy) Li +- Ian Ray +- Jacob Kroon +- Jagadeesh Krishnanjanappa +- Jasper Orschulko +- Jim Wilson +- Joel Winarske +- Joe Slater +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Justin Bronder +- Kai Kang +- Kamil Dziezyk +- Kevin Hao +- Khairul Rohaizzat Jamaluddin +- Khem Raj +- Kiran Surendran +- Konrad Weihmann +- Kory Maincent +- Lee Chee Yang +- Leif Middelschulte +- Lei Maohui +- Li Wang +- Liwei Song +- Luca Boccassi +- Lukasz Majewski +- Luna Gräfje +- Manuel Leonhardt +- Marek Vasut +- Mark Hatle +- Markus Niebel +- Markus Volk +- Marta Rybczynska +- Martin Beeger +- Martin Jansa +- Matthias Klein +- Matt Madison +- Maximilian Blenk +- Max Krummenacher +- Michael Halstead +- Michael Olbrich +- Michael Opdenacker +- Mike Crowe +- Ming Liu +- Mingli Yu +- Minjae Kim +- Nicholas Sielicki +- Olaf Mandel +- Oleh Matiusha +- Oleksandr Kravchuk +- Oleksandr Ocheretnyi +- Oleksandr Suvorov +- Oleksiy Obitotskyy +- Otavio Salvador +- Pablo Saavedra +- Paul Barker +- Paul Eggleton +- Pavel Zhukov +- Peter Hoyes +- Peter Kjellerstedt +- Petr Vorel +- Pgowda +- Quentin Schulz +- Ralph Siemsen +- Randy Li +- Randy MacLeod +- Rasmus Villemoes +- Ricardo Salveti +- Richard Neill +- Richard Purdie +- Robert Joslyn +- Robert P. J. Day +- Robert Yang +- Ross Burton +- Rudolf J Streif +- Sakib Sajal +- Samuli Piippo +- Saul Wold +- Scott Murray +- Sean Anderson +- Simone Weiss +- Simon Kuhnle +- S. Lockwood-Childs +- Stefan Herbrechtsmeier +- Steve Sakoman +- Sundeep KOKKONDA +- Tamizharasan Kumar +- Tean Cunningham +- Teoh Jay Shen +- Thomas Perrot +- Tim Orling +- Tobias Kaufmann +- Tom Hochstein +- Tony McDowell +- Trevor Gamblin +- Ulrich Ölmann +- Valerii Chernous +- Vivien Didelot +- Vyacheslav Yurkov +- Wang Mingyu +- Xavier Berger +- Yi Zhao +- Yongxin Liu +- Yureka +- Zev Weiss +- Zheng Ruoqin +- Zoltán Böszörményi +- Zygmunt Krynicki + + + +Repositories / Downloads for 4.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0 </poky/tag/?h=yocto-4.0>` +- Git Revision: :yocto_git:`00cfdde791a0176c134f31e5a09eff725e75b905 </poky/commit/?id=00cfdde791a0176c134f31e5a09eff725e75b905>` +- Release Artefact: poky-00cfdde791a0176c134f31e5a09eff725e75b905 +- sha: 4cedb491b7bf0d015768c61690f30d7d73f4266252d6fba907bba97eac83648c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0/poky-00cfdde791a0176c134f31e5a09eff725e75b905.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0/poky-00cfdde791a0176c134f31e5a09eff725e75b905.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` +- Tag: :oe_git:`yocto-4.0 </openembedded-core/tag/?h=yocto-4.0>` +- Git Revision: :oe_git:`92fcb6570bddd0c5717d8cfdf38ecf3e44942b0f </openembedded-core/commit/?id=92fcb6570bddd0c5717d8cfdf38ecf3e44942b0f>` +- Release Artefact: oecore-92fcb6570bddd0c5717d8cfdf38ecf3e44942b0f +- sha: c042629752543a10b0384b2076b1ee8742fa5e8112aef7b00b3621f8387a51c6 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0/oecore-92fcb6570bddd0c5717d8cfdf38ecf3e44942b0f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0/oecore-92fcb6570bddd0c5717d8cfdf38ecf3e44942b0f.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0 </meta-mingw/tag/?h=yocto-4.0>` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0 </meta-gplv2/tag/?h=yocto-4.0>` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-mingw/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` +- Tag: :oe_git:`yocto-4.0 </bitbake/tag/?h=yocto-4.0>` +- Git Revision: :oe_git:`c212b0f3b542efa19f15782421196b7f4b64b0b9 </bitbake/commit/?id=c212b0f3b542efa19f15782421196b7f4b64b0b9>` +- Release Artefact: bitbake-c212b0f3b542efa19f15782421196b7f4b64b0b9 +- sha: 6872095c7d7be5d791ef3e18b6bab2d1e0e237962f003d2b00dc7bd6fb6d2ef7 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0/bitbake-c212b0f3b542efa19f15782421196b7f4b64b0b9.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0/bitbake-c212b0f3b542efa19f15782421196b7f4b64b0b9.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` +- Tag: :yocto_git:`yocto-4.0 </yocto-docs/tag/?h=yocto-4.0>` +- Git Revision: :yocto_git:`a6f571ad5b087385cad8765ed455c4b4eaeebca6 </yocto-docs/commit/?id=a6f571ad5b087385cad8765ed455c4b4eaeebca6>` + diff --git a/documentation/migration-guides/release-notes-4.1.1.rst b/documentation/migration-guides/release-notes-4.1.1.rst new file mode 100644 index 0000000000..4f31fbf1c7 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.1.1.rst @@ -0,0 +1,319 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.1.1 (Langdale) +---------------------------------------- + +Security Fixes in Yocto-4.1.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- curl: Fix :cve:`2022-32221`, :cve:`2022-35260`, :cve:`2022-42915` and :cve:`2022-42916` +- libx11: Fix :cve:`2022-3554` +- lighttpd: Fix :cve:`2022-41556` +- openssl: Fix :cve:`2022-3358`, :cve:`2022-3602` and :cve:`2022-3786` +- pixman: Fix :cve:`2022-44638` +- qemu: Fix :cve:`2022-3165` +- sudo: Fix :cve:`2022-43995` +- tiff: Fix :cve:`2022-3599`, :cve:`2022-3597`, :cve:`2022-3626`, :cve:`2022-3627`, :cve:`2022-3570` and :cve:`2022-3598` +- xserver-xorg: Fix :cve:`2022-3550` and :cve:`2022-3551` +- xserver-xorg: Ignore :cve:`2022-3553` + + +Fixes in Yocto-4.1.1 +~~~~~~~~~~~~~~~~~~~~ + +- Add 4.1 migration guide & release notes +- bitbake: asyncrpc: serv: correct closed client socket detection +- bitbake: bitbake-user-manual: details about variable flags starting with underscore +- bitbake: bitbake: bitbake-layers: checkout layer(s) branch when clone exists +- bitbake: bitbake: user-manual: inform about spaces in :remove +- bitbake: doc: bitbake-user-manual: expand description of BB_PRESSURE_MAX variables +- bitbake: fetch2/git: don't set core.fsyncobjectfiles=0 +- bitbake: tests/fetch: Allow handling of a file:// url within a submodule +- bitbake: tests: bb.tests.fetch.URLHandle: add 2 new tests +- bitbake: utils/ply: Update md5 to better report errors with hashlib +- bluez5: add dbus to :term:`RDEPENDS` +- build-appliance-image: Update to langdale head revision +- buildconf: compare abspath +- buildtools-tarball: export certificates to python and curl +- cmake-native: Fix host tool contamination +- create-spdx.bbclass: remove unused SPDX_INCLUDE_PACKAGED +- create-spdx: Remove ";name=..." for downloadLocation +- cve-update-db-native: add timeout to urlopen() calls +- dev-manual: common-tasks.rst: add reference to "do_clean" task +- dev-manual: common-tasks.rst: add reference to "do_listtasks" task +- docs: add support for langdale (4.1) release +- dropbear: add pam to :term:`PACKAGECONFIG` +- externalsrc.bbclass: fix git repo detection +- externalsrc.bbclass: Remove a trailing slash from ${B} +- externalsrc: move back to classes +- gcc: Allow -Wno-error=poison-system-directories to take effect +- glib-2.0: fix rare GFileInfo test case failure +- gnutls: Unified package names to lower-case +- gnutls: upgrade 3.7.7 -> 3.7.8 +- grub: disable build on armv7ve/a with hardfp +- gstreamer1.0-libav: fix errors with ffmpeg 5.x +- ifupdown: upgrade 0.8.37 -> 0.8.39 +- insane.bbclass: Allow hashlib version that only accepts on parameter +- install-buildtools: support buildtools-make-tarball and update to 4.1 +- kern-tools: fix relative path processing +- kernel-fitimage: Use KERNEL_OUTPUT_DIR where appropriate +- kernel-yocto: improve fatal error messages of symbol_why.py +- kernel: Clear :term:`SYSROOT_DIRS` instead of replacing sysroot_stage_all +- libcap: upgrade 2.65 -> 2.66 +- libical: upgrade 3.0.14 -> 3.0.15 +- libksba: upgrade 1.6.0 -> 1.6.2 +- libsdl2: upgrade 2.24.0 -> 2.24.1 +- lighttpd: upgrade 1.4.66 -> 1.4.67 +- linux-firmware: package amdgpu firmware +- linux-firmware: split rtl8761 firmware +- linux-yocto/5.15: update to v5.15.72 +- linux-yocto/5.19: update to v5.19.14 +- linux-yocto: add efi entry for machine features +- lttng-modules: upgrade 2.13.4 -> 2.13.5 +- lttng-ust: upgrade 2.13.4 -> 2.13.5 +- manuals: add reference to "do_configure" task +- manuals: add reference to the "do_compile" task +- manuals: add reference to the "do_install" task +- manuals: add reference to the "do_kernel_configcheck" task +- manuals: add reference to the "do_populate_sdk" task +- manuals: add references to "do_package_write_*" tasks +- manuals: add references to "do_populate_sysroot" task +- manuals: add references to the "do_build" task +- manuals: add references to the "do_bundle_initramfs" task +- manuals: add references to the "do_cleanall" task +- manuals: add references to the "do_deploy" task +- manuals: add references to the "do_devshell" task +- manuals: add references to the "do_fetch" task +- manuals: add references to the "do_image" task +- manuals: add references to the "do_kernel_configme" task +- manuals: add references to the "do_package" task +- manuals: add references to the "do_package_qa" task +- manuals: add references to the "do_patch" task +- manuals: add references to the "do_rootfs" task +- manuals: add references to the "do_unpack" task +- manuals: fix misc typos +- manuals: improve initramfs details +- manuals: updates for building on Windows (WSL 2) +- mesa: only apply patch to fix ALWAYS_INLINE for native +- mesa: update 22.2.0 -> 22.2.2 +- meson: make wrapper options sub-command specific +- meson: upgrade 0.63.2 -> 0.63.3 +- migration guides: 3.4: remove spurious space in example +- migration guides: add release notes for 4.0.4 +- migration-general: add section on using buildhistory +- migration-guides/release-notes-4.1.rst: add more known issues +- migration-guides/release-notes-4.1.rst: update Repositories / Downloads +- migration-guides: add known issues for 4.1 +- migration-guides: add reference to the "do_shared_workdir" task +- migration-guides: use contributor real name +- migration-guides: use contributor real name +- mirrors.bbclass: use shallow tarball for binutils-native +- mtools: upgrade 4.0.40 -> 4.0.41 +- numactl: upgrade 2.0.15 -> 2.0.16 +- oe/packagemanager/rpm: don't leak file objects +- openssl: export necessary env vars in SDK +- openssl: Fix SSL_CERT_FILE to match ca-certs location +- openssl: Upgrade 3.0.5 -> 3.0.7 +- opkg-utils: use a git clone, not a dynamic snapshot +- overlayfs: Allow not used mount points +- overview-manual: concepts.rst: add reference to "do_packagedata" task +- overview-manual: concepts.rst: add reference to "do_populate_sdk_ext" task +- overview-manual: concepts.rst: fix formating and add references +- own-mirrors: add crate +- pango: upgrade 1.50.9 -> 1.50.10 +- perf: Depend on native setuptools3 +- poky.conf: bump version for 4.1.1 +- poky.conf: remove Ubuntu 21.10 +- populate_sdk_base: ensure ptest-pkgs pulls in ptest-runner +- psplash: add psplash-default in rdepends +- qemu-native: Add :term:`PACKAGECONFIG` option for jack +- quilt: backport a patch to address grep 3.8 failures +- ref-manual/faq.rst: update references to products built with OE / Yocto Project +- ref-manual/variables.rst: clarify sentence +- ref-manual: add a note to ssh-server-dropbear feature +- ref-manual: add :term:`CVE_CHECK_SHOW_WARNINGS` +- ref-manual: add :term:`CVE_DB_UPDATE_INTERVAL` +- ref-manual: add :term:`DEV_PKG_DEPENDENCY` +- ref-manual: add :term:`DISABLE_STATIC` +- ref-manual: add :term:`FIT_PAD_ALG` +- ref-manual: add :term:`KERNEL_DEPLOY_DEPEND` +- ref-manual: add missing features +- ref-manual: add :term:`MOUNT_BASE` variable +- ref-manual: add overlayfs class variables +- ref-manual: add :term:`OVERLAYFS_ETC_EXPOSE_LOWER` +- ref-manual: add :term:`OVERLAYFS_QA_SKIP` +- ref-manual: add previous overlayfs-etc variables +- ref-manual: add pypi class +- ref-manual: add :term:`SDK_TOOLCHAIN_LANGS` +- ref-manual: add section for create-spdx class +- ref-manual: add serial-autologin-root to :term:`IMAGE_FEATURES` documentation +- ref-manual: add :term:`UBOOT_MKIMAGE_KERNEL_TYPE` +- ref-manual: add :term:`WATCHDOG_TIMEOUT` to variable glossary +- ref-manual: add :term:`WIRELESS_DAEMON` +- ref-manual: classes.rst: add links to all references to a class +- ref-manual: complementary package installation recommends +- ref-manual: correct default for :term:`BUILDHISTORY_COMMIT` +- ref-manual: document new github-releases class +- ref-manual: expand documentation on image-buildinfo class +- ref-manual: faq.rst: reorganize into subsections, contents at top +- ref-manual: remove reference to largefile in :term:`DISTRO_FEATURES` +- ref-manual: remove reference to testimage-auto class +- ref-manual: system-requirements: Ubuntu 22.04 now supported +- ref-manual: tasks.rst: add reference to the "do_image_complete" task +- ref-manual: tasks.rst: add reference to the "do_kernel_checkout" task +- ref-manual: tasks.rst: add reference to the "do_kernel_metadata" task +- ref-manual: tasks.rst: add reference to the "do_validate_branches" task +- ref-manual: tasks.rst: add references to the "do_cleansstate" task +- ref-manual: update buildpaths QA check documentation +- ref-manual: update pypi documentation for :term:`CVE_PRODUCT` default in 4.1 +- ref-manual: variables.rst: add reference to "do_populate_lic" task +- release-notes-4.1.rst remove bitbake-layers subcommand argument +- runqemu: Do not perturb script environment +- runqemu: Fix gl-es argument from causing other arguments to be ignored +- rust-target-config: match riscv target names with what rust expects +- rust: install rustfmt for riscv32 as well +- sanity: check for GNU tar specifically +- scripts/oe-check-sstate: cleanup +- scripts/oe-check-sstate: force build to run for all targets, specifically populate_sysroot +- sdk-manual: correct the bitbake target for a unified sysroot build +- shadow: update 4.12.1 -> 4.12.3 +- systemd: add systemd-creds and systemd-cryptenroll to systemd-extra-utils +- test-manual: fix typo in machine name +- tiff: fix a typo for :cve:`2022-2953`.patch +- u-boot: Add savedefconfig task +- u-boot: Remove duplicate inherit of cml1 +- uboot-sign: Fix using wrong KEY_REQ_ARGS +- Update documentation for classes split +- vim: upgrade to 9.0.0820 +- vulkan-samples: add lfs=0 to :term:`SRC_URI` to avoid git smudge errors in do_unpack +- wic: honor the :term:`SOURCE_DATE_EPOCH` in case of updated fstab +- wic: swap partitions are not added to fstab +- wpebackend-fdo: upgrade 1.12.1 -> 1.14.0 +- xserver-xorg: move some recommended dependencies in required +- zlib: do out-of-tree builds +- zlib: upgrade 1.2.12 -> 1.2.13 +- zlib: use .gz archive and set a PREMIRROR + + +Known Issues in Yocto-4.1.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + + +Contributors to Yocto-4.1.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Adrian Freihofer +- Alex Kiernan +- Alexander Kanavin +- Bartosz Golaszewski +- Bernhard Rosenkränzer +- Bruce Ashfield +- Chen Qi +- Christian Eggers +- Claus Stovgaard +- Ed Tanous +- Etienne Cordonnier +- Frank de Brabander +- Hitendra Prajapati +- Jan-Simon Moeller +- Jeremy Puhlman +- Johan Korsnes +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Justin Bronder +- Kai Kang +- Keiya Nobuta +- Khem Raj +- Lee Chee Yang +- Liam Beguin +- Luca Boccassi +- Mark Asselstine +- Mark Hatle +- Markus Volk +- Martin Jansa +- Michael Opdenacker +- Ming Liu +- Mingli Yu +- Paul Eggleton +- Peter Kjellerstedt +- Qiu, Zheng +- Quentin Schulz +- Richard Purdie +- Robert Joslyn +- Ross Burton +- Sean Anderson +- Sergei Zhmylev +- Steve Sakoman +- Takayasu Ito +- Teoh Jay Shen +- Thomas Perrot +- Tim Orling +- Vincent Davis Jr +- Vyacheslav Yurkov +- Ciaran Courtney +- Wang Mingyu + + +Repositories / Downloads for Yocto-4.1.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`langdale </poky/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.1 </poky/log/?h=yocto-4.1.1>` +- Git Revision: :yocto_git:`d3cda9a3e0837eb2ac5482f5f2bd8e55e874feff </poky/commit/?id=d3cda9a3e0837eb2ac5482f5f2bd8e55e874feff>` +- Release Artefact: poky-d3cda9a3e0837eb2ac5482f5f2bd8e55e874feff +- sha: e92b694fbb74a26c7a875936dfeef4a13902f24b06127ee52f4d1c1e4b03ec24 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.1/poky-d3cda9a3e0837eb2ac5482f5f2bd8e55e874feff.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.1/poky-d3cda9a3e0837eb2ac5482f5f2bd8e55e874feff.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`langdale </openembedded-core/log/?h=langdale>` +- Tag: :oe_git:`yocto-4.1.1 </openembedded-core/log/?h=yocto-4.1.1>` +- Git Revision: :oe_git:`9237ffc4feee2dd6ff5bdd672072509ef9e82f6d </openembedded-core/commit/?id=9237ffc4feee2dd6ff5bdd672072509ef9e82f6d>` +- Release Artefact: oecore-9237ffc4feee2dd6ff5bdd672072509ef9e82f6d +- sha: d73198aef576f0fca0d746f9d805b1762c19c31786bc3f7d7326dfb2ed6fc1be +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.1/oecore-9237ffc4feee2dd6ff5bdd672072509ef9e82f6d.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.1/oecore-9237ffc4feee2dd6ff5bdd672072509ef9e82f6d.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`langdale </meta-mingw/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.1 </meta-mingw/log/?h=yocto-4.1.1>` +- Git Revision: :yocto_git:`b0067202db8573df3d23d199f82987cebe1bee2c </meta-mingw/commit/?id=b0067202db8573df3d23d199f82987cebe1bee2c>` +- Release Artefact: meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c +- sha: 704f2940322b81ce774e9cbd27c3cfa843111d497dc7b1eeaa39cd694d9a2366 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.1/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.1/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.2 </bitbake/log/?h=2.2>` +- Tag: :oe_git:`yocto-4.1.1 </bitbake/log/?h=yocto-4.1.1>` +- Git Revision: :oe_git:`138dd7883ee2c521900b29985b6d24a23d96563c </bitbake/commit/?id=138dd7883ee2c521900b29985b6d24a23d96563c>` +- Release Artefact: bitbake-138dd7883ee2c521900b29985b6d24a23d96563c +- sha: 5dc5aff4b4a801253c627cdaab6b1a0ceee2c531f1a6b166d85d1265a35d4be5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.1/bitbake-138dd7883ee2c521900b29985b6d24a23d96563c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.1/bitbake-138dd7883ee2c521900b29985b6d24a23d96563c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`langdale </yocto-docs/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.1 </yocto-docs/log/?h=yocto-4.1.1>` +- Git Revision: :yocto_git:`8e0841c3418caa227c66a60327db09dfbe72054a </yocto-docs/commit/?id=8e0841c3418caa227c66a60327db09dfbe72054a>` + + diff --git a/documentation/migration-guides/release-notes-4.1.2.rst b/documentation/migration-guides/release-notes-4.1.2.rst new file mode 100644 index 0000000000..ee5d4ccc51 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.1.2.rst @@ -0,0 +1,286 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.1.2 (Langdale) +---------------------------------------- + +Security Fixes in Yocto-4.1.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- sudo: Fix :cve:`2022-43995` +- binutils: Fix :cve:`2022-4285` +- cairo: update patch for :cve:`2019-6461` with upstream solution +- expat: Fix :cve:`2022-43680` +- ffmpeg: Fix :cve:`2022-3964` and :cve:`2022-3965` +- grub: Fix :cve:`2022-28736` +- libarchive: Fix :cve:`2022-36227` +- libpam: Fix :cve:`2022-28321` +- libpng: Fix :cve:`2019-6129` +- ruby: Fix :cve:`2022-28738` and :cve:`2022-28739` +- tiff: Fix :cve:`2022-3970` +- vim: Fix :cve:`2022-4141` + + +Fixes in Yocto-4.1.2 +~~~~~~~~~~~~~~~~~~~~ + +- Expand create-spdx class documentation +- Expand cve-check class documentation +- archiver: avoid using machine variable as it breaks multiconfig +- babeltrace: Upgrade to 1.5.11 +- backport SPDX documentation and vulnerability improvements +- baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES +- bc: extend to nativesdk +- bind: Upgrade to 9.18.9 +- bitbake.conf: Drop export of SOURCE_DATE_EPOCH_FALLBACK +- bitbake: gitsm: Fix regression in gitsm submodule path parsing +- bitbake: runqueue: Fix race issues around hash equivalence and sstate reuse +- bluez5: Point hciattach bcm43xx firmware search path to /lib/firmware +- build-appliance-image: Update to langdale head revision +- cargo_common.bbclass: Fix typos +- classes: make TOOLCHAIN more permissive for kernel +- cmake: Upgrade to 3.24.2 +- combo-layer: add sync-revs command +- combo-layer: dont use bb.utils.rename +- combo-layer: remove unused import +- common-tasks.rst: fix oeqa runtime test path +- create-spdx: default share_src for shared sources +- curl: Correct LICENSE from MIT-open-group to curl +- dbus: Add missing CVE product name +- devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree +- dhcpcd: fix to work with systemd +- docs: kernel-dev: faq: update tip on how to not include kernel in image +- docs: migration-4.0: specify variable name change for kernel inclusion in image recipe +- expat: upgrade to 2.5.0 +- externalsrc: fix lookup for .gitmodules +- ffmpeg: Upgrade to 5.1.2 +- gcc-shared-source: Fix source date epoch handling +- gcc-source: Drop gengtype manipulation +- gcc-source: Ensure deploy_source_date_epoch sstate hash doesn't change +- gcc-source: Fix gengtypes race +- gdk-pixbuf: Upgrade to 2.42.10 +- get_module_deps3.py: Check attribute '__file__' +- glibc-tests: correctly pull in the actual tests when installing -ptest package +- gnomebase.bbclass: return the whole version for tarball directory if it is a number +- go-crosssdk: avoid host contamination by GOCACHE +- go: Update reproducibility patch to fix panic errors +- go: submit patch upstream +- go: Upgrade to 1.19.3 +- gptfdisk: remove warning message from target system +- groff: submit patches upstream +- gstreamer1.0: Upgrade to 1.20.5 +- help2man: Upgrade to 1.49.3 +- insane: add codeload.github.com to src-uri-bad checkz +- inetutils: Upgrade to 2.4 +- iso-codes: Upgrade to 4.12.0 +- kbd: Don't build tests +- kea: submit patch upstream +- kern-tools: integrate ZFS speedup patch +- kernel.bbclass: Include randstruct seed assets in STAGING_KERNEL_BUILDDIR +- kernel.bbclass: make KERNEL_DEBUG_TIMESTAMPS work at rebuild +- kernel.bbclass: remove empty module directories to prevent QA issues +- lib/buildstats: fix parsing of trees with reduced_proc_pressure directories +- libdrm: Remove libdrm-kms package +- libepoxy: convert to git +- libepoxy: remove upstreamed patch +- libepoxy: Upgrade to 1.5.10 +- libffi: submit patch upstream +- libffi: Upgrade to 3.4.4 +- libical: Upgrade to 3.0.16 +- libnewt: Upgrade to 0.52.23 +- libsdl2: Upgrade to 2.24.2 +- libpng: Upgrade to 1.6.39 +- libuv: fixup SRC_URI +- libxcrypt-compat: Upgrade to 4.4.33 +- libxcrypt: Upgrade to 4.4.30 +- libxml2: fix test data checksums +- linux-firmware: add new fw file to ${PN}-qcom-adreno-a530 +- linux-firmware: don't put the firmware into the sysroot +- linux-firmware: Upgrade to 20221109 +- linux-yocto/5.15: fix CONFIG_CRYPTO_CCM mismatch warnings +- linux-yocto/5.15: update genericx86* machines to v5.15.72 +- linux-yocto/5.15: Upgrade to v5.15.78 +- linux-yocto/5.19: cfg: intel and vesa updates +- linux-yocto/5.19: fix CONFIG_CRYPTO_CCM mismatch warnings +- linux-yocto/5.19: fix elfutils run-backtrace-native-core ptest failure +- linux-yocto/5.19: security.cfg: remove configs which have been dropped +- linux-yocto/5.19: update genericx86* machines to v5.19.14 +- linux-yocto/5.19: Upgrade to v5.19.17 +- lsof: add update-alternatives logic +- lttng-modules: Upgrade to 2.13.7 +- lttng-tools: submit determinism.patch upstream +- manuals: add 4.0.5 and 4.0.6 release notes +- mesa: do not rely on native llvm-config in target sysroot +- mesa: Upgrade to 22.2.3 +- meta-selftest/staticids: add render group for systemd +- mirrors.bbclass: update CPAN_MIRROR +- mobile-broadband-provider-info: Upgrade to 20221107 +- mpfr: Upgrade to 4.1.1 +- mtd-utils: Upgrade to 2.1.5 +- oeqa/concurrencytest: Add number of failures to summary output +- oeqa/runtime/dnf: rewrite test_dnf_installroot_usrmerge +- oeqa/selftest/externalsrc: add test for srctree_hash_files +- oeqa/selftest/lic_checksum: Cleanup changes to emptytest include +- openssh: remove RRECOMMENDS to rng-tools for sshd package +- opkg: Set correct info_dir and status_file in opkg.conf +- opkg: Upgrade to 0.6.1 +- ovmf: correct patches status +- package: Fix handling of minidebuginfo with newer binutils +- pango: Make it build with ptest disabled +- pango: replace a recipe fix with an upstream submitted patch +- pango: Upgrade to 1.50.11 +- poky.conf: bump version for 4.1.2 +- psplash: consider the situation of psplash not exist for systemd +- python3-mako: Upgrade to 1.2.3 +- qemu-helper-native: Correctly pass program name as argv[0] +- qemu-helper-native: Re-write bridge helper as C program +- qemu: Ensure libpng dependency is deterministic +- qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image +- resolvconf: make it work +- rm_work: adjust dependency to make do_rm_work_all depend on do_rm_work +- rm_work: exclude the SSTATETASKS from the rm_work tasks sinature +- ruby: merge .inc into .bb +- ruby: Upgrade to 3.1.3 +- rust: submit a rewritten version of crossbeam_atomic.patch upstream +- sanity: Drop data finalize call +- scripts: convert-overrides: Allow command-line customizations +- selftest: add a copy of previous mtd-utils version to meta-selftest +- socat: Upgrade to 1.7.4.4 +- sstate: Allow optimisation of do_deploy_archives task dependencies +- sstatesig: emit more helpful error message when not finding sstate manifest +- sstatesig: skip the rm_work task signature +- sudo: Upgrade to 1.9.12p1 +- sysstat: Upgrade to 12.6.1 +- systemd: Consider PACKAGECONFIG in RRECOMMENDS +- systemd: Make importd depend on glib-2.0 again +- systemd: add group render to udev package +- systemd: Upgrade to 251.8 +- tcl: correct patch status +- tzdata: Upgrade to 2022g +- vala: install vapigen-wrapper into /usr/bin/crosscripts and stage only that +- valgrind: skip the boost_thread test on arm +- vim: Upgrade to 9.0.0947 +- wic: make ext2/3/4 images reproducible +- xwayland: libxshmfence is needed when dri3 is enabled +- xwayland: Upgrade to 22.1.5 +- yocto-check-layer: Allow OE-Core to be tested + + +Known Issues in Yocto-4.1.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.1.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alex Kiernan +- Alex Stewart +- Alexander Kanavin +- Alexey Smirnov +- Bruce Ashfield +- Carlos Alberto Lopez Perez +- Chen Qi +- Diego Sueiro +- Dmitry Baryshkov +- Enrico Jörns +- Harald Seiler +- Hitendra Prajapati +- Jagadeesh Krishnanjanappa +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Konrad Weihmann +- Leon Anavi +- Marek Vasut +- Martin Jansa +- Mathieu Dubois-Briand +- Michael Opdenacker +- Mikko Rapeli +- Narpat Mali +- Nathan Rossi +- Niko Mauno +- Ola x Nilsson +- Ovidiu Panait +- Pavel Zhukov +- Peter Bergin +- Peter Kjellerstedt +- Peter Marko +- Polampalli, Archana +- Qiu, Zheng +- Quentin Schulz +- Randy MacLeod +- Ranjitsinh Rathod +- Ravula Adhitya Siddartha +- Richard Purdie +- Robert Andersson +- Ross Burton +- Ryan Eatmon +- Sakib Sajal +- Sandeep Gundlupet Raju +- Sergei Zhmylev +- Steve Sakoman +- Tim Orling +- Wang Mingyu +- Xiangyu Chen +- pgowda + +Repositories / Downloads for Yocto-4.1.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`langdale </poky/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.2 </poky/log/?h=yocto-4.1.2>` +- Git Revision: :yocto_git:`74c92e38c701e268406bb656b45ccd68471c217e </poky/commit/?id=74c92e38c701e268406bb656b45ccd68471c217e>` +- Release Artefact: poky-74c92e38c701e268406bb656b45ccd68471c217e +- sha: 06a2b304d0e928b62d81087797ae86115efe925c506bcb40c7d4747e14790bb0 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/poky-74c92e38c701e268406bb656b45ccd68471c217e.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/poky-74c92e38c701e268406bb656b45ccd68471c217e.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`langdale </openembedded-core/log/?h=langdale>` +- Tag: :oe_git:`yocto-4.1.2 </openembedded-core/log/?h=yocto-4.1.2>` +- Git Revision: :oe_git:`670f4f103b25897524d115c1f290ecae441fe4bd </openembedded-core/commit/?id=670f4f103b25897524d115c1f290ecae441fe4bd>` +- Release Artefact: oecore-670f4f103b25897524d115c1f290ecae441fe4bd +- sha: 09d77700e84efc738aef5713c5e86f19fa092f876d44b870789155cc1625ef04 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/oecore-670f4f103b25897524d115c1f290ecae441fe4bd.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/oecore-670f4f103b25897524d115c1f290ecae441fe4bd.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`langdale </meta-mingw/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.2 </meta-mingw/log/?h=yocto-4.1.2>` +- Git Revision: :yocto_git:`b0067202db8573df3d23d199f82987cebe1bee2c </meta-mingw/commit/?id=b0067202db8573df3d23d199f82987cebe1bee2c>` +- Release Artefact: meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c +- sha: 704f2940322b81ce774e9cbd27c3cfa843111d497dc7b1eeaa39cd694d9a2366 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.2 </bitbake/log/?h=2.2>` +- Tag: :oe_git:`yocto-4.1.2 </bitbake/log/?h=yocto-4.1.2>` +- Git Revision: :oe_git:`f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4 </bitbake/commit/?id=f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4>` +- Release Artefact: bitbake-f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4 +- sha: 7faf97eca78afd3994e4e126e5f5908617408c340c6eff8cd7047e0b961e2d10 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.2/bitbake-f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.2/bitbake-f0f166aee766b4bb1f8cf8b35dfc7d406c75e6a4.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`langdale </yocto-docs/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.2 </yocto-docs/log/?h=yocto-4.1.2>` +- Git Revision: :yocto_git:`30f5f9ece260fd600f0c0fa32fc2f1fc61cf7d1b </yocto-docs/commit/?id=30f5f9ece260fd600f0c0fa32fc2f1fc61cf7d1b>` + diff --git a/documentation/migration-guides/release-notes-4.1.3.rst b/documentation/migration-guides/release-notes-4.1.3.rst new file mode 100644 index 0000000000..d8474cda68 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.1.3.rst @@ -0,0 +1,317 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.1.3 (Langdale) +---------------------------------------- + +Security Fixes in Yocto-4.1.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- apr-util: Fix :cve:`2022-25147` +- apr: Fix :cve:`2022-24963` and :cve:`2022-28331` +- bind: Fix :cve:`2022-3094`, :cve:`2022-3736` and :cve:`2022-3924` +- curl: Fix :cve:`2022-43551` and :cve:`2022-43552` +- dbus: Fix :cve:`2022-42010`, :cve:`2022-42011` and :cve:`2022-42012` +- git: Fix :cve:`2022-23521`, :cve:`2022-39253`, :cve:`2022-39260` and :cve:`2022-41903` +- git: Ignore :cve:`2022-41953` +- go: Fix :cve:`2022-41717` and :cve:`2022-41720` +- grub2: Fix :cve:`2022-2601` and :cve:`2022-3775` +- less: Fix :cve:`2022-46663` +- libarchive: Fix :cve:`2022-36227` +- libksba: Fix :cve:`2022-47629` +- openssl: Fix :cve:`2022-3996` +- pkgconf: Fix :cve:`2023-24056` +- ppp: Fix :cve:`2022-4603` +- sudo: Fix :cve:`2023-22809` +- tar: Fix :cve:`2022-48303` +- vim: Fix :cve:`2023-0049`, :cve:`2023-0051`, :cve:`2023-0054`, :cve:`2023-0288`, :cve:`2023-0433` and :cve:`2023-0512` +- xserver-xorg: Fix :cve_mitre:`2023-0494` +- xwayland: Fix :cve_mitre:`2023-0494` + + +Fixes in Yocto-4.1.3 +~~~~~~~~~~~~~~~~~~~~ + +- apr-util: Upgrade to 1.6.3 +- apr: Upgrade to 1.7.2 +- apt: fix do_package_qa failure +- at: Change when files are copied +- base.bbclass: Fix way to check ccache path +- bblayers/makesetup: skip git repos that are submodules +- bblayers/setupwriters/oe-setup-layers: create dir if not exists +- bind: Upgrade to 9.18.11 +- bitbake-layers: fix a typo +- bitbake: bb/utils: include SSL certificate paths in export_proxies +- bitbake: fetch2/git: Clarify the meaning of namespace +- bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata +- bitbake: process: log odd unlink events with bitbake.sock +- bitbake: server/process: Add bitbake.sock race handling +- bitbake: siggen: Fix inefficient string concatenation +- bootchart2: Fix usrmerge support +- bsp-guide: fix broken git URLs and missing word +- build-appliance-image: Update to langdale head revision +- buildtools-tarball: set pkg-config search path +- busybox: Fix depmod patch +- busybox: always start do_compile with orig config files +- busybox: rm temporary files if do_compile was interrupted +- cairo: fix CVE patches assigned wrong CVE number +- classes/fs-uuid: Fix command output decoding issue +- classes/populate_sdk_base: Append cleandirs +- classes: image: Set empty weak default IMAGE_LINGUAS +- cml1: remove redundant addtask +- core-image.bbclass: Fix missing leading whitespace with ':append' +- createrepo-c: Include missing rpm/rpmstring.h +- curl: don't enable debug builds +- curl: fix dependencies when building with ldap/ldaps +- cve-check: write the cve manifest to IMGDEPLOYDIR +- cve-update-db-native: avoid incomplete updates +- cve-update-db-native: show IP on failure +- dbus: Upgrade to 1.14.6 +- dev-manual: common-tasks.rst: add link to FOSDEM 2023 video +- dev-manual: fix old override syntax +- devshell: Do not add scripts/git-intercept to PATH +- devtool: fix devtool finish when gitmodules file is empty +- devtool: process local files only for the main branch +- dhcpcd: backport two patches to fix runtime error +- dhcpcd: fix dhcpcd start failure on qemuppc64 +- diffutils: Upgrade to 3.9 +- ffmpeg: fix configure failure on noexec /tmp host +- gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests +- git: Upgrade to 2.37.6 +- glslang: branch rename master -> main +- go: Upgrade to 1.19.4 +- gstreamer1.0 : Revert "disable flaky gstbin:test_watch_for_state_change test" and Fix race conditions in gstbin tests with upstream solution +- harfbuzz: remove bindir only if it exists +- httpserver: add error handler that write to the logger +- image.bbclass: print all QA functions exceptions +- kernel-fitimage: Adjust order of dtb/dtbo files +- kernel-fitimage: Allow user to select dtb when multiple dtb exists +- kernel-yocto: fix kernel-meta data detection +- kernel/linux-kernel-base: Fix kernel build artefact determinism issues +- lib/buildstats: handle tasks that never finished +- lib/oe/reproducible: Use git log without gpg signature +- libarchive: Upgrade to 3.6.2 +- libc-locale: Fix on target locale generation +- libgit2: Upgrade to 1.5.1 +- libjpeg-turbo: Upgrade to 2.1.5.1 +- libksba: Upgrade to 1.6.3 +- libpng: Enable NEON for aarch64 to enensure consistency with arm32. +- librsvg: Only enable the Vala bindings if GObject Introspection is enabled +- librsvg: enable vapi build +- libseccomp: fix for the ptest result format +- libseccomp: fix typo in DESCRIPTION +- libssh2: Clean up ptest patch/coverage +- libtirpc: Check if file exists before operating on it +- libusb1: Link with latomic only if compiler has no atomic builtins +- libusb1: Strip trailing whitespaces +- linux-firmware: add yamato fw files to qcom-adreno-a2xx package +- linux-firmware: properly set license for all Qualcomm firmware +- linux-firmware: Upgrade to 20230210 +- linux-yocto/5.15: fix perf build with clang +- linux-yocto/5.15: libbpf: Fix build warning on ref_ctr_off +- linux-yocto/5.15: ltp and squashfs fixes +- linux-yocto/5.15: powerpc: Fix reschedule bug in KUAP-unlocked user copy +- linux-yocto/5.15: Upgrade to v5.15.91 +- linux-yocto/5.19: fix perf build with clang +- linux-yocto/5.19: powerpc: Fix reschedule bug in KUAP-unlocked user copy +- lsof: fix old override syntax +- lttng-modules: Fix for 5.10.163 kernel version +- lttng-modules: fix for kernel 6.2+ +- lttng-modules: Upgrade to 2.13.8 +- lttng-tools: Upgrade to 2.13.9 +- make-mod-scripts: Ensure kernel build output is deterministic +- manuals: update patchwork instance URL +- mesa-gl: gallium is required when enabling x11 +- meta: remove True option to getVar and getVarFlag calls (again) +- migration-guides: add release-notes for 4.0.7 +- native: Drop special variable handling +- numactl: skip test case when target platform doesn't have 2 CPU node +- oeqa context.py: fix --target-ip comment to include ssh port number +- oeqa dump.py: add error counter and stop after 5 failures +- oeqa qemurunner.py: add timeout to QMP calls +- oeqa qemurunner.py: try to avoid reading one character at a time +- oeqa qemurunner: read more data at a time from serial +- oeqa ssh.py: add connection keep alive options to ssh client +- oeqa ssh.py: fix hangs in run() +- oeqa ssh.py: move output prints to new line +- oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal +- oeqa/rpm.py: Increase timeout and add debug output +- oeqa/selftest/debuginfod: improve testcase +- oeqa/selftest/locales: Add selftest for locale generation/presence +- oeqa/selftest/resulttooltests: fix minor typo +- openssl: Upgrade to 3.0.8 +- opkg: ensure opkg uses private gpg.conf when applying keys. +- pango: Upgrade to 1.50.12 +- perf: Enable debug/source packaging +- pkgconf: Upgrade to 1.9.4 +- poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder +- poky.conf: bump version for 4.1.3 +- populate_sdk_ext.bbclass: Fix missing leading whitespace with ':append' +- profile-manual: update WireShark hyperlinks +- ptest-packagelists.inc: Fix missing leading whitespace with ':append' +- python3-pytest: depend on python3-tomli instead of python3-toml +- quilt: fix intermittent failure in faildiff.test +- quilt: use upstreamed faildiff.test fix +- recipe_sanity: fix old override syntax +- ref-manual: Fix invalid feature name +- ref-manual: update DEV_PKG_DEPENDENCY in variables +- ref-manual: variables.rst: fix broken hyperlink +- rm_work.bbclass: use HOSTTOOLS 'rm' binary exclusively +- runqemu: kill qemu if it hangs +- rust: Do not use default compiler flags defined in CC crate +- scons.bbclass: Make MAXLINELENGTH overridable +- scons: Pass MAXLINELENGTH to scons invocation +- sdkext/cases/devtool: pass a logger to HTTPService +- selftest/virgl: use pkg-config from the host +- spirv-headers/spirv-tools: set correct branch name +- sstate.bbclass: Fetch non-existing local .sig files if needed +- sstatesig: Improve output hash calculation +- sudo: Upgrade to 1.9.12p2 +- system-requirements.rst: Add Fedora 36, AlmaLinux 8.7 & 9.1, and OpenSUSE 15.4 to list of supported distros +- testimage: Fix error message to reflect new syntax +- tiff: Add packageconfig knob for webp +- toolchain-scripts: compatibility with unbound variable protection +- uninative: Upgrade to 3.8.1 to include libgcc +- update-alternatives: fix typos +- vim: Upgrade to 9.0.1293 +- vulkan-samples: branch rename master -> main +- wic: Fix usage of fstype=none in wic +- wireless-regdb: Upgrade to 2023.02.13 +- xserver-xorg: Upgrade to 21.1.7 +- xwayland: Upgrade to 22.1.8 + + +Known Issues in Yocto-4.1.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.1.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Adrian Freihofer +- Alejandro Hernandez Samaniego +- Alex Kiernan +- Alexander Kanavin +- Alexis Lothoré +- Anton Antonov +- Antonin Godard +- Armin Kuster +- Arnout Vandecappelle +- Benoît Mauduit +- Bruce Ashfield +- Carlos Alberto Lopez Perez +- Changqing Li +- Charlie Johnston +- Chee Yang Lee +- Chen Qi +- Dmitry Baryshkov +- Enguerrand de Ribaucourt +- Etienne Cordonnier +- Fawzi KHABER +- Federico Pellegrin +- Frank de Brabander +- Harald Seiler +- He Zhe +- Jan Kircher +- Jermain Horsman +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Khem Raj +- Lei Maohui +- Louis Rannou +- Luis +- Marek Vasut +- Markus Volk +- Marta Rybczynska +- Martin Jansa +- Mateusz Marciniec +- Mauro Queiros +- Michael Halstead +- Michael Opdenacker +- Mikko Rapeli +- Mingli Yu +- Narpat Mali +- Niko Mauno +- Pavel Zhukov +- Pawel Zalewski +- Peter Kjellerstedt +- Petr Kubizňák +- Quentin Schulz +- Randy MacLeod +- Richard Purdie +- Robert Joslyn +- Rodolfo Quesada Zumbado +- Ross Burton +- Sakib Sajal +- Sandeep Gundlupet Raju +- Saul Wold +- Siddharth Doshi +- Steve Sakoman +- Thomas Roos +- Tobias Hagelborn +- Ulrich Ölmann +- Vivek Kumbhar +- Wang Mingyu +- Xiangyu Chen + + +Repositories / Downloads for Yocto-4.1.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`langdale </poky/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.3 </poky/log/?h=yocto-4.1.3>` +- Git Revision: :yocto_git:`91d0157d6daf4ea61d6b4e090c0b682d3f3ca60f </poky/commit/?id=91d0157d6daf4ea61d6b4e090c0b682d3f3ca60f>` +- Release Artefact: poky-91d0157d6daf4ea61d6b4e090c0b682d3f3ca60f +- sha: 94e4615eba651fe705436b29b854458be050cc39db936295f9d5eb7e85d3eff1 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.3/poky-91d0157d6daf4ea61d6b4e090c0b682d3f3ca60f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.3/poky-91d0157d6daf4ea61d6b4e090c0b682d3f3ca60f.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`langdale </openembedded-core/log/?h=langdale>` +- Tag: :oe_git:`yocto-4.1.3 </openembedded-core/log/?h=yocto-4.1.3>` +- Git Revision: :oe_git:`b995ea45773211bd7bdd60eabcc9bbffda6beb5c </openembedded-core/commit/?id=b995ea45773211bd7bdd60eabcc9bbffda6beb5c>` +- Release Artefact: oecore-b995ea45773211bd7bdd60eabcc9bbffda6beb5c +- sha: 952e19361f205ee91b74e5caaa835d58fa6dd0d92ddaed50d4cd3f3fa56fab63 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.3/oecore-b995ea45773211bd7bdd60eabcc9bbffda6beb5c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.3/oecore-b995ea45773211bd7bdd60eabcc9bbffda6beb5c.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`langdale </meta-mingw/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.3 </meta-mingw/log/?h=yocto-4.1.3>` +- Git Revision: :yocto_git:`b0067202db8573df3d23d199f82987cebe1bee2c </meta-mingw/commit/?id=b0067202db8573df3d23d199f82987cebe1bee2c>` +- Release Artefact: meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c +- sha: 704f2940322b81ce774e9cbd27c3cfa843111d497dc7b1eeaa39cd694d9a2366 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.3/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.3/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.2 </bitbake/log/?h=2.2>` +- Tag: :oe_git:`yocto-4.1.3 </bitbake/log/?h=yocto-4.1.3>` +- Git Revision: :oe_git:`592ee222a1c6da42925fb56801f226884b6724ec </bitbake/commit/?id=592ee222a1c6da42925fb56801f226884b6724ec>` +- Release Artefact: bitbake-592ee222a1c6da42925fb56801f226884b6724ec +- sha: 79c32f2ca66596132e32a45654ce0e9dd42b6b39186eff3540a9d6b499fe952c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.3/bitbake-592ee222a1c6da42925fb56801f226884b6724ec.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.3/bitbake-592ee222a1c6da42925fb56801f226884b6724ec.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`langdale </yocto-docs/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.3 </yocto-docs/log/?h=yocto-4.1.3>` +- Git Revision: :yocto_git:`3de2ad1f8ff87aeec30088779267880306a0f31a </yocto-docs/commit/?id=3de2ad1f8ff87aeec30088779267880306a0f31a>` + diff --git a/documentation/migration-guides/release-notes-4.1.4.rst b/documentation/migration-guides/release-notes-4.1.4.rst new file mode 100644 index 0000000000..de469f4bee --- /dev/null +++ b/documentation/migration-guides/release-notes-4.1.4.rst @@ -0,0 +1,254 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.1.4 (Langdale) +---------------------------------------- + +Security Fixes in Yocto-4.1.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- cve-extra-exclusions/linux-yocto: Ignore :cve:`2020-27784`, :cve:`2021-3669`, :cve:`2021-3759`, :cve:`2021-4218`, :cve:`2022-0480`, :cve:`2022-1184`, :cve:`2022-1462`, :cve:`2022-2308`, :cve:`2022-2327`, :cve:`2022-26365`, :cve:`2022-2663`, :cve:`2022-2785`, :cve:`2022-3176`, :cve:`2022-33740`, :cve:`2022-33741`, :cve:`2022-33742`, :cve:`2022-3526`, :cve:`2022-3563`, :cve:`2022-3621`, :cve:`2022-3623`, :cve:`2022-3624`, :cve:`2022-3625`, :cve:`2022-3629`, :cve:`2022-3630`, :cve:`2022-3633`, :cve:`2022-3635`, :cve:`2022-3636`, :cve:`2022-3637`, :cve:`2022-3646` and :cve:`2022-3649` +- cve-extra-exclusions/linux-yocto 5.15: Ignore :cve:`2022-3435`, :cve:`2022-3534`, :cve:`2022-3564`, :cve:`2022-3564`, :cve:`2022-3619`, :cve:`2022-3640`, :cve:`2022-42895`, :cve:`2022-42896`, :cve:`2022-4382`, :cve:`2023-0266` and :cve:`2023-0394` +- epiphany: Fix :cve:`2023-26081` +- git: Ignore :cve:`2023-22743` +- go: Fix :cve:`2022-41722`, :cve:`2022-41723`, :cve:`2022-41724`, :cve:`2022-41725` and :cve:`2023-24532` +- harfbuzz: Fix :cve:`2023-25193` +- libmicrohttpd: Fix :cve:`2023-27371` +- libxml2: Fix :cve:`2022-40303` and :cve:`2022-40304` +- openssl: Fix :cve:`2023-0464`, :cve:`2023-0465` and :cve:`2023-0466` +- python3-setuptools: Fix :cve:`2022-40897` +- qemu: Fix :cve:`2022-4144` +- screen: Fix :cve:`2023-24626` +- shadow: Ignore :cve:`2016-15024` +- tiff: Fix :cve:`2022-48281`, :cve:`2023-0795`, :cve:`2023-0796`, :cve:`2023-0797`, :cve:`2023-0798`, :cve:`2023-0799`, :cve:`2023-0800`, :cve:`2023-0801`, :cve:`2023-0802`, :cve:`2023-0803` and :cve:`2023-0804` +- vim: Fix :cve:`2023-1127`, :cve:`2023-1170`, :cve:`2023-1175`, :cve:`2023-1264` and :cve:`2023-1355` +- xdg-utils: Fix :cve:`2022-4055` +- xserver-xorg: Fix for :cve:`2023-1393` + + +Fixes in Yocto-4.1.4 +~~~~~~~~~~~~~~~~~~~~ + +- apt: re-enable version check +- base-files: Drop localhost.localdomain from hosts file +- binutils: Fix nativesdk ld.so search +- bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system +- bitbake: cookerdata: Drop dubious exception handling code +- bitbake: cookerdata: Improve early exception handling +- bitbake: cookerdata: Remove incorrect SystemExit usage +- bitbake: fetch/git: Fix local clone url to make it work with repo +- bitbake: toaster: Add refreshed oe-core and poky fixtures +- bitbake: toaster: fixtures/README: django 1.8 -> 3.2 +- bitbake: toaster: fixtures/gen_fixtures.py: update branches +- bitbake: utils: Allow to_boolean to support int values +- bmap-tools: switch to main branch +- build-appliance-image: Update to langdale head revision +- buildtools-tarball: Handle spaces within user $PATH +- busybox: move hwclock init earlier in startup +- cargo.bbclass: use offline mode for building +- cpio: Fix wrong CRC with ASCII CRC for large files +- cracklib: update github branch to 'main' +- cups: add/fix web interface packaging +- cups: check :term:`PACKAGECONFIG` for pam feature +- cups: use BUILDROOT instead of DESTDIR +- cve-check: Fix false negative version issue +- devtool/upgrade: do not delete the workspace/recipes directory +- dhcpcd: Fix install conflict when enable multilib. +- ffmpeg: fix build failure when vulkan is enabled +- filemap.py: enforce maximum of 4kb block size +- gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch +- glibc: Add missing binutils dependency +- go: upgrade to 1.19.7 +- image_types: fix multiubi var init +- image_types: fix vname var init in multiubi_mkfs() function +- iso-codes: upgrade to 4.13.0 +- kernel-devsrc: fix mismatched compiler warning +- lib/oe/gpg_sign.py: Avoid race when creating .sig files in detach_sign +- lib/resulttool: fix typo breaking resulttool log --ptest +- libcomps: Fix callback function prototype for PyCOMPS_hash +- libdnf: upgrade to 0.70.0 +- libgit2: update license information +- libmicrohttpd: upgrade to 0.9.76 +- linux-yocto-rt/5.15: upgrade to -rt59 +- linux-yocto/5.15: upgrade to v5.15.108 +- linux: inherit pkgconfig in kernel.bbclass +- lttng-modules: upgrade to v2.13.9 +- lua: Fix install conflict when enable multilib. +- mdadm: Fix raid0, 06wrmostly and 02lineargrow tests +- mesa-demos: packageconfig weston should have a dependency on wayland-protocols +- meson: Fix wrapper handling of implicit setup command +- meson: remove obsolete RPATH stripping patch +- migration-guides: update release notes +- oeqa ping.py: avoid busylooping failing ping command +- oeqa ping.py: fail test if target IP address has not been set +- oeqa rtc.py: skip if read-only-rootfs +- oeqa/runtime: clean up deprecated backslash expansion +- oeqa/sdk: Improve Meson test +- oeqa/selftest/cases/package.py: adding unittest for package rename conflicts +- oeqa/selftest/cases/runqemu: update imports +- oeqa/selftest/prservice: Improve debug output for failure +- oeqa/selftest/reproducible: Split different packages from missing packages output +- oeqa/selftest: OESelftestTestContext: convert relative to full path when newbuilddir is provided +- oeqa/targetcontrol: do not set dump_host_cmds redundantly +- oeqa/targetcontrol: fix misspelled RuntimeError +- oeqa/targetcontrol: remove unused imports +- oeqa/utils/commands: fix usage of undefined EPIPE +- oeqa/utils/commands: remove unused imports +- oeqa/utils/qemurunner: replace hard-coded user 'root' in debug output +- oeqs/selftest: OESelftestTestContext: replace the os.environ after subprocess.check_output +- package.bbclass: check packages name conflict in do_package +- pango: upgrade to 1.50.13 +- piglit: Fix build time dependency +- poky.conf: bump version for 4.1.4 +- populate_sdk_base: add zip options +- populate_sdk_ext: Handle spaces within user $PATH +- pybootchart: Fix extents handling to account for cpu/io/mem pressure changes +- pybootchartui: Fix python syntax issue +- report-error: catch Nothing :term:`PROVIDES` error +- rpm: Fix hdr_hash function prototype +- run-postinsts: Set dependency for ldconfig to avoid boot issues +- runqemu: respect :term:`IMAGE_LINK_NAME` +- runqemu: Revert "workaround for APIC hang on pre 4.15 kernels on qemux86q" +- scripts/lib/buildstats: handle top-level build_stats not being complete +- selftest/recipetool: Stop test corrupting tinfoil class +- selftest/runtime_test/virgl: Disable for all Rocky Linux +- selftest: devtool: set :term:`BB_HASHSERVE_UPSTREAM` when setting :term:`SSTATE_MIRRORS` +- selftest: runqemu: better check for ROOTFS: in the log +- selftest: runqemu: use better error message when asserts fail +- shadow: Fix can not print full login timeout message +- staging/multilib: Fix manifest corruption +- staging: Separate out different multiconfig manifests +- sudo: upgrade to 1.9.13p3 +- systemd.bbclass: Add /usr/lib/systemd to searchpaths as well +- systemd: add group sgx to udev package +- systemd: fix wrong nobody-group assignment +- timezone: use 'tz' subdir instead of ${WORKDIR} directly +- toolchain-scripts: Handle spaces within user $PATH +- tzcode-native: fix build with gcc-13 on host +- tzdata: upgrade to 2023c +- tzdata: use separate :term:`B` instead of :term:`WORKDIR` for zic output +- u-boot: Map arm64 into map for u-boot dts installation +- uninative: Upgrade to 3.9 to include glibc 2.37 +- vala: Fix install conflict when enable multilib. +- vim: add missing pkgconfig inherit +- vim: set modified-by to the recipe :term:`MAINTAINER` +- vim: upgrade to 9.0.1429 +- xcb-proto: Fix install conflict when enable multilib. + + +Known Issues in Yocto-4.1.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.1.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Andrew Geissler +- Arturo Buzarra +- Bhabu Bindu +- Bruce Ashfield +- Carlos Alberto Lopez Perez +- Chee Yang Lee +- Chris Elledge +- Christoph Lauer +- Dmitry Baryshkov +- Enrico Jörns +- Fawzi KHABER +- Frank de Brabander +- Frederic Martinsons +- Geoffrey GIRY +- Hitendra Prajapati +- Jose Quaresma +- Kenfe-Mickael Laventure +- Khem Raj +- Marek Vasut +- Martin Jansa +- Michael Halstead +- Michael Opdenacker +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Narpat Mali +- Pavel Zhukov +- Peter Marko +- Piotr Łobacz +- Randy MacLeod +- Richard Purdie +- Robert Yang +- Romuald JEANNE +- Romuald Jeanne +- Ross Burton +- Siddharth +- Siddharth Doshi +- Soumya +- Steve Sakoman +- Sudip Mukherjee +- Tim Orling +- Tobias Hagelborn +- Tom Hochstein +- Trevor Woerner +- Wang Mingyu +- Xiangyu Chen +- Zoltan Boszormenyi + + +Repositories / Downloads for Yocto-4.1.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`langdale </poky/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.4 </poky/log/?h=yocto-4.1.4>` +- Git Revision: :yocto_git:`3e95f268ce04b49ba6731fd4bbc53b1693c21963 </poky/commit/?id=3e95f268ce04b49ba6731fd4bbc53b1693c21963>` +- Release Artefact: poky-3e95f268ce04b49ba6731fd4bbc53b1693c21963 +- sha: 54798c4b519f5e11f409e1fd074bea1bc0a1b80672aa60dddbac772c8e4d838b +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.4/poky-3e95f268ce04b49ba6731fd4bbc53b1693c21963.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.4/poky-3e95f268ce04b49ba6731fd4bbc53b1693c21963.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`langdale </openembedded-core/log/?h=langdale>` +- Tag: :oe_git:`yocto-4.1.4 </openembedded-core/log/?h=yocto-4.1.4>` +- Git Revision: :oe_git:`78211cda40eb018a3aa535c75b61e87337236628 </openembedded-core/commit/?id=78211cda40eb018a3aa535c75b61e87337236628>` +- Release Artefact: oecore-78211cda40eb018a3aa535c75b61e87337236628 +- sha: 1303d836bae54c438c64d6b9f068eb91c32be4cc1779e89d0f2d915a55d59b15 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.4/oecore-78211cda40eb018a3aa535c75b61e87337236628.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.4/oecore-78211cda40eb018a3aa535c75b61e87337236628.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`langdale </meta-mingw/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.4 </meta-mingw/log/?h=yocto-4.1.4>` +- Git Revision: :yocto_git:`b0067202db8573df3d23d199f82987cebe1bee2c </meta-mingw/commit/?id=b0067202db8573df3d23d199f82987cebe1bee2c>` +- Release Artefact: meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c +- sha: 704f2940322b81ce774e9cbd27c3cfa843111d497dc7b1eeaa39cd694d9a2366 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.4/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.4/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.2 </bitbake/log/?h=2.2>` +- Tag: :oe_git:`yocto-4.1.4 </bitbake/log/?h=yocto-4.1.4>` +- Git Revision: :oe_git:`5b105e76dd7de3b9a25b17b397f2c12c80048894 </bitbake/commit/?id=5b105e76dd7de3b9a25b17b397f2c12c80048894>` +- Release Artefact: bitbake-5b105e76dd7de3b9a25b17b397f2c12c80048894 +- sha: 2cd6448138816f5a906f9927c6b6fdc5cf24981ef32b6402312f52ca490edb4f +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1.4/bitbake-5b105e76dd7de3b9a25b17b397f2c12c80048894.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1.4/bitbake-5b105e76dd7de3b9a25b17b397f2c12c80048894.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`langdale </yocto-docs/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1.4 </yocto-docs/log/?h=yocto-4.1.4>` +- Git Revision: :yocto_git:`da685fc5e69d49728e3ffd6c4d623e7e1745059d </yocto-docs/commit/?id=da685fc5e69d49728e3ffd6c4d623e7e1745059d>` + diff --git a/documentation/migration-guides/release-notes-4.1.rst b/documentation/migration-guides/release-notes-4.1.rst new file mode 100644 index 0000000000..a0d5196128 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.1.rst @@ -0,0 +1,761 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 4.1 (langdale) +--------------------------------- + + +New Features / Enhancements in 4.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 5.19, glibc 2.36 and ~260 other recipe upgrades + +- ``make`` 4.0 is now the minimum make version required on the build host. + For host distros that do not provide it, this is included as part of the + :term:`buildtools` tarball, and additionally a new :term:`buildtools-make` tarball + has been introduced to provide this in particular for host distros with + a broken make 4.x version. For more details see + :ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions`. + +- New layer setup tooling: + + - New ``scripts/oe-setup-layers`` standalone script to restore the layer + configuration from a json file + - New ``bitbake-layers create-layers-setup`` command to save the + layer configuration to a json file + - New ``bitbake-layers save-build-conf`` command to save the active build + configuration as a template into a layer + +- Rust-related enhancements: + + - Support for building rust for the target + - Significant SDK toolchain build optimisation + - Support for building native components in the SDK + - Support ``crate://`` fetcher with :ref:`ref-classes-externalsrc` + +- New core recipes: + + - ``buildtools-make-tarball`` + - ``icon-naming-utils`` (previously removed) + - ``musl-locales`` + - ``python3-editables`` (originally in meta-python) + - ``python3-hatch-vcs`` + - ``python3-hatchling`` (originally in meta-oe) + - ``python3-lxml`` (originally in meta-python) + - ``python3-pathspec`` (originally in meta-python) + - ``python3-picobuild`` + - ``sato-icon-theme`` (previously removed) + +- CVE checking enhancements: + + - New :term:`CVE_DB_UPDATE_INTERVAL` variable to allow specifying the CVE database minimum update interval (and default to once per day) + - Added JSON format to summary output + - Added support for Ignored CVEs + - Enable recursive CVE checking also for ``do_populate_sdk`` + - New :term:`CVE_CHECK_SHOW_WARNINGS` variable to disable unpatched CVE warning messages + - The :ref:`ref-classes-pypi` class now defaults :term:`CVE_PRODUCT` from :term:`PYPI_PACKAGE` + - Added current kernel CVEs to ignore list since we stay as close to the kernel stable releases as we can + - Optimisations to avoid dependencies on fetching + +- Complementary package installation (as used in SDKs and images) no longer installs recommended packages, in order to avoid conflicts +- Dependency of -dev package on main package is now an :term:`RRECOMMENDS` and can be easily set via new :term:`DEV_PKG_DEPENDENCY` variable + +- Support for CPU, I/O and memory pressure regulation in BitBake +- Pressure data gathering in :ref:`ref-classes-buildstats` and rendering in ``pybootchartgui`` + +- New Picobuild system for lightweight Python PEP-517 build support in the :ref:`ref-classes-python_pep517` class + +- Many classes are now split into global and recipe contexts for better + validation. For more information, see + :ref:`Classes now split by usage context <migration-4.1-classes-split>`. + +- Architecture-specific enhancements: + + - arch-armv8-4a.inc: add tune include for armv8.4a + - tune-neoversen2: support tune-neoversen2 base on armv9a + - riscv: Add tunes for rv64 without compressed instructions + - gnu-efi: enable for riscv64 + - shadow-securetty: allow ttyS4 for amd-snowyowl-64 + +- Kernel-related enhancements: + + - linux-yocto/5.15: cfg/xen: Move x86 configs to separate file + - linux-yocto/5.15: Enabled MDIO bus config + - linux-yocto: Enable mdio for qemu + - linux-yocto/5.15: base: enable kernel crypto userspace API + - kern-tools: allow 'y' or 'm' to avoid config audit warnings + - kernel-yocto.bbclass: say what :term:`SRC_URI` entry is being dropped + - kernel.bbclass: Do not overwrite recipe's custom postinst + - kmod: Enable xz support by default + - Run depmod(wrapper) against each compiled kernel when multiple kernels are enabled + - linux-yocto-tiny: enable qemuarmv5/qemuarm64 + +- wic Image Creator enhancements: + + - Added dependencies to support erofs + - Added ``fspassno`` parameter to partition to allow specifying the value of the last column (``fs_passno``) in ``/etc/fstab``. + - bootimg-efi: added support for loading devicetree files + - Added ``none`` fstype for custom image (for use in conjunction with ``rawcopy``) + +- SDK-related enhancements: + + - :ref:`Support for using the regular build system as an SDK <sdk-manual/extensible:Setting up the Extensible SDK environment directly in a Yocto build>` + - :ref:`ref-classes-image-buildinfo` class now also writes build information to SDKs + - New :term:`SDK_TOOLCHAIN_LANGS` variable to control support of rust / go in SDK + - rust-llvm: enabled :ref:`ref-classes-nativesdk` variant + - python3-pluggy: enabled for :ref:`ref-classes-native` / :ref:`ref-classes-nativesdk` + +- QEMU/runqemu enhancements: + + - qemux86-64: Allow higher tunes + - runqemu: display host uptime when starting + - runqemu: add ``QB_KERNEL_CMDLINE`` that can be set to "none" to avoid overriding kernel command line specified in dtb + +- Image-related enhancements: + + - New variable :term:`UBOOT_MKIMAGE_KERNEL_TYPE` + - New variable :term:`FIT_PAD_ALG` to control FIT image padding algorithm + - New :term:`KERNEL_DEPLOY_DEPEND` variable to allow disabling image dependency on deploying the kernel + - :ref:`ref-classes-image_types`: isolate the write of UBI + configuration to a ``write_ubi_config`` function that can be easily overridden + +- openssh: add support for config snippet includes to ssh and sshd +- :ref:`ref-classes-create-spdx`: Add :term:`SPDX_PRETTY` option +- wpa-supplicant: build static library if not disabled via :term:`DISABLE_STATIC` +- wpa-supplicant: package dynamic modules +- openssl: extract legacy provider module to a separate package +- linux-firmware: split out ath3k firmware +- linux-firmware: add support for building snapshots +- eudev: create static-nodes in init script +- udev-extraconf: new :term:`MOUNT_BASE` variable allows configuring automount base directory +- udev-extraconf/mount.sh: use partition labels in mountpoint paths +- systemd: Set RebootWatchdogSec to 60s by default +- systemd: systemd-systemctl: Support instance conf files during enable +- weston.init: enable ``xwayland`` in weston.ini if ``x11`` is in :term:`DISTRO_FEATURES` +- New ``npm_registry`` Python module to enable caching with nodejs 16+ +- :ref:`ref-classes-npm`: replaced ``npm pack`` call with ``tar czf`` for nodejs 16+ compatibility and improved ``do_configure`` performance +- Enabled :ref:`ref-classes-bin-package` class to work properly in the native case +- Enabled :ref:`buildpaths <qa-check-buildpaths>` QA check as a warning by default +- New :term:`OVERLAYFS_ETC_EXPOSE_LOWER` to provide read-only access to the original ``/etc`` content with :ref:`ref-classes-overlayfs-etc` +- New :term:`OVERLAYFS_QA_SKIP` variable to allow skipping check on :ref:`ref-classes-overlayfs` mounts +- New :term:`PACKAGECONFIG` options for individual recipes: + + - apr: xsi-strerror + - btrfs-tools: lzo + - connman: iwd + - coreutils: openssl + - dropbear: enable-x11-forwarding + - eudev: blkid, kmod, rule-generator + - eudev: manpages, selinux + - flac: avx, ogg + - gnutls: fips + - gstreamer1.0-plugins-bad: avtp + - libsdl2: libusb + - llvm: optviewer + - mesa: vulkan, vulkan-beta, zink + - perf: bfd + - piglit: glx, opencl + - python3: editline + - qemu: bpf, brlapi, capstone, rdma, slirp, uring, vde + - rpm: readline + - ruby: capstone + - systemd: no-dns-fallback, sysext + - tiff: jbig + +- ptest enhancements in ``curl``, ``json-c``, ``libgcrypt``, ``libgpg-error``, ``libxml2`` +- ptest compile/install functions now use :term:`PARALLEL_MAKE` and :term:`PARALLEL_MAKEINST` in ptest for significant speedup +- New :term:`TC_CXX_RUNTIME` variable to enable other layers to more easily control C++ runtime +- Set :term:`BB_DEFAULT_UMASK` using ??= to make it easier to override +- Set :term:`TCLIBC` and :term:`TCMODE` using ??= to make them easier to override +- squashfs-tools: build with lzo support by default +- insane.bbclass: make ``do_qa_staging`` check shebang length for native scripts in all :term:`SYSROOT_DIRS` +- utils: Add ``create_cmdline_shebang_wrapper`` function to allow recipes to easily create a wrapper to fix long shebang lines +- meson: provide relocation script and native/cross wrappers also for meson-native +- meson.bbclass: add cython binary to cross/native toolchain config +- New ``musl-locales`` recipe to provide a limited set of locale data for musl based systems +- gobject-introspection: use :term:`OBJDUMP` environment variable so that objdump tool can be picked up from the environment +- The Python ``zoneinfo`` module is now split out to its own ``python3-zoneinfo`` package. +- busybox: added devmem 128-bit support +- vim: split xxd out into its own package +- New :ref:`ref-classes-github-releases` class to consolidate version checks for github-based packages +- ``devtool reset`` now preserves ``workspace/sources`` source trees in ``workspace/attic/sources/`` instead of leaving them in-place +- scripts/patchreview: Add commit to stored json data +- scripts/patchreview: Make json output human parsable +- ``wpa-supplicant`` recipe now uses the upstream ``defconfig`` modified based upon :term:`PACKAGECONFIG` instead of a stale ``defconfig`` file +- bitbake: build: prefix the tasks with a timestamp in the log.task_order +- bitbake: fetch2/osc: Add support to query latest revision +- bitbake: utils: Pass lock argument in fileslocked +- bitbake: utils: Add enable_loopback_networking() + + +Known Issues in 4.1 +~~~~~~~~~~~~~~~~~~~ + +- The change to :ref:`migration-4.1-complementary-deps` means that images + built with the ``ptest-pkgs`` :term:`IMAGE_FEATURES` don’t automatically + install ``ptest-runner``, as that package is a recommendation of the + individual ``-ptest`` packages. This will be resolved in the next point + release, and can be worked around by explicitly installing ``ptest-runner`` + into the image. Filed as :yocto_bugs:`bug 14928 </show_bug.cgi?id=14928>`. + +- There is a known issue with eSDKs where sstate objects may be missing, + resulting in packages being unavailable to install in the sysroot. This is due + to image generation optimisations having unintended consequences in eSDK + generation. This will be resolved in the next point release. Filed as + :yocto_bugs:`bug 14626 </show_bug.cgi?id=14626>`, which also details the fix. + +- The change to :ref:`migration-4.1-classes-split` inadvertently moved the + :ref:`ref-classes-externalsrc` class to ``meta/classes-recipe``, + when it is not recipe-specific and can also be used in a global context. The + class will be moved back to ``meta/classes`` in the next point release. Filed + as :yocto_bugs:`bug 14940 </show_bug.cgi?id=14940>`. + + +Recipe License changes in 4.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +- alsa-state: add GPL-2.0-or-later because of alsa-state-init file +- git: add GPL-2.0-or-later & BSD-3-Clause & MIT & BSL-1.0 & LGPL-2.1-or-later due to embedded code +- libgcrypt: dropped GPLv3 license after upstream changes +- linux-firmware: correct license for ar3k firmware (specific "ar3k" license) + + + +Security Fixes in 4.1 +~~~~~~~~~~~~~~~~~~~~~ + +- bind: :cve:`2022-1183`, :cve:`2022-2795`, :cve:`2022-2881`, :cve:`2022-2906`, :cve:`2022-3080`, :cve:`2022-38178` +- binutils: :cve:`2019-1010204`, :cve:`2022-38126`, :cve:`2022-38127`, :cve:`2022-38128`, :cve:`2022-38533` +- busybox: :cve:`2022-30065` +- connman: :cve:`2022-32292`, :cve:`2022-32293` +- cups: :cve:`2022-26691` +- e2fsprogs: :cve:`2022-1304` +- expat: :cve:`2022-40674` +- freetype: :cve:`2022-27404` +- glibc: :cve:`2022-39046` +- gnupg: :cve:`2022-34903` +- grub2: :cve:`2021-3695`, :cve:`2021-3696`, :cve:`2021-3697`, :cve:`2022-28733`, :cve:`2022-28734`, :cve:`2022-28735` +- inetutils: :cve:`2022-39028` +- libtirpc: :cve:`2021-46828` +- libxml2: :cve:`2016-3709` (ignored) +- libxslt: :cve:`2022-29824` (not applicable) +- linux-yocto/5.15: :cve:`2022-28796` +- logrotate: :cve:`2022-1348` +- lua: :cve:`2022-33099` +- nasm: :cve:`2020-18974` (ignored) +- ncurses: :cve:`2022-29458` +- openssl: :cve:`2022-1292`, :cve:`2022-1343`, :cve:`2022-1434`, :cve:`2022-1473`, :cve:`2022-2068`, :cve:`2022-2274`, :cve:`2022-2097` +- python3: :cve:`2015-20107` (ignored) +- qemu: :cve:`2021-20255` (ignored), :cve:`2019-12067` (ignored), :cve:`2021-3507`, :cve:`2022-0216`, :cve:`2022-2962`, :cve:`2022-35414` +- rpm: :cve:`2021-35937`, :cve:`2021-35938`, :cve:`2021-35939` +- rsync: :cve:`2022-29154` +- subversion: :cve:`2021-28544`, :cve:`2022-24070` +- tiff: :cve:`2022-1210` (not applicable), :cve:`2022-1622`, :cve:`2022-1623` (invalid), :cve:`2022-2056`, :cve:`2022-2057`, :cve:`2022-2058`, :cve:`2022-2953`, :cve:`2022-34526` +- unzip: :cve:`2022-0529`, :cve:`2022-0530` +- vim: :cve:`2022-1381`, :cve:`2022-1420`, :cve:`2022-1621`, :cve:`2022-1629`, :cve:`2022-1674`, :cve:`2022-1733`, :cve:`2022-1735`, :cve:`2022-1769`, :cve:`2022-1771`, :cve:`2022-1785`, :cve:`2022-1796`, :cve:`2022-1927`, :cve:`2022-1942`, :cve:`2022-2257`, :cve:`2022-2264`, :cve:`2022-2284`, :cve:`2022-2285`, :cve:`2022-2286`, :cve:`2022-2287`, :cve:`2022-2816`, :cve:`2022-2817`, :cve:`2022-2819`, :cve:`2022-2845`, :cve:`2022-2849`, :cve:`2022-2862`, :cve:`2022-2874`, :cve:`2022-2889`, :cve:`2022-2980`, :cve:`2022-2946`, :cve:`2022-2982`, :cve:`2022-3099`, :cve:`2022-3134`, :cve:`2022-3234`, :cve:`2022-3278` +- zlib: :cve:`2022-37434` + + + + + +Recipe Upgrades in 4.1 +~~~~~~~~~~~~~~~~~~~~~~ + +- acpica 20211217 -> 20220331 +- adwaita-icon-theme 41.0 -> 42.0 +- alsa-lib 1.2.6.1 -> 1.2.7.2 +- alsa-plugins 1.2.6 -> 1.2.7.1 +- alsa-ucm-conf 1.2.6.3 -> 1.2.7.2 +- alsa-utils 1.2.6 -> 1.2.7 +- asciidoc 10.1.4 -> 10.2.0 +- at-spi2-core 2.42.0 -> 2.44.1 +- autoconf-archive 2022.02.11 -> 2022.09.03 +- base-passwd 3.5.29 -> 3.5.52 +- bind 9.18.5 -> 9.18.7 +- binutils 2.38 -> 2.39 +- boost 1.78.0 -> 1.80.0 +- boost-build-native 4.4.1 -> 1.80.0 +- btrfs-tools 5.16.2 -> 5.19.1 +- cargo 1.59.0 -> 1.63.0 +- ccache 4.6 -> 4.6.3 +- cmake 3.22.3 -> 3.24.0 +- cmake-native 3.22.3 -> 3.24.0 +- coreutils 9.0 -> 9.1 +- createrepo-c 0.19.0 -> 0.20.1 +- cross-localedef-native 2.35 -> 2.36 +- curl 7.82.0 -> 7.85.0 +- diffoscope 208 -> 221 +- dmidecode 3.3 -> 3.4 +- dnf 4.11.1 -> 4.14.0 +- dos2unix 7.4.2 -> 7.4.3 +- dpkg 1.21.4 -> 1.21.9 +- dropbear 2020.81 -> 2022.82 +- efibootmgr 17 -> 18 +- elfutils 0.186 -> 0.187 +- ell 0.50 -> 0.53 +- enchant2 2.3.2 -> 2.3.3 +- erofs-utils 1.4 -> 1.5 +- ethtool 5.16 -> 5.19 +- eudev 3.2.10 -> 3.2.11 +- ffmpeg 5.0.1 -> 5.1.1 +- file 5.41 -> 5.43 +- flac 1.3.4 -> 1.4.0 +- fontconfig 2.13.1 -> 2.14.0 +- freetype 2.11.1 -> 2.12.1 +- gcc 11.3.0 -> 12.2.0 +- gcompat 1.0.0+1.1+gitX (4d6a5156a6eb…) -> 1.0.0+1.1+gitX (c6921a1aa454…) +- gdb 11.2 -> 12.1 +- ghostscript 9.55.0 -> 9.56.1 +- git 2.35.4 -> 2.37.3 +- glibc 2.35 -> 2.36 +- glslang 1.3.204.1 -> 1.3.216.0 +- gnu-config 20211108+gitX -> 20220525+gitX +- gnu-efi 3.0.14 -> 3.0.15 +- gnutls 3.7.4 -> 3.7.7 +- go 1.17.13 -> 1.19 +- go-helloworld 0.1 (787a929d5a0d…) -> 0.1 (2e68773dfca0…) +- gpgme 1.17.1 -> 1.18.0 +- gptfdisk 1.0.8 -> 1.0.9 +- harfbuzz 4.0.1 -> 5.1.0 +- hdparm 9.63 -> 9.64 +- help2man 1.49.1 -> 1.49.2 +- hwlatdetect 2.3 -> 2.4 +- icu 70.1 -> 71.1 +- inetutils 2.2 -> 2.3 +- init-system-helpers 1.62 -> 1.64 +- iproute2 5.17.0 -> 5.19.0 +- iptables 1.8.7 -> 1.8.8 +- iw 5.16 -> 5.19 +- json-c 0.15 -> 0.16 +- kbd 2.4.0 -> 2.5.1 +- kea 2.0.2 -> 2.2.0 +- kexec-tools 2.0.23 -> 2.0.25 +- kmod 29 -> 30 +- kmscube git (9f63f359fab1…) -> git (3bf6ee1a0233…) +- less 600 -> 608 +- libaio 0.3.112 -> 0.3.113 +- libbsd 0.11.5 -> 0.11.6 +- libcap-ng 0.8.2 -> 0.8.3 +- libcap-ng-python 0.8.2 -> 0.8.3 +- libcgroup 2.0.2 -> 3.0.0 +- libcomps 0.1.18 -> 0.1.19 +- libdnf 0.66.0 -> 0.69.0 +- libdrm 2.4.110 -> 2.4.113 +- libevdev 1.12.1 -> 1.13.0 +- libfontenc 1.1.4 -> 1.1.6 +- libgcc 11.3.0 -> 12.2.0 +- libgcc-initial 11.3.0 -> 12.2.0 +- libgcrypt 1.9.4 -> 1.10.1 +- libgfortran 11.3.0 -> 12.2.0 +- libgit2 1.4.3 -> 1.5.0 +- libgpg-error 1.44 -> 1.45 +- libhandy 1.5.0 -> 1.6.3 +- libidn2 2.3.2 -> 2.3.3 +- libjitterentropy 3.4.0 -> 3.4.1 +- libmnl 1.0.4 -> 1.0.5 +- libnl 3.5.0 -> 3.7.0 +- libnotify 0.7.9 -> 0.8.1 +- libpipeline 1.5.5 -> 1.5.6 +- libproxy 0.4.17 -> 0.4.18 +- librepo 1.14.3 -> 1.14.5 +- librsvg 2.52.7 -> 2.54.5 +- libsdl2 2.0.20 -> 2.24.0 +- libseccomp 2.5.3 -> 2.5.4 +- libsndfile1 1.0.31 -> 1.1.0 +- libstd-rs 1.59.0 -> 1.63.0 +- libtirpc 1.3.2 -> 1.3.3 +- libubootenv 0.3.2 -> 0.3.3 +- libva 2.14.0 -> 2.15.0 +- libva-utils 2.14.0 -> 2.15.0 +- libx11 1.7.3.1 -> 1.8.1 +- libxau 1.0.9 -> 1.0.10 +- libxcb 1.14 -> 1.15 +- libxcursor 1.2.0 -> 1.2.1 +- libxcvt 0.1.1 -> 0.1.2 +- libxfont2 2.0.5 -> 2.0.6 +- libxvmc 1.0.12 -> 1.0.13 +- linux-libc-headers 5.16 -> 5.19 +- linux-yocto 5.10.143+gitX, 5.15.68+gitX -> 5.15.68+gitX, 5.19.9+gitX +- linux-yocto-dev 5.18++gitX -> 5.19++gitX +- linux-yocto-rt 5.10.143+gitX, 5.15.68+gitX -> 5.15.68+gitX, 5.19.9+gitX +- linux-yocto-tiny 5.10.143+gitX, 5.15.68+gitX -> 5.15.68+gitX, 5.19.9+gitX +- llvm 13.0.1 -> 14.0.6 +- lsof 4.94.0 -> 4.95.0 +- ltp 20220121 -> 20220527 +- lttng-tools 2.13.4 -> 2.13.8 +- lttng-ust 2.13.3 -> 2.13.4 +- mc 4.8.27 -> 4.8.28 +- mesa 22.0.3 -> 22.2.0 +- mesa-demos 8.4.0 -> 8.5.0 +- mesa-gl 22.0.3 -> 22.2.0 +- meson 0.61.3 -> 0.63.2 +- mmc-utils 0.1+gitX (b7e4d5a6ae99…) -> 0.1+gitX (d7b343fd2628…) +- mpg123 1.29.3 -> 1.30.2 +- msmtp 1.8.20 -> 1.8.22 +- mtools 4.0.38 -> 4.0.40 +- musl 1.2.3+gitX (7a43f6fea908…) -> 1.2.3+gitX (37e18b7bf307…) +- musl-obstack 1.1 -> 1.2 +- ncurses 6.3+20220423 (a0bc708bc695…) -> 6.3+20220423 (20db1fb41ec9…) +- neard 0.16 -> 0.18 +- nettle 3.7.3 -> 3.8.1 +- nfs-utils 2.6.1 -> 2.6.2 +- nghttp2 1.47.0 -> 1.49.0 +- ninja 1.10.2 -> 1.11.1 +- numactl 2.0.14 -> 2.0.15 +- ofono 1.34 -> 2.0 +- opensbi 1.0 -> 1.1 +- openssh 8.9p1 -> 9.0p1 +- opkg 0.5.0 -> 0.6.0 +- ovmf edk2-stable202202 -> edk2-stable202205 +- pango 1.50.4 -> 1.50.9 +- parted 3.4 -> 3.5 +- patchelf 0.14.5 -> 0.15.0 +- pciutils 3.7.0 -> 3.8.0 +- perl 5.34.1 -> 5.36.0 +- perlcross 1.3.7 -> 1.4 +- piglit 1.0+gitrX (2f80c7cc9c02…) -> 1.0+gitrX (265896c86f90…) +- pkgconf 1.8.0 -> 1.9.3 +- psmisc 23.4 -> 23.5 +- pulseaudio 15.0 -> 16.1 +- puzzles 0.0+gitX (c43a34fbfe43…) -> 0.0+gitX (8399cff6a3b9…) +- python3 3.10.4 -> 3.10.6 +- python3-atomicwrites 1.4.0 -> 1.4.1 +- python3-attrs 21.4.0 -> 22.1.0 +- python3-babel 2.9.1 -> 2.10.3 +- python3-bcrypt 3.2.0 -> 3.2.2 +- python3-certifi 2021.10.8 -> 2022.9.14 +- python3-cffi 1.15.0 -> 1.15.1 +- python3-chardet 4.0.0 -> 5.0.0 +- python3-cryptography 36.0.2 -> 37.0.4 +- python3-cryptography-vectors 36.0.2 -> 37.0.4 +- python3-cython 0.29.28 -> 0.29.32 +- python3-dbusmock 0.27.3 -> 0.28.4 +- python3-docutils 0.18.1 -> 0.19 +- python3-dtschema 2022.1 -> 2022.8.3 +- python3-hypothesis 6.39.5 -> 6.54.5 +- python3-idna 3.3 -> 3.4 +- python3-imagesize 1.3.0 -> 1.4.1 +- python3-importlib-metadata 4.11.3 -> 4.12.0 +- python3-jinja2 3.1.1 -> 3.1.2 +- python3-jsonpointer 2.2 -> 2.3 +- python3-jsonschema 4.4.0 -> 4.9.1 +- python3-magic 0.4.25 -> 0.4.27 +- python3-mako 1.1.6 -> 1.2.2 +- python3-markdown 3.3.6 -> 3.4.1 +- python3-more-itertools 8.12.0 -> 8.14.0 +- python3-numpy 1.22.3 -> 1.23.3 +- python3-pbr 5.8.1 -> 5.10.0 +- python3-pip 22.0.3 -> 22.2.2 +- python3-psutil 5.9.0 -> 5.9.2 +- python3-pycryptodome 3.14.1 -> 3.15.0 +- python3-pycryptodomex 3.14.1 -> 3.15.0 +- python3-pyelftools 0.28 -> 0.29 +- python3-pygments 2.11.2 -> 2.13.0 +- python3-pygobject 3.42.0 -> 3.42.2 +- python3-pyparsing 3.0.7 -> 3.0.9 +- python3-pytest 7.1.1 -> 7.1.3 +- python3-pytest-subtests 0.7.0 -> 0.8.0 +- python3-pytz 2022.1 -> 2022.2.1 +- python3-requests 2.27.1 -> 2.28.1 +- python3-scons 4.3.0 -> 4.4.0 +- python3-semantic-version 2.9.0 -> 2.10.0 +- python3-setuptools 59.5.0 -> 65.0.2 +- python3-setuptools-scm 6.4.2 -> 7.0.5 +- python3-sphinx 4.4.0 -> 5.1.1 +- python3-sphinx-rtd-theme 0.5.0 -> 1.0.0 +- python3-typing-extensions 3.10.0.0 -> 4.3.0 +- python3-urllib3 1.26.9 -> 1.26.12 +- python3-webcolors 1.11.1 -> 1.12 +- python3-zipp 3.7.0 -> 3.8.1 +- qemu 6.2.0 -> 7.1.0 +- repo 2.22 -> 2.29.2 +- rpm 4.17.0 -> 4.18.0 +- rsync 3.2.3 -> 3.2.5 +- rt-tests 2.3 -> 2.4 +- rust 1.59.0 -> 1.63.0 +- rust-llvm 1.59.0 -> 1.63.0 +- sbc 1.5 -> 2.0 +- seatd 0.6.4 -> 0.7.0 +- shaderc 2022.1 -> 2022.2 +- shadow 4.11.1 -> 4.12.1 +- shared-mime-info 2.1 -> 2.2 +- slang 2.3.2 -> 2.3.3 +- speex 1.2.0 -> 1.2.1 +- speexdsp 1.2.0 -> 1.2.1 +- spirv-headers 1.3.204.1 -> 1.3.216.0 +- spirv-tools 1.3.204.1 -> 1.3.216.0 +- sqlite3 3.38.5 -> 3.39.3 +- squashfs-tools 4.5 -> 4.5.1 +- strace 5.16 -> 5.19 +- stress-ng 0.13.12 -> 0.14.03 +- sudo 1.9.10 -> 1.9.11p3 +- sysklogd 2.3.0 -> 2.4.4 +- sysstat 12.4.5 -> 12.6.0 +- systemd 250.5 -> 251.4 +- systemd-boot 250.5 -> 251.4 +- systemtap 4.6 -> 4.7 +- systemtap-native 4.6 -> 4.7 +- systemtap-uprobes 4.6 -> 4.7 +- sysvinit 3.01 -> 3.04 +- tiff 4.3.0 -> 4.4.0 +- tzcode-native 2022c -> 2022d +- tzdata 2022c -> 2022d +- u-boot 2022.01 -> 2022.07 +- u-boot-tools 2022.01 -> 2022.07 +- util-linux 2.37.4 -> 2.38.1 +- util-linux-libuuid 2.37.4 -> 2.38.1 +- valgrind 3.18.1 -> 3.19.0 +- vim 9.0.0541 -> 9.0.0598 +- vim-tiny 9.0.0541 -> 9.0.0598 +- virglrenderer 0.9.1 -> 0.10.3 +- vte 0.66.2 -> 0.68.0 +- vulkan-headers 1.3.204.1 -> 1.3.216.0 +- vulkan-loader 1.3.204.1 -> 1.3.216.0 +- vulkan-samples git (28ca2dad83ce…) -> git (74d45aace02d…) +- vulkan-tools 1.3.204.1 -> 1.3.216.0 +- wayland 1.20.0 -> 1.21.0 +- wayland-protocols 1.25 -> 1.26 +- webkitgtk 2.36.5 -> 2.36.7 +- x264 r3039+gitX (5db6aa6cab1b…) -> r3039+gitX (baee400fa9ce…) +- xauth 1.1.1 -> 1.1.2 +- xcb-proto 1.14.1 -> 1.15.2 +- xf86-video-cirrus 1.5.3 -> 1.6.0 +- xkeyboard-config 2.35.1 -> 2.36 +- xmlto 0.0.28 -> 0.0.28+0.0.29+gitX +- xorgproto 2021.5 -> 2022.2 +- zlib 1.2.11 -> 1.2.12 + + + +Contributors to 4.1 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Aatir Manzur +- Ahmed Hossam +- Alejandro Hernandez Samaniego +- Alexander Kanavin +- Alexandre Belloni +- Alex Kiernan +- Alex Stewart +- Andrei Gherzan +- Andrej Valek +- Andrey Konovalov +- Aníbal Limón +- Anuj Mittal +- Arkadiusz Drabczyk +- Armin Kuster +- Aryaman Gupta +- Awais Belal +- Beniamin Sandu +- Bertrand Marquis +- Bob Henz +- Bruce Ashfield +- Carlos Rafael Giani +- Changhyeok Bae +- Changqing Li +- Chanho Park +- Chen Qi +- Christoph Lauer +- Claudius Heine +- Daiane Angolini +- Daniel Gomez +- Daniel McGregor +- David Bagonyi +- Davide Gardenal +- Denys Dmytriyenko +- Dmitry Baryshkov +- Drew Moseley +- Enrico Scholz +- Ernst Sjöstrand +- Etienne Cordonnier +- Fabio Estevam +- Federico Pellegrin +- Felix Moessbauer +- Ferry Toth +- Florin Diaconescu +- Gennaro Iorio +- Grygorii Tertychnyi +- Gunjan Gupta +- Henning Schild +- He Zhe +- Hitendra Prajapati +- Jack Mitchell +- Jacob Kroon +- Jan Kiszka +- Jan Luebbe +- Jan Vermaete +- Jasper Orschulko +- JeongBong Seo +- Jeremy Puhlman +- Jiaqing Zhao +- Joerg Vehlow +- Johan Korsnes +- Johannes Schneider +- John Edward Broadbent +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Justin Bronder +- Kai Kang +- Kevin Hao +- Khem Raj +- Konrad Weihmann +- Kory Maincent +- Kristian Amlie +- Lee Chee Yang +- Lei Maohui +- Leon Anavi +- Luca Ceresoli +- Lucas Stach +- LUIS ENRIQUEZ +- Marcel Ziswiler +- Marius Kriegerowski +- Mark Hatle +- Markus Volk +- Marta Rybczynska +- Martin Beeger +- Martin Jansa +- Mateusz Marciniec +- Mattias Jernberg +- Matt Madison +- Maxime Roussin-Bélanger +- Michael Halstead +- Michael Opdenacker +- Mihai Lindner +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Muhammad Hamza +- Naveen Saini +- Neil Horman +- Nick Potenski +- Nicolas Dechesne +- Niko Mauno +- Ola x Nilsson +- Otavio Salvador +- Pascal Bach +- Paul Eggleton +- Paul Gortmaker +- Paulo Neves +- Pavel Zhukov +- Peter Bergin +- Peter Kjellerstedt +- Peter Marko +- Petr Vorel +- Pgowda +- Portia Stephens +- Quentin Schulz +- Rahul Kumar +- Raju Kumar Pothuraju +- Randy MacLeod +- Raphael Teller +- Rasmus Villemoes +- Ricardo Salveti +- Richard Purdie +- Robert Joslyn +- Robert Yang +- Roland Hieber +- Ross Burton +- Rouven Czerwinski +- Ruiqiang Hao +- Russ Dill +- Rusty Howell +- Sakib Sajal +- Samuli Piippo +- Schmidt, Adriaan +- Sean Anderson +- Shruthi Ravichandran +- Shubham Kulkarni +- Simone Weiss +- Sebastian Suesens +- Stefan Herbrechtsmeier +- Stefano Babic +- Stefan Wiehler +- Steve Sakoman +- Sundeep KOKKONDA +- Teoh Jay Shen +- Thomas Epperson +- Thomas Perrot +- Thomas Roos +- Tobias Schmidl +- Tomasz Dziendzielski +- Tom Hochstein +- Tom Rini +- Trevor Woerner +- Ulrich Ölmann +- Vyacheslav Yurkov +- Wang Mingyu +- William A. Kennington III +- Xiaobing Luo +- Xu Huan +- Yang Xu +- Yi Zhao +- Yogesh Tyagi +- Yongxin Liu +- Yue Tao +- Yulong (Kevin) Liu +- Zach Welch +- Zheng Ruoqin +- Zoltán Böszörményi + +Repositories / Downloads for 4.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`langdale </poky/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1 </poky/log/?h=yocto-4.1>` +- Git Revision: :yocto_git:`5200799866b92259e855051112520006e1aaaac0 </poky/commit/?id=5200799866b92259e855051112520006e1aaaac0>` +- Release Artefact: poky-5200799866b92259e855051112520006e1aaaac0 +- sha: 9d9a2f7ecf2502f89f43bf45d63e6b61cdcb95ed1d75c8281372f550d809c823 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1/poky-5200799866b92259e855051112520006e1aaaac0.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1/poky-5200799866b92259e855051112520006e1aaaac0.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`langdale </openembedded-core/log/?h=langdale>` +- Tag: :oe_git:`yocto-4.1 </openembedded-core/log/?h=yocto-4.1>` +- Git Revision: :oe_git:`744a2277844ec9a384a9ca7dae2a634d5a0d3590 </openembedded-core/commit/?id=744a2277844ec9a384a9ca7dae2a634d5a0d3590>` +- Release Artefact: oecore-744a2277844ec9a384a9ca7dae2a634d5a0d3590 +- sha: 34f1fd5bb83514bf0ec8ad7f8cce088a8e28677e1338db94c188283da704c663 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1/oecore-744a2277844ec9a384a9ca7dae2a634d5a0d3590.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1/oecore-744a2277844ec9a384a9ca7dae2a634d5a0d3590.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`langdale </meta-mingw/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1 </meta-mingw/log/?h=yocto-4.1>` +- Git Revision: :yocto_git:`b0067202db8573df3d23d199f82987cebe1bee2c </meta-mingw/commit/?id=b0067202db8573df3d23d199f82987cebe1bee2c>` +- Release Artefact: meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c +- sha: 704f2940322b81ce774e9cbd27c3cfa843111d497dc7b1eeaa39cd694d9a2366 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1/meta-mingw-b0067202db8573df3d23d199f82987cebe1bee2c.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.2 </bitbake/log/?h=2.2>` +- Tag: :oe_git:`yocto-4.1 </bitbake/log/?h=yocto-4.1>` +- Git Revision: :oe_git:`074da4c469d1f4177a1c5be72b9f3ccdfd379d67 </bitbake/commit/?id=074da4c469d1f4177a1c5be72b9f3ccdfd379d67>` +- Release Artefact: bitbake-074da4c469d1f4177a1c5be72b9f3ccdfd379d67 +- sha: e32c300e0c8522d8d49ef10aae473bd5f293202672eb9d38e90ed92594ed1fe8 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.1/bitbake-074da4c469d1f4177a1c5be72b9f3ccdfd379d67.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.1/bitbake-074da4c469d1f4177a1c5be72b9f3ccdfd379d67.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`langdale </yocto-docs/log/?h=langdale>` +- Tag: :yocto_git:`yocto-4.1 </yocto-docs/log/?h=yocto-4.1>` +- Git Revision: :yocto_git:`42d3e26a0d04bc5951e640b471686f347dc9b74a </yocto-docs/commit/?id=42d3e26a0d04bc5951e640b471686f347dc9b74a>` diff --git a/documentation/migration-guides/release-notes-4.2.1.rst b/documentation/migration-guides/release-notes-4.2.1.rst new file mode 100644 index 0000000000..948c35fd67 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.2.1.rst @@ -0,0 +1,206 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.2.1 (Mickledore) +------------------------------------------ + +Security Fixes in Yocto-4.2.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- connman: Fix :cve:`2023-28488` +- linux-yocto: Ignore :cve:`2023-1652` and :cve:`2023-1829` +- ghostscript: Fix :cve:`2023-28879` +- qemu: Ignore :cve:`2023-0664` +- ruby: Fix :cve:`2022-28738` and :cve:`2022-28739` +- tiff: Fix :cve:`2022-4645` +- xwayland: Fix :cve:`2023-1393` + + +Fixes in Yocto-4.2.1 +~~~~~~~~~~~~~~~~~~~~ + +- apr: upgrade to 1.7.3 +- bind: upgrade to 9.18.13 +- build-appliance-image: Update to mickledore head revision +- cargo: Fix build on musl/riscv +- cpio: fix appending to archives larger than 2GB +- cracklib: upgrade to 2.9.11 +- cve-update-nvd2-native: added the missing http import +- dev-manual: init-manager.rst: add summary +- dhcpcd: use git instead of tarballs +- docs: add support for mickledore (4.2) release +- gawk: Add skipped.txt to emit test to ignore +- gawk: Disable known ptest fails on musl +- gawk: Remove redundant patch +- glib-networking: Add test retry to avoid failures +- glib-networking: Correct glib error handling in test patch +- gtk4: upgrade to 4.10.3 +- kernel-devsrc: depend on python3-core instead of python3 +- kernel-fitimage: Fix the default dtb config check +- kernel: improve initramfs bundle processing time +- libarchive: Enable acls, xattr for native as well as target +- libhandy: upgrade to 1.8.2 +- libnotify: remove dependency dbus +- libpam: Fix the xtests/tst-pam_motd[1|3] failures +- libpcap: upgrade to 1.10.4 +- libsdl2: upgrade to 2.26.5 +- libxml2: Disable icu tests on musl +- license.bbclass: Include :term:`LICENSE` in the output when it fails to parse +- linux-firmware: upgrade to 20230404 +- machine/qemuarm*: don't explicitly set vmalloc +- maintainers.inc: Fix email address typo +- maintainers.inc: Move repo to unassigned +- man-pages: upgrade to 6.04 +- manuals: document :term:`SPDX_CUSTOM_ANNOTATION_VARS` +- manuals: expand init manager documentation +- mesa: upgrade to 23.0.3 +- migration-guides: add release-notes for 4.1.4 +- migration-guides: fixes and improvements to 4.2 release notes +- migration-guides: release-notes-4.0.9.rst: add missing :term:`SPDX` info +- migration-guides: release-notes-4.2: add doc improvement highlights +- mpg123: upgrade to 1.31.3 +- mtools: upgrade to 4.0.43 +- oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set +- overview-manual: development-environment: update text and screenshots +- overview-manual: update section about source archives +- package_manager/ipk: fix config path generation in _create_custom_config() +- pango: upgrade to 1.50.14 +- perl: patch out build paths from native binaries +- poky.conf: bump version for 4.2.1 release +- populate_sdk_ext.bbclass: redirect stderr to stdout so that both end in LOGFILE +- populate_sdk_ext.bbclass: set :term:`METADATA_REVISION` with an :term:`DISTRO` override +- python3targetconfig.bbclass: Extend PYTHONPATH instead of overwriting +- qemu: Add fix for powerpc instruction fallback issue +- qemu: Update ppc instruction fix to match revised upstream version +- quilt: Fix merge.test race condition +- recipes: Default to https git protocol where possible +- ref-manual: add "Mixin" term +- ref-manual: classes.rst: document devicetree.bbclass +- ref-manual: classes: kernel: document automatic defconfig usage +- ref-manual: classes: kernel: remove incorrect sentence opening +- ref-manual: remove unused and obsolete file +- ref-manual: system-requirements.rst: fix AlmaLinux variable name +- ref-manual: variables.rst: add wikipedia shortcut for "getty" +- ref-manual: variables.rst: document :term:`KERNEL_DANGLING_FEATURES_WARN_ONLY` +- ref-manual: variables.rst: don't mention the :term:`INIT_MANAGER` "none" option +- release-notes-4.2: remove/merge duplicates entries +- release-notes-4.2: update RC3 changes +- release-notes-4.2: update known issues and Repositories/Downloads +- releases.svg: fix and explain duration of Hardknott 3.3 +- ruby: upgrade to 3.2.2 +- rust: upgrade to 1.68.2 +- selftest/distrodata: clean up exception lists in recipe maintainers test +- systemd-systemctl: fix instance template WantedBy symlink construction +- texinfo: upgrade to 7.0.3 +- unfs3: fix symlink time setting issue +- update-alternatives.bbclass: fix old override syntax +- vala: upgrade to 0.56.6 +- waffle: upgrade to 1.7.2 +- weston: add xwayland to :term:`DEPENDS` for :term:`PACKAGECONFIG` xwayland +- wpebackend-fdo: upgrade to 1.14.2 +- xserver-xorg: upgrade to 21.1.8 +- xwayland: upgrade to 23.1.1 + + +Known Issues in Yocto-4.2.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.2.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alex Kiernan +- Alexander Kanavin +- Arslan Ahmad +- Bruce Ashfield +- Chen Qi +- Dmitry Baryshkov +- Enrico Jörns +- Jan Vermaete +- Joe Slater +- Johannes Schrimpf +- Kai Kang +- Khem Raj +- Kyle Russell +- Lee Chee Yang +- Luca Ceresoli +- Markus Volk +- Martin Jansa +- Martin Siegumfeldt +- Michael Halstead +- Michael Opdenacker +- Ming Liu +- Otavio Salvador +- Pawan Badganchi +- Peter Bergin +- Peter Kjellerstedt +- Piotr Łobacz +- Richard Purdie +- Ross Burton +- Steve Sakoman +- Thomas Roos +- Virendra Thakur +- Wang Mingyu +- Yoann Congal +- Zhixiong Chi + + +Repositories / Downloads for Yocto-4.2.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`mickledore </poky/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.1 </poky/log/?h=yocto-4.2.1>` +- Git Revision: :yocto_git:`c5c69f78fc7ce4ba361363c14352e4264ce7813f </poky/commit/?id=c5c69f78fc7ce4ba361363c14352e4264ce7813f>` +- Release Artefact: poky-c5c69f78fc7ce4ba361363c14352e4264ce7813f +- sha: 057d7771dceebb949a79359d7d028a733a29ae7ecd98b60fefcff83fecb22eb7 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.1/poky-c5c69f78fc7ce4ba361363c14352e4264ce7813f.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.1/poky-c5c69f78fc7ce4ba361363c14352e4264ce7813f.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`mickledore </openembedded-core/log/?h=mickledore>` +- Tag: :oe_git:`yocto-4.2.1 </openembedded-core/log/?h=yocto-4.2.1>` +- Git Revision: :oe_git:`20cd64812d286c920bd766145ab1cd968e72667e </openembedded-core/commit/?id=20cd64812d286c920bd766145ab1cd968e72667e>` +- Release Artefact: oecore-20cd64812d286c920bd766145ab1cd968e72667e +- sha: 877fb909af7aa51e1c962d33cfe91ba3e075c384716006aa1345b4bcb15a48ef +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.1/oecore-20cd64812d286c920bd766145ab1cd968e72667e.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.1/oecore-20cd64812d286c920bd766145ab1cd968e72667e.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`mickledore </meta-mingw/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.1 </meta-mingw/log/?h=yocto-4.2.1>` +- Git Revision: :yocto_git:`cc9fd0a988dc1041035a6a6cafb2d1237ef38d8e </meta-mingw/commit/?id=cc9fd0a988dc1041035a6a6cafb2d1237ef38d8e>` +- Release Artefact: meta-mingw-cc9fd0a988dc1041035a6a6cafb2d1237ef38d8e +- sha: 69ccc3ee503b5c35602889e85d28df64a5422ad0f1e55c96c94135b837bb4a1c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.1/meta-mingw-cc9fd0a988dc1041035a6a6cafb2d1237ef38d8e.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.1/meta-mingw-cc9fd0a988dc1041035a6a6cafb2d1237ef38d8e.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.4 </bitbake/log/?h=2.4>` +- Tag: :oe_git:`yocto-4.2.1 </bitbake/log/?h=yocto-4.2.1>` +- Git Revision: :oe_git:`d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c </bitbake/commit/?id=d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c>` +- Release Artefact: bitbake-d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c +- sha: 5edcb97cb545011226b778355bb840ebcc790552d4a885a0d83178153697ba7a +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.1/bitbake-d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.1/bitbake-d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`mickledore </yocto-docs/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.1 </yocto-docs/log/?h=yocto-4.2.1>` +- Git Revision: :yocto_git:`6b04269bba72311e83139cc88b7a3539a5d832e8 </yocto-docs/commit/?id=6b04269bba72311e83139cc88b7a3539a5d832e8>` + diff --git a/documentation/migration-guides/release-notes-4.2.2.rst b/documentation/migration-guides/release-notes-4.2.2.rst new file mode 100644 index 0000000000..74f2d0e82a --- /dev/null +++ b/documentation/migration-guides/release-notes-4.2.2.rst @@ -0,0 +1,330 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.2.2 (Mickledore) +------------------------------------------ + +Security Fixes in Yocto-4.2.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils: Fix :cve:`2023-1972` +- cups: Fix :cve:`2023-32324` +- curl: Fix :cve:`2023-28319`, :cve:`2023-28320`, :cve:`2023-28321` and :cve:`2023-28322` +- dbus: Fix :cve:`2023-34969` +- git: Fix :cve:`2023-25652` and :cve:`2023-29007` +- git: Ignore :cve:`2023-25815` +- libwebp: Fix :cve:`2023-1999` +- libxml2: Fix :cve:`2023-28484` and :cve:`2023-29469` +- libxpm: Fix :cve:`2022-44617` +- ninja: Ignore :cve:`2021-4336` +- openssl: Fix :cve:`2023-0464`, :cve:`2023-0465`, :cve:`2023-0466`, :cve:`2023-1255` and :cve:`2023-2650` +- perl: Fix :cve:`2023-31484` and :cve:`2023-31486` +- sysstat: Fix :cve:`2023-33204` +- tiff: Fix :cve_mitre:`2023-25434`, :cve:`2023-26965` and :cve:`2023-2731` +- vim: Fix :cve:`2023-2426` + + +Fixes in Yocto-4.2.2 +~~~~~~~~~~~~~~~~~~~~ + +- apr: Upgrade to 1.7.4 +- avahi: fix D-Bus introspection +- babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature +- babeltrace2: Upgrade to 2.0.5 +- baremetal-helloworld: Update :term:`SRCREV` to fix entry addresses for ARM architectures +- bind: Upgrade to 9.18.15 +- binutils: move packaging of gprofng static lib into common .inc +- binutils: package static libs from gprofng +- binutils: stable 2.40 branch updates (7343182dd1) +- bitbake.conf: add unzstd in :term:`HOSTTOOLS` +- bitbake: runqueue: Fix deferred task/multiconfig race issue +- bno_plot.py, btt_plot.py: Ask for python3 specifically +- build-appliance-image: Update to mickledore head revision +- busybox: Upgrade to 1.36.1 +- cmake.bbclass: do not search host paths for find_program() +- conf: add nice level to the hash config ignred variables +- connman: fix warning by specifying runstatedir at configure time +- cpio: Run ptests under ptest user +- dbus: Upgrade to 1.14.8 +- devtool: Fix the wrong variable in srcuri_entry +- dnf: only write the log lock to root for native dnf +- docs: bsp-guide: bsp: fix typo +- dpkg: Upgrade to v1.21.22 +- e2fsprogs: Fix error SRCDIR when using usrmerge :term:`DISTRO_FEATURES` +- e2fsprogs: fix ptest bug for second running +- ell: Upgrade to 0.57 +- expect: Add ptest support +- fribidi: Upgrade to 1.0.13 +- gawk: Upgrade to 5.2.2 +- gcc : upgrade to v12.3 +- gdb: fix crashes when debugging threads with Arm Pointer Authentication enabled +- gdb: Upgrade to 13.2 +- git: Upgrade to 2.39.3 +- glib-networking: use correct error code in ptest +- glibc: Pass linker choice via compiler flags +- glibc: stable 2.37 branch updates. +- gnupg: Upgrade to 2.4.2 +- go.bbclass: don't use test to check output from ls +- go: Upgrade to 1.20.5 +- go: Use -no-pie to build target cgo +- gobject-introspection: remove obsolete :term:`DEPENDS` +- grub: submit determinism.patch upstream +- gstreamer1.0: Upgrade to 1.22.3 +- gtk4: Upgrade to 4.10.4 +- image-live.bbclass: respect :term:`IMAGE_MACHINE_SUFFIX` +- image_types: Fix reproducible builds for initramfs and UKI img +- inetutils: remove unused patch files +- ipk: Revert Decode byte data to string in manifest handling +- iso-codes: Upgrade to 4.15.0 +- kernel: don't force PAHOLE=false +- kmod: remove unused ptest.patch +- kmscube: Correct :term:`DEPENDS` to avoid overwrite +- layer.conf: Add missing dependency exclusion +- lib/terminal.py: Add urxvt terminal +- libbsd: Add correct license for all packages +- libdnf: Upgrade to 0.70.1 +- libgcrypt: Upgrade to 1.10.2 +- libgloss: remove unused patch file +- libmicrohttpd: Upgrade to 0.9.77 +- libmodule-build-perl: Upgrade to 0.4234 +- libx11: remove unused patch and :term:`FILESEXTRAPATHS` +- libx11: Upgrade to 1.8.5 +- libxfixes: Upgrade to v6.0.1 +- libxft: Upgrade to 2.3.8 +- libxi: Upgrade to v1.8.1 +- libxml2: Do not use lld linker when building with tests on rv64 +- libxml2: Upgrade to 2.10.4 +- libxpm: Upgrade to 3.5.16 +- linux-firmware: Upgrade to 20230515 +- linux-yocto/5.15: cfg: fix DECNET configuration warning +- linux-yocto/5.15: Upgrade to v5.15.118 +- linux-yocto/6.1: fix intermittent x86 boot hangs +- linux-yocto/6.1: Upgrade to v6.1.35 +- linux-yocto: move build / debug dependencies to .inc +- logrotate: Do not create logrotate.status file +- maintainers.inc: correct Carlos Rafael Giani's email address +- maintainers.inc: correct unassigned entries +- maintainers.inc: unassign Adrian Bunk from wireless-regdb +- maintainers.inc: unassign Alistair Francis from opensbi +- maintainers.inc: unassign Andreas Müller from itstool entry +- maintainers.inc: unassign Chase Qi from libc-test +- maintainers.inc: unassign Oleksandr Kravchuk from python3 and all other items +- maintainers.inc: unassign Pascal Bach from cmake entry +- maintainers.inc: unassign Ricardo Neri from ovmf +- maintainers.inc: update version for gcc-source +- maintainers.inc: unassign Richard Weinberger from erofs-utils entry +- meta: depend on autoconf-archive-native, not autoconf-archive +- meta: lib: oe: npm_registry: Add more safe caracters +- migration-guides: add release notes for 4.2.1 +- minicom: remove unused patch files +- mobile-broadband-provider-info: Upgrade to 20230416 +- musl: Correct :term:`SRC_URI` +- oeqa/selftest/bbtests: add non-existent prefile/postfile tests +- oeqa/selftest/cases/devtool.py: skip all tests require folder a git repo +- oeqa: adding selftest-hello and use it to speed up tests +- openssh: Remove BSD-4-clause contents completely from codebase +- openssl: fix building on riscv32 +- openssl: Upgrade to 3.1.1 +- overview-manual: concepts.rst: Fix a typo +- parted: Add missing libuuid to linker cmdline for libparted-fs-resize.so +- perf: Make built-in libtraceevent plugins cohabit with external libtraceevent +- piglit: Add missing glslang dependencies +- piglit: Fix c++11-narrowing warnings in tests +- pkgconf: Upgrade to 1.9.5 +- pm-utils: fix multilib conflictions +- poky.conf: bump version for 4.2.2 release +- populate_sdk_base.bbclass: respect :term:`MLPREFIX` for ptest-pkgs's ptest-runner +- profile-manual: fix blktrace remote usage instructions +- psmisc: Set :term:`ALTERNATIVE` for pstree to resolve conflict with busybox +- ptest-runner: Ensure data writes don't race +- ptest-runner: Pull in "runner: Remove threads and mutexes" fix +- ptest-runner: Pull in sync fix to improve log warnings +- python3-bcrypt: Use BFD linker when building tests +- python3-numpy: remove NPY_INLINE, use inline instead +- qemu: a pending patch was submitted and accepted upstream +- qemu: remove unused qemu-7.0.0-glibc-2.36.patch +- qemurunner.py: fix error message about qmp +- qemurunner: avoid leaking server_socket +- ref-manual: add clarification for :term:`SRCREV` +- ref-manual: classes.rst: fix typo +- rootfs-postcommands.bbclass: add post func remove_unused_dnf_log_lock +- rpcsvc-proto: Upgrade to 1.4.4 +- rpm: drop unused 0001-Rip-out-partial-support-for-unused-MD2-and-RIPEMD160.patch +- rpm: Upgrade to 4.18.1 +- rpm: write macros under libdir +- runqemu-gen-tapdevs: Refactoring +- runqemu-ifupdown/get-tapdevs: Add support for ip tuntap +- scripts/runqemu: allocate unfsd ports in a way that doesn't race or clash with unrelated processes +- scripts/runqemu: split lock dir creation into a reusable function +- scripts: fix buildstats diff/summary hard bound to host python3 +- sdk.py: error out when moving file fails +- sdk.py: fix moving dnf contents +- selftest/license: Exclude from world +- selftest/reproducible: Allow native/cross reuse in test +- serf: Upgrade to 1.3.10 +- staging.bbclass: do not add extend_recipe_sysroot to prefuncs of prepare_recipe_sysroot +- strace: Disable failing test +- strace: Merge two similar patches +- strace: Update patches/tests with upstream fixes +- sysfsutils: fetch a supported fork from github +- systemd-systemctl: support instance expansion in WantedBy +- systemd: Drop a backport +- tiff: Remove unused patch from tiff +- uninative: Upgrade to 3.10 to support gcc 13 +- uninative: Upgrade to 4.0 to include latest gcc 13.1.1 +- unzip: fix configure check for cross compilation +- unzip: remove hardcoded LARGE_FILE_SUPPORT +- useradd-example: package typo correction +- useradd-staticids.bbclass: improve error message +- v86d: Improve kernel dependency +- vim: Upgrade to 9.0.1527 +- weston-init: add profile to point users to global socket +- weston-init: add the weston user to the wayland group +- weston-init: add weston user to the render group +- weston-init: fix the mixed indentation +- weston-init: guard against systemd configs +- weston-init: make sure the render group exists +- wget: Upgrade to 1.21.4 +- wireless-regdb: Upgrade to 2023.05.03 +- xdpyinfo: Upgrade to 1.3.4 +- xf86-video-intel: Use the HTTPS protocol to fetch the Git repositories +- xinput: upgrade to v1.6.4 +- xwininfo: upgrade to v1.1.6 +- xz: Upgrade to 5.4.3 +- yocto-bsps: update to v5.15.106 +- zip: fix configure check by using _Static_assert +- zip: remove unnecessary LARGE_FILE_SUPPORT CLFAGS + + +Known Issues in Yocto-4.2.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.2.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alberto Planas +- Alejandro Hernandez Samaniego +- Alexander Kanavin +- Andrej Valek +- Andrew Jeffery +- Anuj Mittal +- Archana Polampalli +- BELOUARGA Mohamed +- Bruce Ashfield +- Changqing Li +- Charlie Wu +- Chen Qi +- Chi Xu +- Daniel Ammann +- Deepthi Hemraj +- Denys Dmytriyenko +- Dmitry Baryshkov +- Ed Beroset +- Eero Aaltonen +- Fabien Mahot +- Frieder Paape +- Frieder Schrempf +- Hannu Lounento +- Ian Ray +- Jermain Horsman +- Jörg Sommer +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Lorenzo Arena +- Marc Ferland +- Markus Volk +- Martin Jansa +- Michael Halstead +- Mikko Rapeli +- Mingli Yu +- Natasha Bailey +- Nikhil R +- Pablo Saavedra +- Paul Gortmaker +- Pavel Zhukov +- Peter Kjellerstedt +- Qiu Tingting +- Quentin Schulz +- Randolph Sapp +- Randy MacLeod +- Ranjitsinh Rathod +- Richard Purdie +- Riyaz Khan +- Ross Burton +- Sakib Sajal +- Sanjay Chitroda +- Siddharth Doshi +- Soumya Sambu +- Steve Sakoman +- Sudip Mukherjee +- Sundeep KOKKONDA +- Thomas Roos +- Tim Orling +- Tom Hochstein +- Trevor Gamblin +- Ulrich Ölmann +- Wang Mingyu +- Xiangyu Chen + + +Repositories / Downloads for Yocto-4.2.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`mickledore </poky/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.2 </poky/log/?h=yocto-4.2.2>` +- Git Revision: :yocto_git:`6e17b3e644ca15b8b4afd071ccaa6f172a0e681a </poky/commit/?id=6e17b3e644ca15b8b4afd071ccaa6f172a0e681a>` +- Release Artefact: poky-6e17b3e644ca15b8b4afd071ccaa6f172a0e681a +- sha: c0b4dadcf00b97d866dd4cc2f162474da2c3e3289badaa42a978bff1d479af99 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.2/poky-6e17b3e644ca15b8b4afd071ccaa6f172a0e681a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.2/poky-6e17b3e644ca15b8b4afd071ccaa6f172a0e681a.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`mickledore </openembedded-core/log/?h=mickledore>` +- Tag: :oe_git:`yocto-4.2.2 </openembedded-core/log/?h=yocto-4.2.2>` +- Git Revision: :oe_git:`3ef283e02b0b91daf64c3a589e1f6bb68d4f5aa1 </openembedded-core/commit/?id=3ef283e02b0b91daf64c3a589e1f6bb68d4f5aa1>` +- Release Artefact: oecore-3ef283e02b0b91daf64c3a589e1f6bb68d4f5aa1 +- sha: d2fd127f46e626fa4456c193af3dbd25d4b2565db59bc23be69a3b2dd4febed5 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.2/oecore-3ef283e02b0b91daf64c3a589e1f6bb68d4f5aa1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.2/oecore-3ef283e02b0b91daf64c3a589e1f6bb68d4f5aa1.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`mickledore </meta-mingw/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.2 </meta-mingw/log/?h=yocto-4.2.2>` +- Git Revision: :yocto_git:`4608d0bb7e47c52b8f6e9be259bfb1716fda9fd6 </meta-mingw/commit/?id=4608d0bb7e47c52b8f6e9be259bfb1716fda9fd6>` +- Release Artefact: meta-mingw-4608d0bb7e47c52b8f6e9be259bfb1716fda9fd6 +- sha: fcbae0dedb363477492b86b8f997e06f995793285535b24dc66038845483eeef +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.2/meta-mingw-4608d0bb7e47c52b8f6e9be259bfb1716fda9fd6.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.2/meta-mingw-4608d0bb7e47c52b8f6e9be259bfb1716fda9fd6.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.4 </bitbake/log/?h=2.4>` +- Tag: :oe_git:`yocto-4.2.2 </bitbake/log/?h=yocto-4.2.2>` +- Git Revision: :oe_git:`08033b63ae442c774bd3fce62844eac23e6882d7 </bitbake/commit/?id=08033b63ae442c774bd3fce62844eac23e6882d7>` +- Release Artefact: bitbake-08033b63ae442c774bd3fce62844eac23e6882d7 +- sha: 1d070c133bfb6502ac04befbf082cbfda7582c8b1c48296a788384352e5061fd +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.2/bitbake-08033b63ae442c774bd3fce62844eac23e6882d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.2/bitbake-08033b63ae442c774bd3fce62844eac23e6882d7.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`mickledore </yocto-docs/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.2 </yocto-docs/log/?h=yocto-4.2.2>` +- Git Revision: :yocto_git:`54d849d259a332389beea159d789f8fa92871475 </yocto-docs/commit/?id=54d849d259a332389beea159d789f8fa92871475>` + diff --git a/documentation/migration-guides/release-notes-4.2.3.rst b/documentation/migration-guides/release-notes-4.2.3.rst new file mode 100644 index 0000000000..3b568a1c29 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.2.3.rst @@ -0,0 +1,263 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.2.3 (Mickledore) +------------------------------------------ + +Security Fixes in Yocto-4.2.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-2828` and :cve:`2023-2911` +- cups: Fix :cve:`2023-34241` +- dmidecode: Fix :cve:`2023-30630` +- erofs-utils: Fix :cve:`2023-33551` and :cve:`2023-33552` +- ghostscript: Fix :cve:`2023-36664` +- go: Fix :cve_mitre:`2023-24531` +- libarchive: ignore :cve:`2023-30571` +- libjpeg-turbo: Fix :cve:`2023-2804` +- libx11: Fix :cve:`2023-3138` +- ncurses: Fix :cve:`2023-29491` +- openssh: Fix :cve:`2023-38408` +- python3-certifi: Fix :cve:`2023-37920` +- python3-requests: Fix :cve:`2023-32681` +- python3: Ignore :cve:`2023-36632` +- qemu: fix :cve:`2023-0330`, :cve_mitre:`2023-2861`, :cve_mitre:`2023-3255` and :cve_mitre:`2023-3301` +- ruby: Fix :cve:`2023-36617` +- vim: Fix :cve:`2023-2609` and :cve:`2023-2610` +- webkitgtk: Fix :cve:`2023-27932` and :cve:`2023-27954` + + +Fixes in Yocto-4.2.3 +~~~~~~~~~~~~~~~~~~~~ + +- acpica: Update :term:`SRC_URI` +- automake: fix buildtest patch +- baremetal-helloworld: Fix race condition +- bind: upgrade to v9.18.17 +- binutils: stable 2.40 branch updates +- build-appliance-image: Update to mickledore head revision +- cargo.bbclass: set up cargo environment in common do_compile +- conf.py: add macro for Mitre CVE links +- curl: ensure all ptest failures are caught +- cve-update-nvd2-native: actually use API keys +- cve-update-nvd2-native: fix cvssV3 metrics +- cve-update-nvd2-native: handle all configuration nodes, not just first +- cve-update-nvd2-native: increase retry count +- cve-update-nvd2-native: log a little more +- cve-update-nvd2-native: retry all errors and sleep between retries +- cve-update-nvd2-native: use exact times, don't truncate +- dev-manual: wic.rst: Update native tools build command +- devtool/upgrade: raise an error if extracting source produces more than one directory +- diffutils: upgrade to 3.10 +- docs: ref-manual: terms: fix typos in :term:`SPDX` term +- file: fix the way path is written to environment-setup.d +- file: return wrapper to fix builds when file is in buildtools-tarball +- freetype: upgrade to 2.13.1 +- gcc-testsuite: Fix ppc cpu specification +- gcc: don't pass --enable-standard-branch-protection +- glibc-locale: use stricter matching for metapackages' runtime dependencies +- glibc-testsuite: Fix network restrictions causing test failures +- glibc/check-test-wrapper: don't emit warnings from ssh +- go: upgrade to 1.20.6 +- gstreamer1.0: upgrade to 1.22.4 +- ifupdown: install missing directories +- kernel-module-split add systemd modulesloaddir and modprobedir config +- kernel-module-split: install config modules directories only when they are needed +- kernel-module-split: make autoload and probeconf distribution specific +- kernel-module-split: use context manager to open files +- kernel: Fix path comparison in kernel staging dir symlinking +- kernel: config modules directories are handled by kernel-module-split +- kernel: don't fail if Modules.symvers doesn't exist +- libassuan: upgrade to 2.5.6 +- libksba: upgrade to 1.6.4 +- libnss-nis: upgrade to 3.2 +- libproxy: fetch from git +- libwebp: upgrade to 1.3.1 +- libx11: upgrade to 1.8.6 +- libxcrypt: fix hard-coded ".so" extension +- linux-firmware : Add firmware of RTL8822 serie +- linux-firmware: Fix mediatek mt7601u firmware path +- linux-firmware: package firmare for Dragonboard 410c +- linux-firmware: split platform-specific Adreno shaders to separate packages +- linux-firmware: upgrade to 20230625 +- linux-yocto/5.15: update to v5.15.124 +- linux-yocto/6.1: cfg: update ima.cfg to match current meta-integrity +- linux-yocto/6.1: upgrade to v6.1.38 +- ltp: Add kernel loopback module dependency +- ltp: add :term:`RDEPENDS` on findutils +- lttng-ust: upgrade to 2.13.6 +- machine/arch-arm64: add -mbranch-protection=standard +- maintainers.inc: Modify email address +- mdadm: add util-linux-blockdev ptest dependency +- mdadm: fix 07revert-inplace ptest +- mdadm: fix segfaults when running ptests +- mdadm: fix util-linux ptest dependency +- mdadm: re-add mdadm-ptest to PTESTS_SLOW +- mdadm: skip running known broken ptests +- meson.bbclass: Point to llvm-config from native sysroot +- migration-guides: add release notes for 4.0.10 +- migration-guides: add release notes for 4.0.11 +- migration-guides: add release notes for 4.2.2 +- oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case +- oeqa/runtime/ltp: Increase ltp test output timeout +- oeqa/selftest/devtool: add unit test for "devtool add -b" +- oeqa/ssh: Further improve process exit handling +- oeqa/target/ssh: Ensure EAGAIN doesn't truncate output +- oeqa/utils/nfs: allow requesting non-udp ports +- openssh: upgrade to 9.3p2 +- openssl: add PERLEXTERNAL path to test its existence +- openssl: use a glob on the PERLEXTERNAL to track updates on the path +- opkg-utils: upgrade to 0.6.2 +- opkg: upgrade to 0.6.2 +- pkgconf: update :term:`SRC_URI` +- poky.conf: bump version for 4.2.3 release +- poky.conf: update :term:`SANITY_TESTED_DISTROS` to match autobuilder +- ptest-runner: Pull in parallel test fixes and output handling +- python3-certifi: upgrade to 2023.7.22 +- python3: fix missing comma in get_module_deps3.py +- recipetool: Fix inherit in created -native* recipes +- ref-manual: LTS releases now supported for 4 years +- ref-manual: document image-specific variant of :term:`INCOMPATIBLE_LICENSE` +- ref-manual: releases.svg: updates +- resulttool/resultutils: allow index generation despite corrupt json +- rootfs-postcommands.bbclass: Revert "add post func remove_unused_dnf_log_lock" +- rootfs: Add debugfs package db file copy and cleanup +- rootfs_rpm: don't depend on opkg-native for update-alternatives +- rpm: Pick debugfs package db files/dirs explicitly +- rust-common.bbclass: move musl-specific linking fix from rust-source.inc +- scripts/oe-setup-builddir: copy conf-notes.txt to build dir +- scripts/resulttool: add mention about new detected tests +- selftest/cases/glibc.py: fix the override syntax +- selftest/cases/glibc.py: increase the memory for testing +- selftest/cases/glibc.py: switch to using NFS over TCP +- shadow-sysroot: add license information +- systemd-systemctl: fix errors in instance name expansion +- taglib: upgrade to 1.13.1 +- target/ssh: Ensure exit code set for commands +- tcf-agent: upgrade to 1.8.0 +- testimage/oeqa: Drop testimage_dump_host functionality +- tiff: upgrade to 4.5.1 +- uboot-extlinux-config.bbclass: fix old override syntax in comment +- util-linux: add alternative links for ipcs,ipcrm +- vim: upgrade to 9.0.1592 +- webkitgtk: upgrade to 2.38.6 +- weston: Cleanup and fix x11 and xwayland dependencies + + +Known Issues in Yocto-4.2.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.2.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alex Kiernan +- Alexander Kanavin +- Alexis Lothoré +- Andrej Valek +- Anuj Mittal +- Archana Polampalli +- BELOUARGA Mohamed +- Benjamin Bouvier +- Bruce Ashfield +- Changqing Li +- Chen Qi +- Daniel Semkowicz +- Dmitry Baryshkov +- Enrico Scholz +- Etienne Cordonnier +- Joe Slater +- Joel Stanley +- Jose Quaresma +- Julien Stephan +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Marek Vasut +- Mark Hatle +- Michael Halstead +- Michael Opdenacker +- Mingli Yu +- Narpat Mali +- Oleksandr Hnatiuk +- Ovidiu Panait +- Peter Marko +- Quentin Schulz +- Richard Purdie +- Ross Burton +- Sanjana +- Sakib Sajal +- Staffan Rydén +- Steve Sakoman +- Stéphane Veyret +- Sudip Mukherjee +- Thomas Roos +- Tom Hochstein +- Trevor Gamblin +- Wang Mingyu +- Yi Zhao +- Yoann Congal +- Yogita Urade +- Yuta Hayama + + +Repositories / Downloads for Yocto-4.2.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`mickledore </poky/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.3 </poky/log/?h=yocto-4.2.3>` +- Git Revision: :yocto_git:`aa63b25cbe25d89ab07ca11ee72c17cab68df8de </poky/commit/?id=aa63b25cbe25d89ab07ca11ee72c17cab68df8de>` +- Release Artefact: poky-aa63b25cbe25d89ab07ca11ee72c17cab68df8de +- sha: 9e2b40fc25f7984b3227126ec9b8aa68d3747c8821fb7bf8cb635fc143f894c3 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/poky-aa63b25cbe25d89ab07ca11ee72c17cab68df8de.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/poky-aa63b25cbe25d89ab07ca11ee72c17cab68df8de.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`mickledore </openembedded-core/log/?h=mickledore>` +- Tag: :oe_git:`yocto-4.2.3 </openembedded-core/log/?h=yocto-4.2.3>` +- Git Revision: :oe_git:`7e3489c0c5970389c8a239dc7b367bcadf554eb5 </openembedded-core/commit/?id=7e3489c0c5970389c8a239dc7b367bcadf554eb5>` +- Release Artefact: oecore-7e3489c0c5970389c8a239dc7b367bcadf554eb5 +- sha: 68620aca7c9db6b9a65d9853cacff4e60578f0df39e3e37114e062e1667ba724 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/oecore-7e3489c0c5970389c8a239dc7b367bcadf554eb5.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/oecore-7e3489c0c5970389c8a239dc7b367bcadf554eb5.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`mickledore </meta-mingw/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.3 </meta-mingw/log/?h=yocto-4.2.3>` +- Git Revision: :yocto_git:`92258028e1b5664a9f832541d5c4f6de0bd05e07 </meta-mingw/commit/?id=92258028e1b5664a9f832541d5c4f6de0bd05e07>` +- Release Artefact: meta-mingw-92258028e1b5664a9f832541d5c4f6de0bd05e07 +- sha: ee081460b5dff4fb8dd4869ce5631718dbaaffbede9532b879b854c18f1b3f5d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/meta-mingw-92258028e1b5664a9f832541d5c4f6de0bd05e07.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/meta-mingw-92258028e1b5664a9f832541d5c4f6de0bd05e07.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.4 </bitbake/log/?h=2.4>` +- Tag: :oe_git:`yocto-4.2.3 </bitbake/log/?h=yocto-4.2.3>` +- Git Revision: :oe_git:`08033b63ae442c774bd3fce62844eac23e6882d7 </bitbake/commit/?id=08033b63ae442c774bd3fce62844eac23e6882d7>` +- Release Artefact: bitbake-08033b63ae442c774bd3fce62844eac23e6882d7 +- sha: 1d070c133bfb6502ac04befbf082cbfda7582c8b1c48296a788384352e5061fd +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.3/bitbake-08033b63ae442c774bd3fce62844eac23e6882d7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.3/bitbake-08033b63ae442c774bd3fce62844eac23e6882d7.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`mickledore </yocto-docs/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.3 </yocto-docs/log/?h=yocto-4.2.3>` +- Git Revision: :yocto_git:`8e6752a9e55d16f3713e248b37f9d4d2745a2375 </yocto-docs/commit/?id=8e6752a9e55d16f3713e248b37f9d4d2745a2375>` + diff --git a/documentation/migration-guides/release-notes-4.2.4.rst b/documentation/migration-guides/release-notes-4.2.4.rst new file mode 100644 index 0000000000..3c20140e29 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.2.4.rst @@ -0,0 +1,364 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.2.4 (Mickledore) +------------------------------------------ + +Security Fixes in Yocto-4.2.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-3341` and :cve:`2023-4236` +- binutils: Fix :cve:`2023-39128` +- cups: fix :cve:`2023-4504` +- curl: Fix :cve:`2023-28320`, :cve:`2023-32001`, :cve:`2023-38039`, :cve:`2023-38545` and :cve:`2023-38546` +- dmidecode: fix for :cve:`2023-30630` +- dropbear: fix :cve:`2023-36328` +- ffmpeg: Ignore :cve:`2023-39018` +- gcc: Fix :cve:`2023-4039` +- gdb: Fix :cve:`2023-39128` +- ghostscript: Fix :cve:`2023-38559` and :cve:`2023-43115` +- glibc: Fix :cve:`2023-4527` and :cve:`2023-4806` +- go: Fix :cve:`2023-29409` and :cve:`2023-39533` +- grub: Fix :cve:`2023-4692` and :cve:`2023-4693` +- gstreamer: Fix :cve_mitre:`2023-40474`, :cve_mitre:`2023-40475` and :cve_mitre:`2023-40476` +- inetutils: fix :cve:`2023-40303` +- librsvg: Fix :cve:`2023-38633` +- libssh2: Fix :cve:`2020-22218` +- libwebp: Fix :cve:`2023-4863` and :cve:`2023-5129` +- libx11: Fix :cve:`2023-43785`, :cve:`2023-43786` and :cve:`2023-43787` +- libxpm: Fix :cve:`2023-43788` and :cve:`2023-43789` +- linux-yocto/6.1: Ignore :cve:`2003-1604`, :cve:`2004-0230`, :cve:`2006-3635`, :cve:`2006-5331`, :cve:`2006-6128`, :cve:`2007-4774`, :cve:`2007-6761`, :cve:`2007-6762`, :cve:`2008-7316`, :cve:`2009-2692`, :cve:`2010-0008`, :cve:`2010-3432`, :cve:`2010-4648`, :cve:`2010-5313`, :cve:`2010-5328`, :cve:`2010-5329`, :cve:`2010-5331`, :cve:`2010-5332`, :cve:`2011-4098`, :cve:`2011-4131`, :cve:`2011-4915`, :cve:`2011-5321`, :cve:`2011-5327`, :cve:`2012-0957`, :cve:`2012-2119`, :cve:`2012-2136`, :cve:`2012-2137`, :cve:`2012-2313`, :cve:`2012-2319`, :cve:`2012-2372`, :cve:`2012-2375`, :cve:`2012-2390`, :cve:`2012-2669`, :cve:`2012-2744`, :cve:`2012-2745`, :cve:`2012-3364`, :cve:`2012-3375`, :cve:`2012-3400`, :cve:`2012-3412`, :cve:`2012-3430`, :cve:`2012-3510`, :cve:`2012-3511`, :cve:`2012-3520`, :cve:`2012-3552`, :cve:`2012-4398`, :cve:`2012-4444`, :cve:`2012-4461`, :cve:`2012-4467`, :cve:`2012-4508`, :cve:`2012-4530`, :cve:`2012-4565`, :cve:`2012-5374`, :cve:`2012-5375`, :cve:`2012-5517`, :cve:`2012-6536`, :cve:`2012-6537`, :cve:`2012-6538`, :cve:`2012-6539`, :cve:`2012-6540`, :cve:`2012-6541`, :cve:`2012-6542`, :cve:`2012-6543`, :cve:`2012-6544`, :cve:`2012-6545`, :cve:`2012-6546`, :cve:`2012-6547`, :cve:`2012-6548`, :cve:`2012-6549`, :cve:`2012-6638`, :cve:`2012-6647`, :cve:`2012-6657`, :cve:`2012-6689`, :cve:`2012-6701`, :cve:`2012-6703`, :cve:`2012-6704`, :cve:`2012-6712`, :cve:`2013-0160`, :cve:`2013-0190`, :cve:`2013-0216`, :cve:`2013-0217`, :cve:`2013-0228`, :cve:`2013-0231`, :cve:`2013-0268`, :cve:`2013-0290`, :cve:`2013-0309`, :cve:`2013-0310`, :cve:`2013-0311`, :cve:`2013-0313`, :cve:`2013-0343`, :cve:`2013-0349`, :cve:`2013-0871`, :cve:`2013-0913`, :cve:`2013-0914`, :cve:`2013-1059`, :cve:`2013-1763`, :cve:`2013-1767`, :cve:`2013-1772`, :cve:`2013-1773`, :cve:`2013-1774`, :cve:`2013-1792`, :cve:`2013-1796`, :cve:`2013-1797`, :cve:`2013-1798`, :cve:`2013-1819`, :cve:`2013-1826`, :cve:`2013-1827`, :cve:`2013-1828`, :cve:`2013-1848`, :cve:`2013-1858`, :cve:`2013-1860`, :cve:`2013-1928`, :cve:`2013-1929`, :cve:`2013-1943`, :cve:`2013-1956`, :cve:`2013-1957`, :cve:`2013-1958`, :cve:`2013-1959`, :cve:`2013-1979`, :cve:`2013-2015`, :cve:`2013-2017`, :cve:`2013-2058`, :cve:`2013-2094`, :cve:`2013-2128`, :cve:`2013-2140`, :cve:`2013-2141`, :cve:`2013-2146`, :cve:`2013-2147`, :cve:`2013-2148`, :cve:`2013-2164`, :cve:`2013-2206`, :cve:`2013-2232`, :cve:`2013-2234`, :cve:`2013-2237`, :cve:`2013-2546`, :cve:`2013-2547`, :cve:`2013-2548`, :cve:`2013-2596`, :cve:`2013-2634`, :cve:`2013-2635`, :cve:`2013-2636`, :cve:`2013-2850`, :cve:`2013-2851`, :cve:`2013-2852`, :cve:`2013-2888`, :cve:`2013-2889`, :cve:`2013-2890`, :cve:`2013-2891`, :cve:`2013-2892`, :cve:`2013-2893`, :cve:`2013-2894`, :cve:`2013-2895`, :cve:`2013-2896`, :cve:`2013-2897`, :cve:`2013-2898`, :cve:`2013-2899`, :cve:`2013-2929`, :cve:`2013-2930`, :cve:`2013-3076`, :cve:`2013-3222`, :cve:`2013-3223`, :cve:`2013-3224`, :cve:`2013-3225`, :cve:`2013-3226`, :cve:`2013-3227`, :cve:`2013-3228`, :cve:`2013-3229`, :cve:`2013-3230`, :cve:`2013-3231`, :cve:`2013-3232`, :cve:`2013-3233`, :cve:`2013-3234`, :cve:`2013-3235`, :cve:`2013-3236`, :cve:`2013-3237`, :cve:`2013-3301`, :cve:`2013-3302`, :cve:`2013-4125`, :cve:`2013-4127`, :cve:`2013-4129`, :cve:`2013-4162`, :cve:`2013-4163`, :cve:`2013-4205`, :cve:`2013-4220`, :cve:`2013-4247`, :cve:`2013-4254`, :cve:`2013-4270`, :cve:`2013-4299`, :cve:`2013-4300`, :cve:`2013-4312`, :cve:`2013-4343`, :cve:`2013-4345`, :cve:`2013-4348`, :cve:`2013-4350`, :cve:`2013-4387`, :cve:`2013-4470`, :cve:`2013-4483`, :cve:`2013-4511`, :cve:`2013-4512`, :cve:`2013-4513`, :cve:`2013-4514`, :cve:`2013-4515`, :cve:`2013-4516`, :cve:`2013-4563`, :cve:`2013-4579`, :cve:`2013-4587`, :cve:`2013-4588`, :cve:`2013-4591`, :cve:`2013-4592`, :cve:`2013-5634`, :cve:`2013-6282`, :cve:`2013-6367`, :cve:`2013-6368`, :cve:`2013-6376`, :cve:`2013-6378`, :cve:`2013-6380`, :cve:`2013-6381`, :cve:`2013-6382`, :cve:`2013-6383`, :cve:`2013-6431`, :cve:`2013-6432`, :cve:`2013-6885`, :cve:`2013-7026`, :cve:`2013-7027`, :cve:`2013-7263`, :cve:`2013-7264`, :cve:`2013-7265`, :cve:`2013-7266`, :cve:`2013-7267`, :cve:`2013-7268`, :cve:`2013-7269`, :cve:`2013-7270`, :cve:`2013-7271`, :cve:`2013-7281`, :cve:`2013-7339`, :cve:`2013-7348`, :cve:`2013-7421`, :cve:`2013-7446`, :cve:`2013-7470`, :cve:`2014-0038`, :cve:`2014-0049`, :cve:`2014-0055`, :cve:`2014-0069`, :cve:`2014-0077`, :cve:`2014-0100`, :cve:`2014-0101`, :cve:`2014-0102`, :cve:`2014-0131`, :cve:`2014-0155`, :cve:`2014-0181`, :cve:`2014-0196`, :cve:`2014-0203`, :cve:`2014-0205`, :cve:`2014-0206`, :cve:`2014-1438`, :cve:`2014-1444`, :cve:`2014-1445`, :cve:`2014-1446`, :cve:`2014-1690`, :cve:`2014-1737`, :cve:`2014-1738`, :cve:`2014-1739`, :cve:`2014-1874`, :cve:`2014-2038`, :cve:`2014-2039`, :cve:`2014-2309`, :cve:`2014-2523`, :cve:`2014-2568`, :cve:`2014-2580`, :cve:`2014-2672`, :cve:`2014-2673`, :cve:`2014-2678`, :cve:`2014-2706`, :cve:`2014-2739`, :cve:`2014-2851`, :cve:`2014-2889`, :cve:`2014-3122`, :cve:`2014-3144`, :cve:`2014-3145`, :cve:`2014-3153`, :cve:`2014-3180`, :cve:`2014-3181`, :cve:`2014-3182`, :cve:`2014-3183`, :cve:`2014-3184`, :cve:`2014-3185`, :cve:`2014-3186`, :cve:`2014-3534`, :cve:`2014-3535`, :cve:`2014-3601`, :cve:`2014-3610`, :cve:`2014-3611`, :cve:`2014-3631`, :cve:`2014-3645`, :cve:`2014-3646`, :cve:`2014-3647`, :cve:`2014-3673`, :cve:`2014-3687`, :cve:`2014-3688`, :cve:`2014-3690`, :cve:`2014-3917`, :cve:`2014-3940`, :cve:`2014-4014`, :cve:`2014-4027`, :cve:`2014-4157`, :cve:`2014-4171`, :cve:`2014-4508`, :cve:`2014-4608`, :cve:`2014-4611`, :cve:`2014-4652`, :cve:`2014-4653`, :cve:`2014-4654`, :cve:`2014-4655`, :cve:`2014-4656`, :cve:`2014-4667`, :cve:`2014-4699`, :cve:`2014-4943`, :cve:`2014-5045`, :cve:`2014-5077`, :cve:`2014-5206`, :cve:`2014-5207`, :cve:`2014-5471`, :cve:`2014-5472`, :cve:`2014-6410`, :cve:`2014-6416`, :cve:`2014-6417`, :cve:`2014-6418`, :cve:`2014-7145`, :cve:`2014-7283`, :cve:`2014-7284`, :cve:`2014-7822`, :cve:`2014-7825`, :cve:`2014-7826`, :cve:`2014-7841`, :cve:`2014-7842`, :cve:`2014-7843`, :cve:`2014-7970`, :cve:`2014-7975`, :cve:`2014-8086`, :cve:`2014-8133`, :cve:`2014-8134`, :cve:`2014-8159`, :cve:`2014-8160`, :cve:`2014-8171`, :cve:`2014-8172`, :cve:`2014-8173`, :cve:`2014-8369`, :cve:`2014-8480`, :cve:`2014-8481`, :cve:`2014-8559`, :cve:`2014-8709`, :cve:`2014-8884`, :cve:`2014-8989`, :cve:`2014-9090`, :cve:`2014-9322`, :cve:`2014-9419`, :cve:`2014-9420`, :cve:`2014-9428`, :cve:`2014-9529`, :cve:`2014-9584`, :cve:`2014-9585`, :cve:`2014-9644`, :cve:`2014-9683`, :cve:`2014-9710`, :cve:`2014-9715`, :cve:`2014-9717`, :cve:`2014-9728`, :cve:`2014-9729`, :cve:`2014-9730`, :cve:`2014-9731`, :cve:`2014-9803`, :cve:`2014-9870`, :cve:`2014-9888`, :cve:`2014-9895`, :cve:`2014-9903`, :cve:`2014-9904`, :cve:`2014-9914`, :cve:`2014-9922`, :cve:`2014-9940`, :cve:`2015-0239`, :cve:`2015-0274`, :cve:`2015-0275`, :cve:`2015-1333`, :cve:`2015-1339`, :cve:`2015-1350`, :cve:`2015-1420`, :cve:`2015-1421`, :cve:`2015-1465`, :cve:`2015-1573`, :cve:`2015-1593`, :cve:`2015-1805`, :cve:`2015-2041`, :cve:`2015-2042`, :cve:`2015-2150`, :cve:`2015-2666`, :cve:`2015-2672`, :cve:`2015-2686`, :cve:`2015-2830`, :cve:`2015-2922`, :cve:`2015-2925`, :cve:`2015-3212`, :cve:`2015-3214`, :cve:`2015-3288`, :cve:`2015-3290`, :cve:`2015-3291`, :cve:`2015-3331`, :cve:`2015-3339`, :cve:`2015-3636`, :cve:`2015-4001`, :cve:`2015-4002`, :cve:`2015-4003`, :cve:`2015-4004`, :cve:`2015-4036`, :cve:`2015-4167`, :cve:`2015-4170`, :cve:`2015-4176`, :cve:`2015-4177`, :cve:`2015-4178`, :cve:`2015-4692`, :cve:`2015-4700`, :cve:`2015-5156`, :cve:`2015-5157`, :cve:`2015-5257`, :cve:`2015-5283`, :cve:`2015-5307`, :cve:`2015-5327`, :cve:`2015-5364`, :cve:`2015-5366`, :cve:`2015-5697`, :cve:`2015-5706`, :cve:`2015-5707`, :cve:`2015-6252`, :cve:`2015-6526`, :cve:`2015-6937`, :cve:`2015-7509`, :cve:`2015-7513`, :cve:`2015-7515`, :cve:`2015-7550`, :cve:`2015-7566`, :cve:`2015-7613`, :cve:`2015-7799`, :cve:`2015-7833`, :cve:`2015-7872`, :cve:`2015-7884`, :cve:`2015-7885`, :cve:`2015-7990`, :cve:`2015-8104`, :cve:`2015-8215`, :cve:`2015-8324`, :cve:`2015-8374`, :cve:`2015-8539`, :cve:`2015-8543`, :cve:`2015-8550`, :cve:`2015-8551`, :cve:`2015-8552`, :cve:`2015-8553`, :cve:`2015-8569`, :cve:`2015-8575`, :cve:`2015-8660`, :cve:`2015-8709`, :cve:`2015-8746`, :cve:`2015-8767`, :cve:`2015-8785`, :cve:`2015-8787`, :cve:`2015-8812`, :cve:`2015-8816`, :cve:`2015-8830`, :cve:`2015-8839`, :cve:`2015-8844`, :cve:`2015-8845`, :cve:`2015-8950`, :cve:`2015-8952`, :cve:`2015-8953`, :cve:`2015-8955`, :cve:`2015-8956`, :cve:`2015-8961`, :cve:`2015-8962`, :cve:`2015-8963`, :cve:`2015-8964`, :cve:`2015-8966`, :cve:`2015-8967`, :cve:`2015-8970`, :cve:`2015-9004`, :cve:`2015-9016`, :cve:`2015-9289`, :cve:`2016-0617`, :cve:`2016-0723`, :cve:`2016-0728`, :cve:`2016-0758`, :cve:`2016-0821`, :cve:`2016-0823`, :cve:`2016-10044`, :cve:`2016-10088`, :cve:`2016-10147`, :cve:`2016-10150`, :cve:`2016-10153`, :cve:`2016-10154`, :cve:`2016-10200`, :cve:`2016-10208`, :cve:`2016-10229`, :cve:`2016-10318`, :cve:`2016-10723`, :cve:`2016-10741`, :cve:`2016-10764`, :cve:`2016-10905`, :cve:`2016-10906`, :cve:`2016-10907`, :cve:`2016-1237`, :cve:`2016-1575`, :cve:`2016-1576`, :cve:`2016-1583`, :cve:`2016-2053`, :cve:`2016-2069`, :cve:`2016-2070`, :cve:`2016-2085`, :cve:`2016-2117`, :cve:`2016-2143`, :cve:`2016-2184`, :cve:`2016-2185`, :cve:`2016-2186`, :cve:`2016-2187`, :cve:`2016-2188`, :cve:`2016-2383`, :cve:`2016-2384`, :cve:`2016-2543`, :cve:`2016-2544`, :cve:`2016-2545`, :cve:`2016-2546`, :cve:`2016-2547`, :cve:`2016-2548`, :cve:`2016-2549`, :cve:`2016-2550`, :cve:`2016-2782`, :cve:`2016-2847`, :cve:`2016-3044`, :cve:`2016-3070`, :cve:`2016-3134`, :cve:`2016-3135`, :cve:`2016-3136`, :cve:`2016-3137`, :cve:`2016-3138`, :cve:`2016-3139`, :cve:`2016-3140`, :cve:`2016-3156`, :cve:`2016-3157`, :cve:`2016-3672`, :cve:`2016-3689`, :cve:`2016-3713`, :cve:`2016-3841`, :cve:`2016-3857`, :cve:`2016-3951`, :cve:`2016-3955`, :cve:`2016-3961`, :cve:`2016-4440`, :cve:`2016-4470`, :cve:`2016-4482`, :cve:`2016-4485`, :cve:`2016-4486`, :cve:`2016-4557`, :cve:`2016-4558`, :cve:`2016-4565`, :cve:`2016-4568`, :cve:`2016-4569`, :cve:`2016-4578`, :cve:`2016-4580`, :cve:`2016-4581`, :cve:`2016-4794`, :cve:`2016-4805`, :cve:`2016-4913`, :cve:`2016-4951`, :cve:`2016-4997`, :cve:`2016-4998`, :cve:`2016-5195`, :cve:`2016-5243`, :cve:`2016-5244`, :cve:`2016-5400`, :cve:`2016-5412`, :cve:`2016-5696`, :cve:`2016-5728`, :cve:`2016-5828`, :cve:`2016-5829`, :cve:`2016-6130`, :cve:`2016-6136`, :cve:`2016-6156`, :cve:`2016-6162`, :cve:`2016-6187`, :cve:`2016-6197`, :cve:`2016-6198`, :cve:`2016-6213`, :cve:`2016-6327`, :cve:`2016-6480`, :cve:`2016-6516`, :cve:`2016-6786`, :cve:`2016-6787`, :cve:`2016-6828`, :cve:`2016-7039`, :cve:`2016-7042`, :cve:`2016-7097`, :cve:`2016-7117`, :cve:`2016-7425`, :cve:`2016-7910`, :cve:`2016-7911`, :cve:`2016-7912`, :cve:`2016-7913`, :cve:`2016-7914`, :cve:`2016-7915`, :cve:`2016-7916`, :cve:`2016-7917`, :cve:`2016-8399`, :cve:`2016-8405`, :cve:`2016-8630`, :cve:`2016-8632`, :cve:`2016-8633`, :cve:`2016-8636`, :cve:`2016-8645`, :cve:`2016-8646`, :cve:`2016-8650`, :cve:`2016-8655`, :cve:`2016-8658`, :cve:`2016-8666`, :cve:`2016-9083`, :cve:`2016-9084`, :cve:`2016-9120`, :cve:`2016-9178`, :cve:`2016-9191`, :cve:`2016-9313`, :cve:`2016-9555`, :cve:`2016-9576`, :cve:`2016-9588`, :cve:`2016-9604`, :cve:`2016-9685`, :cve:`2016-9754`, :cve:`2016-9755`, :cve:`2016-9756`, :cve:`2016-9777`, :cve:`2016-9793`, :cve:`2016-9794`, :cve:`2016-9806`, :cve:`2016-9919`, :cve:`2017-0605`, :cve:`2017-0627`, :cve:`2017-0750`, :cve:`2017-0786`, :cve:`2017-0861`, :cve:`2017-1000`, :cve:`2017-1000111`, :cve:`2017-1000112`, :cve:`2017-1000251`, :cve:`2017-1000252`, :cve:`2017-1000253`, :cve:`2017-1000255`, :cve:`2017-1000363`, :cve:`2017-1000364`, :cve:`2017-1000365`, :cve:`2017-1000370`, :cve:`2017-1000371`, :cve:`2017-1000379`, :cve:`2017-1000380`, :cve:`2017-1000405`, :cve:`2017-1000407`, :cve:`2017-1000410`, :cve:`2017-10661`, :cve:`2017-10662`, :cve:`2017-10663`, :cve:`2017-10810`, :cve:`2017-10911`, :cve:`2017-11089`, :cve:`2017-11176`, :cve:`2017-11472`, :cve:`2017-11473`, :cve:`2017-11600`, :cve:`2017-12134`, :cve:`2017-12146`, :cve:`2017-12153`, :cve:`2017-12154`, :cve:`2017-12168`, :cve:`2017-12188`, :cve:`2017-12190`, :cve:`2017-12192`, :cve:`2017-12193`, :cve:`2017-12762`, :cve:`2017-13080`, :cve:`2017-13166`, :cve:`2017-13167`, :cve:`2017-13168`, :cve:`2017-13215`, :cve:`2017-13216`, :cve:`2017-13220`, :cve:`2017-13305`, :cve:`2017-13686`, :cve:`2017-13695`, :cve:`2017-13715`, :cve:`2017-14051`, :cve:`2017-14106`, :cve:`2017-14140`, :cve:`2017-14156`, :cve:`2017-14340`, :cve:`2017-14489`, :cve:`2017-14497`, :cve:`2017-14954`, :cve:`2017-14991`, :cve:`2017-15102`, :cve:`2017-15115`, :cve:`2017-15116`, :cve:`2017-15121`, :cve:`2017-15126`, :cve:`2017-15127`, :cve:`2017-15128`, :cve:`2017-15129`, :cve:`2017-15265`, :cve:`2017-15274`, :cve:`2017-15299`, :cve:`2017-15306`, :cve:`2017-15537`, :cve:`2017-15649`, :cve:`2017-15868`, :cve:`2017-15951`, :cve:`2017-16525`, :cve:`2017-16526`, :cve:`2017-16527`, :cve:`2017-16528`, :cve:`2017-16529`, :cve:`2017-16530`, :cve:`2017-16531`, :cve:`2017-16532`, :cve:`2017-16533`, :cve:`2017-16534`, :cve:`2017-16535`, :cve:`2017-16536`, :cve:`2017-16537`, :cve:`2017-16538`, :cve:`2017-16643`, :cve:`2017-16644`, :cve:`2017-16645`, :cve:`2017-16646`, :cve:`2017-16647`, :cve:`2017-16648`, :cve:`2017-16649`, :cve:`2017-16650`, :cve:`2017-16911`, :cve:`2017-16912`, :cve:`2017-16913`, :cve:`2017-16914`, :cve:`2017-16939`, :cve:`2017-16994`, :cve:`2017-16995`, :cve:`2017-16996`, :cve:`2017-17052`, :cve:`2017-17053`, :cve:`2017-17448`, :cve:`2017-17449`, :cve:`2017-17450`, :cve:`2017-17558`, :cve:`2017-17712`, :cve:`2017-17741`, :cve:`2017-17805`, :cve:`2017-17806`, :cve:`2017-17807`, :cve:`2017-17852`, :cve:`2017-17853`, :cve:`2017-17854`, :cve:`2017-17855`, :cve:`2017-17856`, :cve:`2017-17857`, :cve:`2017-17862`, :cve:`2017-17863`, :cve:`2017-17864`, :cve:`2017-17975`, :cve:`2017-18017`, :cve:`2017-18075`, :cve:`2017-18079`, :cve:`2017-18174`, :cve:`2017-18193`, :cve:`2017-18200`, :cve:`2017-18202`, :cve:`2017-18203`, :cve:`2017-18204`, :cve:`2017-18208`, :cve:`2017-18216`, :cve:`2017-18218`, :cve:`2017-18221`, :cve:`2017-18222`, :cve:`2017-18224`, :cve:`2017-18232`, :cve:`2017-18241`, :cve:`2017-18249`, :cve:`2017-18255`, :cve:`2017-18257`, :cve:`2017-18261`, :cve:`2017-18270`, :cve:`2017-18344`, :cve:`2017-18360`, :cve:`2017-18379`, :cve:`2017-18509`, :cve:`2017-18549`, :cve:`2017-18550`, :cve:`2017-18551`, :cve:`2017-18552`, :cve:`2017-18595`, :cve:`2017-2583`, :cve:`2017-2584`, :cve:`2017-2596`, :cve:`2017-2618`, :cve:`2017-2634`, :cve:`2017-2636`, :cve:`2017-2647`, :cve:`2017-2671`, :cve:`2017-5123`, :cve:`2017-5546`, :cve:`2017-5547`, :cve:`2017-5548`, :cve:`2017-5549`, :cve:`2017-5550`, :cve:`2017-5551`, :cve:`2017-5576`, :cve:`2017-5577`, :cve:`2017-5669`, :cve:`2017-5715`, :cve:`2017-5753`, :cve:`2017-5754`, :cve:`2017-5897`, :cve:`2017-5967`, :cve:`2017-5970`, :cve:`2017-5972`, :cve:`2017-5986`, :cve:`2017-6001`, :cve:`2017-6074`, :cve:`2017-6214`, :cve:`2017-6345`, :cve:`2017-6346`, :cve:`2017-6347`, :cve:`2017-6348`, :cve:`2017-6353`, :cve:`2017-6874`, :cve:`2017-6951`, :cve:`2017-7184`, :cve:`2017-7187`, :cve:`2017-7261`, :cve:`2017-7273`, :cve:`2017-7277`, :cve:`2017-7294`, :cve:`2017-7308`, :cve:`2017-7346`, :cve:`2017-7374`, :cve:`2017-7472`, :cve:`2017-7477`, :cve:`2017-7482`, :cve:`2017-7487`, :cve:`2017-7495`, :cve:`2017-7518`, :cve:`2017-7533`, :cve:`2017-7541`, :cve:`2017-7542`, :cve:`2017-7558`, :cve:`2017-7616`, :cve:`2017-7618`, :cve:`2017-7645`, :cve:`2017-7889`, :cve:`2017-7895`, :cve:`2017-7979`, :cve:`2017-8061`, :cve:`2017-8062`, :cve:`2017-8063`, :cve:`2017-8064`, :cve:`2017-8065`, :cve:`2017-8066`, :cve:`2017-8067`, :cve:`2017-8068`, :cve:`2017-8069`, :cve:`2017-8070`, :cve:`2017-8071`, :cve:`2017-8072`, :cve:`2017-8106`, :cve:`2017-8240`, :cve:`2017-8797`, :cve:`2017-8824`, :cve:`2017-8831`, :cve:`2017-8890`, :cve:`2017-8924`, :cve:`2017-8925`, :cve:`2017-9059`, :cve:`2017-9074`, :cve:`2017-9075`, :cve:`2017-9076`, :cve:`2017-9077`, :cve:`2017-9150`, :cve:`2017-9211`, :cve:`2017-9242`, :cve:`2017-9605`, :cve:`2017-9725`, :cve:`2017-9984`, :cve:`2017-9985`, :cve:`2017-9986`, :cve:`2018-1000004`, :cve:`2018-1000026`, :cve:`2018-1000028`, :cve:`2018-1000199`, :cve:`2018-1000200`, :cve:`2018-1000204`, :cve:`2018-10021`, :cve:`2018-10074`, :cve:`2018-10087`, :cve:`2018-10124`, :cve:`2018-10322`, :cve:`2018-10323`, :cve:`2018-1065`, :cve:`2018-1066`, :cve:`2018-10675`, :cve:`2018-1068`, :cve:`2018-10840`, :cve:`2018-10853`, :cve:`2018-1087`, :cve:`2018-10876`, :cve:`2018-10877`, :cve:`2018-10878`, :cve:`2018-10879`, :cve:`2018-10880`, :cve:`2018-10881`, :cve:`2018-10882`, :cve:`2018-10883`, :cve:`2018-10901`, :cve:`2018-10902`, :cve:`2018-1091`, :cve:`2018-1092`, :cve:`2018-1093`, :cve:`2018-10938`, :cve:`2018-1094`, :cve:`2018-10940`, :cve:`2018-1095`, :cve:`2018-1108`, :cve:`2018-1118`, :cve:`2018-1120`, :cve:`2018-11232`, :cve:`2018-1128`, :cve:`2018-1129`, :cve:`2018-1130`, :cve:`2018-11412`, :cve:`2018-11506`, :cve:`2018-11508`, :cve:`2018-12126`, :cve:`2018-12127`, :cve:`2018-12130`, :cve:`2018-12207`, :cve:`2018-12232`, :cve:`2018-12233`, :cve:`2018-12633`, :cve:`2018-12714`, :cve:`2018-12896`, :cve:`2018-12904`, :cve:`2018-13053`, :cve:`2018-13093`, :cve:`2018-13094`, :cve:`2018-13095`, :cve:`2018-13096`, :cve:`2018-13097`, :cve:`2018-13098`, :cve:`2018-13099`, :cve:`2018-13100`, :cve:`2018-13405`, :cve:`2018-13406`, :cve:`2018-14609`, :cve:`2018-14610`, :cve:`2018-14611`, :cve:`2018-14612`, :cve:`2018-14613`, :cve:`2018-14614`, :cve:`2018-14615`, :cve:`2018-14616`, :cve:`2018-14617`, :cve:`2018-14619`, :cve:`2018-14625`, :cve:`2018-14633`, :cve:`2018-14634`, :cve:`2018-14641`, :cve:`2018-14646`, :cve:`2018-14656`, :cve:`2018-14678`, :cve:`2018-14734`, :cve:`2018-15471`, :cve:`2018-15572`, :cve:`2018-15594`, :cve:`2018-16276`, :cve:`2018-16597`, :cve:`2018-16658`, :cve:`2018-16862`, :cve:`2018-16871`, :cve:`2018-16880`, :cve:`2018-16882`, :cve:`2018-16884`, :cve:`2018-17182`, :cve:`2018-17972`, :cve:`2018-18021`, :cve:`2018-18281`, :cve:`2018-18386`, :cve:`2018-18397`, :cve:`2018-18445`, :cve:`2018-18559`, :cve:`2018-18690`, :cve:`2018-18710`, :cve:`2018-18955`, :cve:`2018-19406`, :cve:`2018-19407`, :cve:`2018-19824`, :cve:`2018-19854`, :cve:`2018-19985`, :cve:`2018-20169`, :cve:`2018-20449`, :cve:`2018-20509`, :cve:`2018-20510`, :cve:`2018-20511`, :cve:`2018-20669`, :cve:`2018-20784`, :cve:`2018-20836`, :cve:`2018-20854`, :cve:`2018-20855`, :cve:`2018-20856`, :cve:`2018-20961`, :cve:`2018-20976`, :cve:`2018-21008`, :cve:`2018-25015`, :cve:`2018-25020`, :cve:`2018-3620`, :cve:`2018-3639`, :cve:`2018-3646`, :cve:`2018-3665`, :cve:`2018-3693`, :cve:`2018-5332`, :cve:`2018-5333`, :cve:`2018-5344`, :cve:`2018-5390`, :cve:`2018-5391`, :cve:`2018-5703`, :cve:`2018-5750`, :cve:`2018-5803`, :cve:`2018-5814`, :cve:`2018-5848`, :cve:`2018-5873`, :cve:`2018-5953`, :cve:`2018-5995`, :cve:`2018-6412`, :cve:`2018-6554`, :cve:`2018-6555`, :cve:`2018-6927`, :cve:`2018-7191`, :cve:`2018-7273`, :cve:`2018-7480`, :cve:`2018-7492`, :cve:`2018-7566`, :cve:`2018-7740`, :cve:`2018-7754`, :cve:`2018-7755`, :cve:`2018-7757`, :cve:`2018-7995`, :cve:`2018-8043`, :cve_mitre:`2018-8087`, :cve_mitre:`2018-8781`, :cve_mitre:`2018-8822`, :cve_mitre:`2018-8897`, :cve_mitre:`2018-9363`, :cve_mitre:`2018-9385`, :cve_mitre:`2018-9415`, :cve_mitre:`2018-9422`, :cve_mitre:`2018-9465`, :cve_mitre:`2018-9516`, :cve_mitre:`2018-9517`, :cve_mitre:`2018-9518` and :cve_mitre:`2018-9568` +- linux-yocto/6.1 (Continued): Ignore :cve:`2019-0136`, :cve:`2019-0145`, :cve:`2019-0146`, :cve:`2019-0147`, :cve:`2019-0148`, :cve:`2019-0149`, :cve:`2019-0154`, :cve:`2019-0155`, :cve:`2019-10124`, :cve:`2019-10125`, :cve:`2019-10126`, :cve:`2019-10142`, :cve:`2019-10207`, :cve:`2019-10220`, :cve:`2019-10638`, :cve:`2019-10639`, :cve:`2019-11085`, :cve:`2019-11091`, :cve:`2019-11135`, :cve:`2019-11190`, :cve:`2019-11191`, :cve:`2019-1125`, :cve:`2019-11477`, :cve:`2019-11478`, :cve:`2019-11479`, :cve:`2019-11486`, :cve:`2019-11487`, :cve:`2019-11599`, :cve:`2019-11683`, :cve:`2019-11810`, :cve:`2019-11811`, :cve:`2019-11815`, :cve:`2019-11833`, :cve:`2019-11884`, :cve:`2019-12378`, :cve:`2019-12379`, :cve:`2019-12380`, :cve:`2019-12381`, :cve:`2019-12382`, :cve:`2019-12454`, :cve:`2019-12455`, :cve:`2019-12614`, :cve:`2019-12615`, :cve:`2019-12817`, :cve:`2019-12818`, :cve:`2019-12819`, :cve:`2019-12881`, :cve:`2019-12984`, :cve:`2019-13233`, :cve:`2019-13272`, :cve:`2019-13631`, :cve:`2019-13648`, :cve:`2019-14283`, :cve:`2019-14284`, :cve:`2019-14615`, :cve:`2019-14763`, :cve:`2019-14814`, :cve:`2019-14815`, :cve:`2019-14816`, :cve:`2019-14821`, :cve:`2019-14835`, :cve:`2019-14895`, :cve:`2019-14896`, :cve:`2019-14897`, :cve:`2019-14901`, :cve:`2019-15030`, :cve:`2019-15031`, :cve:`2019-15090`, :cve:`2019-15098`, :cve:`2019-15099`, :cve:`2019-15117`, :cve:`2019-15118`, :cve:`2019-15211`, :cve:`2019-15212`, :cve:`2019-15213`, :cve:`2019-15214`, :cve:`2019-15215`, :cve:`2019-15216`, :cve:`2019-15217`, :cve:`2019-15218`, :cve:`2019-15219`, :cve:`2019-15220`, :cve:`2019-15221`, :cve:`2019-15222`, :cve:`2019-15223`, :cve:`2019-15291`, :cve:`2019-15292`, :cve:`2019-15504`, :cve:`2019-15505`, :cve:`2019-15538`, :cve:`2019-15666`, :cve:`2019-15794`, :cve:`2019-15807`, :cve:`2019-15916`, :cve:`2019-15917`, :cve:`2019-15918`, :cve:`2019-15919`, :cve:`2019-15920`, :cve:`2019-15921`, :cve:`2019-15922`, :cve:`2019-15923`, :cve:`2019-15924`, :cve:`2019-15925`, :cve:`2019-15926`, :cve:`2019-15927`, :cve:`2019-16229`, :cve:`2019-16230`, :cve:`2019-16231`, :cve:`2019-16232`, :cve:`2019-16233`, :cve:`2019-16234`, :cve:`2019-16413`, :cve:`2019-16714`, :cve:`2019-16746`, :cve:`2019-16921`, :cve:`2019-16994`, :cve:`2019-16995`, :cve:`2019-17052`, :cve:`2019-17053`, :cve:`2019-17054`, :cve:`2019-17055`, :cve:`2019-17056`, :cve:`2019-17075`, :cve:`2019-17133`, :cve:`2019-17351`, :cve:`2019-17666`, :cve:`2019-18198`, :cve:`2019-18282`, :cve:`2019-18660`, :cve:`2019-18675`, :cve:`2019-18683`, :cve:`2019-18786`, :cve:`2019-18805`, :cve:`2019-18806`, :cve:`2019-18807`, :cve:`2019-18808`, :cve:`2019-18809`, :cve:`2019-18810`, :cve:`2019-18811`, :cve:`2019-18812`, :cve:`2019-18813`, :cve:`2019-18814`, :cve:`2019-18885`, :cve:`2019-19036`, :cve:`2019-19037`, :cve:`2019-19039`, :cve:`2019-19043`, :cve:`2019-19044`, :cve:`2019-19045`, :cve:`2019-19046`, :cve:`2019-19047`, :cve:`2019-19048`, :cve:`2019-19049`, :cve:`2019-19050`, :cve:`2019-19051`, :cve:`2019-19052`, :cve:`2019-19053`, :cve:`2019-19054`, :cve:`2019-19055`, :cve:`2019-19056`, :cve:`2019-19057`, :cve:`2019-19058`, :cve:`2019-19059`, :cve:`2019-19060`, :cve:`2019-19061`, :cve:`2019-19062`, :cve:`2019-19063`, :cve:`2019-19064`, :cve:`2019-19065`, :cve:`2019-19066`, :cve:`2019-19067`, :cve:`2019-19068`, :cve:`2019-19069`, :cve:`2019-19070`, :cve:`2019-19071`, :cve:`2019-19072`, :cve:`2019-19073`, :cve:`2019-19074`, :cve:`2019-19075`, :cve:`2019-19076`, :cve:`2019-19077`, :cve:`2019-19078`, :cve:`2019-19079`, :cve:`2019-19080`, :cve:`2019-19081`, :cve:`2019-19082`, :cve:`2019-19083`, :cve:`2019-19227`, :cve:`2019-19241`, :cve:`2019-19252`, :cve:`2019-19318`, :cve:`2019-19319`, :cve:`2019-19332`, :cve:`2019-19338`, :cve:`2019-19377`, :cve:`2019-19447`, :cve:`2019-19448`, :cve:`2019-19449`, :cve:`2019-19462`, :cve:`2019-19523`, :cve:`2019-19524`, :cve:`2019-19525`, :cve:`2019-19526`, :cve:`2019-19527`, :cve:`2019-19528`, :cve:`2019-19529`, :cve:`2019-19530`, :cve:`2019-19531`, :cve:`2019-19532`, :cve:`2019-19533`, :cve:`2019-19534`, :cve:`2019-19535`, :cve:`2019-19536`, :cve:`2019-19537`, :cve:`2019-19543`, :cve:`2019-19602`, :cve:`2019-19767`, :cve:`2019-19768`, :cve:`2019-19769`, :cve:`2019-19770`, :cve:`2019-19807`, :cve:`2019-19813`, :cve:`2019-19815`, :cve:`2019-19816`, :cve:`2019-19922`, :cve:`2019-19927`, :cve:`2019-19947`, :cve:`2019-19965`, :cve:`2019-19966`, :cve:`2019-1999`, :cve:`2019-20054`, :cve:`2019-20095`, :cve:`2019-20096`, :cve:`2019-2024`, :cve:`2019-2025`, :cve:`2019-20422`, :cve:`2019-2054`, :cve:`2019-20636`, :cve:`2019-20806`, :cve:`2019-20810`, :cve:`2019-20811`, :cve:`2019-20812`, :cve:`2019-20908`, :cve:`2019-20934`, :cve:`2019-2101`, :cve:`2019-2181`, :cve:`2019-2182`, :cve:`2019-2213`, :cve:`2019-2214`, :cve:`2019-2215`, :cve:`2019-25044`, :cve:`2019-25045`, :cve:`2019-3016`, :cve:`2019-3459`, :cve:`2019-3460`, :cve:`2019-3701`, :cve:`2019-3819`, :cve:`2019-3837`, :cve:`2019-3846`, :cve:`2019-3874`, :cve:`2019-3882`, :cve:`2019-3887`, :cve:`2019-3892`, :cve:`2019-3896`, :cve:`2019-3900`, :cve:`2019-3901`, :cve:`2019-5108`, :cve:`2019-6133`, :cve:`2019-6974`, :cve:`2019-7221`, :cve:`2019-7222`, :cve:`2019-7308`, :cve:`2019-8912`, :cve:`2019-8956`, :cve:`2019-8980`, :cve:`2019-9003`, :cve:`2019-9162`, :cve:`2019-9213`, :cve:`2019-9245`, :cve:`2019-9444`, :cve:`2019-9445`, :cve:`2019-9453`, :cve:`2019-9454`, :cve:`2019-9455`, :cve:`2019-9456`, :cve:`2019-9457`, :cve:`2019-9458`, :cve:`2019-9466`, :cve:`2019-9500`, :cve:`2019-9503`, :cve:`2019-9506`, :cve:`2019-9857`, :cve:`2020-0009`, :cve:`2020-0030`, :cve:`2020-0041`, :cve:`2020-0066`, :cve:`2020-0067`, :cve:`2020-0110`, :cve:`2020-0255`, :cve:`2020-0305`, :cve:`2020-0404`, :cve:`2020-0423`, :cve:`2020-0427`, :cve:`2020-0429`, :cve:`2020-0430`, :cve:`2020-0431`, :cve:`2020-0432`, :cve:`2020-0433`, :cve:`2020-0435`, :cve:`2020-0444`, :cve:`2020-0465`, :cve:`2020-0466`, :cve:`2020-0543`, :cve:`2020-10135`, :cve:`2020-10690`, :cve:`2020-10711`, :cve:`2020-10720`, :cve:`2020-10732`, :cve:`2020-10742`, :cve:`2020-10751`, :cve:`2020-10757`, :cve:`2020-10766`, :cve:`2020-10767`, :cve:`2020-10768`, :cve:`2020-10769`, :cve:`2020-10773`, :cve:`2020-10781`, :cve:`2020-10942`, :cve:`2020-11494`, :cve:`2020-11565`, :cve:`2020-11608`, :cve:`2020-11609`, :cve:`2020-11668`, :cve:`2020-11669`, :cve:`2020-11884`, :cve:`2020-12114`, :cve:`2020-12351`, :cve:`2020-12352`, :cve:`2020-12362`, :cve:`2020-12363`, :cve:`2020-12364`, :cve:`2020-12464`, :cve:`2020-12465`, :cve:`2020-12652`, :cve:`2020-12653`, :cve:`2020-12654`, :cve:`2020-12655`, :cve:`2020-12656`, :cve:`2020-12657`, :cve:`2020-12659`, :cve:`2020-12768`, :cve:`2020-12769`, :cve:`2020-12770`, :cve:`2020-12771`, :cve:`2020-12826`, :cve:`2020-12888`, :cve:`2020-12912`, :cve:`2020-13143`, :cve:`2020-13974`, :cve:`2020-14305`, :cve:`2020-14314`, :cve:`2020-14331`, :cve:`2020-14351`, :cve:`2020-14353`, :cve:`2020-14356`, :cve:`2020-14381`, :cve:`2020-14385`, :cve:`2020-14386`, :cve:`2020-14390`, :cve:`2020-14416`, :cve:`2020-15393`, :cve:`2020-15436`, :cve:`2020-15437`, :cve:`2020-15780`, :cve:`2020-15852`, :cve:`2020-16119`, :cve:`2020-16120`, :cve:`2020-16166`, :cve:`2020-1749`, :cve:`2020-24394`, :cve:`2020-24490`, :cve:`2020-24504`, :cve:`2020-24586`, :cve:`2020-24587`, :cve:`2020-24588`, :cve:`2020-25211`, :cve:`2020-25212`, :cve:`2020-25221`, :cve:`2020-25284`, :cve:`2020-25285`, :cve:`2020-25639`, :cve:`2020-25641`, :cve:`2020-25643`, :cve:`2020-25645`, :cve:`2020-25656`, :cve:`2020-25668`, :cve:`2020-25669`, :cve:`2020-25670`, :cve:`2020-25671`, :cve:`2020-25672`, :cve:`2020-25673`, :cve:`2020-25704`, :cve:`2020-25705`, :cve:`2020-26088`, :cve:`2020-26139`, :cve:`2020-26141`, :cve:`2020-26145`, :cve:`2020-26147`, :cve:`2020-26541`, :cve:`2020-26555`, :cve:`2020-26558`, :cve:`2020-27066`, :cve:`2020-27067`, :cve:`2020-27068`, :cve:`2020-27152`, :cve:`2020-27170`, :cve:`2020-27171`, :cve:`2020-27194`, :cve:`2020-2732`, :cve:`2020-27673`, :cve:`2020-27675`, :cve:`2020-27777`, :cve:`2020-27784`, :cve:`2020-27786`, :cve:`2020-27815`, :cve:`2020-27820`, :cve:`2020-27825`, :cve:`2020-27830`, :cve:`2020-27835`, :cve:`2020-28097`, :cve:`2020-28374`, :cve:`2020-28588`, :cve:`2020-28915`, :cve:`2020-28941`, :cve:`2020-28974`, :cve:`2020-29368`, :cve:`2020-29369`, :cve:`2020-29370`, :cve:`2020-29371`, :cve:`2020-29372`, :cve:`2020-29373`, :cve:`2020-29374`, :cve:`2020-29534`, :cve:`2020-29568`, :cve:`2020-29569`, :cve:`2020-29660`, :cve:`2020-29661`, :cve:`2020-35499`, :cve:`2020-35508`, :cve:`2020-35513`, :cve:`2020-35519`, :cve:`2020-36158`, :cve:`2020-36310`, :cve:`2020-36311`, :cve:`2020-36312`, :cve:`2020-36313`, :cve:`2020-36322`, :cve:`2020-36385`, :cve:`2020-36386`, :cve:`2020-36387`, :cve:`2020-36516`, :cve:`2020-36557`, :cve:`2020-36558`, :cve:`2020-36691`, :cve:`2020-36694`, :cve:`2020-36766`, :cve:`2020-3702`, :cve:`2020-4788`, :cve:`2020-7053`, :cve:`2020-8428`, :cve:`2020-8647`, :cve:`2020-8648`, :cve:`2020-8649`, :cve:`2020-8694`, :cve:`2020-8834`, :cve:`2020-8835`, :cve:`2020-8992`, :cve:`2020-9383`, :cve:`2020-9391`, :cve:`2021-0129`, :cve:`2021-0342`, :cve_mitre:`2021-0447`, :cve_mitre:`2021-0448`, :cve:`2021-0512`, :cve:`2021-0605`, :cve:`2021-0707`, :cve:`2021-0920`, :cve:`2021-0929`, :cve:`2021-0935`, :cve_mitre:`2021-0937`, :cve:`2021-0938`, :cve:`2021-0941`, :cve:`2021-1048`, :cve:`2021-20177`, :cve:`2021-20194`, :cve:`2021-20226`, :cve:`2021-20239`, :cve:`2021-20261`, :cve:`2021-20265`, :cve:`2021-20268`, :cve:`2021-20292`, :cve:`2021-20317`, :cve:`2021-20320`, :cve:`2021-20321`, :cve:`2021-20322`, :cve:`2021-21781`, :cve:`2021-22543`, :cve:`2021-22555`, :cve:`2021-22600`, :cve:`2021-23133`, :cve:`2021-23134`, :cve:`2021-26401`, :cve:`2021-26708`, :cve:`2021-26930`, :cve:`2021-26931`, :cve:`2021-26932`, :cve:`2021-27363`, :cve:`2021-27364`, :cve:`2021-27365`, :cve:`2021-28038`, :cve:`2021-28039`, :cve:`2021-28375`, :cve:`2021-28660`, :cve:`2021-28688`, :cve:`2021-28691`, :cve:`2021-28711`, :cve:`2021-28712`, :cve:`2021-28713`, :cve:`2021-28714`, :cve:`2021-28715`, :cve:`2021-28950`, :cve:`2021-28951`, :cve:`2021-28952`, :cve:`2021-28964`, :cve:`2021-28971`, :cve:`2021-28972`, :cve:`2021-29154`, :cve:`2021-29155`, :cve:`2021-29264`, :cve:`2021-29265`, :cve:`2021-29266`, :cve:`2021-29646`, :cve:`2021-29647`, :cve:`2021-29648`, :cve:`2021-29649`, :cve:`2021-29650`, :cve:`2021-29657`, :cve:`2021-30002`, :cve:`2021-30178`, :cve:`2021-31440`, :cve:`2021-3178`, :cve:`2021-31829`, :cve:`2021-31916`, :cve:`2021-32078`, :cve:`2021-32399`, :cve:`2021-32606`, :cve:`2021-33033`, :cve:`2021-33034`, :cve:`2021-33061`, :cve:`2021-33098`, :cve:`2021-33135`, :cve:`2021-33200`, :cve:`2021-3347`, :cve:`2021-3348`, :cve:`2021-33624`, :cve:`2021-33655`, :cve:`2021-33656`, :cve:`2021-33909`, :cve:`2021-3411`, :cve:`2021-3428`, :cve:`2021-3444`, :cve:`2021-34556`, :cve:`2021-34693`, :cve:`2021-3483`, :cve:`2021-34866`, :cve:`2021-3489`, :cve:`2021-3490`, :cve:`2021-3491`, :cve:`2021-3493`, :cve_mitre:`2021-34981`, :cve:`2021-3501`, :cve:`2021-35039`, :cve:`2021-3506`, :cve:`2021-3543`, :cve:`2021-35477`, :cve:`2021-3564`, :cve:`2021-3573`, :cve:`2021-3587`, :cve_mitre:`2021-3600`, :cve:`2021-3609`, :cve:`2021-3612`, :cve:`2021-3635`, :cve:`2021-3640`, :cve:`2021-3653`, :cve:`2021-3655`, :cve:`2021-3656`, :cve:`2021-3659`, :cve:`2021-3669`, :cve:`2021-3679`, :cve:`2021-3715`, :cve:`2021-37159`, :cve:`2021-3732`, :cve:`2021-3736`, :cve:`2021-3739`, :cve:`2021-3743`, :cve:`2021-3744`, :cve:`2021-3752`, :cve:`2021-3753`, :cve:`2021-37576`, :cve:`2021-3759`, :cve:`2021-3760`, :cve:`2021-3764`, :cve:`2021-3772`, :cve:`2021-38160`, :cve:`2021-38166`, :cve:`2021-38198`, :cve:`2021-38199`, :cve:`2021-38200`, :cve:`2021-38201`, :cve:`2021-38202`, :cve:`2021-38203`, :cve:`2021-38204`, :cve:`2021-38205`, :cve:`2021-38206`, :cve:`2021-38207`, :cve:`2021-38208`, :cve:`2021-38209`, :cve:`2021-38300`, :cve:`2021-3894`, :cve:`2021-3896`, :cve:`2021-3923`, :cve:`2021-39633`, :cve:`2021-39634`, :cve:`2021-39636`, :cve:`2021-39648`, :cve:`2021-39656`, :cve:`2021-39657`, :cve:`2021-39685`, :cve:`2021-39686`, :cve:`2021-39698`, :cve:`2021-39711`, :cve:`2021-39713`, :cve:`2021-39714`, :cve:`2021-4001`, :cve:`2021-4002`, :cve:`2021-4023`, :cve:`2021-4028`, :cve:`2021-4032`, :cve:`2021-4037`, :cve:`2021-40490`, :cve:`2021-4083`, :cve:`2021-4090`, :cve:`2021-4093`, :cve:`2021-4095`, :cve:`2021-41073`, :cve:`2021-4135`, :cve:`2021-4148`, :cve:`2021-4149`, :cve:`2021-4150`, :cve:`2021-4154`, :cve:`2021-4155`, :cve:`2021-4157`, :cve:`2021-4159`, :cve:`2021-41864`, :cve:`2021-4197`, :cve:`2021-42008`, :cve:`2021-4202`, :cve:`2021-4203`, :cve:`2021-4204`, :cve:`2021-4218`, :cve:`2021-42252`, :cve:`2021-42327`, :cve:`2021-42739`, :cve:`2021-43056`, :cve:`2021-43057`, :cve:`2021-43267`, :cve:`2021-43389`, :cve:`2021-43975`, :cve:`2021-43976`, :cve:`2021-44733`, :cve:`2021-44879`, :cve:`2021-45095`, :cve:`2021-45100`, :cve:`2021-45402`, :cve:`2021-45469`, :cve:`2021-45480`, :cve:`2021-45485`, :cve:`2021-45486`, :cve:`2021-45868`, :cve:`2021-46283`, :cve:`2022-0001`, :cve:`2022-0002`, :cve:`2022-0168`, :cve:`2022-0171`, :cve:`2022-0185`, :cve:`2022-0264`, :cve:`2022-0286`, :cve:`2022-0322`, :cve:`2022-0330`, :cve:`2022-0382`, :cve:`2022-0433`, :cve:`2022-0435`, :cve:`2022-0480`, :cve:`2022-0487`, :cve:`2022-0492`, :cve:`2022-0494`, :cve:`2022-0500`, :cve:`2022-0516`, :cve:`2022-0617`, :cve:`2022-0644`, :cve:`2022-0646`, :cve:`2022-0742`, :cve:`2022-0812`, :cve:`2022-0847`, :cve:`2022-0850`, :cve:`2022-0854`, :cve:`2022-0995`, :cve:`2022-0998`, :cve:`2022-1011`, :cve:`2022-1012`, :cve:`2022-1015`, :cve:`2022-1016`, :cve:`2022-1043`, :cve:`2022-1048`, :cve:`2022-1055`, :cve:`2022-1158`, :cve:`2022-1184`, :cve:`2022-1195`, :cve:`2022-1198`, :cve:`2022-1199`, :cve:`2022-1204`, :cve:`2022-1205`, :cve:`2022-1263`, :cve:`2022-1280`, :cve:`2022-1353`, :cve:`2022-1419`, :cve:`2022-1462`, :cve:`2022-1508`, :cve:`2022-1516`, :cve:`2022-1651`, :cve:`2022-1652`, :cve:`2022-1671`, :cve:`2022-1678`, :cve:`2022-1679`, :cve:`2022-1729`, :cve:`2022-1734`, :cve:`2022-1786`, :cve:`2022-1789`, :cve:`2022-1836`, :cve:`2022-1852`, :cve:`2022-1882`, :cve:`2022-1943`, :cve:`2022-1966`, :cve:`2022-1972`, :cve:`2022-1973`, :cve:`2022-1974`, :cve:`2022-1975`, :cve:`2022-1976`, :cve:`2022-1998`, :cve:`2022-20008`, :cve:`2022-20132`, :cve:`2022-20141`, :cve:`2022-20148`, :cve:`2022-20153`, :cve:`2022-20154`, :cve:`2022-20158`, :cve:`2022-20166`, :cve:`2022-20368`, :cve:`2022-20369`, :cve:`2022-20409`, :cve:`2022-20421`, :cve:`2022-20422`, :cve:`2022-20423`, :cve:`2022-20424`, :cve_mitre:`2022-20565`, :cve:`2022-20566`, :cve:`2022-20567`, :cve:`2022-20568`, :cve:`2022-20572`, :cve:`2022-2078`, :cve:`2022-21123`, :cve:`2022-21125`, :cve:`2022-21166`, :cve:`2022-21385`, :cve:`2022-21499`, :cve_mitre:`2022-21505`, :cve:`2022-2153`, :cve:`2022-2196`, :cve_mitre:`2022-22942`, :cve:`2022-23036`, :cve:`2022-23037`, :cve:`2022-23038`, :cve:`2022-23039`, :cve:`2022-23040`, :cve:`2022-23041`, :cve:`2022-23042`, :cve:`2022-2308`, :cve:`2022-2318`, :cve:`2022-23222`, :cve:`2022-2327`, :cve:`2022-2380`, :cve:`2022-23816`, :cve:`2022-23960`, :cve:`2022-24122`, :cve:`2022-24448`, :cve:`2022-24958`, :cve:`2022-24959`, :cve:`2022-2503`, :cve:`2022-25258`, :cve:`2022-25375`, :cve:`2022-25636`, :cve_mitre:`2022-2585`, :cve_mitre:`2022-2586`, :cve_mitre:`2022-2588`, :cve:`2022-2590`, :cve_mitre:`2022-2602`, :cve:`2022-26365`, :cve:`2022-26373`, :cve:`2022-2639`, :cve:`2022-26490`, :cve:`2022-2663`, :cve:`2022-26966`, :cve:`2022-27223`, :cve:`2022-27666`, :cve:`2022-27672`, :cve:`2022-2785`, :cve:`2022-27950`, :cve:`2022-28356`, :cve:`2022-28388`, :cve:`2022-28389`, :cve:`2022-28390`, :cve:`2022-2873`, :cve:`2022-28796`, :cve:`2022-28893`, :cve:`2022-2905`, :cve:`2022-29156`, :cve:`2022-2938`, :cve:`2022-29581`, :cve:`2022-29582`, :cve:`2022-2959`, :cve:`2022-2964`, :cve:`2022-2977`, :cve:`2022-2978`, :cve:`2022-29900`, :cve:`2022-29901`, :cve:`2022-2991`, :cve:`2022-29968`, :cve:`2022-3028`, :cve:`2022-30594`, :cve:`2022-3061`, :cve:`2022-3077`, :cve:`2022-3078`, :cve:`2022-3103`, :cve:`2022-3104`, :cve:`2022-3105`, :cve:`2022-3106`, :cve:`2022-3107`, :cve:`2022-3108`, :cve:`2022-3110`, :cve:`2022-3111`, :cve:`2022-3112`, :cve:`2022-3113`, :cve:`2022-3114`, :cve:`2022-3115`, :cve:`2022-3169`, :cve:`2022-3170`, :cve:`2022-3176`, :cve:`2022-3202`, :cve:`2022-32250`, :cve:`2022-32296`, :cve:`2022-3239`, :cve:`2022-32981`, :cve:`2022-3303`, :cve:`2022-3344`, :cve:`2022-33740`, :cve:`2022-33741`, :cve:`2022-33742`, :cve:`2022-33743`, :cve:`2022-33744`, :cve:`2022-33981`, :cve:`2022-3424`, :cve:`2022-3435`, :cve:`2022-34494`, :cve:`2022-34495`, :cve:`2022-34918`, :cve:`2022-3521`, :cve:`2022-3522`, :cve:`2022-3524`, :cve:`2022-3526`, :cve:`2022-3531`, :cve:`2022-3532`, :cve:`2022-3534`, :cve:`2022-3535`, :cve:`2022-3541`, :cve:`2022-3542`, :cve:`2022-3543`, :cve:`2022-3545`, :cve:`2022-3564`, :cve:`2022-3565`, :cve:`2022-3577`, :cve:`2022-3586`, :cve:`2022-3594`, :cve:`2022-3595`, :cve:`2022-36123`, :cve:`2022-3619`, :cve:`2022-3621`, :cve:`2022-3623`, :cve:`2022-3624`, :cve:`2022-3625`, :cve:`2022-3628`, :cve:`2022-36280`, :cve:`2022-3629`, :cve:`2022-3630`, :cve:`2022-3633`, :cve:`2022-3635`, :cve:`2022-3636`, :cve:`2022-3640`, :cve:`2022-3643`, :cve:`2022-3646`, :cve:`2022-3649`, :cve:`2022-36879`, :cve:`2022-36946`, :cve:`2022-3707`, :cve:`2022-38457`, :cve:`2022-3903`, :cve:`2022-3910`, :cve:`2022-39188`, :cve:`2022-39189`, :cve:`2022-39190`, :cve:`2022-3977`, :cve:`2022-39842`, :cve:`2022-40133`, :cve:`2022-40307`, :cve:`2022-40476`, :cve:`2022-40768`, :cve:`2022-4095`, :cve:`2022-40982`, :cve:`2022-41218`, :cve:`2022-41222`, :cve:`2022-4127`, :cve:`2022-4128`, :cve:`2022-4129`, :cve:`2022-4139`, :cve:`2022-41674`, :cve:`2022-41849`, :cve:`2022-41850`, :cve:`2022-41858`, :cve:`2022-42328`, :cve:`2022-42329`, :cve:`2022-42432`, :cve:`2022-4269`, :cve:`2022-42703`, :cve:`2022-42719`, :cve:`2022-42720`, :cve:`2022-42721`, :cve:`2022-42722`, :cve:`2022-42895`, :cve:`2022-42896`, :cve:`2022-43750`, :cve:`2022-4378`, :cve:`2022-4379`, :cve:`2022-4382`, :cve:`2022-43945`, :cve:`2022-45869`, :cve:`2022-45886`, :cve:`2022-45887`, :cve:`2022-45919`, :cve:`2022-45934`, :cve:`2022-4662`, :cve:`2022-4696`, :cve:`2022-4744`, :cve:`2022-47518`, :cve:`2022-47519`, :cve:`2022-47520`, :cve:`2022-47521`, :cve:`2022-47929`, :cve:`2022-47938`, :cve:`2022-47939`, :cve:`2022-47940`, :cve:`2022-47941`, :cve:`2022-47942`, :cve:`2022-47943`, :cve:`2022-47946`, :cve:`2022-4842`, :cve:`2022-48423`, :cve:`2022-48424`, :cve:`2022-48425`, :cve:`2022-48502`, :cve:`2023-0030`, :cve:`2023-0045`, :cve:`2023-0047`, :cve:`2023-0122`, :cve:`2023-0160`, :cve:`2023-0179`, :cve:`2023-0210`, :cve:`2023-0240`, :cve:`2023-0266`, :cve:`2023-0386`, :cve:`2023-0394`, :cve:`2023-0458`, :cve:`2023-0459`, :cve:`2023-0461`, :cve:`2023-0468`, :cve:`2023-0469`, :cve:`2023-0590`, :cve:`2023-0615`, :cve_mitre:`2023-1032`, :cve:`2023-1073`, :cve:`2023-1074`, :cve:`2023-1076`, :cve:`2023-1077`, :cve:`2023-1078`, :cve:`2023-1079`, :cve:`2023-1095`, :cve:`2023-1118`, :cve:`2023-1192`, :cve:`2023-1194`, :cve:`2023-1195`, :cve:`2023-1206`, :cve:`2023-1249`, :cve:`2023-1252`, :cve:`2023-1281`, :cve:`2023-1295`, :cve:`2023-1380`, :cve:`2023-1382`, :cve:`2023-1390`, :cve:`2023-1513`, :cve:`2023-1582`, :cve:`2023-1583`, :cve:`2023-1611`, :cve:`2023-1637`, :cve:`2023-1652`, :cve:`2023-1670`, :cve:`2023-1829`, :cve:`2023-1838`, :cve:`2023-1855`, :cve:`2023-1859`, :cve:`2023-1872`, :cve:`2023-1989`, :cve:`2023-1990`, :cve:`2023-1998`, :cve:`2023-2002`, :cve:`2023-2006`, :cve:`2023-2007`, :cve:`2023-2008`, :cve:`2023-2019`, :cve:`2023-20569`, :cve:`2023-20588`, :cve:`2023-20593`, :cve:`2023-20928`, :cve:`2023-20938`, :cve:`2023-21102`, :cve:`2023-21106`, :cve:`2023-2124`, :cve:`2023-21255`, :cve:`2023-2156`, :cve:`2023-2162`, :cve:`2023-2163`, :cve:`2023-2166`, :cve:`2023-2177`, :cve:`2023-2194`, :cve:`2023-2235`, :cve:`2023-2236`, :cve:`2023-2248`, :cve:`2023-2269`, :cve:`2023-22995`, :cve:`2023-22996`, :cve:`2023-22997`, :cve:`2023-22998`, :cve:`2023-22999`, :cve:`2023-23000`, :cve:`2023-23001`, :cve:`2023-23002`, :cve:`2023-23003`, :cve:`2023-23004`, :cve:`2023-23006`, :cve:`2023-23454`, :cve:`2023-23455`, :cve:`2023-23559`, :cve:`2023-23586`, :cve:`2023-2430`, :cve:`2023-2483`, :cve:`2023-25012`, :cve:`2023-2513`, :cve:`2023-25775`, :cve:`2023-2598`, :cve:`2023-26544`, :cve:`2023-26545`, :cve:`2023-26605`, :cve:`2023-26606`, :cve:`2023-26607`, :cve:`2023-28327`, :cve:`2023-28328`, :cve:`2023-28410`, :cve:`2023-28464`, :cve:`2023-28466`, :cve:`2023-2860`, :cve:`2023-28772`, :cve:`2023-28866`, :cve:`2023-2898`, :cve:`2023-2985`, :cve:`2023-3006`, :cve:`2023-30456`, :cve:`2023-30772`, :cve:`2023-3090`, :cve:`2023-3106`, :cve:`2023-3111`, :cve:`2023-3117`, :cve:`2023-31248`, :cve:`2023-3141`, :cve:`2023-31436`, :cve:`2023-3159`, :cve:`2023-3161`, :cve:`2023-3212`, :cve:`2023-3220`, :cve:`2023-32233`, :cve:`2023-32247`, :cve:`2023-32248`, :cve:`2023-32250`, :cve:`2023-32252`, :cve:`2023-32254`, :cve:`2023-32257`, :cve:`2023-32258`, :cve:`2023-32269`, :cve:`2023-3268`, :cve:`2023-3269`, :cve:`2023-3312`, :cve:`2023-3317`, :cve:`2023-33203`, :cve:`2023-33250`, :cve:`2023-33288`, :cve:`2023-3338`, :cve:`2023-3355`, :cve:`2023-3357`, :cve:`2023-3358`, :cve:`2023-3359`, :cve:`2023-3389`, :cve:`2023-3390`, :cve:`2023-33951`, :cve:`2023-33952`, :cve:`2023-34255`, :cve:`2023-34256`, :cve:`2023-34319`, :cve:`2023-3439`, :cve:`2023-35001`, :cve:`2023-3567`, :cve:`2023-35788`, :cve:`2023-35823`, :cve:`2023-35824`, :cve:`2023-35826`, :cve:`2023-35828`, :cve:`2023-35829`, :cve:`2023-3609`, :cve:`2023-3610`, :cve:`2023-3611`, :cve:`2023-37453`, :cve:`2023-3772`, :cve:`2023-3773`, :cve:`2023-3776`, :cve:`2023-3777`, :cve:`2023-3812`, :cve:`2023-38409`, :cve:`2023-38426`, :cve:`2023-38427`, :cve:`2023-38428`, :cve:`2023-38429`, :cve:`2023-38430`, :cve:`2023-38431`, :cve:`2023-38432`, :cve:`2023-3863`, :cve_mitre:`2023-3865`, :cve_mitre:`2023-3866`, :cve_mitre:`2023-3867`, :cve:`2023-4004`, :cve:`2023-4015`, :cve:`2023-40283`, :cve:`2023-4128`, :cve:`2023-4132`, :cve:`2023-4147`, :cve:`2023-4155`, :cve:`2023-4194`, :cve:`2023-4206`, :cve:`2023-4207`, :cve:`2023-4208`, :cve:`2023-4273`, :cve:`2023-42752`, :cve:`2023-42753`, :cve:`2023-4385`, :cve:`2023-4387`, :cve:`2023-4389`, :cve:`2023-4394`, :cve:`2023-4459`, :cve:`2023-4569`, :cve:`2023-4611` and :cve:`2023-4623` +- nghttp2: Fix :cve:`2023-35945` +- openssl: Fix :cve:`2023-2975`, :cve:`2023-3446`, :cve:`2023-3817`, :cve:`2023-4807` and :cve:`2023-5363` +- pixman: Ignore :cve:`2023-37769` +- procps: Fix :cve:`2023-4016` +- python3-git: Fix :cve:`2023-40267`, :cve:`2023-40590` and :cve:`2023-41040` +- python3-pygments: Fix :cve:`2022-40896` +- python3-urllib3: Fix :cve:`2023-43804` and :cve:`2023-45803` +- python3: Fix :cve:`2023-24329` and :cve:`2023-40217` +- qemu: Fix :cve:`2023-3180`, :cve:`2023-3354` and :cve:`2023-42467` +- qemu: Ignore :cve:`2023-2680` +- screen: Fix :cve:`2023-24626` +- shadow: Fix :cve_mitre:`2023-4641` +- tiff: Fix :cve:`2023-40745` and :cve:`2023-41175` +- vim: Fix :cve:`2023-3896`, :cve:`2023-4733`, :cve:`2023-4734`, :cve:`2023-4735`, :cve:`2023-4736`, :cve:`2023-4738`, :cve:`2023-4750`, :cve:`2023-4752`, :cve:`2023-4781`, :cve:`2023-5441` and :cve:`2023-5535` +- webkitgtk: Fix :cve:`2023-32435` and :cve:`2023-32439` +- xserver-xorg: Fix :cve:`2023-5367` and :cve:`2023-5380` + + +Fixes in Yocto-4.2.4 +~~~~~~~~~~~~~~~~~~~~ + +- README: Update to point to new contributor guide +- README: fix mail address in git example command +- SECURITY.md: Add file +- avahi: handle invalid service types gracefully +- bind: upgrade to 9.18.19 +- bitbake.conf: add bunzip2 in :term:`HOSTTOOLS` +- bitbake: Fix disk space monitoring on cephfs +- bitbake: SECURITY.md: add file +- brief-yoctoprojectqs: use new CDN mirror for sstate +- bsp-guide: bsp.rst: replace reference to wiki +- bsp-guide: bsp: skip Intel machines no longer supported in Poky +- build-appliance-image: Update to mickledore head revision +- build-sysroots: Add :term:`SUMMARY` field +- build-sysroots: Ensure dependency chains are minimal +- build-sysroots: target or native sysroot population need to be selected explicitly +- buildtools-tarball: Add libacl +- busybox: Set PATH in syslog initscript +- busybox: remove coreutils dependency in busybox-ptest +- cmake.bbclass: fix allarch override syntax +- cml1: Fix KCONFIG_CONFIG_COMMAND not conveyed fully in do_menuconfig +- contributor-guide/style-guide: Add a note about task idempotence +- contributor-guide/style-guide: Refer to recipes, not packages +- contributor-guide: deprecate "Accepted" patch status +- contributor-guide: discourage marking patches as Inappropriate +- contributor-guide: recipe-style-guide: add Upstream-Status +- contributor-guide: recipe-style-guide: add more patch tagging examples +- contributor-guide: recipe-style-guide: add section about CVE patches +- contributor-guide: style-guide: discourage using Pending patch status +- core-image-ptest: Define a fallback for :term:`SUMMARY` field +- cve-check: add CVSS vector string to CVE database and reports +- cve-check: don't warn if a patch is remote +- cve-check: slightly more verbose warning when adding the same package twice +- cve-check: sort the package list in the JSON report +- cve-exclusion_6.1.inc: update for 6.1.57 +- dbus: add additional entries to :term:`CVE_PRODUCT` +- dbus: upgrade to 1.14.10 +- dev-manual: add security team processes +- dev-manual: disk-space: improve wording for obsolete sstate cache files +- dev-manual: disk-space: mention faster "find" command to trim sstate cache +- dev-manual: fix testimage usage instructions +- dev-manual: layers: Add notes about layer.conf +- dev-manual: licenses: mention :term:`SPDX` for license compliance +- dev-manual: new-recipe.rst fix inconsistency with contributor guide +- dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section +- dev-manual: new-recipe.rst: replace reference to wiki +- dev-manual: remove unsupported :term: markup inside markup +- dev-manual: start.rst: remove obsolete reference +- ell: upgrade to 0.58 +- externalsrc: fix dependency chain issues +- ffmpeg: upgrade to 5.1.3 +- ffmpeg: avoid neon on unsupported machines +- file: fix call to localtime_r() +- file: upgrade to 5.45 +- fontcache.bbclass: avoid native recipes depending on target fontconfig +- gcc-crosssdk: ignore MULTILIB_VARIANTS in signature computation +- gcc-runtime: remove bashism +- gcc: backport a fix for ICE caused by CVE-2023-4039.patch +- gcc: depend on zstd +- gdb: fix :term:`RDEPENDS` for PACKAGECONFIG[tui] +- glib-2.0: libelf has a configure option now, specify it +- glibc: stable 2.37 branch updates +- gnupg: Fix reproducibility failure +- gnupg: upgrade to 2.4.3 +- go: upgrade to 1.20.7 +- graphene: fix runtime detection of IEEE754 behaviour +- gstreamer: upgrade to 1.22.6 +- gtk4: upgrade to 4.10.5 +- gzip: upgrade to 1.13 +- igt-gpu-tools: do not write shortened git commit hash into binaries +- inetutils: don't guess target paths +- inetutils: remove obsolete cruft from do_configure +- insane.bbclass: Count raw bytes in shebang-size +- kernel.bbclass: Add force flag to rm calls +- lib/package_manager: Improve repo artefact filtering +- libc-test: Run as non-root user +- libconvert-asn1-perl: upgrade to 0.34 +- libevent: fix patch Upstream-Status +- libgudev: explicitly disable tests and vapi +- librepo: upgrade to 1.15.2 +- librsvg: upgrade to 2.54.6 +- libsndfile1: upgrade to 1.2.2 +- libsoup-2.4: Only specify --cross-file when building for target +- libsoup-2.4: update :term:`PACKAGECONFIG` +- libx11: upgrade to 1.8.7 +- libxkbcommon: add :term:`CVE_PRODUCT` +- libxpm: upgrade to 3.5.17 +- linux-firmware: add firmware files for NXP BT chipsets +- linux-firmware: package Dragonboard 845c sensors DSP firmware +- linux-firmware: package audio topology for Lenovo X13s +- linux-firmware: upgrade to 20230804 +- linux-yocto/5.15: update to v5.15.133 +- linux-yocto/6.1: fix CONFIG_F2FS_IO_TRACE configuration warning +- linux-yocto/6.1: fix IRQ-80 warnings +- linux-yocto/6.1: fix uninitialized read in nohz_full/isolcpus setup +- linux-yocto/6.1: tiny: fix arm 32 boot +- linux-yocto/6.1: update to v6.1.57 +- linux-yocto: add script to generate kernel :term:`CVE_CHECK_IGNORE` entries +- linux-yocto: make sure the pahole-native available before do_kernel_configme +- linux/cve-exclusion: add generated CVE_CHECK_IGNOREs +- linux/generate-cve-exclusions: fix mishandling of boundary values +- linux/generate-cve-exclusions: print the generated time in UTC +- manuals: add new contributor guide +- manuals: correct "yocto-linux" by "linux-yocto" +- mdadm: Disable further tests due to intermittent failures +- mdadm: skip running 04update-uuid and 07revert-inplace testcases +- migration-guides: add release notes for 4.0.12 +- migration-guides: add release notes for 4.0.13 +- migration-guides: add release notes for 4.2.3 +- mpfr: upgrade to 4.2.1 +- multilib.conf: explicitly make MULTILIB_VARIANTS vardeps on MULTILIBS +- nativesdk-intercept: Fix bad intercept chgrp/chown logic +- nettle: avoid neon on unsupported machines +- oe-depends-dot: improve '-w' behavior +- oeqa dnf_runtime.py: fix HTTP server IP address and port +- oeqa selftest context.py: remove warning from missing meta-selftest +- oeqa selftest context.py: whitespace fix +- oeqa/concurrencytest: Remove invalid buffering option +- oeqa/selftest/context.py: check git command return values +- oeqa/selftest/wic: Improve assertTrue calls +- oeqa/selftest: Fix broken symlink removal handling +- oeqa/utils/gitarchive: Handle broken commit counts in results repo +- openssl: upgrade to 3.1.4 +- openssl: build and install manpages only if they are enabled +- openssl: ensure all ptest fails are caught +- openssl: parallelize tests +- overview: Add note about non-reproducibility side effects +- packages.bbclass: Correct the check for conflicts with renamed packages +- pango: explictly enable/disable libthai +- patch.py: use --absolute-git-dir instead of --show-toplevel to retrieve gitdir +- pixman: Remove duplication of license MIT +- pixman: avoid neon on unsupported machines +- poky.conf: bump version for 4.2.4 release +- profile-manual: aesthetic cleanups +- pseudo: Fix to work with glibc 2.38 +- ptest: report tests that were killed on timeout +- python3-git: upgrade to 3.1.37 +- python3-urllib3: update to v1.26.18 +- python3: upgrade to 3.11.5 +- qemu: fix "Bad FPU state detected" fault on qemu-system-i386 +- ref-manual: Fix :term:`PACKAGECONFIG` term and add an example +- ref-manual: Warn about :term:`COMPATIBLE_MACHINE` skipping native recipes +- ref-manual: point outdated link to the new location +- ref-manual: releases.svg: Scarthgap is now version 5.0 +- ref-manual: system-requirements: update supported distros +- ref-manual: variables: add :term:`RECIPE_SYSROOT` and :term:`RECIPE_SYSROOT_NATIVE` +- ref-manual: variables: add :term:`TOOLCHAIN_OPTIONS` variable +- ref-manual: variables: add example for :term:`SYSROOT_DIRS` variable +- ref-manual: variables: provide no-match example for :term:`COMPATIBLE_MACHINE` +- resulttool/report: Avoid divide by zero +- runqemu: check permissions of available render nodes as well as their presence +- screen: upgrade to 4.9.1 +- scripts/create-pull-request: update URLs to git repositories +- sdk-manual: appendix-obtain: improve and update descriptions +- sdk-manual: extensible.rst: fix multiple formatting issues +- shadow: fix patch Upstream-Status +- strace: parallelize ptest +- sudo: upgrade to 1.9.15p2 +- systemd-bootchart: musl fixes have been rejected upstream +- systemd: backport patch to fix warning in systemd-vconsole-setup +- tar: upgrade to 1.35 +- tcl: Add a way to skip ptests +- tcl: prevent installing another copy of tzdata +- template: fix typo in section header +- test-manual: reproducible-builds: stop mentioning LTO bug +- uboot-extlinux-config.bbclass: fix missed override syntax migration +- vim: upgrade to 9.0.2048 +- vim: update obsolete comment +- wayland-utils: add libdrm :term:`PACKAGECONFIG` +- weston-init: fix init code indentation +- weston-init: remove misleading comment about udev rule +- wic: bootimg-partition: Fix file name in debug message +- wic: fix wrong attempt to create file system in upartitioned regions +- wireless-regdb: upgrade to 2023.09.01 +- xz: upgrade to 5.4.4 +- yocto-uninative: Update to 4.2 for glibc 2.38 +- yocto-uninative: Update to 4.3 + + +Known Issues in Yocto-4.2.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.2.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alberto Planas +- Alexander Kanavin +- Alexis Lothoré +- Antoine Lubineau +- Anuj Mittal +- Archana Polampalli +- Arne Schwerdt +- BELHADJ SALEM Talel +- Benjamin Bara +- Bruce Ashfield +- Chen Qi +- Colin McAllister +- Daniel Semkowicz +- Dmitry Baryshkov +- Eilís 'pidge' Ní Fhlannagáin +- Emil Kronborg Andersen +- Etienne Cordonnier +- Jaeyoon Jung +- Jan Garcia +- Joe Slater +- Joshua Watt +- Julien Stephan +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Markus Niebel +- Markus Volk +- Marta Rybczynska +- Martijn de Gouw +- Martin Jansa +- Michael Halstead +- Michael Opdenacker +- Mikko Rapeli +- Mingli Yu +- Narpat Mali +- Otavio Salvador +- Ovidiu Panait +- Peter Kjellerstedt +- Peter Marko +- Peter Suti +- Poonam Jadhav +- Quentin Schulz +- Richard Purdie +- Robert P. J. Day +- Roland Hieber +- Ross Burton +- Ryan Eatmon +- Sakib Sajal +- Samantha Jalabert +- Sanjana +- Sanjay Chitroda +- Sean Nyekjaer +- Siddharth Doshi +- Soumya Sambu +- Stefan Tauner +- Steve Sakoman +- Tan Wen Yan +- Tom Hochstein +- Trevor Gamblin +- Vijay Anusuri +- Wang Mingyu +- Xiangyu Chen +- Yash Shinde +- Yoann Congal +- Yogita Urade +- Yuta Hayama + + +Repositories / Downloads for Yocto-4.2.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`mickledore </poky/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.4 </poky/log/?h=yocto-4.2.4>` +- Git Revision: :yocto_git:`7235399a86b134e57d5eb783d7f1f57ca0439ae5 </poky/commit/?id=7235399a86b134e57d5eb783d7f1f57ca0439ae5>` +- Release Artefact: poky-7235399a86b134e57d5eb783d7f1f57ca0439ae5 +- sha: 3d56bb4232ab29ae18249529856f0e638c50c764fc495d6beb1ecd295fa5e5e3 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.4/poky-7235399a86b134e57d5eb783d7f1f57ca0439ae5.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.4/poky-7235399a86b134e57d5eb783d7f1f57ca0439ae5.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`mickledore </openembedded-core/log/?h=mickledore>` +- Tag: :oe_git:`yocto-4.2.4 </openembedded-core/log/?h=yocto-4.2.4>` +- Git Revision: :oe_git:`23b5141400b2c676c806df3308f023f7c04e34e0 </openembedded-core/commit/?id=23b5141400b2c676c806df3308f023f7c04e34e0>` +- Release Artefact: oecore-23b5141400b2c676c806df3308f023f7c04e34e0 +- sha: 152f4ee3cdd2e159f6bd34b01d517de44dfe670d35a5e3c84cc32ee7842d9741 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.4/oecore-23b5141400b2c676c806df3308f023f7c04e34e0.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.4/oecore-23b5141400b2c676c806df3308f023f7c04e34e0.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`mickledore </meta-mingw/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.4 </meta-mingw/log/?h=yocto-4.2.4>` +- Git Revision: :yocto_git:`d87d4f00b9c6068fff03929a4b0f231a942d3873 </meta-mingw/commit/?id=d87d4f00b9c6068fff03929a4b0f231a942d3873>` +- Release Artefact: meta-mingw-d87d4f00b9c6068fff03929a4b0f231a942d3873 +- sha: 8036847cf5bf3da9db4bad13aac9080d559848679f0ae03694d55a576bcaf75f +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.4/meta-mingw-d87d4f00b9c6068fff03929a4b0f231a942d3873.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.4/meta-mingw-d87d4f00b9c6068fff03929a4b0f231a942d3873.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.4 </bitbake/log/?h=2.4>` +- Tag: :oe_git:`yocto-4.2.4 </bitbake/log/?h=yocto-4.2.4>` +- Git Revision: :oe_git:`c7e094ec3beccef0bbbf67c100147c449d9c6836 </bitbake/commit/?id=c7e094ec3beccef0bbbf67c100147c449d9c6836>` +- Release Artefact: bitbake-c7e094ec3beccef0bbbf67c100147c449d9c6836 +- sha: 6a35a62bee3446cd0f9e0ec1de9b8f60fc396109075b37d7c4a1f2e6d63271c6 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2.4/bitbake-c7e094ec3beccef0bbbf67c100147c449d9c6836.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2.4/bitbake-c7e094ec3beccef0bbbf67c100147c449d9c6836.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`mickledore </yocto-docs/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2.4 </yocto-docs/log/?h=yocto-4.2.4>` +- Git Revision: :yocto_git:`91a29ca94314c87fd3dc68601cd4932bdfffde35 </yocto-docs/commit/?id=91a29ca94314c87fd3dc68601cd4932bdfffde35>` + diff --git a/documentation/migration-guides/release-notes-4.2.rst b/documentation/migration-guides/release-notes-4.2.rst new file mode 100644 index 0000000000..30049b89f6 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.2.rst @@ -0,0 +1,984 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 4.2 (mickledore) +---------------------------------- + +New Features / Enhancements in 4.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 6.1, glibc 2.37 and ~350 other recipe upgrades + +- Python 3.8+ and GCC 8.0+ are now the minimum required versions on the build host. + For host distributions that do not provide it, this is included as part of the + :term:`buildtools` tarball. + +- BitBake in this release now supports a new ``addpylib`` directive to enable + Python libraries within layers. For more information, + see :ref:`bitbake-user-manual/bitbake-user-manual-metadata:extending python library code`. + + This directive should be added to your layer configuration + as in the below example from ``meta/conf/layer.conf``:: + + addpylib ${LAYERDIR}/lib oe + +- BitBake has seen multiple internal changes that may improve + memory and disk usage as well as parsing time, in particular: + + - BitBake's Cooker server is now multithreaded. + + - Ctrl+C can now be used to interrupt some long-running operations + that previously ignored it. + + - BitBake's cache has been extended to include more hash + debugging data, but has also been optimized to :yocto_git:`compress + cache data <https://git.yoctoproject.org/poky/commit/?h=mickledore&id=7d010055e2af3294e17db862f42664ca689a9356>`. + + - BitBake's UI will now ping the server regularly to ensure + it is still alive. + +- New variables: + + - :term:`VOLATILE_TMP_DIR` allows to specify + whether ``/tmp`` should be on persistent storage + or in RAM. + + - :term:`SPDX_CUSTOM_ANNOTATION_VARS` allows to add + specific comments to the :term:`SPDX` description of a recipe. + +- Rust improvements: + + - This release adds Cargo support on the target, and includes + automated QA tests for this functionality. + + - It also supports checksums for Rust crates and makes + them mandatory for each crate in a recipe. + + - New :ref:`ref-classes-cargo-update-recipe-crates` class to + enable updating :term:`SRC_URI` crate lists from ``Cargo.lock`` + + - Enabled building Rust for baremetal targets + + - You can now also easily select to build beta or nightly + versions of Rust with a new :term:`RUST_CHANNEL` variable + (use at own risk) + + - Support for local GitHub repos in :term:`SRC_URI` as + replacements for Cargo dependencies + + - Use built-in Rust targets for ``-native`` builds to save several + minutes building the Rust toolchain + +- Architecture-specific enhancements: + + - This release adds initial support for the + :wikipedia:`LoongArch <Loongson#LoongArch>` + (``loongarch64``) architecture, though there is no testing for it yet. + + - New ``x86-64-v3`` tunes (AVX, AVX2, BMI1, BMI2, F16C, FMA, LZCNT, MOVBE, XSAVE) + + - go: add support to build on ppc64le + - rust: rustfmt now working and installed for riscv32 + - libpng: enable NEON for aarch64 to ensure consistency with arm32. + - baremetal-helloworld: Enable x86 and x86-64 ports + +- Kernel-related enhancements: + + - Added some support for building 6.2/6.3-rc kernels + - linux-yocto-dev: mark as compatible with qemuarm64 and qemuarmv5 + - Add kernel specific OBJCOPY to help switching toolchains cleanly for kernel build between gcc and clang + +- New core recipes: + + - ``debugedit`` + - ``gtk4`` (import from meta-gnome) + - ``gcr``: add recipe for gcr-4 + - ``graphene`` (import from meta-oe) + - ``libc-test`` + - ``libportal`` (import from meta-gnome) + - ``libslirp`` + - ``libtest-fatal-perl`` + - ``libtest-warnings-perl`` (import from meta-perl) + - ``libtry-tiny-perl`` + - ``python3-build`` + - ``python3-pyproject-hooks`` + - ``python3-hatch-fancy-pypi-readme`` + - ``python3-unittest-automake`` + +- QEMU/runqemu enhancements: + + - Set ``QB_SMP`` with ?= to make it easier to modify + - Set ``QB_CPU`` with ?= to make it easier to modify (x86 configuration only) + - New ``QB_NFSROOTFS_EXTRA_OPT`` to allow extra options to be appended to the NFS rootfs options in kernel boot args, e.g. ``"wsize=4096,rsize=4096"`` + - New ``QB_SETUP_CMD`` and ``QB_CLEANUP_CMD`` to enable running custom shell setup and cleanup commands before and after QEMU. + - ``QB_DEFAULT_KERNEL`` now defaults to pick the bundled initramfs kernel image if the Linux kernel image is generated with :term:`INITRAMFS_IMAGE_BUNDLE` set to "1" + - Split out the QEMU guest agent to its own ``qemu-guest-agent`` package + - runqemu: new ``guestagent`` option to enable communication with the guest agent + - runqemu: respect :term:`IMAGE_LINK_NAME` when searching for image + +- Image-related enhancements: + + - Add 7-Zip support in image conversion types (``7zip``) + - New :term:`IMAGE_MACHINE_SUFFIX` variable to allow easily removing machine name suffix from image file names + +- wic Image Creator enhancements: + + - ``bootimg-efi.py``: add support for directly loading Linux kernel UEFI stub + - ``bootimg-efi.py``: implement ``--include-path`` + - Allow usage of ``fstype=none`` to specify an unformatted partition + - Implement repeatable disk identifiers based on :term:`SOURCE_DATE_EPOCH` + +- FIT image related improvements: + + - FIT image signing support has been reworked to remove interdependencies and make it more easily extensible + - Skip FDT section creation for applicable symlinks to avoid the same dtb being duplicated + - New :term:`FIT_CONF_DEFAULT_DTB` variable to enable selecting default dtb when multiple dtbs exist + +- SDK-related improvements: + + - Extended the following recipes to nativesdk: + + - ``bc`` + - ``gi-docgen`` + - ``gperf`` + - ``python3-iniconfig`` + - ``python3-atomicwrites`` + - ``python3-markdown`` + - ``python3-smartypants`` + - ``python3-typogrify`` + - ``ruby`` + - ``unifdef`` + + - New :term:`SDK_ZIP_OPTIONS` variable to enable passing additional options to the zip command when preparing the SDK zip archive + - New Rust SDK target packagegroup (``packagegroup-rust-sdk-target``) + +- Testing: + + - The ptest images have changed structure in this release. The + underlying ``core-image-ptest`` recipe now uses :term:`BBCLASSEXTEND` to + create a variant for each ptest enabled recipe in OE-Core. + + For example, this means that ``core-image-ptest-bzip2``, + ``core-image-ptest-lttng-tools`` and many more image targets now exist + and can be built/tested individually. + + The ``core-image-ptest-all`` and ``core-image-ptest-fast`` targets are now + wrappers that target groups of individual images and means that the tests + can be executed in parallel during our automated testing. This also means + the dependencies are more accurately tested. + + - It is now possible to track regression changes between releases using + :oe_git:`yocto_testresults_query.py </openembedded-core/tree/scripts/yocto_testresults_query.py>`, + which is a thin wrapper over :oe_git:`resulttool + </openembedded-core/tree/scripts/resulttool>`. Here is an example + command, which allowed to spot and fix a regression in the + ``quilt`` ptest:: + + yocto_testresults_query.py regression-report 4.2_M1 4.2_M2 + + See this `blog post about regression detection + <https://bootlin.com/blog/continuous-integration-in-yocto-improving-the-regressions-detection/>`__. + + - This release adds support for parallel ptest execution with a ptest per image. + This takes ptest execution time from 3.5 hours to around 45 minutes on the autobuilder. + + - Basic Rust compile/run and cargo tests + + - New ``python3-unittest-automake`` recipe which provides modules for pytest + and unittest to adjust their output to automake-style for easier integration + with the ptest system. + + - ptest support added to ``bc``, ``cpio`` and ``gnutls``, and fixes made to + ptests in numerous other recipes. + + - ``ptest-runner`` now adds a non-root "ptest" user to run tests. + + - ``resulttool``: add a ``--list-ptest`` option to the log subcommand to list ptest names + in a results file + + - ``resulttool``: regression: add metadata filtering for oeselftest + +- New :term:`PACKAGECONFIG` options in the following recipes: + + - ``at-spi2-core`` + - ``base-passwd`` + - ``cronie`` + - ``cups`` + - ``curl`` + - ``file`` + - ``gstreamer1.0-plugins-good`` + - ``gtk+3`` + - ``iproute2`` + - ``libsdl2`` + - ``libtiff`` + - ``llvm`` + - ``mesa`` + - ``psmisc`` + - ``qemu`` + - ``sudo`` + - ``systemd`` + - ``tiff`` + - ``util-linux`` + +- Extended the following recipes to native: + + - ``iso-codes`` + - ``libxkbcommon`` + - ``p11-kit`` + - ``python3-atomicwrites`` + - ``python3-dbusmock`` + - ``python3-iniconfig`` + - ``xkeyboard-config`` + +- Utility script changes: + + - ``devtool``: ignore patch-fuzz errors when extracting source in order to enable fixing fuzz issues + - ``oe-setup-layers``: make efficiently idempotent + - ``oe-setup-layers``: print a note about submodules if present + - New ``buildstats-summary`` script to show a summary of the buildstats data + - :ref:`ref-classes-report-error` class: catch ``Nothing PROVIDES`` error + - ``combo-layer``: add ``sync-revs`` command + - ``convert-overrides``: allow command-line customizations + +- bitbake-layers improvements: + + - ``layerindex-fetch``: checkout layer(s) branch when clone exists + - ``create``: add ``-a``/``--add-layer option`` to add layer to ``bblayers.conf`` after creating layer + - ``show-layers``: improve output layout + +- Other BitBake improvements: + + - Inline Python snippets can now include dictionary expressions + - Evaluate the value of export/unexport/network flags so that they can be reset to "0" + - Make :term:`EXCLUDE_FROM_WORLD` boolean so that it can be reset to "0" + - Support int values in ``bb.utils.to_boolean()`` in addition to strings + - ``bitbake-getvar``: Add a ``quiet`` command line argument + - Allow the ``@`` character in variable flag names + - Python library code will now be included when calculating task hashes + - ``fetch2/npmsw``: add more short forms for git operations + - Display a warning when ``SRCREV = "${AUTOREV}"`` is set too late to be effective + - Display all missing :term:`SRC_URI` checksums at once + - Improve error message for a missing multiconfig + - Switch to a new :term:`BB_CACHEDIR` variable for codeparser cache location + - Mechanism introduced to reduce the codeparser cache unnecessarily growing in size + +- Packaging changes: + + - ``rng-tools`` is no longer recommended by ``openssh``, and the ``rng-tools`` + service files have been split out to their own package + - ``linux-firmware``: split ``rtl8761`` and ``amdgpu`` firmware + - ``linux-firmware``: add new firmware file to ``${PN}-qcom-adreno-a530`` + - ``iproute2``: separate ``routel`` and add Python dependency + - ``xinetd``: move ``xconv.pl`` script to separate package + - ``perf``: enable debug/source packaging + +- Prominent documentation updates: + + - Substantially expanded the ":doc:`/dev-manual/vulnerabilities`" section. + - Added a new ":doc:`/dev-manual/sbom`" section about SPDX SBoM generation. + - Expanded ":ref:`init-manager`" documentation. + - New section about :ref:`ref-long-term-support-releases`. + - System Requirements: details about :ref:`system-requirements-minimum-ram`. + - Details about :ref:`ref-building-meson-package` and the + :ref:`ref-classes-meson` class. + - Documentation about how to write recipes for Rust programs. See the + :ref:`ref-classes-cargo` class. + - Documentation about how to write recipes for Go programs. See the + :ref:`ref-classes-go` class. + - Variable index: added references to variables only documented in the + BitBake manual. All variables should be easy to access through the Yocto + Manual variable index. + - Expanded the description of the :term:`BB_NUMBER_THREADS` variable. + +- Miscellaneous changes: + + - Supporting 64 bit dates on 32 bit platforms: several packages have been + updated to pass year 2038 tests, and a QA check for 32 bit time and file + offset functions has been added (default off) + + - Patch fuzz/Upstream-Status checking has been reworked: + + - Upstream-Status checking is now configurable from :term:`WARN_QA`/:term:`ERROR_QA` (``patch-status-core``) + - Can now be enabled for non-core layers (``patch-status-noncore``) + - ``patch-fuzz`` is now in :term:`ERROR_QA` by default, and actually stops the build + + - Many packages were updated to add large file support. + + - ``vulkan-loader``: allow headless targets to build the loader + - ``dhcpcd``: fix to work with systemd + - ``u-boot``: add /boot to :term:`SYSROOT_DIRS` to allow boot files to be used by other recipes + - ``linux-firmware``: don't put the firmware into the sysroot + - ``cups``: add :term:`PACKAGECONFIG` to control web interface and default to off + - ``buildtools-tarball``: export certificates to python and curl + - ``yocto-check-layer``: allow OE-Core to be tested + - ``yocto-check-layer``: check for patch file upstream status + - ``boost``: enable building ``Boost.URL`` library + - ``native``: drop special variable handling + - Poky: make it easier to set :term:`INIT_MANAGER` from local.conf + - :ref:`ref-classes-create-spdx`: add support for custom annotations (:term:`SPDX_CUSTOM_ANNOTATION_VARS`) + - :ref:`ref-classes-create-spdx`: report downloads as separate packages + - :ref:`ref-classes-create-spdx`: remove the top-level image SPDX file and the JSON index file from :term:`DEPLOYDIR` to avoid confusion + - ``os-release``: replace ``DISTRO_CODENAME`` with ``VERSION_CODENAME`` (still set from :term:`DISTRO_CODENAME`) + - ``weston``: add kiosk shell + - :ref:`ref-classes-overlayfs`: Allow unused mount points + - ``sstatesig``: emit more helpful error message when not finding sstate manifest + - :ref:`ref-classes-pypi`.bbclass: Set :term:`SRC_URI` downloadfilename with an optional prefix + - ``poky-bleeding`` distro: update and rework + - :ref:`package.bbclass <ref-classes-package>`: check if package names conflict via ``PKG:${PN}`` override in :ref:`do_package <ref-tasks-package>` + - ``cve-update-nvd2-native``: new NVD CVE database fetcher using the 2.0 API + - :ref:`ref-classes-mirrors` class: use shallow tarball for ``binutils-native``/``nativesdk-binutils`` + - ``meta/conf``: move default configuration templates into ``meta/conf/templates/default`` + - ``binutils``: enable ``--enable-new-dtags`` as per many Linux distributions + - ``base-files``: drop ``localhost.localdomain`` from hosts file as per many Linux distributions + - ``packagegroup-core-boot``: make ``init-ifupdown`` package a recommendation + +Known Issues in 4.2 +~~~~~~~~~~~~~~~~~~~ + +- N/A + +Recipe License changes in 4.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +- ``curl``: set :term:`LICENSE` appropriately to ``curl`` as it is a special derivative of the MIT/X license, not exactly that license. +- ``libgit2``: added ``Zlib``, ``ISC``, ``LGPL-2.1-or-later`` and ``CC0-1.0`` to :term:`LICENSE` covering portions of the included code. +- ``linux-firmware``: set package :term:`LICENSE` appropriately for all qcom packages + +Security Fixes in 4.2 +~~~~~~~~~~~~~~~~~~~~~ + +- binutils: :cve:`2022-4285`, :cve_mitre:`2023-25586` +- curl: :cve:`2022-32221`, :cve:`2022-35260`, :cve:`2022-42915`, :cve:`2022-42916` +- epiphany: :cve:`2023-26081` +- expat: :cve:`2022-43680` +- ffmpeg: :cve:`2022-3964`, :cve:`2022-3965` +- git: :cve:`2022-39260`, :cve:`2022-41903`, :cve:`2022-23521`, :cve:`2022-41953` (ignored) +- glibc: :cve:`2023-25139` (ignored) +- go: :cve:`2023-24532`, :cve:`2023-24537` +- grub2: :cve:`2022-2601`, :cve:`2022-3775`, :cve_mitre:`2022-28736` +- inetutils: :cve:`2019-0053` +- less: :cve:`2022-46663` +- libarchive: :cve:`2022-36227` +- libinput: :cve:`2022-1215` +- libpam: :cve:`2022-28321` +- libpng: :cve:`2019-6129` +- libx11: :cve:`2022-3554` +- openssh: :cve:`2023-28531` +- openssl: :cve:`2022-3358`, :cve:`2022-3786`, :cve:`2022-3602`, :cve:`2022-3996`, :cve:`2023-0286`, :cve:`2022-4304`, :cve:`2022-4203`, :cve:`2023-0215`, :cve:`2022-4450`, :cve:`2023-0216`, :cve:`2023-0217`, :cve:`2023-0401`, :cve:`2023-0464` +- ppp: :cve:`2022-4603` +- python3-cryptography{-vectors}: :cve:`2022-3602`, :cve:`2022-3786`, :cve:`2023-23931` +- python3: :cve_mitre:`2022-37460` +- qemu: :cve:`2022-3165` +- rust: :cve:`2022-46176` +- rxvt-unicode: :cve:`2022-4170` +- screen: :cve:`2023-24626` +- shadow: :cve:`2023-29383`, :cve:`2016-15024` (ignored) +- sudo: :cve:`2022-43995` +- systemd: :cve:`2022-4415` (ignored) +- tar: :cve:`2022-48303` +- tiff: :cve:`2022-3599`, :cve:`2022-3597`, :cve:`2022-3626`, :cve:`2022-3627`, :cve:`2022-3570`, :cve:`2022-3598`, :cve:`2022-3970`, :cve:`2022-48281` +- vim: :cve:`2022-3352`, :cve:`2022-4141`, :cve:`2023-0049`, :cve:`2023-0051`, :cve:`2023-0054`, :cve:`2023-0288`, :cve:`2023-1127`, :cve:`2023-1170`, :cve:`2023-1175`, :cve:`2023-1127`, :cve:`2023-1170`, :cve:`2023-1175`, :cve:`2023-1264`, :cve:`2023-1355`, :cve:`2023-0433`, :cve:`2022-47024`, :cve:`2022-3705` +- xdg-utils: :cve:`2022-4055` +- xserver-xorg: :cve:`2022-3550`, :cve:`2022-3551`, :cve:`2023-1393`, :cve:`2023-0494`, :cve:`2022-3553` (ignored) + +Recipe Upgrades in 4.2 +~~~~~~~~~~~~~~~~~~~~~~ + +- acpid: upgrade 2.0.33 -> 2.0.34 +- adwaita-icon-theme: update 42.0 -> 43 +- alsa-lib: upgrade 1.2.7.2 -> 1.2.8 +- alsa-ucm-conf: upgrade 1.2.7.2 -> 1.2.8 +- alsa-utils: upgrade 1.2.7 -> 1.2.8 +- apr: update 1.7.0 -> 1.7.2 +- apr-util: update 1.6.1 -> 1.6.3 +- argp-standalone: replace with a maintained fork +- at-spi2-core: upgrade 2.44.1 -> 2.46.0 +- autoconf-archive: upgrade 2022.09.03 -> 2023.02.20 +- babeltrace: upgrade 1.5.8 -> 1.5.11 +- base-passwd: Update to 3.6.1 +- bash: update 5.1.16 -> 5.2.15 +- bind: upgrade 9.18.7 -> 9.18.12 +- binutils: Upgrade to 2.40 release +- bluez: update 5.65 -> 5.66 +- boost-build-native: update 1.80.0 -> 1.81.0 +- boost: upgrade 1.80.0 -> 1.81.0 +- btrfs-tools: upgrade 5.19.1 -> 6.1.3 +- busybox: 1.35.0 -> 1.36.0 +- ccache: upgrade 4.6.3 -> 4.7.4 +- cmake: update 3.24.0 -> 3.25.2 +- cracklib: upgrade to v2.9.10 +- curl: upgrade 7.86.0 -> 8.0.1 +- dbus: upgrade 1.14.0 -> 1.14.6 +- diffoscope: upgrade 221 -> 236 +- diffstat: upgrade 1.64 -> 1.65 +- diffutils: update 3.8 -> 3.9 +- dos2unix: upgrade 7.4.3 -> 7.4.4 +- dpkg: update 1.21.9 -> 1.21.21 +- dropbear: upgrade 2022.82 -> 2022.83 +- dtc: upgrade 1.6.1 -> 1.7.0 +- e2fsprogs: upgrade 1.46.5 -> 1.47.0 +- ed: upgrade 1.18 -> 1.19 +- elfutils: update 0.187 -> 0.188 +- ell: upgrade 0.53 -> 0.56 +- enchant2: upgrade 2.3.3 -> 2.3.4 +- encodings: update 1.0.6 -> 1.0.7 +- epiphany: update 42.4 -> 43.1 +- ethtool: upgrade 5.19 -> 6.2 +- expat: upgrade to 2.5.0 +- ffmpeg: upgrade 5.1.1 -> 5.1.2 +- file: upgrade 5.43 -> 5.44 +- flac: update 1.4.0 -> 1.4.2 +- font-alias: update 1.0.4 -> 1.0.5 +- fontconfig: upgrade 2.14.0 -> 2.14.2 +- font-util: upgrade 1.3.3 -> 1.4.0 +- freetype: update 2.12.1 -> 2.13.0 +- gawk: update 5.1.1 -> 5.2.1 +- gcr3: update 3.40.0 -> 3.41.1 +- gcr: rename gcr -> gcr3 +- gdb: Upgrade to 13.1 +- gdk-pixbuf: upgrade 2.42.9 -> 2.42.10 +- gettext: update 0.21 -> 0.21.1 +- ghostscript: update 9.56.1 -> 10.0.0 +- gi-docgen: upgrade 2022.1 -> 2023.1 +- git: upgrade 2.37.3 -> 2.39.2 +- glib-2.0: update 2.72.3 -> 2.74.6 +- glibc: upgrade to 2.37 release + stable updates +- glib-networking: update 2.72.2 -> 2.74.0 +- glslang: upgrade 1.3.236.0 -> 1.3.239.0 +- gnu-config: upgrade to latest revision +- gnupg: upgrade 2.3.7 -> 2.4.0 +- gnutls: upgrade 3.7.7 -> 3.8.0 +- gobject-introspection: upgrade 1.72.0 -> 1.74.0 +- go: update 1.19 -> 1.20.1 +- grep: update 3.7 -> 3.10 +- gsettings-desktop-schemas: upgrade 42.0 -> 43.0 +- gstreamer1.0: upgrade 1.20.3 -> 1.22.0 +- gtk+3: upgrade 3.24.34 -> 3.24.36 +- gtk4: update 4.8.2 -> 4.10.0 +- harfbuzz: upgrade 5.1.0 -> 7.1.0 +- hdparm: update 9.64 -> 9.65 +- help2man: upgrade 1.49.2 -> 1.49.3 +- icu: update 71.1 -> 72-1 +- ifupdown: upgrade 0.8.37 -> 0.8.41 +- igt-gpu-tools: upgrade 1.26 -> 1.27.1 +- inetutils: upgrade 2.3 -> 2.4 +- init-system-helpers: upgrade 1.64 -> 1.65.2 +- iproute2: upgrade 5.19.0 -> 6.2.0 +- iptables: update 1.8.8 -> 1.8.9 +- iputils: update to 20221126 +- iso-codes: upgrade 4.11.0 -> 4.13.0 +- jquery: upgrade 3.6.0 -> 3.6.3 +- kexec-tools: upgrade 2.0.25 -> 2.0.26 +- kmscube: upgrade to latest revision +- libarchive: upgrade 3.6.1 -> 3.6.2 +- libbsd: upgrade 0.11.6 -> 0.11.7 +- libcap: upgrade 2.65 -> 2.67 +- libdnf: update 0.69.0 -> 0.70.0 +- libdrm: upgrade 2.4.113 -> 2.4.115 +- libedit: upgrade 20210910-3.1 -> 20221030-3.1 +- libepoxy: update 1.5.9 -> 1.5.10 +- libffi: upgrade 3.4.2 -> 3.4.4 +- libfontenc: upgrade 1.1.6 -> 1.1.7 +- libgit2: upgrade 1.5.0 -> 1.6.3 +- libgpg-error: update 1.45 -> 1.46 +- libhandy: update 1.6.3 -> 1.8.1 +- libical: upgrade 3.0.14 -> 3.0.16 +- libice: update 1.0.10 -> 1.1.1 +- libidn2: upgrade 2.3.3 -> 2.3.4 +- libinput: upgrade 1.19.4 -> 1.22.1 +- libjpeg-turbo: upgrade 2.1.4 -> 2.1.5.1 +- libksba: upgrade 1.6.0 -> 1.6.3 +- libmicrohttpd: upgrade 0.9.75 -> 0.9.76 +- libmodule-build-perl: update 0.4231 -> 0.4232 +- libmpc: upgrade 1.2.1 -> 1.3.1 +- libnewt: update 0.52.21 -> 0.52.23 +- libnotify: upgrade 0.8.1 -> 0.8.2 +- libpcap: upgrade 1.10.1 -> 1.10.3 +- libpciaccess: update 0.16 -> 0.17 +- libpcre2: upgrade 10.40 -> 10.42 +- libpipeline: upgrade 1.5.6 -> 1.5.7 +- libpng: upgrade 1.6.38 -> 1.6.39 +- libpsl: upgrade 0.21.1 -> 0.21.2 +- librepo: upgrade 1.14.5 -> 1.15.1 +- libsdl2: upgrade 2.24.1 -> 2.26.3 +- libsm: 1.2.3 > 1.2.4 +- libsndfile1: upgrade 1.1.0 -> 1.2.0 +- libsolv: upgrade 0.7.22 -> 0.7.23 +- libsoup-2.4: upgrade 2.74.2 -> 2.74.3 +- libsoup: upgrade 3.0.7 -> 3.2.2 +- libtest-fatal-perl: upgrade 0.016 -> 0.017 +- libtest-needs-perl: upgrade 0.002009 -> 0.002010 +- libunistring: upgrade 1.0 -> 1.1 +- liburcu: upgrade 0.13.2 -> 0.14.0 +- liburi-perl: upgrade 5.08 -> 5.17 +- libva: upgrade 2.15.0 -> 2.16.0 +- libva-utils: upgrade 2.15.0 -> 2.17.1 +- libwebp: upgrade 1.2.4 -> 1.3.0 +- libwpe: upgrade 1.12.3 -> 1.14.1 +- libx11: 1.8.1 -> 1.8.4 +- libx11-compose-data: 1.6.8 -> 1.8.4 +- libxau: upgrade 1.0.10 -> 1.0.11 +- libxcomposite: update 0.4.5 -> 0.4.6 +- libxcrypt-compat: upgrade 4.4.30 -> 4.4.33 +- libxcrypt: upgrade 4.4.28 -> 4.4.30 +- libxdamage: update 1.1.5 -> 1.1.6 +- libxdmcp: update 1.1.3 -> 1.1.4 +- libxext: update 1.3.4 -> 1.3.5 +- libxft: update 2.3.4 -> 2.3.6 +- libxft: upgrade 2.3.6 -> 2.3.7 +- libxinerama: update 1.1.4 -> 1.1.5 +- libxkbcommon: upgrade 1.4.1 -> 1.5.0 +- libxkbfile: update 1.1.0 -> 1.1.1 +- libxkbfile: upgrade 1.1.1 -> 1.1.2 +- libxml2: upgrade 2.9.14 -> 2.10.3 +- libxmu: update 1.1.3 -> 1.1.4 +- libxpm: update 3.5.13 -> 3.5.15 +- libxrandr: update 1.5.2 -> 1.5.3 +- libxrender: update 0.9.10 -> 0.9.11 +- libxres: update 1.2.1 -> 1.2.2 +- libxscrnsaver: update 1.2.3 -> 1.2.4 +- libxshmfence: update 1.3 -> 1.3.2 +- libxslt: upgrade 1.1.35 -> 1.1.37 +- libxtst: update 1.2.3 -> 1.2.4 +- libxv: update 1.0.11 -> 1.0.12 +- libxxf86vm: update 1.1.4 -> 1.1.5 +- lighttpd: upgrade 1.4.66 -> 1.4.69 +- linux-firmware: upgrade 20220913 -> 20230210 +- linux-libc-headers: bump to 6.1 +- linux-yocto/5.15: update genericx86* machines to v5.15.103 +- linux-yocto/5.15: update to v5.15.108 +- linux-yocto/6.1: update to v6.1.25 +- linux-yocto-dev: bump to v6.3 +- linux-yocto-rt/5.15: update to -rt59 +- linux-yocto-rt/6.1: update to -rt7 +- llvm: update 14.0.6 -> 15.0.7 +- log4cplus: upgrade 2.0.8 -> 2.1.0 +- logrotate: upgrade 3.20.1 -> 3.21.0 +- lsof: upgrade 4.95.0 -> 4.98.0 +- ltp: upgrade 20220527 -> 20230127 +- lttng-modules: upgrade 2.13.4 -> 2.13.9 +- lttng-tools: update 2.13.8 -> 2.13.9 +- lttng-ust: upgrade 2.13.4 -> 2.13.5 +- makedepend: upgrade 1.0.6 -> 1.0.8 +- make: update 4.3 -> 4.4.1 +- man-db: update 2.10.2 -> 2.11.2 +- man-pages: upgrade 5.13 -> 6.03 +- matchbox-config-gtk: Update to latest SRCREV +- matchbox-desktop-2: Update 2.2 -> 2.3 +- matchbox-panel-2: Update 2.11 -> 2.12 +- matchbox-terminal: Update to latest SRCREV +- matchbox-wm: Update 1.2.2 -> 1.2.3 +- mc: update 4.8.28 -> 4.8.29 +- mesa: update 22.2.0 -> 23.0.0 +- meson: upgrade 0.63.2 -> 1.0.1 +- mmc-utils: upgrade to latest revision +- mobile-broadband-provider-info: upgrade 20220725 -> 20221107 +- mpfr: upgrade 4.1.0 -> 4.2.0 +- mpg123: upgrade 1.30.2 -> 1.31.2 +- msmtp: upgrade 1.8.22 -> 1.8.23 +- mtd-utils: upgrade 2.1.4 -> 2.1.5 +- mtools: upgrade 4.0.40 -> 4.0.42 +- musl-obstack: Update to 1.2.3 +- musl: Upgrade to latest master +- nasm: update 2.15.05 -> 2.16.01 +- ncurses: upgrade 6.3+20220423 -> 6.4 +- netbase: upgrade 6.3 -> 6.4 +- newlib: Upgrade 4.2.0 -> 4.3.0 +- nghttp2: upgrade 1.49.0 -> 1.52.0 +- numactl: upgrade 2.0.15 -> 2.0.16 +- opensbi: Upgrade to 1.2 release +- openssh: upgrade 9.0p1 -> 9.3p1 +- openssl: Upgrade 3.0.5 -> 3.1.0 +- opkg: upgrade to version 0.6.1 +- orc: upgrade 0.4.32 -> 0.4.33 +- ovmf: upgrade edk2-stable202205 -> edk2-stable202211 +- pango: upgrade 1.50.9 -> 1.50.13 +- patchelf: upgrade 0.15.0 -> 0.17.2 +- pciutils: upgrade 3.8.0 -> 3.9.0 +- piglit: upgrade to latest revision +- pinentry: update 1.2.0 -> 1.2.1 +- pixman: upgrade 0.40.0 -> 0.42.2 +- pkgconf: upgrade 1.9.3 -> 1.9.4 +- popt: update 1.18 -> 1.19 +- powertop: upgrade 2.14 -> 2.15 +- procps: update 3.3.17 -> 4.0.3 +- psmisc: upgrade 23.5 -> 23.6 +- puzzles: upgrade to latest revision +- python3-alabaster: upgrade 0.7.12 -> 0.7.13 +- python3-attrs: upgrade 22.1.0 -> 22.2.0 +- python3-babel: upgrade 2.10.3 -> 2.12.1 +- python3-bcrypt: upgrade 3.2.2 -> 4.0.1 +- python3-certifi: upgrade 2022.9.14 -> 2022.12.7 +- python3-chardet: upgrade 5.0.0 -> 5.1.0 +- python3-cryptography: upgrade 38.0.3 -> 39.0.4 +- python3-cryptography-vectors: upgrade 37.0.4 -> 39.0.2 +- python3-cython: upgrade 0.29.32 -> 0.29.33 +- python3-dbusmock: update 0.28.4 -> 0.28.7 +- python3-dbus: upgrade 1.2.18 -> 1.3.2 +- python3-dtschema: upgrade 2022.8.3 -> 2023.1 +- python3-flit-core: upgrade 3.7.1 -> 3.8.0 +- python3-gitdb: upgrade 4.0.9 -> 4.0.10 +- python3-git: upgrade 3.1.27 -> 3.1.31 +- python3-hatch-fancy-pypi-readme: upgrade 22.7.0 -> 22.8.0 +- python3-hatchling: upgrade 1.9.0 -> 1.13.0 +- python3-hatch-vcs: upgrade 0.2.0 -> 0.3.0 +- python3-hypothesis: upgrade 6.54.5 -> 6.68.2 +- python3-importlib-metadata: upgrade 4.12.0 -> 6.0.0 +- python3-iniconfig: upgrade 1.1.1 -> 2.0.0 +- python3-installer: update 0.5.1 -> 0.6.0 +- python3-iso8601: upgrade 1.0.2 -> 1.1.0 +- python3-jsonschema: upgrade 4.9.1 -> 4.17.3 +- python3-lxml: upgrade 4.9.1 -> 4.9.2 +- python3-mako: upgrade 1.2.2 -> 1.2.4 +- python3-markupsafe: upgrade 2.1.1 -> 2.1.2 +- python3-more-itertools: upgrade 8.14.0 -> 9.1.0 +- python3-numpy: upgrade 1.23.3 -> 1.24.2 +- python3-packaging: upgrade to 23.0 +- python3-pathspec: upgrade 0.10.1 -> 0.11.0 +- python3-pbr: upgrade 5.10.0 -> 5.11.1 +- python3-pip: upgrade 22.2.2 -> 23.0.1 +- python3-poetry-core: upgrade 1.0.8 -> 1.5.2 +- python3-psutil: upgrade 5.9.2 -> 5.9.4 +- python3-pycairo: upgrade 1.21.0 -> 1.23.0 +- python3-pycryptodome: upgrade 3.15.0 -> 3.17 +- python3-pycryptodomex: upgrade 3.15.0 -> 3.17 +- python3-pygments: upgrade 2.13.0 -> 2.14.0 +- python3-pyopenssl: upgrade 22.0.0 -> 23.0.0 +- python3-pyrsistent: upgrade 0.18.1 -> 0.19.3 +- python3-pytest-subtests: upgrade 0.8.0 -> 0.10.0 +- python3-pytest: upgrade 7.1.3 -> 7.2.2 +- python3-pytz: upgrade 2022.2.1 -> 2022.7.1 +- python3-requests: upgrade 2.28.1 -> 2.28.2 +- python3-scons: upgrade 4.4.0 -> 4.5.2 +- python3-setuptools-rust: upgrade 1.5.1 -> 1.5.2 +- python3-setuptools-scm: upgrade 7.0.5 -> 7.1.0 +- python3-setuptools: upgrade 65.0.2 -> 67.6.0 +- python3-sphinxcontrib-applehelp: update 1.0.2 -> 1.0.4 +- python3-sphinxcontrib-htmlhelp: 2.0.0 -> 2.0.1 +- python3-sphinx-rtd-theme: upgrade 1.0.0 -> 1.2.0 +- python3-sphinx: upgrade 5.1.1 -> 6.1.3 +- python3-subunit: upgrade 1.4.0 -> 1.4.2 +- python3-testtools: upgrade 2.5.0 -> 2.6.0 +- python3-typing-extensions: upgrade 4.3.0 -> 4.5.0 +- python3: update 3.10.6 -> 3.11.2 +- python3-urllib3: upgrade 1.26.12 -> 1.26.15 +- python3-wcwidth: upgrade 0.2.5 -> 0.2.6 +- python3-wheel: upgrade 0.37.1 -> 0.40.0 +- python3-zipp: upgrade 3.8.1 -> 3.15.0 +- qemu: update 7.1.0 -> 7.2.0 +- quota: update 4.06 -> 4.09 +- readline: update 8.1.2 -> 8.2 +- repo: upgrade 2.29.2 -> 2.32 +- rgb: update 1.0.6 -> 1.1.0 +- rng-tools: upgrade 6.15 -> 6.16 +- rsync: update 3.2.5 -> 3.2.7 +- rt-tests: update 2.4 -> 2.5 +- ruby: update 3.1.2 -> 3.2.1 +- rust: update 1.63.0 -> 1.68.1 +- rxvt-unicode: upgrade 9.30 -> 9.31 +- sed: update 4.8 -> 4.9 +- shaderc: upgrade 2022.2 -> 2023.2 +- shadow: update 4.12.1 -> 4.13 +- socat: upgrade 1.7.4.3 -> 1.7.4.4 +- spirv-headers: upgrade 1.3.236.0 -> 1.3.239.0 +- spirv-tools: upgrade 1.3.236.0 -> 1.3.239.0 +- sqlite3: upgrade 3.39.3 -> 3.41.0 +- strace: upgrade 5.19 -> 6.2 +- stress-ng: update 0.14.03 -> 0.15.06 +- sudo: upgrade 1.9.11p3 -> 1.9.13p3 +- swig: update 4.0.2 -> 4.1.1 +- sysstat: upgrade 12.6.0 -> 12.6.2 +- systemd: update 251.4 -> 253.1 +- systemtap: upgrade 4.7 -> 4.8 +- taglib: upgrade 1.12 -> 1.13 +- tcf-agent: Update to current version +- tcl: update 8.6.11 -> 8.6.13 +- texinfo: update 6.8 -> 7.0.2 +- tiff: update 4.4.0 -> 4.5.0 +- tzdata: update 2022d -> 2023c +- u-boot: upgrade 2022.07 -> 2023.01 +- unfs: update 0.9.22 -> 0.10.0 +- usbutils: upgrade 014 -> 015 +- util-macros: upgrade 1.19.3 -> 1.20.0 +- vala: upgrade 0.56.3 -> 0.56.4 +- valgrind: update to 3.20.0 +- vim: Upgrade 9.0.0598 -> 9.0.1429 +- virglrenderer: upgrade 0.10.3 -> 0.10.4 +- vte: update 0.68.0 -> 0.72.0 +- vulkan-headers: upgrade 1.3.236.0 -> 1.3.239.0 +- vulkan-loader: upgrade 1.3.236.0 -> 1.3.239.0 +- vulkan-samples: update to latest revision +- vulkan-tools: upgrade 1.3.236.0 -> 1.3.239.0 +- vulkan: update 1.3.216.0 -> 1.3.236.0 +- wayland-protocols: upgrade 1.26 -> 1.31 +- wayland-utils: update 1.0.0 -> 1.1.0 +- webkitgtk: update 2.36.7 -> 2.38.5 +- weston: update 10.0.2 -> 11.0.1 +- wireless-regdb: upgrade 2022.08.12 -> 2023.02.13 +- wpebackend-fdo: upgrade 1.12.1 -> 1.14.0 +- xcb-util: update 0.4.0 -> 0.4.1 +- xcb-util-keysyms: 0.4.0 -> 0.4.1 +- xcb-util-renderutil: 0.3.9 -> 0.3.10 +- xcb-util-wm: 0.4.1 -> 0.4.2 +- xcb-util-image: 0.4.0 -> 0.4.1 +- xf86-input-mouse: update 1.9.3 -> 1.9.4 +- xf86-input-vmmouse: update 13.1.0 -> 13.2.0 +- xf86-video-vesa: update 2.5.0 -> 2.6.0 +- xf86-video-vmware: update 13.3.0 -> 13.4.0 +- xhost: update 1.0.8 -> 1.0.9 +- xinit: update 1.4.1 -> 1.4.2 +- xkbcomp: update 1.4.5 -> 1.4.6 +- xkeyboard-config: upgrade 2.36 -> 2.38 +- xprop: update 1.2.5 -> 1.2.6 +- xrandr: upgrade 1.5.1 -> 1.5.2 +- xserver-xorg: upgrade 21.1.4 -> 21.1.7 +- xset: update 1.2.4 -> 1.2.5 +- xvinfo: update 1.1.4 -> 1.1.5 +- xwayland: upgrade 22.1.3 -> 22.1.8 +- xz: upgrade 5.2.6 -> 5.4.2 +- zlib: upgrade 1.2.12 -> 1.2.13 +- zstd: upgrade 1.5.2 -> 1.5.4 + +Contributors to 4.2 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Adrian Freihofer +- Ahmad Fatoum +- Alejandro Hernandez Samaniego +- Alexander Kanavin +- Alexandre Belloni +- Alexey Smirnov +- Alexis Lothoré +- Alex Kiernan +- Alex Stewart +- Andrej Valek +- Andrew Geissler +- Anton Antonov +- Antonin Godard +- Archana Polampalli +- Armin Kuster +- Arnout Vandecappelle +- Arturo Buzarra +- Atanas Bunchev +- Benjamin Szőke +- Benoît Mauduit +- Bernhard Rosenkränzer +- Bruce Ashfield +- Caner Altinbasak +- Carlos Alberto Lopez Perez +- Changhyeok Bae +- Changqing Li +- Charlie Johnston +- Chase Qi +- Chee Yang Lee +- Chen Qi +- Chris Elledge +- Christian Eggers +- Christoph Lauer +- Chuck Wolber +- Ciaran Courtney +- Claus Stovgaard +- Clément Péron +- Daniel Ammann +- David Bagonyi +- Denys Dmytriyenko +- Denys Zagorui +- Diego Sueiro +- Dmitry Baryshkov +- Ed Tanous +- Enguerrand de Ribaucourt +- Enrico Jörns +- Enrico Scholz +- Etienne Cordonnier +- Fabio Estevam +- Fabre Sébastien +- Fawzi KHABER +- Federico Pellegrin +- Frank de Brabander +- Frederic Martinsons +- Geoffrey GIRY +- George Kelly +- Harald Seiler +- He Zhe +- Hitendra Prajapati +- Jagadeesh Krishnanjanappa +- James Raphael Tiovalen +- Jan Kircher +- Jan Luebbe +- Jan-Simon Moeller +- Javier Tia +- Jeremy Puhlman +- Jermain Horsman +- Jialing Zhang +- Joel Stanley +- Joe Slater +- Johan Korsnes +- Jon Mason +- Jordan Crouse +- Jose Quaresma +- Joshua Watt +- Justin Bronder +- Kai Kang +- Kasper Revsbech +- Keiya Nobuta +- Kenfe-Mickael Laventure +- Kevin Hao +- Khem Raj +- Konrad Weihmann +- Lei Maohui +- Leon Anavi +- Liam Beguin +- Louis Rannou +- Luca Boccassi +- Luca Ceresoli +- Luis Martins +- Maanya Goenka +- Marek Vasut +- Mark Asselstine +- Mark Hatle +- Markus Volk +- Marta Rybczynska +- Martin Jansa +- Martin Larsson +- Mateusz Marciniec +- Mathieu Dubois-Briand +- Mauro Queiros +- Maxim Uvarov +- Michael Halstead +- Michael Opdenacker +- Mike Crowe +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Narpat Mali +- Nathan Rossi +- Niko Mauno +- Ola x Nilsson +- Oliver Lang +- Ovidiu Panait +- Pablo Saavedra +- Patrick Williams +- Paul Eggleton +- Paulo Neves +- Pavel Zhukov +- Pawel Zalewski +- Pedro Baptista +- Peter Bergin +- Peter Kjellerstedt +- Peter Marko +- Petr Kubizňák +- Petr Vorel +- pgowda +- Piotr Łobacz +- Quentin Schulz +- Randy MacLeod +- Ranjitsinh Rathod +- Ravineet Singh +- Ravula Adhitya Siddartha +- Richard Elberger +- Richard Leitner +- Richard Purdie +- Robert Andersson +- Robert Joslyn +- Robert Yang +- Romuald JEANNE +- Ross Burton +- Ryan Eatmon +- Sakib Sajal +- Sandeep Gundlupet Raju +- Saul Wold +- Sean Anderson +- Sergei Zhmylev +- Siddharth Doshi +- Soumya +- Sudip Mukherjee +- Sundeep KOKKONDA +- Teoh Jay Shen +- Thomas De Schampheleire +- Thomas Perrot +- Thomas Roos +- Tim Orling +- Tobias Hagelborn +- Tom Hochstein +- Trevor Woerner +- Ulrich Ölmann +- Vincent Davis Jr +- Vivek Kumbhar +- Vyacheslav Yurkov +- Wang Mingyu +- Wentao Zhang +- Xiangyu Chen +- Xiaotian Wu +- Yan Xinkuan +- Yash Shinde +- Yi Zhao +- Yoann Congal +- Yureka Lilian +- Zang Ruochen +- Zheng Qiu +- Zheng Ruoqin +- Zoltan Boszormenyi +- 张忠山 + + +Repositories / Downloads for Yocto-4.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`mickledore </poky/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2 </poky/log/?h=yocto-4.2>` +- Git Revision: :yocto_git:`21790e71d55f417f27cd51fae9dd47549758d4a0 </poky/commit/?id=21790e71d55f417f27cd51fae9dd47549758d4a0>` +- Release Artefact: poky-21790e71d55f417f27cd51fae9dd47549758d4a0 +- sha: 38606076765d912deec84e523403709ef1249122197e61454ae08818e60f83c2 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2/poky-21790e71d55f417f27cd51fae9dd47549758d4a0.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2/poky-21790e71d55f417f27cd51fae9dd47549758d4a0.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`mickledore </openembedded-core/log/?h=mickledore>` +- Tag: :oe_git:`yocto-4.2 </openembedded-core/log/?h=yocto-4.2>` +- Git Revision: :oe_git:`c57d1a561db563ed2f521bbac5fc12d4ac8e11a7 </openembedded-core/commit/?id=c57d1a561db563ed2f521bbac5fc12d4ac8e11a7>` +- Release Artefact: oecore-c57d1a561db563ed2f521bbac5fc12d4ac8e11a7 +- sha: e8cdd870492017be7e7b74b8c2fb73ae6771b2d2125b2aa1f0e65d0689f96af8 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2/oecore-c57d1a561db563ed2f521bbac5fc12d4ac8e11a7.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2/oecore-c57d1a561db563ed2f521bbac5fc12d4ac8e11a7.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`mickledore </meta-mingw/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2 </meta-mingw/log/?h=yocto-4.2>` +- Git Revision: :yocto_git:`250617ffa524c082b848487359b9d045703d59c2 </meta-mingw/commit/?id=250617ffa524c082b848487359b9d045703d59c2>` +- Release Artefact: meta-mingw-250617ffa524c082b848487359b9d045703d59c2 +- sha: 873a97dfd5ed6fb26e1f6a2ddc2c0c9d7a7b3c7f5018588e912294618775c323 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2/meta-mingw-250617ffa524c082b848487359b9d045703d59c2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2/meta-mingw-250617ffa524c082b848487359b9d045703d59c2.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.4 </bitbake/log/?h=2.4>` +- Tag: :oe_git:`yocto-4.2 </bitbake/log/?h=yocto-4.2>` +- Git Revision: :oe_git:`d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c </bitbake/commit/?id=d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c>` +- Release Artefact: bitbake-d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c +- sha: 5edcb97cb545011226b778355bb840ebcc790552d4a885a0d83178153697ba7a +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.2/bitbake-d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.2/bitbake-d97d62e2cbe4bae17f0886f3b4759e8f9ba6d38c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`mickledore </yocto-docs/log/?h=mickledore>` +- Tag: :yocto_git:`yocto-4.2 </yocto-docs/log/?h=yocto-4.2>` +- Git Revision: :yocto_git:`4d6807e34adf5d92d9b6e5852736443a867c78fa </yocto-docs/commit/?id=4d6807e34adf5d92d9b6e5852736443a867c78fa>` + diff --git a/documentation/migration-guides/release-notes-4.3.1.rst b/documentation/migration-guides/release-notes-4.3.1.rst new file mode 100644 index 0000000000..cea9c538a2 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.3.1.rst @@ -0,0 +1,237 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.3.1 (Nanbield) +---------------------------------------- + +Security Fixes in Yocto-4.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- libsndfile1: Fix :cve:`2022-33065` +- libxml2: Ignore :cve:`2023-45322` +- linux-yocto/6.1: Ignore :cve:`2020-27418`, :cve:`2023-31085`, :cve_mitre:`2023-34324`, :cve:`2023-39189`, :cve:`2023-39192`, :cve:`2023-39193`, :cve:`2023-39194`, :cve:`2023-4244`, :cve:`2023-42754`, :cve:`2023-42756`, :cve:`2023-44466`, :cve:`2023-4563`, :cve:`2023-45862`, :cve:`2023-45863`, :cve:`2023-45871`, :cve:`2023-45898`, :cve:`2023-4732`, :cve:`2023-5158`, :cve:`2023-5197` and :cve:`2023-5345` +- linux-yocto/6.5: Ignore :cve:`2020-27418`, :cve:`2023-1193`, :cve:`2023-39191`, :cve:`2023-39194`, :cve:`2023-40791`, :cve:`2023-44466`, :cve:`2023-45862`, :cve:`2023-45863`, :cve:`2023-4610` and :cve:`2023-4732` +- openssl: Fix :cve:`2023-5363` +- pixman: Ignore :cve:`2023-37769` +- vim: Fix :cve:`2023-46246` +- zlib: Ignore :cve:`2023-45853` + + +Fixes in Yocto-4.3.1 +~~~~~~~~~~~~~~~~~~~~ + +- baremetal-helloworld: Pull in fix for race condition on x86-64 +- base: Ensure recipes using mercurial-native have certificates +- bb-matrix-plot.sh: Show underscores correctly in labels +- bin_package.bbclass: revert "Inhibit the default dependencies" +- bitbake: SECURITY.md: add file +- brief-yoctoprojectqs: use new CDN mirror for sstate +- bsp-guide: bsp.rst: update beaglebone example +- bsp-guide: bsp: skip Intel machines no longer supported in Poky +- build-appliance-image: Update to nanbield head revision +- contributor-guide: add patchtest section +- contributor-guide: clarify patchtest usage +- cve-check: don't warn if a patch is remote +- cve-check: slightly more verbose warning when adding the same package twice +- cve-check: sort the package list in the JSON report +- dev-manual: add security team processes +- dev-manual: extend the description of CVE patch preparation +- dev-manual: layers: Add notes about layer.conf +- dev-manual: new-recipe.rst: add missing parenthesis to "Patching Code" section +- dev-manual: start.rst: remove obsolete reference +- dev-manual: wic: update "wic list images" output +- docs: add support for nanbield (4.3) release +- documentation.conf: drop SERIAL_CONSOLES_CHECK +- ell: Upgrade to 0.59 +- glib-2.0: Remove unnecessary assignement +- goarch: Move Go architecture mapping to a library +- kernel-arch: drop CCACHE from :term:`KERNEL_STRIP` definition +- kernel.bbclass: Use strip utility used for kernel build in do_package +- layer.conf: Switch layer to nanbield series only +- libsdl2: upgrade to 2.28.4 +- linux-yocto: make sure the pahole-native available before do_kernel_configme +- llvm: Upgrade to 17.0.3 +- machine: drop obsolete SERIAL_CONSOLES_CHECK +- manuals: correct "yocto-linux" by "linux-yocto" +- manuals: improve description of :term:`CVE_STATUS` and :term:`CVE_STATUS_GROUPS` +- manuals: Remove references to apm in :term:`MACHINE_FEATURES` +- manuals: update linux-yocto append examples +- manuals: update list of supported machines +- migration-4.3: additional migration items +- migration-4.3: adjustments to existing text +- migration-4.3: remove some unnecessary items +- migration-guides: QEMU_USE_SLIRP variable removed +- migration-guides: add BitBake changes +- migration-guides: add debian 12 to newly supported distros +- migration-guides: add kernel notes +- migration-guides: add testing notes +- migration-guides: add utility notes +- migration-guides: edgerouter machine removed +- migration-guides: enabling :term:`SPDX` only for Poky, not a global default +- migration-guides: fix empty sections +- migration-guides: further updates for 4.3 +- migration-guides: further updates for release 4.3 +- migration-guides: git recipes reword +- migration-guides: mention CDN +- migration-guides: mention LLVM 17 +- migration-guides: mention runqemu change in serial port management +- migration-guides: packaging changes +- migration-guides: remove SERIAL_CONSOLES_CHECK +- migration-guides: remove non-notable change +- migration-guides: updates for 4.3 +- oeqa/selftest/debuginfod: improve selftest +- oeqa/selftest/devtool: abort if a local workspace already exist +- oeqa/ssh: Handle SSHCall timeout error code +- openssl: Upgrade to 3.1.4 +- overview-manual: concepts: Add Bitbake Tasks Map +- patchtest-send-results: add In-Reply-To +- patchtest-send-results: check max line length, simplify responses +- patchtest-send-results: fix sender parsing +- patchtest-send-results: improve subject line +- patchtest-send-results: send results to submitter +- patchtest/selftest: add XSKIP, update test files +- patchtest: disable merge test +- patchtest: fix lic_files_chksum test regex +- patchtest: make pylint tests compatible with 3.x +- patchtest: reduce checksum test output length +- patchtest: remove test for CVE tag in mbox +- patchtest: remove unused imports +- patchtest: rework license checksum tests +- patchtest: shorten test result outputs +- patchtest: simplify test directory structure +- patchtest: skip merge test if not targeting master +- patchtest: test regardless of mergeability +- perl: fix intermittent test failure +- poky.conf: bump version for 4.3.1 release +- profile-manual: aesthetic cleanups +- ref-manual: Add documentation for the unimplemented-ptest QA warning +- ref-manual: Fix :term:`PACKAGECONFIG` term and add an example +- ref-manual: Warn about :term:`COMPATIBLE_MACHINE` skipping native recipes +- ref-manual: add systemd-resolved to distro features +- ref-manual: classes: explain cml1 class name +- ref-manual: document :term:`KERNEL_LOCALVERSION` +- ref-manual: document :term:`KERNEL_STRIP` +- ref-manual: document :term:`MESON_TARGET` +- ref-manual: document cargo_c class +- ref-manual: remove semicolons from ``*PROCESS_COMMAND`` variables +- ref-manual: update :term:`SDK_NAME` variable documentation +- ref-manual: variables: add :term:`RECIPE_MAINTAINER` +- ref-manual: variables: add :term:`RECIPE_SYSROOT` and :term:`RECIPE_SYSROOT_NATIVE` +- ref-manual: variables: add :term:`TOOLCHAIN_OPTIONS` variable +- ref-manual: variables: add example for :term:`SYSROOT_DIRS` variable +- ref-manual: variables: document :term:`OEQA_REPRODUCIBLE_TEST_PACKAGE` +- ref-manual: variables: mention new CDN for :term:`SSTATE_MIRRORS` +- ref-manual: variables: provide no-match example for :term:`COMPATIBLE_MACHINE` +- ref-manual: variables: remove SERIAL_CONSOLES_CHECK +- release-notes-4.3: add CVEs, recipe upgrades, license changes, contributors +- release-notes-4.3: add Repositories / Downloads section +- release-notes-4.3: feature additions +- release-notes-4.3: fix some typos +- release-notes-4.3: move new classes to Rust section +- release-notes-4.3: remove the Distribution section +- release-notes-4.3: tweaks to existing text +- sdk-manual: appendix-obtain: improve and update descriptions +- test-manual: reproducible-builds: stop mentioning LTO bug +- vim: Improve locale handling +- vim: Upgrade to 9.0.2068 +- vim: use upstream generated .po files + + +Known Issues in Yocto-4.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alex Stewart +- Archana Polampalli +- Arne Schwerdt +- BELHADJ SALEM Talel +- Dmitry Baryshkov +- Eero Aaltonen +- Joshua Watt +- Julien Stephan +- Jérémy Rosen +- Khem Raj +- Lee Chee Yang +- Marta Rybczynska +- Max Krummenacher +- Michael Halstead +- Michael Opdenacker +- Paul Eggleton +- Peter Kjellerstedt +- Peter Marko +- Quentin Schulz +- Richard Purdie +- Robert P. J. Day +- Ross Burton +- Rouven Czerwinski +- Steve Sakoman +- Trevor Gamblin +- Wang Mingyu +- William Lyu +- Xiangyu Chen +- luca fancellu + + +Repositories / Downloads for Yocto-4.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.1 </poky/log/?h=yocto-4.3.1>` +- Git Revision: :yocto_git:`bf9f2f6f60387b3a7cd570919cef6c4570edcb82 </poky/commit/?id=bf9f2f6f60387b3a7cd570919cef6c4570edcb82>` +- Release Artefact: poky-bf9f2f6f60387b3a7cd570919cef6c4570edcb82 +- sha: 9b4351159d728fec2b63a50f1ac15edc412e2d726e9180a40afc06051fadb922 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/poky-bf9f2f6f60387b3a7cd570919cef6c4570edcb82.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/poky-bf9f2f6f60387b3a7cd570919cef6c4570edcb82.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` +- Tag: :oe_git:`yocto-4.3.1 </openembedded-core/log/?h=yocto-4.3.1>` +- Git Revision: :oe_git:`cce77e8e79c860f4ef0ac4a86b9375bf87507360 </openembedded-core/commit/?id=cce77e8e79c860f4ef0ac4a86b9375bf87507360>` +- Release Artefact: oecore-cce77e8e79c860f4ef0ac4a86b9375bf87507360 +- sha: e6cde08e7c549f57a67d833a36cdb942648fba81558dc8b0e65332d2a2c023cc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/oecore-cce77e8e79c860f4ef0ac4a86b9375bf87507360.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/oecore-cce77e8e79c860f4ef0ac4a86b9375bf87507360.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.1 </meta-mingw/log/?h=yocto-4.3.1>` +- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>` +- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2 +- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` +- Tag: :oe_git:`yocto-4.3.1 </bitbake/log/?h=yocto-4.3.1>` +- Git Revision: :oe_git:`936fcec41efacc4ce988c81882a9ae6403702bea </bitbake/commit/?id=936fcec41efacc4ce988c81882a9ae6403702bea>` +- Release Artefact: bitbake-936fcec41efacc4ce988c81882a9ae6403702bea +- sha: efbdd5fe7f29227a3fd26d6a08a368bf8215083a588b4d23f3adf35044897520 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.1/bitbake-936fcec41efacc4ce988c81882a9ae6403702bea.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.1/bitbake-936fcec41efacc4ce988c81882a9ae6403702bea.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.1 </yocto-docs/log/?h=yocto-4.3.1>` +- Git Revision: :yocto_git:`6b98a6164263298648e89b5a5ae1260a58f1bb35 </yocto-docs/commit/?id=6b98a6164263298648e89b5a5ae1260a58f1bb35>` + diff --git a/documentation/migration-guides/release-notes-4.3.2.rst b/documentation/migration-guides/release-notes-4.3.2.rst new file mode 100644 index 0000000000..3a40d83bc2 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.3.2.rst @@ -0,0 +1,247 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.3.2 (Nanbield) +---------------------------------------- + +Security Fixes in Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- avahi: Fix :cve:`2023-1981`, :cve:`2023-38469`, :cve:`2023-38470`, :cve:`2023-38471`, :cve:`2023-38472` and :cve:`2023-38473` +- curl: Fix :cve:`2023-46218` +- ghostscript: Fix :cve:`2023-46751` +- grub: fix :cve:`2023-4692` and :cve:`2023-4693` +- gstreamer1.0: Fix :cve_mitre:`2023-44446` +- linux-yocto/6.1: Ignore :cve_mitre:`2023-39197`, :cve:`2023-39198`, :cve:`2023-5090`, :cve:`2023-5633`, :cve:`2023-6111`, :cve:`2023-6121` and :cve:`2023-6176` +- linux-yocto/6.5: Ignore :cve:`2022-44034`, :cve_mitre:`2023-39197`, :cve:`2023-39198`, :cve:`2023-5972`, :cve:`2023-6039`, :cve:`2023-6111` and :cve:`2023-6176` +- perl: fix :cve:`2023-47100` +- python3-urllib3: Fix :cve:`2023-45803` +- rust: Fix :cve:`2023-40030` +- vim: Fix :cve:`2023-48231`, :cve:`2023-48232`, :cve:`2023-48233`, :cve:`2023-48234`, :cve:`2023-48235`, :cve:`2023-48236` and :cve:`2023-48237` +- xserver-xorg: Fix :cve:`2023-5367` and :cve:`2023-5380` +- xwayland: Fix :cve:`2023-5367` + + +Fixes in Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~ + +- base-passwd: Upgrade to 3.6.2 +- bind: Upgrade to 9.18.20 +- binutils: stable 2.41 branch updates +- bitbake: command: Make parseRecipeFile() handle virtual recipes correctly +- bitbake: lib/bb: Add workaround for libgcc issues with python 3.8 and 3.9 +- bitbake: toastergui: verify that an existing layer path is given +- bluez5: fix connection for ps5/dualshock controllers +- build-appliance-image: Update to nanbield head revision +- cmake: Upgrade to 3.27.7 +- contributor-guide: add License-Update tag +- contributor-guide: fix command option +- cups: Add root,sys,wheel to system groups +- cve-update-nvd2-native: faster requests with API keys +- cve-update-nvd2-native: increase the delay between subsequent request failures +- cve-update-nvd2-native: make number of fetch attemtps configurable +- cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT +- dev-manual: Discourage the use of SRC_URI[md5sum] +- dev-manual: layers: update link to YP Compatible form +- dev-manual: runtime-testing: fix test module name +- devtool: finish/update-recipe: restrict mode srcrev to recipes fetched from SCM +- devtool: fix update-recipe dry-run mode +- ell: Upgrade to 0.60 +- enchant2: Upgrade to 2.6.2 +- ghostscript: Upgrade to 10.02.1 +- glib-2.0: Upgrade to 2.78.1 +- glibc: stable 2.38 branch updates +- gstreamer1.0: Upgrade to 1.22.7 +- gtk: Add rdepend on printbackend for cups +- harfbuzz: Upgrade to 8.2.2 +- json-c: fix icecc compilation +- kern-tools: bump :term:`SRCREV` for queue processing changes +- kern-tools: make lower context patches reproducible +- kern-tools: update :term:`SRCREV` to include SECURITY.md file +- kernel-arch: use ccache only for compiler +- kernel-yocto: improve metadata patching +- lib/oe/buildcfg.py: Include missing import +- lib/oe/buildcfg.py: Remove unused parameter +- lib/oe/patch: ensure os.chdir restoring always happens +- lib/oe/path: Deploy files can start only with a dot +- libgcrypt: Upgrade to 1.10.3 +- libjpeg-turbo: Upgrade to 3.0.1 +- libnewt: Upgrade to 0.52.24 +- libnsl2: Upgrade to 2.0.1 +- libsolv: Upgrade to 0.7.26 +- libxslt: Upgrade to 1.1.39 +- linux-firmware: add audio topology symlink to the X13's audio package +- linux-firmware: add missing depenencies on license packages +- linux-firmware: add new fw file to ${PN}-rtl8821 +- linux-firmware: add notice file to sdm845 modem firmware +- linux-firmware: create separate packages +- linux-firmware: package Qualcomm Venus 6.0 firmware +- linux-firmware: package Robotics RB5 sensors DSP firmware +- linux-firmware: package firmware for Qualcomm Adreno a702 +- linux-firmware: package firmware for Qualcomm QCM2290 / QRB4210 +- linux-firmware: Upgrade to 20231030 +- linux-yocto-rt/6.1: update to -rt18 +- linux-yocto/6.1: cfg: restore CONFIG_DEVMEM +- linux-yocto/6.1: drop removed IMA option +- linux-yocto/6.1: Upgrade to v6.1.68 +- linux-yocto/6.5: cfg: restore CONFIG_DEVMEM +- linux-yocto/6.5: cfg: split runtime and symbol debug +- linux-yocto/6.5: drop removed IMA option +- linux-yocto/6.5: fix AB-INT: QEMU kernel panic: No irq handler for vector +- linux-yocto/6.5: Upgrade to v6.5.13 +- linux/cve-exclusion6.1: Update to latest kernel point release +- log4cplus: Upgrade to 2.1.1 +- lsb-release: use https for :term:`UPSTREAM_CHECK_URI` +- manuals: brief-yoctoprojectqs: align variable order with default local.conf +- manuals: fix URL +- meson: use correct targets for rust binaries +- migration-guide: add release notes for 4.0.14, 4.0.15, 4.2.4, 4.3.1 +- migration-guides: release 3.5 is actually 4.0 +- migration-guides: reword fix in release-notes-4.3.1 +- msmtp: Upgrade to 1.8.25 +- oeqa/selftest/tinfoil: Add tests that parse virtual recipes +- openssl: improve handshake test error reporting +- package_ipk: Fix Source: field variable dependency +- patchtest: shorten patch signed-off-by test output +- perf: lift :term:`TARGET_CC_ARCH` modification out of security_flags.inc +- perl: Upgrade to 5.38.2 +- perlcross: Upgrade to 1.5.2 +- poky.conf: bump version for 4.3.2 release +- python3-ptest: skip test_storlines +- python3-urllib3: Upgrade to 2.0.7 +- qemu: Upgrade to 8.1.2 +- ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults +- ref-manual: releases.svg: update nanbield release status +- useradd_base: sed -i destroys symlinks +- rootfs-postcommands: sed -i destroys symlinks +- sstate: Ensure sstate searches update file mtime +- strace: backport fix for so_peerpidfd-test +- systemd-boot: Fix build issues on armv7a-linux +- systemd-compat-units.bb: fix postinstall script +- systemd: fix DynamicUser issue +- systemd: update :term:`LICENSE` statement +- tcl: skip async and event tests in run-ptest +- tcl: skip timing-dependent tests in run-ptest +- test-manual: add links to python unittest +- test-manual: add or improve hyperlinks +- test-manual: explicit or fix file paths +- test-manual: resource updates +- test-manual: text and formatting fixes +- test-manual: use working example +- testimage: Drop target_dumper and most of monitor_dumper +- testimage: Exclude wtmp from target-dumper commands +- tzdata: Upgrade to 2023d +- update_gtk_icon_cache: Fix for GTK4-only builds +- useradd_base: Fix sed command line for passwd-expire +- vim: Upgrade to 9.0.2130 +- xserver-xorg: Upgrade to 21.1.9 +- xwayland: Upgrade to 23.2.2 + + +Known Issues in Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + +Contributors to Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Adam Johnston +- Alexander Kanavin +- Anuj Mittal +- Bastian Krause +- Bruce Ashfield +- Chen Qi +- Deepthi Hemraj +- Dhairya Nagodra +- Dmitry Baryshkov +- Fahad Arslan +- Javier Tia +- Jermain Horsman +- Joakim Tjernlund +- Julien Stephan +- Justin Bronder +- Khem Raj +- Lee Chee Yang +- Marco Felsch +- Markus Volk +- Marta Rybczynska +- Massimiliano Minella +- Michael Opdenacker +- Paul Barker +- Peter Kjellerstedt +- Peter Marko +- Randy MacLeod +- Rasmus Villemoes +- Richard Purdie +- Ross Burton +- Shubham Kulkarni +- Simone Weiß +- Steve Sakoman +- Sundeep KOKKONDA +- Tim Orling +- Trevor Gamblin +- Vijay Anusuri +- Viswanath Kraleti +- Vyacheslav Yurkov +- Wang Mingyu +- William Lyu +- Zoltán Böszörményi + +Repositories / Downloads for Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.2 </poky/log/?h=yocto-4.3.2>` +- Git Revision: :yocto_git:`f768ffb8916feb6542fcbe3e946cbf30e247b151 </poky/commit/?id=f768ffb8916feb6542fcbe3e946cbf30e247b151>` +- Release Artefact: poky-f768ffb8916feb6542fcbe3e946cbf30e247b151 +- sha: 21ca1695d70aba9b4bd8626d160111feab76206883cd14fe41eb024692bdfd7b +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/poky-f768ffb8916feb6542fcbe3e946cbf30e247b151.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/poky-f768ffb8916feb6542fcbe3e946cbf30e247b151.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` +- Tag: :oe_git:`yocto-4.3.2 </openembedded-core/log/?h=yocto-4.3.2>` +- Git Revision: :oe_git:`ff595b937d37d2315386aebf315cea719e2362ea </openembedded-core/commit/?id=ff595b937d37d2315386aebf315cea719e2362ea>` +- Release Artefact: oecore-ff595b937d37d2315386aebf315cea719e2362ea +- sha: a7c6332dc0e09ecc08221e78b11151e8e2a3fd9fa3eaad96a4c03b67012bfb97 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/oecore-ff595b937d37d2315386aebf315cea719e2362ea.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/oecore-ff595b937d37d2315386aebf315cea719e2362ea.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.2 </meta-mingw/log/?h=yocto-4.3.2>` +- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>` +- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2 +- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` +- Tag: :oe_git:`yocto-4.3.2 </bitbake/log/?h=yocto-4.3.2>` +- Git Revision: :oe_git:`72bf75f0b2e7f36930185e18a1de8277ce7045d8 </bitbake/commit/?id=72bf75f0b2e7f36930185e18a1de8277ce7045d8>` +- Release Artefact: bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8 +- sha: 0b6ccd4796ccd211605090348a3d4378358c839ae1bb4c35964d0f36f2663187 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.2 </yocto-docs/log/?h=yocto-4.3.2>` +- Git Revision: :yocto_git:`fac88b9e80646a68b31975c915a718a9b6b2b439 </yocto-docs/commit/?id=fac88b9e80646a68b31975c915a718a9b6b2b439>` + diff --git a/documentation/migration-guides/release-notes-4.3.3.rst b/documentation/migration-guides/release-notes-4.3.3.rst new file mode 100644 index 0000000000..2a0658a9c9 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.3.3.rst @@ -0,0 +1,200 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.3.3 (Nanbield) +---------------------------------------- + +Security Fixes in Yocto-4.3.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- curl: Fix :cve:`2023-46219` +- glibc: Ignore fixed :cve:`2023-0687` and :cve:`2023-5156` +- linux-yocto/6.1: Ignore :cve:`2022-48619`, :cve:`2023-4610`, :cve:`2023-5178`, :cve:`2023-5972`, :cve:`2023-6040`, :cve:`2023-6531`, :cve:`2023-6546`, :cve:`2023-6622`, :cve:`2023-6679`, :cve:`2023-6817`, :cve:`2023-6931`, :cve:`2023-6932`, :cve:`2023-7192`, :cve:`2024-0193` and :cve:`2024-0443` +- linux-yocto/6.1: Fix :cve:`2023-1193`, :cve_mitre:`2023-51779`, :cve:`2023-51780`, :cve:`2023-51781`, :cve:`2023-51782` and :cve:`2023-6606` +- qemu: Fix :cve:`2023-3019` +- shadow: Fix :cve:`2023-4641` +- sqlite3: Fix :cve:`2024-0232` +- sqlite3: drop obsolete CVE ignore :cve:`2023-36191` +- sudo: Fix :cve:`2023-42456` and :cve:`2023-42465` +- tiff: Fix :cve:`2023-6277` +- xwayland: Fix :cve:`2023-6377` and :cve:`2023-6478` + + +Fixes in Yocto-4.3.3 +~~~~~~~~~~~~~~~~~~~~ + +- aspell: upgrade to 0.60.8.1 +- avahi: update URL for new project location +- base-passwd: upgrade to 3.6.3 +- bitbake: asyncrpc: Add context manager API +- bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer +- build-appliance-image: Update to nanbield head revision +- classes-global/sstate: Fix variable typo +- cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES +- contributor-guide: fix lore URL +- contributor-guide: use "apt" instead of "aptitude" +- create-spdx-2.2: combine spdx can try to write before dir creation +- curl: Disable test 1091 due to intermittent failures +- curl: Disable two intermittently failing tests +- dev-manual: gen-tapdevs need iptables installed +- dev-manual: start.rst: Update use of Download page +- dev-manual: update license manifest path +- devtool: deploy: provide max_process to strip_execs +- devtool: modify: Handle recipes with a menuconfig task correctly +- docs: document VSCode extension +- dtc: preserve version also from shallow git clones +- elfutils: Update license information +- glib-2.0: upgrade to 2.78.3 +- glibc-y2038-tests: do not run tests using 32 bit time APIs +- go: upgrade to 1.20.12 +- grub: fs/fat: Don't error when mtime is 0 +- gstreamer1.0: upgrade to 1.22.8 +- icon-naming-utils: take tarball from debian +- kea: upgrade to 2.4.1 +- lib/prservice: Improve lock handling robustness +- libadwaita: upgrade to 1.4.2 +- libatomic-ops: upgrade to 7.8.2 +- libva-utils: upgrade to 2.20.1 +- linux-firmware: Change bnx2 packaging +- linux-firmware: Create bnx2x subpackage +- linux-firmware: Fix the linux-firmware-bcm4373 :term:`FILES` variable +- linux-firmware: Package iwlwifi .pnvm files +- linux-yocto/6.1: security/cfg: add configs to harden protection +- linux-yocto/6.1: update to v6.1.73 +- meta/documentation.conf: fix do_menuconfig description +- migration-guide: add release notes for 4.0.16 +- migration-guide: add release notes for 4.3.2 +- ncurses: Fix - tty is hung after reset +- nfs-utils: Update Upstream-Status +- nfs-utils: upgrade to 2.6.4 +- oeqa/selftest/prservice: Improve test robustness +- package.py: OEHasPackage: Add :term:`MLPREFIX` to packagename +- poky.conf: bump version for 4.3.3 release +- pseudo: Update to pull in syncfs probe fix +- python3-license-expression: Fix the ptest failure +- qemu.bbclass: fix a python TypeError +- qemu: upgrade to 8.1.4 +- ref-manual: Add UBOOT_BINARY, extend :term:`UBOOT_CONFIG` +- ref-manual: classes: remove insserv bbclass +- ref-manual: update tested and supported distros +- release-notes-4.3: fix spacing +- rootfs.py: check depmodwrapper execution result +- rpcbind: Specify state directory under /run +- scripts/runqemu: fix regex escape sequences +- sqlite3: upgrade to 3.43.2 +- sstate: Fix dir ownership issues in :term:`SSTATE_DIR` +- sudo: upgrade to 1.9.15p5 +- tcl: Fix prepending to run-ptest script +- uninative-tarball.xz - reproducibility fix +- xwayland: upgrade to 23.2.3 +- zstd: fix :term:`LICENSE` statement + + +Known Issues in Yocto-4.3.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.3.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alassane Yattara +- Alexander Kanavin +- Anuj Mittal +- Baruch Siach +- Bruce Ashfield +- Chen Qi +- Clay Chang +- Enguerrand de Ribaucourt +- Ilya A. Kriveshko +- Jason Andryuk +- Jeremy A. Puhlman +- Joao Marcos Costa +- Jose Quaresma +- Joshua Watt +- Jörg Sommer +- Khem Raj +- Lee Chee Yang +- Markus Volk +- Massimiliano Minella +- Maxin B. John +- Michael Opdenacker +- Ming Liu +- Mingli Yu +- Peter Kjellerstedt +- Peter Marko +- Richard Purdie +- Robert Berger +- Robert Yang +- Rodrigo M. Duarte +- Ross Burton +- Saul Wold +- Simone Weiß +- Soumya Sambu +- Steve Sakoman +- Trevor Gamblin +- Wang Mingyu +- William Lyu +- Xiangyu Chen +- Yang Xu +- Zahir Hussain + + +Repositories / Downloads for Yocto-4.3.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.3 </poky/log/?h=yocto-4.3.3>` +- Git Revision: :yocto_git:`d3b27346c3a4a7ef7ec517e9d339d22bda74349d </poky/commit/?id=d3b27346c3a4a7ef7ec517e9d339d22bda74349d>` +- Release Artefact: poky-d3b27346c3a4a7ef7ec517e9d339d22bda74349d +- sha: 2db39f1bf7bbcee039e9970eed1f6f9233bcc95d675159647c9a2a334fc81eb0 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.3/poky-d3b27346c3a4a7ef7ec517e9d339d22bda74349d.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.3/poky-d3b27346c3a4a7ef7ec517e9d339d22bda74349d.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` +- Tag: :oe_git:`yocto-4.3.3 </openembedded-core/log/?h=yocto-4.3.3>` +- Git Revision: :oe_git:`0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3 </openembedded-core/commit/?id=0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3>` +- Release Artefact: oecore-0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3 +- sha: 730de0d5744f139322402ff9a6b2483c6ab929f704cec06258ae51de1daebe3d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.3/oecore-0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.3/oecore-0584d01f623e1f9b0fef4dfa95dd66de6cbfb7b3.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.3 </meta-mingw/log/?h=yocto-4.3.3>` +- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>` +- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2 +- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.3/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.3/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` +- Tag: :oe_git:`yocto-4.3.3 </bitbake/log/?h=yocto-4.3.3>` +- Git Revision: :oe_git:`380a9ac97de5774378ded5e37d40b79b96761a0c </bitbake/commit/?id=380a9ac97de5774378ded5e37d40b79b96761a0c>` +- Release Artefact: bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c +- sha: 78f579b9d29e72d09b6fb10ac62aa925104335e92d2afb3155bc9ab1994e36c1 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.3/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.3/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.3 </yocto-docs/log/?h=yocto-4.3.3>` +- Git Revision: :yocto_git:`dde4b815db82196af086847f68ee27d7902b4ffa </yocto-docs/commit/?id=dde4b815db82196af086847f68ee27d7902b4ffa>` + diff --git a/documentation/migration-guides/release-notes-4.3.4.rst b/documentation/migration-guides/release-notes-4.3.4.rst new file mode 100644 index 0000000000..4c9e67f2cb --- /dev/null +++ b/documentation/migration-guides/release-notes-4.3.4.rst @@ -0,0 +1,206 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.3.4 (Nanbield) +---------------------------------------- + +Security Fixes in Yocto-4.3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve:`2023-4408`, :cve:`2023-5517`, :cve:`2023-5679` and :cve:`2023-50387` +- gcc: Update :term:`CVE_STATUS` for :cve:`2023-4039` as fixed +- glibc: Fix :cve:`2023-6246`, :cve:`2023-6779` and :cve:`2023-6780` +- gnutls: Fix :cve:`2024-0553` and :cve:`2024-0567` +- gstreamer: Fix :cve_mitre:`2024-0444` +- libssh2: fix :cve:`2023-48795` +- libxml2: Fix :cve:`2024-25062` +- linux-yocto/6.1: Fix :cve:`2023-6610`, :cve:`2023-6915`, :cve:`2023-46838`, :cve:`2023-50431`, :cve:`2024-1085`, :cve:`2024-1086` and :cve:`2024-23849` +- linux-yocto/6.1: Ignore :cve:`2021-33630`, :cve:`2021-33631`, :cve:`2022-36402`, :cve:`2023-5717`, :cve:`2023-6200`, :cve:`2023-35827`, :cve:`2023-40791`, :cve:`2023-46343`, :cve:`2023-46813`, :cve:`2023-46862`, :cve:`2023-51042`, :cve:`2023-51043`, :cve_mitre:`2023-52340`, :cve:`2024-0562`, :cve:`2024-0565`, :cve:`2024-0582`, :cve:`2024-0584`, :cve:`2024-0607`, :cve:`2024-0639`, :cve:`2024-0641`, :cve:`2024-0646`, :cve:`2024-0775` and :cve:`2024-22705` +- openssl: fix :cve:`2024-0727` +- python3-jinja2: Fix :cve:`2024-22195` +- tiff: Fix :cve:`2023-6228`, :cve:`2023-52355` and :cve:`2023-52356` +- vim: Fix :cve:`2024-22667` +- wpa-supplicant: Fix :cve:`2023-52160` +- xserver-xorg: Fix :cve:`2023-6377`, :cve:`2023-6478`, :cve:`2023-6816`, :cve:`2024-0229`, :cve:`2024-0408`, :cve:`2024-0409`, :cve:`2024-21885` and :cve:`2024-21886` +- xwayland: Fix :cve:`2023-6816`, :cve:`2024-0408` and :cve:`2024-0409` +- zlib: Ignore :cve:`2023-6992` + + +Fixes in Yocto-4.3.4 +~~~~~~~~~~~~~~~~~~~~ + +- allarch: Fix allarch corner case +- at-spi2-core: Upgrade to 2.50.1 +- bind: Upgrade to 9.18.24 +- build-appliance-image: Update to nanbield head revision +- contributor-guide: add notes for tests +- contributor-guide: be more specific about meta-* trees +- core-image-ptest: Increase disk size to 1.5G for strace ptest image +- cpio: Upgrade to 2.15 +- curl: improve run-ptest +- curl: increase test timeouts +- cve-check: Log if :term:`CVE_STATUS` set but not reported for component +- cve-update-nvd2-native: Add an age threshold for incremental update +- cve-update-nvd2-native: Fix CVE configuration update +- cve-update-nvd2-native: Fix typo in comment +- cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition +- cve-update-nvd2-native: Remove rejected CVE from database +- cve-update-nvd2-native: nvd_request_next: Improve comment +- cve_check: cleanup logging +- cve_check: handle :term:`CVE_STATUS` being set to the empty string +- dev-manual: Rephrase spdx creation +- dev-manual: improve descriptions of 'bitbake -S printdiff' +- dev-manual: packages: clarify shared :term:`PR` service constraint +- dev-manual: packages: fix capitalization +- dev-manual: packages: need enough free space +- docs: add initial stylechecks with Vale +- docs: correct sdk installation default path +- docs: document VIRTUAL-RUNTIME variables +- docs: suppress excess use of "following" word +- docs: use "manual page(s)" +- docs: Makefile: remove releases.rst in "make clean" +- externalsrc: fix task dependency for do_populate_lic +- glibc: Remove duplicate :term:`CVE_STATUS` for :cve:`2023-4527` +- glibc: stable 2.38 branch updates (2.38+gitd37c2b20a4) +- gnutls: Upgrade to 3.8.3 +- gstreamer1.0: skip a test that is known to be flaky +- gstreamer: Upgrade to 1.22.9 +- gtk: Set :term:`CVE_PRODUCT` +- kernel.bbclass: Set pkg-config variables for building modules +- libxml2: Upgrade to 2.11.7 +- linux-firmware: Upgrade to 20240220 +- linux-yocto/6.1: update to v6.1.78 +- mdadm: Disable ptests +- migration-guides: add release notes for 4.3.3 +- migration-guides: add release notes for 4.0.17 +- migration-guides: fix release notes for 4.3.3 linux-yocto/6.1 CVE entries +- multilib_global.bbclass: fix parsing error with no kernel module split +- openssl: fix crash on aarch64 if BTI is enabled but no Crypto instructions +- openssl: Upgrade to 3.1.5 +- overlayfs: add missing closing parenthesis in selftest +- poky.conf: bump version for 4.3.4 release +- profile-manual: usage.rst: fix reference to bug report +- profile-manual: usage.rst: formatting fixes +- profile-manual: usage.rst: further style improvements +- pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept +- python3-jinja2: Upgrade to 3.1.3 +- ref-manual: release-process: grammar fix +- ref-manual: system-requirements: update packages to build docs +- ref-manual: tasks: do_cleanall: recommend using '-f' instead +- ref-manual: tasks: do_cleansstate: recommend using '-f' instead for a shared sstate +- ref-manual: variables: adding multiple groups in :term:`GROUPADD_PARAM` +- ref-manual: variables: add documentation of the variable :term:`SPDX_NAMESPACE_PREFIX` +- reproducible: Fix race with externalsrc/devtool over lockfile +- sdk-manual: extensible: correctly describe separate build-sysroots tasks in direct sdk workflows +- tzdata : Upgrade to 2024a +- udev-extraconf: fix unmount directories containing octal-escaped chars +- vim: Upgrade to v9.0.2190 +- wireless-regdb: Upgrade to 2024.01.23 +- xserver-xorg: Upgrade to 21.1.11 +- xwayland: Upgrade to 23.2.4 +- yocto-uninative: Update to 4.4 for glibc 2.39 + + +Known Issues in Yocto-4.3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alex Kiernan +- Alexander Kanavin +- Alexander Sverdlin +- Baruch Siach +- BELOUARGA Mohamed +- Benjamin Bara +- Bruce Ashfield +- Chen Qi +- Claus Stovgaard +- Dhairya Nagodra +- Geoff Parker +- Johan Bezem +- Jonathan GUILLOT +- Julien Stephan +- Kai Kang +- Khem Raj +- Lee Chee Yang +- Luca Ceresoli +- Martin Jansa +- Michael Halstead +- Michael Opdenacker +- Munehisa Kamata +- Pavel Zhukov +- Peter Marko +- Priyal Doshi +- Richard Purdie +- Robert Joslyn +- Ross Burton +- Simone Weiß +- Soumya Sambu +- Steve Sakoman +- Tim Orling +- Wang Mingyu +- Yoann Congal +- Yogita Urade + + +Repositories / Downloads for Yocto-4.3.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.4 </poky/log/?h=yocto-4.3.4>` +- Git Revision: :yocto_git:`7b8aa378d069ee31373f22caba3bd7fc7863f447 </poky/commit/?id=7b8aa378d069ee31373f22caba3bd7fc7863f447>` +- Release Artefact: poky-7b8aa378d069ee31373f22caba3bd7fc7863f447 +- sha: 0cb14125f215cc9691cff43982e2c540a5b6018df4ed25c10933135b5bf21d0f +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/poky-7b8aa378d069ee31373f22caba3bd7fc7863f447.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/poky-7b8aa378d069ee31373f22caba3bd7fc7863f447.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` +- Tag: :oe_git:`yocto-4.3.4 </openembedded-core/log/?h=yocto-4.3.4>` +- Git Revision: :oe_git:`d0e68072d138ccc1fb5957fdc46a91871eb6a3e1 </openembedded-core/commit/?id=d0e68072d138ccc1fb5957fdc46a91871eb6a3e1>` +- Release Artefact: oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1 +- sha: d311fe22ff296c466f9bea1cd26343baee5630bc37f3dda42f2d9d8cc99e3add +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.4 </meta-mingw/log/?h=yocto-4.3.4>` +- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>` +- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2 +- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` +- Tag: :oe_git:`yocto-4.3.4 </bitbake/log/?h=yocto-4.3.4>` +- Git Revision: :oe_git:`380a9ac97de5774378ded5e37d40b79b96761a0c </bitbake/commit/?id=380a9ac97de5774378ded5e37d40b79b96761a0c>` +- Release Artefact: bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c +- sha: 78f579b9d29e72d09b6fb10ac62aa925104335e92d2afb3155bc9ab1994e36c1 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.4 </yocto-docs/log/?h=yocto-4.3.4>` +- Git Revision: :yocto_git:`05d08b0bbaef760157c8d35a78d7405bc5ffce55 </yocto-docs/commit/?id=05d08b0bbaef760157c8d35a78d7405bc5ffce55>` + diff --git a/documentation/migration-guides/release-notes-4.3.rst b/documentation/migration-guides/release-notes-4.3.rst new file mode 100644 index 0000000000..0e175067da --- /dev/null +++ b/documentation/migration-guides/release-notes-4.3.rst @@ -0,0 +1,965 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 4.3 (nanbield) +-------------------------------- + +New Features / Enhancements in 4.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 6.5 and 6.1, gcc 13, glibc 2.38, LLVM 17, and over 300 other recipe upgrades + +- The autobuilder's shared-state artefacts are now available over the `jsDelivr + <https://jsdelivr.com>`__ Content Delivery Network (CDN). + See :term:`SSTATE_MIRRORS`. + +- New variables: + + - :term:`CVE_CHECK_STATUSMAP`, :term:`CVE_STATUS`, :term:`CVE_STATUS_GROUPS`, + replacing the deprecated :term:`CVE_CHECK_IGNORE`. + + - :term:`FILE_LAYERNAME`: bitbake now sets this to the name of the layer + containing the recipe + + - :term:`FIT_ADDRESS_CELLS` and :term:`UBOOT_FIT_ADDRESS_CELLS`. + See details below. + + - :term:`KERNEL_DTBDEST`: directory where to install DTB files. + + - :term:`KERNEL_DTBVENDORED`: whether to keep vendor subdirectories. + + - :term:`KERNEL_LOCALVERSION`: to add a string to the kernel version + information. + + - :term:`KERNEL_STRIP`: to specify the command to strip the kernel binary. + + - :term:`LICENSE_FLAGS_DETAILS`: add extra details about a recipe license + in case it is not allowed by :term:`LICENSE_FLAGS_ACCEPTED`. + + - :term:`MESON_TARGET`: to compile a specific Meson target instead of the + default ones. + + - :term:`OEQA_REPRODUCIBLE_TEST_PACKAGE`: to restrict package managers used + in reproducibility testing. + +- Layername functionality available through overrides + + Code can now know which layer a recipe is coming from through the newly added :term:`FILE_LAYERNAME` + variable. This has been added as an override of the form ``layer-<layername>``. In particular, + this means QA checks can now be layer specific, for example:: + + ERROR_QA:layer-core:append = " patch-status" + + This will enable the ``patch-status`` QA check for the core layer. + +- Architecture-specific enhancements: + + - RISCV support is now enabled in LLVM 17. + + - Loongarch support in the :ref:`ref-classes-linuxloader` class and + ``core-image-minimal-initramfs`` image. + + - The ``arch-armv8`` and ``arch-armv9`` architectures are now given + `Scalable Vector Extension (SVE) + <https://developer.arm.com/documentation/100891/0612/sve-overview/introducing-sve>`__ + based tune options. Commits: + :yocto_git:`1 </poky/commit/?id=e4be03be5be62e367a40437a389121ef97d6cff3>`, + :yocto_git:`2 </poky/commit/?id=8cd5d264af4c346730531cb98ae945ab862dbd69>`. + + - Many changes to support 64-bit ``time_t`` on 32-bit architectures + +- Kernel-related enhancements: + + - The default kernel is the current stable (6.5), and there is also support + for the latest long-term release (6.1). + + - The list of fixed kernel CVEs is updated regularly using data from + `linuxkernelcves.com <https://linuxkernelcves.com>`__. + + - A ``showconfig`` task was added to the :ref:`ref-classes-cml1` class, to + easily examine the final generated ``.config`` file. + +- New core recipes: + + - `appstream <https://github.com/ximion/appstream>`__: a collaborative effort + for making machine-readable software metadata easily available + (from meta-oe) + + - `cargo-c-native <https://crates.io/crates/cargo-c>`__: cargo applet to build + and install C-ABI compatible dynamic and static libraries + + - `libadwaita <https://gitlab.gnome.org/GNOME/libadwaita>`__: Building blocks + for modern GNOME applications (from meta-gnome) + + - `libtraceevent <https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/>`__: + API to access the kernel tracefs directory (from meta-openembedded) + + - `libxmlb <https://github.com/hughsie/libxmlb>`__: A library to help create + and query binary XML blobs (from meta-oe) + + - ``musl-legacy-error``: glibc ``error()`` API implementation still needed + by a few packages. + + - `python3-beartype <https://beartype.readthedocs.io>`__, unbearably fast + runtime type checking in pure Python. + + - `python3-booleanpy <https://github.com/bastikr/boolean.py>`__: Define boolean + algebras, create and parse boolean expressions and create custom boolean DSL + (from meta-python) + + - `python3-calver <https://github.com/di/calver>`__: Setuptools extension for + CalVer package versions + + - `python3-click <http://click.pocoo.org/>`__: A simple wrapper around optparse + for powerful command line utilities (from meta-python) + + - ``python3-dtc``: Python Library for the Device Tree Compiler (from + meta-virtualization) + + - `python3-isodate <https://github.com/gweis/isodate/>`__: ISO 8601 date/time + parser (from meta-python) + + - `python3-license-expression <https://github.com/nexB/license-expression>`__: + Utility library to parse, compare, simplify and normalize license expressions + (from meta-python) + + - `python3-rdflib <https://github.com/RDFLib/rdflib>`__: a pure Python package + for working with RDF (from meta-python) + + - `python3-spdx-tools <https://github.com/spdx/tools-python>`__, + tools for SPDX validation and conversion. + + - `python3-trove-classifiers <https://github.com/pypa/trove-classifiers>`__: + Canonical source for classifiers on PyPI (pypi.org) + + - `python3-uritools <https://github.com/tkem/uritools/>`__, replacement for + the ``urllib.parse`` module. + + - `python3-xmltodict <https://github.com/martinblech/xmltodict>`__: Makes + working with XML feel like you are working with JSON (from meta-python) + + - `ttyrun <https://github.com/ibm-s390-linux/s390-tools>`__, starts + ``getty`` programs only when a terminal exists, preventing respawns + through the ``init`` program. This enabled removing the + ``SERIAL_CONSOLES_CHECK`` variable. + + - ``vulkan-validation-layers``: Khronos official validation layers to assist in + verifying that applications correctly use the + `Vulkan API <https://www.khronos.org/vulkan>`__. + + - `xcb-util-cursor <http://xcb.freedesktop.org/XcbUtil/>`__: XCB port of + libXcursor (from meta-oe) + +- QEMU / ``runqemu`` enhancements: + + - QEMU has been upgraded to version 8.1 + + - Many updates to the ``runqemu`` command. + + - The ``qemu-system-native`` recipe is now built with PNG support, which could be + useful to grab screenshots for error reporting purposes. + +- Rust improvements: + + - Rust has been upgraded to version 1.70 + + - New ``ptest-cargo`` class was added to allow Cargo based recipes to easily add ptests + + - New :ref:`ref-classes-cargo_c` class was added to allow recipes to make Rust code + available to C and C++ programs. See + ``meta-selftest/recipes-devtools/rust/rust-c-lib-example_git.bb`` for an example. + +- wic Image Creator enhancements: + + - ``bootimg-efi``: if ``fixed-size`` is set then use that for mkdosfs + + - ``bootimg-efi``: stop hardcoding VMA offsets, as required by systemd-boot v254 + (and dracut/ukify) + + - ``bootimg-pcbios``: use kernel name from :term:`KERNEL_IMAGETYPE` instead of + hardcoding ``vmlinuz`` + + - Added new ``gpt-hybrid`` option to ``ptable_format`` (formatting a disk with a hybrid + MBR and GPT partition scheme) + + - Use ``part_name`` in default imager when defined + + - Added ``--hidden`` argument to default imager to avoid MS Windows prompting to + format partition after flashing to a USB stick/SD card + +- FIT image related improvements: + + - New :term:`FIT_ADDRESS_CELLS` and :term:`UBOOT_FIT_ADDRESS_CELLS` variables allowing + to specify 64 bit addresses, typically for loading U-Boot. + + - Added ``compatible`` line to config section (with value from dtb) to allow bootloaders + to select the best matching configuration. + + +- SDK-related improvements: + + - Extended the following recipes to ``nativesdk``: ``libwebp``, ``python3-ply`` + +- Testing: + + - The :ref:`ref-classes-insane` class now adds an :ref:`unimplemented-ptest + <qa-check-unimplemented-ptest>` infrastructure to detect package sources + with unit tests but no implemented ptests in the recipe. + + - A new task to perform recipe-wide QA checks was added: ``do_recipe_qa``. + + - New build-time checks for set :term:`SUMMARY`, :term:`HOMEPAGE`, and + :term:`RECIPE_MAINTAINER` fields was added, and enabled for the core + recipes. + + - The ``parselogs`` runtime test was rewritten. Notably it no longer uses + regular expressions, which may mean custom patterns need updating. + + - A self-test to validate that the :term:`SPDX` manifests generated by + image builds are valid was added. + + - The ``QEMU_USE_SLIRP`` variable has been replaced by adding ``slirp`` to + ``TEST_RUNQEMUPARAMS``. + +- Utility script changes: + + - New ``scripts/patchtest`` utility to check patches to the + OpenEmbedded-Core project. See + :ref:`contributor-guide/submit-changes:validating patches with patchtest` + for details. + + - ``scripts/bblock`` was added, allowing the user to lock/unlock specific + recipes from being built. This makes it possibly to work on the + ``python3`` recipe without causing ``python3-native`` to rebuild. + +- BitBake improvements: + + - A fetcher for the Google Cloud Platform (``gs://``) was added. + + - The BitBake Cooker log now contains notes when the caches are + invalidated which is useful for memory resident BitBake debugging. + + - BitBake no longer watches files with :wikipedia:`inotify <inotify>` for + changes, as under load this can lead to races causing build instability. + + - Toaster's dependencies were upgraded to current releases, specifically + to Django 4.2. + +- Packaging changes: + + - :term:`FILES` now accepts a ``**`` wildcard, which matches zero or more + subdirectories. + + - The X server packagegroup now defaults to using the ``modesetting`` X + driver, which obsoletes the ``fbdev`` driver. + + - If a recipe uses :term:`LICENSE_FLAGS` and the licenses are not accepted, + it can set a custom message with :term:`LICENSE_FLAGS_DETAILS` to be + displayed to the users. + + - Recipes that fetch specific revisions no longer need to explicitly add + :term:`SRCPV` to :term:`PV` as BitBake will now automatically add the + revision information to :term:`PKGV` if needed (as long as "+" is still + present in the :term:`PKGV` value, which is set from :term:`PV` by + default). + + - The default :term:`PR` values in many recipes have been removed. + +- Security improvements: + + - Most repositories now include a :yocto_git:`SECURITY.md + </poky/tree/SECURITY.md>` file with hints for security researchers + and other parties who might report potential security vulnerabilities. + +- Prominent documentation updates: + + - New :doc:`../contributor-guide/index` document. + + - New :doc:`../dev-manual/security-subjects` chapter in the Development + Tasks Manual. + + - Long overdue documentation for the :ref:`ref-classes-devicetree` class. + + - New :ref:`summary about available init systems + <dev-manual/init-manager:summary>`. + + - New documentation for the :ref:`ref-classes-uboot-sign` class and + its variables and for the :ref:`ref-classes-kernel-devicetree` class + variables. + +- Miscellaneous changes: + + - Selecting systemd via :term:`INIT_MANAGER` now adds ``usrmerge`` to + :term:`DISTRO_FEATURES` as current versions of systemd now require + merged ``/usr``. + + - Generation of :term:`SPDX` manifests is now enabled by default. + + - Git based recipes in OE-Core which used the ``git`` protocol have been + changed to use `https`` where possible, as it is typically faster and + more reliable. + + - The ``os-release`` recipe added a ``CPE_NAME`` to the fields provided, with the + default being populated from :term:`DISTRO`. + + - The ``psplash`` recipe now accepts a PNG format image through + :term:`SPLASH_IMAGES`, instead of a harder to generate and modify + ``.h`` file. + + - The ; character is no longer needed to separate functions specified in + :term:`IMAGE_POSTPROCESS_COMMAND`, :term:`IMAGE_PREPROCESS_COMMAND`, + :term:`POPULATE_SDK_POST_HOST_COMMAND`, :term:`ROOTFS_POSTINSTALL_COMMAND` + etc. (If any are present they will be replaced with spaces, so existing + metadata does not yet need to be changed.) + + - In the ``Upstream-Status`` field in a patch header, "Accepted" is no longer + a valid value since it is logically the same as "Backport". Change any + values you have (particularly in patches applied through bbappends for core + recipes, since they will be validated as indicated above). + + +Known Issues in 4.3 +~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Recipe License changes in 4.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +- ``glib-networking``: make :term:`LICENSE` more accurate (``LGPL-2.1`` -> ``LGPL-2.1-or-later``) and add an exception for linking to OpenSSL if it is enabled (``openssl`` is in :term:`PACKAGECONFIG`) +- ``libbsd``: set per-package licensing to clarify that BSD-4-Clause code is only in the ``-doc`` package +- ``openssh``: BSD-4-Clause code has been removed completely from the codebase as part of 9.4p1 update - previously in the kirkstone release, ``BSD-4-Clause`` was removed from the :term:`LICENSE` value in our recipe, however some BSD-4-Clause code actually still remained upstream until 9.4p1. +- ``python3-sphinx``: remove ``BSD-3-Clause`` from :term:`LICENSE` - BSD-3-Clause code was removed as part of the python3-sphinx 7.0.1 release (see `this upstream commit <https://github.com/sphinx-doc/sphinx/commit/a7f5d91c29d6f377b9fe7e926965c6f9d3e7b802>`__) + + +Security Fixes in 4.3 +~~~~~~~~~~~~~~~~~~~~~ + +- bind: :cve:`2023-2911`, :cve:`2023-2828`, :cve:`2023-3341`, :cve:`2023-4236` +- binutils: :cve:`2023-1972` +- connman: :cve:`2023-28488` +- cups: :cve:`2023-32324`, :cve:`2023-34241`, :cve:`2023-4504` +- dbus: :cve:`2023-34969` +- dmidecode: :cve:`2023-30630` +- dropbear: :cve:`2023-36328` +- erofs-utils: :cve:`2023-33551`, :cve:`2023-33552` +- gcc: :cve:`2023-4039` +- ghostscript: :cve:`2023-28879`, :cve:`2023-36664`, :cve:`2023-38559;` ignore :cve:`2023-38560` +- git: :cve:`2023-25652`, :cve:`2023-29007` +- glibc: :cve:`2023-4527`, :cve:`2023-4806` +- go: :cve:`2023-24537`, :cve:`2023-39325` +- gstreamer: :cve:`2023-40475`, :cve:`2023-40476` +- inetutils: :cve:`2023-40303` +- libarchive: ignore :cve:`2023-30571` +- librsvg: :cve:`2023-38633` +- libwebp: :cve:`2023-1999`, :cve:`2023-4863` +- libx11: :cve:`2023-3138`, :cve:`2023-43785`, :cve:`2023-43786`, :cve:`2023-43787` +- libxml2: :cve:`2023-28484`, :cve:`2023-29469;` ignore disputed :cve:`2023-45322` +- libxpm: :cve:`2023-43788`, :cve:`2023-43789`, :cve:`2022-44617` +- linux: update CVE exclusions +- ncurses: :cve:`2023-29491` +- nghttp2: :cve:`2023-44487` +- ninja: ignore :cve:`2021-4336`, wrong ninja +- openssh: :cve:`2023-38408` +- openssl: :cve:`2023-2650`, :cve:`2023-1255`, :cve:`2023-0466`, :cve:`2023-0465`, :cve:`2023-0464`, :cve:`2023-3817`, :cve:`2023-3446`, :cve:`2023-2975`, :cve:`2023-4807` +- perl: :cve:`2023-31484`, :cve:`2023-31486` +- pixman: ignore :cve:`2023-37769` +- procps: :cve:`2023-4016` +- python3-git: :cve:`2023-41040` +- python3: ignore :cve:`2023-36632` +- python3-urllib3: :cve:`2023-43804` +- qemu: :cve:`2023-40360`, :cve:`2023-42467;` ignore :cve:`2023-0664` (Windows-specific), ignore :cve:`2023-2680` (RHEL specific) +- screen: :cve:`2023-24626` +- shadow: :cve:`2023-29383` +- sqlite3: ignore :cve:`2023-36191` +- sysstat: :cve:`2023-33204` +- tiff: :cve:`2022-4645`, :cve:`2023-2731`, :cve:`2023-26965`, :cve:`2023-40745`, :cve:`2023-41175` +- vim: :cve:`2023-2426`, :cve:`2023-2609`, :cve:`2023-2610`, :cve:`2023-3896`, :cve:`2023-5441`, :cve:`2023-5535` +- zlib: ignore :cve:`2023-45853` + + +Recipe Upgrades in 4.3 +~~~~~~~~~~~~~~~~~~~~~~ + +- acpica: upgrade 20220331 -> 20230628 +- adwaita-icon-theme: 43 -> 45.0 +- alsa-lib: upgrade 1.2.8 -> 1.2.10 +- alsa-ucm-conf: upgrade 1.2.8 -> 1.2.10 +- alsa-utils: upgrade 1.2.8 -> 1.2.10 +- apr: upgrade 1.7.2 -> 1.7.4 +- apt: Upgrade to v2.6.0 +- at-spi2-core: update 2.46.0 -> 2.50.0 +- autoconf: Upgrade to 2.72c +- babeltrace2: upgrade 2.0.4 -> 2.0.5 +- bind: upgrade 9.18.12 -> 9.18.19 +- binutils: Upgrade to 2.41 release +- bluez5: upgrade 5.66 -> 5.69 +- boost: upgrade 1.81.0 -> 1.83.0 +- btrfs-tools: upgrade 6.1.3 -> 6.5.1 +- busybox: 1.36.0 -> 1.36.1 +- ccache: upgrade 4.7.4 -> 4.8.3 +- cmake: upgrade to 3.27.5 +- connman: update 1.41 -> 1.42 +- coreutils: upgrade 9.1 -> 9.4 +- cpio: upgrade to 2.14 +- cracklib: upgrade 2.9.10 -> 2.9.11 +- createrepo-c: update 0.20.1 -> 1.0.0 +- cryptodev: update to 1.13 + latest git +- cups: upgrade to 2.4.6 +- curl: upgrade 8.0.1 -> 8.4.0 +- dbus: upgrade 1.14.6 -> 1.14.10 +- debianutils: upgrade 5.8 -> 5.13 +- dhcpcd: upgrade to 10.0.2 +- diffoscope: upgrade 236 -> 249 +- diffutils: update 3.9 -> 3.10 +- dmidecode: upgrade to 3.5 +- dnf: upgrade 4.14.0 -> 4.17.0 +- dos2unix: upgrade 7.4.4 -> 7.5.1 +- dpkg: upgrade to v1.22.0 +- efivar: Upgrade to tip of trunk +- elfutils: upgrade 0.188 -> 0.189 +- ell: upgrade 0.56 -> 0.58 +- enchant2: upgrade 2.3.4 -> 2.6.1 +- epiphany: upgrade 43.1 -> 44.6 +- erofs-utils: update 1.5 -> 1.6 +- ethtool: upgrade 6.2 -> 6.5 +- eudev: Upgrade 3.2.11 -> 3.2.12 +- ffmpeg: update 5.1.2 -> 6.0 +- file: upgrade 5.44 -> 5.45 +- flac: Upgrade 1.4.2 -> 1.4.3 +- font-util: upgrade 1.4.0 -> 1.4.1 +- freetype: upgrade 2.13.0 -> 2.13.2 +- fribidi: upgrade 1.0.12 -> 1.0.13 +- gawk: upgrade 5.2.1 -> 5.2.2 +- gcc: upgrade to 13.2 +- gcompat: Upgrade to 1.1.0 +- gcr: update 4.0.0 -> 4.1.0 +- gdb: upgrade 13.1 -> 13.2 +- gettext: upgrade 0.21.1 -> 0.22 +- ghostscript: upgrade to 10.02.0 +- git: upgrade to 2.42.0 +- glib-2.0: upgrade 2.74.6 -> 2.78.0 +- glibc: upgrade to 2.38 + stable updates +- glib-networking: upgrade 2.74.0 -> 2.76.1 +- glslang: upgrade to 1.3.243 +- gmp: upgrade 6.2.1 -> 6.3.0 +- gnu-efi: upgrade 3.0.15 -> 3.0.17 +- gnupg: upgrade 2.4.0 -> 2.4.3 +- gnutls: update 3.8.0 -> 3.8.1 +- gobject-introspection: upgrade 1.74.0 -> 1.78.1 +- go-helloworld: Upgrade to tip of trunk +- go: update 1.20.1 -> 1.20.10 +- gpgme: update 1.18.0 -> 1.22.0 +- grep: upgrade 3.10 -> 3.11 +- groff: update 1.22.4 -> 1.23.0 +- gsettings-desktop-schemas: upgrade 43.0 -> 44.0 +- gstreamer1.0: upgrade 1.22.0 -> 1.22.5 +- gstreamer: upgrade 1.22.5 -> 1.22.6 +- gtk+3: upgrade 3.24.36 -> 3.24.38 +- gtk4: update 4.10.0 -> 4.12.3 +- gzip: update 1.12 -> 1.13 +- harfbuzz: upgrade 7.1.0 -> 8.2.1 +- icu: upgrade 72-1 -> 73-2 +- igt-gpu-tools: update 1.27.1 -> 1.28 +- iproute2: upgrade 6.2.0 -> 6.5.0 +- iso-codes: upgrade 4.13.0 -> 4.15.0 +- jquery: upgrade 3.6.3 -> 3.7.1 +- json-c: upgrade 0.16 -> 0.17 +- kbd: upgrade 2.5.1 -> 2.6.3 +- kea: upgrade to v2.4.0 +- kexec-tools: upgrade 2.0.26 -> 2.0.27 +- kmscube: upgrade to latest revision +- less: update 608 -> 643 +- libadwaita: upgrade 1.3.3 -> 1.4.0 +- libarchive: upgrade 3.6.2 -> 3.7.2 +- libassuan: upgrade 2.5.5 -> 2.5.6 +- libatomic-ops: update 7.6.14 -> 7.8.0 +- libcap: upgrade 2.67 -> 2.69 +- libcgroup: update 3.0.0 -> 3.1.0 +- libconvert-asn1-perl: upgrade 0.33 -> 0.34 +- libdnf: update 0.70.1 -> 0.70.1 +- libdrm: upgrade 2.4.115 -> 2.4.116 +- libedit: upgrade 20221030-3.1 -> 20230828-3.1 +- libevdev: upgrade 1.13.0 -> 1.13.1 +- libgcrypt: update 1.10.1 -> 1.10.2 +- libgit2: upgrade 1.6.3 -> 1.7.1 +- libglu: update 9.0.2 -> 9.0.3 +- libgpg-error: update 1.46 -> 1.47 +- libgudev: upgrade 237 -> 238 +- libhandy: upgrade 1.8.1 -> 1.8.2 +- libinput: upgrade to 1.24.0 +- libjpeg-turbo: upgrade to 3.0.0 +- libksba: upgrade 1.6.3 -> 1.6.4 +- libmd: upgrade 1.0.4 -> 1.1.0 +- libmicrohttpd: upgrade 0.9.76 -> 0.9.77 +- libmodule-build-perl: upgrade 0.4232 -> 0.4234 +- libmodulemd: upgrade 2.14.0 -> 2.15.0 +- libnl: upgrade 3.7.0 -> 3.8.0 +- libnss-nis: upgrade 3.1 -> 3.2 +- libpam: update 1.5.2 -> 1.5.3 +- libpcap: upgrade 1.10.3 -> 1.10.4 +- libpng: upgrade 1.6.39 -> 1.6.40 +- libportal: upgrade 0.6 -> 0.7.1 +- libproxy: update 0.4.18 -> 0.5.3 +- libpthread-stubs: update 0.4 -> 0.5 +- librepo: upgrade 1.15.1 -> 1.16.0 +- librsvf: update 2.54.5 -> 2.56.0 +- librsvg: update 2.56.0 -> 2.56.3 +- libsdl2: upgrade 2.26.3 -> 2.28.3 +- libsecret: upgrade 0.20.5 -> 0.21.1 +- libsndfile1: upgrade 1.2.0 -> 1.2.2 +- libsolv: upgrade 0.7.23 -> 0.7.25 +- libsoup: upgrade 3.2.2 -> 3.4.2 +- libssh2: update 1.10.0 -> 1.11.0 +- libtraceevent: upgrade 1.7.2 -> 1.7.3 +- libubootenv: upgrade 0.3.3 -> 0.3.4 +- liburi-perl: update 5.17 -> 5.21 +- libuv: upgrade 1.44.2 -> 1.46.0 +- libva: update 2.16 -> 2.19.0 +- libva-utils: update 2.19.0 -> 2.20.0 +- libwebp: upgrade 1.3.0 -> 1.3.2 +- libx11: upgrade 1.8.4 -> 1.8.7 +- libxcb: upgrade 1.15 -> 1.16 +- libxcrypt: upgrade 4.4.33 -> 4.4.36 +- libxfixes: Upgrade to v6.0.1 +- libxft: upgrade 2.3.7 -> 2.3.8 +- libxi: upgrade to v1.8.1 +- libxml2: upgrade 2.10.3 -> 2.11.5 +- libxpm: upgrade 3.5.15 -> 3.5.17 +- libxslt: upgrade 1.1.37 -> 1.1.38 +- libxt: Upgrade to v1.3.0 +- lighttpd: upgrade 1.4.69 -> 1.4.71 +- linux-firmware: upgrade 20230210 -> 20230804 +- linux-libc-headers: uprev to v6.5 +- linux-yocto/6.1: update to v6.1.57 +- linux-yocto-dev: update to v6.6-rcX +- linux-yocto: introduce 6.5 reference kernel recipes +- llvm: Upgrade to 17.0.2 +- ltp: upgrade 20230127 -> 20230516 +- lttng-modules: Upgrade 2.13.9 -> 2.13.10 +- lttng-tools: Upgrade 2.13.9 -> 2.13.11 +- lttng-ust: upgrade 2.13.5 -> 2.13.6 +- lua: update 5.4.4 -> 5.4.6 +- man-pages: upgrade 6.03 -> 6.05.01 +- mc: upgrade 4.8.29 -> 4.8.30 +- mesa: upgrade 23.0.0 -> 23.2.1 +- meson: upgrade 1.0.1 -> 1.2.2 +- mmc-utils: upgrade to latest revision +- mobile-broadband-provider-info: upgrade 20221107 -> 20230416 +- mpfr: upgrade 4.2.0 -> 4.2.1 +- mpg123: upgrade 1.31.2 -> 1.31.3 +- msmtp: upgrade 1.8.23 -> 1.8.24 +- mtd-utils: upgrade 2.1.5 -> 2.1.6 +- mtools: upgrade 4.0.42 -> 4.0.43 +- musl: update to latest master +- neard: upgrade 0.18 -> 0.19 +- nettle: upgrade 3.8.1 -> 3.9.1 +- nfs-utils: upgrade 2.6.2 -> 2.6.3 +- nghttp2: upgrade 1.52.0 -> 1.57.0 +- ofono: upgrade 2.0 -> 2.1 +- openssh: upgrade to 9.5p1 +- openssl: upgrade 3.1.0 -> 3.1.3 +- opkg: upgrade 0.6.1 -> 0.6.2 +- opkg-utils: upgrade 0.5.0 -> 0.6.2 +- orc: upgrade 0.4.33 -> 0.4.34 +- ovmf: update 202211 -> 202305 +- ovmf: update edk2-stable202305 -> edk2-stable202308 +- p11-kit: upgrade 0.24.1 -> 0.25.0 +- pango: upgrade 1.50.13 -> 1.51.0 +- parted: upgrade 3.5 -> 3.6 +- patchelf: Upgrade 0.17.2 -> 0.18.0 +- pciutils: upgrade 3.9.0 -> 3.10.0 +- perlcross: update 1.4 -> 1.5 +- perl: update 5.36.0 -> 5.38.0 +- piglit: upgrade to latest revision +- pigz: upgrade 2.7 -> 2.8 +- pkgconf: upgrade 1.9.4 -> 2.0.3 +- ppp: upgrade 2.4.9 -> 2.5.0 +- procps: update 4.0.3 -> 4.0.4 +- puzzles: upgrade to latest revision +- python3-attrs: upgrade 22.2.0 -> 23.1.0 +- python3-build: upgrade to 1.0.3 +- python3-certifi: upgrade 2022.12.7 -> 2023.7.22 +- python3-chardet: upgrade 5.1.0 -> 5.2.0 +- python3-cryptography{-vectors}: upgrade 39.0.2 -> 41.0.4 +- python3-cython: upgrade 0.29.33 -> 0.29.36 +- python3-dbusmock: upgrade 0.28.7 -> 0.29.1 +- python3-docutils: upgrade 0.19 -> 0.20.1 +- python3-dtc: upgrade 1.6.1 -> 1.7.0 +- python3-dtschema: upgrade 2023.1 -> 2023.7 +- python3-editables: upgrade 0.3 -> 0.5 +- python3-flit-core: upgrade 3.8.0 -> 3.9.0 +- python3-git: upgrade 3.1.31 -> 3.1.36 +- python3-hatch-fancy-pypi-readme: upgrade 22.8.0 -> 23.1.0 +- python3-hatchling: upgrade 1.13.0 -> 1.18.0 +- python3-hypothesis: upgrade 6.68.2 -> 6.86.2 +- python3-importlib-metadata: upgrade 6.0.0 -> 6.8.0 +- python3-installer: upgrade 0.6.0 -> 0.7.0 +- python3-iso8601: upgrade 1.1.0 -> 2.0.0 +- python3-jsonpointer: upgrade to 2.4 +- python3-libarchive-c: upgrade 4.0 -> 5.0 +- python3-lxml: upgrade 4.9.2 -> 4.9.3 +- python3-markdown: upgrade 3.4.1 -> 3.4.4 +- python3-markupsafe: upgrade 2.1.2 -> 2.1.3 +- python3-more-itertools: upgrade 9.1.0 -> 10.1.0 +- python3-numpy: upgrade 1.24.2 -> 1.26.0 +- python3-packaging: upgrade 23.0 -> 23.1 +- python3-pathspec: upgrade 0.11.0 -> 0.11.2 +- python3-pip: upgrade 23.0.1 -> 23.2.1 +- python3-pluggy: upgrade 1.0.0 -> 1.3.0 +- python3-poetry-core: upgrade 1.5.2 -> 1.7.0 +- python3-psutil: upgrade 5.9.4 -> 5.9.5 +- python3-pyasn1: upgrade 0.4.8 -> 0.5.0 +- python3-pycairo: upgrade 1.23.0 -> 1.24.0 +- python3-pycryptodome: upgrade 3.17 -> 3.19.0 +- python3-pycryptodomex: upgrade 3.17 -> 3.19.0 +- python3-pyelftools: upgrade 0.29 -> 0.30 +- python3-pygments: upgrade 2.14.0 -> 2.16.1 +- python3-pygobject: upgrade 3.42.2 -> 3.46.0 +- python3-pyopenssl: upgrade 23.0.0 -> 23.2.0 +- python3-pyparsing: upgrade 3.0.9 -> 3.1.1 +- python3-pytest-subtests: upgrade 0.10.0 -> 0.11.0 +- python3-pytest: upgrade 7.2.2 -> 7.4.2 +- python3-pytz: upgrade 2022.7.1 -> 2023.3 +- python3-pyyaml: upgrade 6.0 -> 6.0.1 +- python3-requests: Upgrade to 2.31.0 +- python3-ruamel-yaml: upgrade 0.17.21 -> 0.17.32 +- python3-setuptools-rust: upgrade 1.5.2 -> 1.7.0 +- python3-setuptools: upgrade 67.6.0 -> 68.2.2 +- python3-smmap: upgrade 5.0.0 -> 6.0.0 +- python3-sphinx-rtd-theme: upgrade 1.2.0 -> 1.3.0 +- python3-sphinx: upgrade 6.1.3 -> 7.2.6 +- python3-trove-classifiers: upgrade 2023.4.29 -> 2023.9.19 +- python3-typing-extensions: upgrade 4.5.0 -> 4.8.0 +- python3: upgrade 3.11.2 -> 3.11.5 +- python3-urllib3: upgrade 1.26.15 -> 2.0.6 +- python3-webcolors: upgrade 1.12 -> 1.13 +- python3-wheel: upgrade 0.40.0 -> 0.41.2 +- python3-zipp: upgrade 3.15.0 -> 3.17.0 +- qemu: Upgrade 7.2.0 -> 8.1.0 +- re2c: upgrade 3.0 -> 3.1 +- repo: upgrade 2.32 -> 2.36.1 +- rpcsvc-proto: Upgrade to 1.4.4 +- rpm2cpio.sh: update to the last 4.x version +- rpm: update 4.18.0 -> 4.18.1 +- ruby: upgrade 3.2.1 -> 3.2.2 +- rust: Upgrade 1.68.1 -> 1.70.0 +- screen: update 4.9.0 -> 4.9.1 +- seatd: upgrade 0.7.0 -> 0.8.0 +- serf: upgrade 1.3.9 -> 1.3.10 +- shaderc: upgrade 2023.2 -> 2023.6 +- spirv-headers: upgrade 1.3.239.0 -> 1.3.243.0 +- spirv-tools: upgrade 1.3.239.0 -> 1.3.243.0 +- sqlite3: upgrade 3.41.0 -> 3.43.1 +- squashfs-tools: upgrade 4.5.1 -> 4.6.1 +- sstatesig: Update to match bitbake changes to runtaskdeps +- strace: upgrade 6.2 -> 6.5 +- stress-ng: upgrade 0.15.06 -> 0.16.05 +- sudo: update 1.9.13p3 -> 1.9.14p3 +- sysfsutils: update 2.1.0 -> 2.1.1 +- sysklogd: upgrade 2.4.4 -> 2.5.2 +- sysstat: update 12.6.2 -> 12.7.4 +- systemd: upgrade 253.1 -> 254.4 +- systemtap: upgrade 4.8 -> 4.9 +- taglib: upgrade 1.13 -> 1.13.1 +- tar: upgrade 1.34 -> 1.35 +- tcf-agent: Update to 1.8.0 release +- texinfo: upgrade 7.0.2 -> 7.0.3 +- tiff: upgrade to 4.6.0 +- u-boot: Upgrade to 2023.10 +- util-linux: upgrade 2.38.1 -> 2.39.2 +- vala: upgrade 0.56.4 -> 0.56.13 +- valgrind: update 3.20.0 -> 3.21.0 +- vim: upgrade 9.0.1429 -> 9.0.2048 +- vte: upgrade 0.72.0 -> 0.72.2 +- vulkan-headers: upgrade to 1.3.243 +- vulkan-loader: upgrade to 1.3.243 +- vulkan-samples: update to latest SHA +- vulkan-tools: upgrade to 1.3.243 +- vulkan: upgrade 1.3.243.0 -> 1.3.261.1 +- waffle: upgrade 1.7.0 -> 1.7.2 +- wayland-protocols: upgrade 1.31 -> 1.32 +- wayland: upgrade 1.21.0 -> 1.22.0 +- wayland-utils: upgrade 1.1.0 -> 1.2.0 +- webkitgtk: update 2.38.5 -> 2.40.5 +- weston: update 11.0.1 -> 12.0.2 +- wget: upgrade 1.21.3 -> 1.21.4 +- wireless-regdb: upgrade 2023.02.13 -> 2023.09.01 +- wpebackend-fdo: upgrade 1.14.0 -> 1.14.2 +- xcb-proto: upgrade 1.15.2 -> 1.16.0 +- xdpyinfo: upgrade 1.3.3 -> 1.3.4 +- xeyes: upgrade 1.2.0 -> 1.3.0 +- xf86-input-libinput: upgrade 1.2.1 -> 1.4.0 +- xf86-input-mouse: upgrade 1.9.4 -> 1.9.5 +- xinput: upgrade to v1.6.4 +- xkeyboard-config: upgrade 2.38 -> 2.39 +- xorgproto: upgrade 2022.2 -> 2023.2 +- xserver-xorg: upgrade 21.1.7 -> 21.1.8 +- xtrans: update 1.4.0 -> 1.5.0 +- xwayland: upgrade 22.1.8 -> 23.2.1 +- xwininfo: upgrade to v1.1.6 +- xxhash: upgrade 0.8.1 -> 0.8.2 +- xz: upgrade 5.4.2 -> 5.4.4 +- zlib: upgrade 1.2.13 -> 1.3 +- zstd: upgrade 1.5.4 -> 1.5.5 + + + + +Contributors to 4.3 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Adrian Freihofer +- Alassane Yattara +- Alberto Pianon +- Alberto Planas +- Alejandro Hernandez Samaniego +- Alexander Kanavin +- Alexandre Belloni +- Alexis Lothoré +- Alex Kiernan +- Andreas Cord-Landwehr +- André Draszik +- Andrej Valek +- Andrew Jeffery +- Andrey Zhizhikin +- Angelo Ribeiro +- Antoine Lubineau +- Antonin Godard +- Anuj Mittal +- Archana Polampalli +- Armin Kuster +- Arne Schwerdt +- Arno Baumfalk +- Arslan Ahmad +- Bartosz Golaszewski +- BELHADJ SALEM Talel +- BELOUARGA Mohamed +- Benjamin Bara +- Benjamin Bouvier +- Bergin, Peter +- Bruce Ashfield +- Changhyeok Bae +- Changqing Li +- Charles-Antoine Couret +- Charlie Wu +- Chen Qi +- Chi Xu +- Chris Laplante +- Christopher Larson +- Daniel Ammann +- Daniel McGregor +- Daniel Semkowicz +- David Reyna +- Deepthi Hemraj +- Denis OSTERLAND-HEIM +- Denys Dmytriyenko +- Derek Straka +- Dit Kozmaj +- Dmitry Baryshkov +- Ed Beroset +- Eero Aaltonen +- Eilís 'pidge' Ní Fhlannagáin +- Emil Ekmečić +- Emil Kronborg Andersen +- Enrico Jörns +- Enrico Scholz +- Etienne Cordonnier +- Fabien Mahot +- Fabio Estevam +- Fahad Arslan +- Frank WOLFF +- Frederic Martinsons +- Frieder Paape +- Frieder Schrempf +- Geoff Parker +- Hannu Lounento +- Ian Ray +- Insu Park +- Jaeyoon Jung +- Jamin Lin +- Jan Garcia +- Jan Vermaete +- Jasper Orschulko +- Jean-Marie Lemetayer +- Jérémy Rosen +- Jermain Horsman +- Jialing Zhang +- Joel Stanley +- Joe Slater +- Johannes Schrimpf +- Jon Mason +- Jörg Sommer +- Jose Quaresma +- Joshua Watt +- Julien Stephan +- Kai Kang +- Khem Raj +- Kyle Russell +- Lee Chee Yang +- Lei Maohui +- Leon Anavi +- Lorenzo Arena +- Louis Rannou +- Luan Rafael Carneiro +- Luca Boccassi +- Luca Ceresoli +- Marc Ferland +- Marcus Flyckt +- Marek Vasut +- Mark Asselstine +- Mark Hatle +- Markus Niebel +- Markus Volk +- Marlon Rodriguez Garcia +- Marta Rybczynska +- Martijn de Gouw +- Martin Jansa +- Martin Siegumfeldt +- Matthias Schnelte +- Mauro Queiros +- Max Krummenacher +- Michael Halstead +- Michael Opdenacker +- Mickael RAMILISON +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Narpat Mali +- Natasha Bailey +- Nikhil R +- Ninad Palsule +- Ola x Nilsson +- Oleksandr Hnatiuk +- Otavio Salvador +- Ovidiu Panait +- Pascal Bach +- Patrick Williams +- Paul Eggleton +- Paul Gortmaker +- Paulo Neves +- Pavel Zhukov +- Pawan Badganchi +- Peter Bergin +- Peter Hoyes +- Peter Kjellerstedt +- Peter Marko +- Peter Suti +- Petr Gotthard +- Petr Kubizňák +- Piotr Łobacz +- Poonam Jadhav +- Qiu Tingting +- Quentin Schulz +- Randolph Sapp +- Randy MacLeod +- Ranjitsinh Rathod +- Rasmus Villemoes +- Remi Peuvergne +- Richard Purdie +- Riyaz Khan +- Robert Joslyn +- Robert P. J. Day +- Robert Yang +- Roland Hieber +- Ross Burton +- Ryan Eatmon +- Sakib Sajal +- Samantha Jalabert +- Sanjay Chitroda +- Sean Nyekjaer +- Sergei Zhmylev +- Siddharth Doshi +- Soumya Sambu +- Staffan Rydén +- Stefano Babic +- Stefan Tauner +- Stéphane Veyret +- Stephan Wurm +- Sudip Mukherjee +- Sundeep KOKKONDA +- Svend Meyland Nicolaisen +- Tan Wen Yan +- Thomas Roos +- Tim Orling +- Tom Hochstein +- Tom Isaacson +- Trevor Gamblin +- Ulrich Ölmann +- Victor Kamensky +- Vincent Davis Jr +- Virendra Thakur +- Wang Mingyu +- Xiangyu Chen +- Yang Xu +- Yash Shinde +- Yi Zhao +- Yoann Congal +- Yogita Urade +- Yuta Hayama +- Zang Ruochen +- Zhixiong Chi + + +Repositories / Downloads for Yocto-4.3 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3 </poky/log/?h=yocto-4.3>` +- Git Revision: :yocto_git:`15b576c4101231d248fda7ae0824e1780e1a8901 </poky/commit/?id=15b576c4101231d248fda7ae0824e1780e1a8901>` +- Release Artefact: poky-15b576c4101231d248fda7ae0824e1780e1a8901 +- sha: 6b0ef7914d15db057f3efdf091b169a7361c74aac0abcfa717ef55d1a0adf74c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3/poky-15b576c4101231d248fda7ae0824e1780e1a8901.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3/poky-15b576c4101231d248fda7ae0824e1780e1a8901.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` +- Tag: :oe_git:`yocto-4.3 </openembedded-core/log/?h=yocto-4.3>` +- Git Revision: :oe_git:`4c261f8cbdf0c7196a74daad041d04eb093015f3 </openembedded-core/commit/?id=4c261f8cbdf0c7196a74daad041d04eb093015f3>` +- Release Artefact: oecore-4c261f8cbdf0c7196a74daad041d04eb093015f3 +- sha: c9e6ac75d7848ce8844cb29c98659dd8f83b3de13b916124dff76abe034e6a5c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3/oecore-4c261f8cbdf0c7196a74daad041d04eb093015f3.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3/oecore-4c261f8cbdf0c7196a74daad041d04eb093015f3.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3 </meta-mingw/log/?h=yocto-4.3>` +- Git Revision: :yocto_git:`65ef95a74f6ae815f63f636ed53e140a26a014ce </meta-mingw/commit/?id=65ef95a74f6ae815f63f636ed53e140a26a014ce>` +- Release Artefact: meta-mingw-65ef95a74f6ae815f63f636ed53e140a26a014ce +- sha: fb2bf806941a00a1be6349c074379b63a76490bcf0f3b740d96d1aeeefa12286 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3/meta-mingw-65ef95a74f6ae815f63f636ed53e140a26a014ce.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3/meta-mingw-65ef95a74f6ae815f63f636ed53e140a26a014ce.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` +- Tag: :oe_git:`yocto-4.3 </bitbake/log/?h=yocto-4.3>` +- Git Revision: :oe_git:`5419a8473d6d4cd1d01537de68ad8d72cf5be0b2 </bitbake/commit/?id=5419a8473d6d4cd1d01537de68ad8d72cf5be0b2>` +- Release Artefact: bitbake-5419a8473d6d4cd1d01537de68ad8d72cf5be0b2 +- sha: e5dab4b3345d91307860803e2ad73b2fcffa9d17dd3fde0e013ca0ebea0d05ca +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3/bitbake-5419a8473d6d4cd1d01537de68ad8d72cf5be0b2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3/bitbake-5419a8473d6d4cd1d01537de68ad8d72cf5be0b2.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3 </yocto-docs/log/?h=yocto-4.3>` +- Git Revision: :yocto_git:`ceb1812e63b9fac062f886c2a1dde23137c0e1ed </yocto-docs/commit/?id=ceb1812e63b9fac062f886c2a1dde23137c0e1ed>` + diff --git a/documentation/migration-guides/release-notes-5.0.1.rst b/documentation/migration-guides/release-notes-5.0.1.rst new file mode 100644 index 0000000000..a377f92c19 --- /dev/null +++ b/documentation/migration-guides/release-notes-5.0.1.rst @@ -0,0 +1,134 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-5.0.1 (Scarthgap) +----------------------------------------- + +Security Fixes in Yocto-5.0.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Fixes in Yocto-5.0.1 +~~~~~~~~~~~~~~~~~~~~ + +- babeltrace2: upgrade 2.0.5 -> 2.0.6 +- bind: upgrade 9.18.24 -> 9.18.25 +- bitbake: cooker: Use hash client to ping upstream server +- build-appliance-image: Update to scarthgap head revision (b9b47b1a392b...) +- docs: add support for scarthgap 5.0 release +- docs: brief-yoctoprojectqs: explicit version dependency on websockets python module +- docs: brief-yoctoprojectqs: Update to the correct hash equivalence server address +- documentation/poky.yaml.in: drop mesa/sdl from essential host packages +- ell: upgrade 0.63 -> 0.64 +- gcr: upgrade 4.2.0 -> 4.2.1 +- icu: update 74-1 -> 74-2 +- libdnf: upgrade 0.73.0 -> 0.73.1 +- libsdl2: upgrade 2.30.0 -> 2.30.1 +- libx11: upgrade 1.8.7 -> 1.8.9 +- libxcursor: upgrade 1.2.1 -> 1.2.2 +- libxml2: upgrade 2.12.5 -> 2.12.6 +- local.conf.sample: Fix hashequivalence server address +- lttng-tools: upgrade 2.13.11 -> 2.13.13 +- manuals: standards.md: add standard for project names +- mesa: upgrade 24.0.2 -> 24.0.3 +- migration-notes: add release notes for 4.0.18 +- mpg123: upgrade 1.32.5 -> 1.32.6 +- pango: upgrade 1.52.0 -> 1.52.1 +- poky.conf: bump version for 5.0.1 +- python3: skip test_concurrent_futures/test_shutdown +- ref-manual: update releases.svg +- ref-manual: variables: add :term:`USERADD_DEPENDS` +- release-notes-5.0: update Repositories / Downloads section +- release-notes-5.0: update recipes changes +- release-notes-5.0: update new features +- rootfs-postcommands.bbclass: Only set DROPBEAR_RSAKEY_DIR once +- rpm: update 4.19.1 -> 4.19.1.1 +- scripts/oe-setup-build: write a build environment initialization one-liner into the build directory +- sstate.bbclass: Add _SSTATE_EXCLUDEDEPS_SYSROOT to vardepsexclude +- systemd: sed :term:`ROOT_HOME` only if sysusers :term:`PACKAGECONFIG` is set + + +Known Issues in Yocto-5.0.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-5.0.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alexander Kanavin +- Christian Bräuner Sørensen +- Joshua Watt +- Lee Chee Yang +- Mark Hatle +- Michael Glembotzki +- Michael Halstead +- Michael Opdenacker +- Paul Eggleton +- Quentin Schulz +- Richard Purdie +- Steve Sakoman +- Trevor Gamblin +- Wang Mingyu + + +Repositories / Downloads for Yocto-5.0.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0.1 </poky/log/?h=yocto-5.0.1>` +- Git Revision: :yocto_git:`4b07a5316ed4b858863dfdb7cab63859d46d1810 </poky/commit/?id=4b07a5316ed4b858863dfdb7cab63859d46d1810>` +- Release Artefact: poky-4b07a5316ed4b858863dfdb7cab63859d46d1810 +- sha: 51d0c84da7dbcc8db04a674da39cfc73ea78aac22ee646ede5b6229937d4666a +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.1/poky-4b07a5316ed4b858863dfdb7cab63859d46d1810.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0.1/poky-4b07a5316ed4b858863dfdb7cab63859d46d1810.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>` +- Tag: :oe_git:`yocto-5.0.1 </openembedded-core/log/?h=yocto-5.0.1>` +- Git Revision: :oe_git:`294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916 </openembedded-core/commit/?id=294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916>` +- Release Artefact: oecore-294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916 +- sha: e9be51a3b1fe8a1f420483b912caf91bc429dcca303d462381876a643b73045e +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.1/oecore-294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0.1/oecore-294a7dbe44f6b7c8d3a1de8c2cc182af37c4f916.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0.1 </meta-mingw/log/?h=yocto-5.0.1>` +- Git Revision: :yocto_git:`acbba477893ef87388effc4679b7f40ee49fc852 </meta-mingw/commit/?id=acbba477893ef87388effc4679b7f40ee49fc852>` +- Release Artefact: meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852 +- sha: 3b7c2f475dad5130bace652b150367f587d44b391218b1364a8bbc430b48c54c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.1/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0.1/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>` +- Tag: :oe_git:`yocto-5.0.1 </bitbake/log/?h=yocto-5.0.1>` +- Git Revision: :oe_git:`8f90d10f9efc9a32e13f6bd031992aece79fe7cc </bitbake/commit/?id=8f90d10f9efc9a32e13f6bd031992aece79fe7cc>` +- Release Artefact: bitbake-8f90d10f9efc9a32e13f6bd031992aece79fe7cc +- sha: 519f02d5de7fbfac411532161d521123814dd9cc7d6b55488b5e7a547c1a6977 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.1/bitbake-8f90d10f9efc9a32e13f6bd031992aece79fe7cc.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0.1/bitbake-8f90d10f9efc9a32e13f6bd031992aece79fe7cc.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0.1 </yocto-docs/log/?h=yocto-5.0.1>` +- Git Revision: :yocto_git:`875dfe69e93bf8fee3b8c07818a6ac059f228a13 </yocto-docs/commit/?id=875dfe69e93bf8fee3b8c07818a6ac059f228a13>` + diff --git a/documentation/migration-guides/release-notes-5.0.rst b/documentation/migration-guides/release-notes-5.0.rst new file mode 100644 index 0000000000..800ba20a27 --- /dev/null +++ b/documentation/migration-guides/release-notes-5.0.rst @@ -0,0 +1,993 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 5.0 (scarthgap) +--------------------------------- + +New Features / Enhancements in 5.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 6.6, gcc 13.2, glibc 2.39, LLVM 18.1, and over 300 other recipe upgrades + +- New variables: + + - :term:`CVE_DB_INCR_UPDATE_AGE_THRES`: Configure the maximum age of the + internal CVE database for incremental update (instead of a full + redownload). + + - :term:`RPMBUILD_EXTRA_PARAMS`: support extra user-defined fields without + crashing the RPM package creation. + + - :term:`OPKG_MAKE_INDEX_EXTRA_PARAMS`: support extra parameters for + ``opkg-make-index``. + + - :term:`EFI_UKI_PATH`, :term:`EFI_UKI_DIR`: define the location of UKI + image in the EFI System partition. + + - :term:`TARGET_DBGSRC_DIR`: specifies the target path to debug source files + + - :term:`USERADD_DEPENDS`: provides a way to declare dependencies on the users + and/or groups created by other recipes, resolving a long-standing build + ordering issue + +- Architecture-specific enhancements: + + - ``genericarm64``: a new :term:`MACHINE` to represent a 64-bit General Arm + SystemReady platform. + + - Add Power8 tune to PowerPC architecture. + + - ``arch-armv9``: remove CRC and SVE tunes, since FEAT_CRC32 is now mandatory + and SVE/SVE2 are enabled by default in GCC's ``-march=armv9-a``. + + - ``arm/armv*``: add all of the additional Arm tunes in GCC 13.2.0 + +- Kernel-related enhancements: + + - The default kernel is the current LTS (6.6). + + - Add support for ``genericarm64``. + +- New core recipes: + + - `bmaptool <https://github.com/yoctoproject/bmaptool>`__: a tool for + creating block maps for files and flashing images, being now under the + Yocto Project umbrella. + + - ``core-image-initramfs-boot``: a minimal initramfs image, containing just + ``udev`` and ``init``, designed to find the main root filesystem and + pivot to it. + + - `lzlib <https://www.nongnu.org/lzip/lzlib.html>`__: a data compression + library that provides LZMA compression and decompression functions. + + - `lzop <https://www.lzop.org/>`__: a compression utility based on the LZO + library, that was brought back after a (now reverted) removal. + + - `python3-jsonschema-specifications <https://pypi.org/project/jsonschema-specifications/>`__: + support files for JSON Schema Specifications (meta-schemas and + vocabularies), added as a new dependency of ``python3-jsonschema``. + + - `python3-maturin <https://github.com/pyo3/maturin>`__: a project that + allows building and publishing Rust crates as Python packages. + + - `python3-meson-python <https://github.com/mesonbuild/meson-python>`__: a + Python build backend that enables the Meson build-system for Python packages. + + - `python3-pyproject-metadata <https://pypi.org/project/pyproject-metadata/>`__: + a class to handle PEP 621 metadata, and a dependency for + ``python3-meson-python``. + + - `python3-referencing <https://github.com/python-jsonschema/referencing>`__: + another dependency of ``python3-jsonschema``, it provides an + implementation of JSON reference resolution. + + - `python3-rpds-py <https://pypi.org/project/rpds-py/>`__: Python bindings + to the Rust rpds crate, and a runtime dependency for ``python3-referencing``. + + - `python3-sphinxcontrib-jquery <https://pypi.org/project/sphinxcontrib-jquery/>`__: + a Sphinx extension to include jQuery on newer Sphinx releases. Recent + versions of ``python3-sphinx-rtd-theme`` depend on it. + + - `python3-websockets <https://pypi.org/project/websockets/>`__: a + library for building WebSocket servers and clients in Python. + + - `python3-yamllint <https://github.com/adrienverge/yamllint>`__: a linter + for YAML files. In U-Boot, the ``binman`` tool uses this linter to verify the + configurations at compile time. + + - ``systemd-boot-native``: a UEFI boot manager, this time built as native to + provide the ``ukify`` tool. + + - `utfcpp <https://github.com/nemtrif/utfcpp>`__: a C++ library to handle + UTF-8 encoded strings. It was added as a dependency for ``taglib`` after + its upgrade to v2.0. + + - `vulkan-utility-libraries <https://github.com/KhronosGroup/Vulkan-Utility-Libraries>`__: + a set of libraries to share code across various Vulkan repositories. + + - `vulkan-volk <https://github.com/zeux/volk>`__: a meta-loader for Vulkan, + needed to support building the latest ``vulkan-tools``. + +- QEMU / ``runqemu`` enhancements: + + - QEMU has been upgraded to version 8.2.1 + + - ``qemuboot``: support predictable network interface names. + + - ``runqemu``: match ".rootfs." in addition to "-image-" for the root + filesystem. + + - :ref:`ref-classes-cmake-qemu`: a new class allowing to execute cross-compiled + binaries using QEMU user-mode emulation. + +- Rust improvements: + + - Rust has been upgraded to version 1.75 + + - The Rust profiler (i.e., PGO - Profile-Guided Optimization) options were + enabled back. + + - The Rust ``oe-selftest`` were enabled, except for ``mips32`` whose tests + are skipped. + + - ``rust-cross-canadian``: added ``riscv64`` to cross-canadian hosts. + +- wic Image Creator enhancements: + + - Allow the imager's output file extension to match the imager's name, + instead of hardcoding it to ``direct`` (i.e., the default imager) + + - For GPT-based disks, add reproducible Disk GUID generation + + - Allow generating reproducible ext4 images + + - Add feature to fill a specific range of a partition with zeros + + - ``bootimg-efi``: add ``install-kernel-into-boot-dir`` parameter to + configure kernel installation point(s) (i.e., rootfs and/or boot partition) + + - ``rawcopy``: add support for zstd decompression + +- SDK-related improvements: + + - ``nativesdk``: let :term:`MACHINE_FEATURES` be set by ``machine-sdk`` + configuration files. + + - ``nativesdk``: prevent :term:`MACHINE_FEATURES` and :term:`DISTRO_FEATURES` + from being backfilled. + + - Support for ``riscv64`` as an SDK host architecture + + - Extend recipes to ``nativesdk``: ``acpica``, ``libpcap``, ``python3-setuptools-rust`` + +- Testing: + + - Move `patchtest` to the core (as ``scripts/patchtest``, test cases under + ``meta/lib/patchtest/tests``) and make a number of improvements to enable + it to validate patches submitted on the mailing list again. Additionally, + make it work with the original upstream version of + `Patchwork <http://jk.ozlabs.org/projects/patchwork/>`__. + + - Add an optional ``unimplemented-ptest`` QA warning to detect upstream + packages with tests, that do not use ptest. + + - ``testimage``: retrieve the ptests directory, especially for the logs, + upon ptest failure. + + - ``oeqa``, ``oe-selftest``: add test cases for Maturin (SDK and runtime). + + - Proof-of-concept of screenshot-based runtime UI test + (``meta/lib/oeqa/runtime/cases/login.py``) + + - Enable ptests for ``python3-attrs``, ``python3-pyyaml``, ``xz`` + +- Utility script changes: + + - ``oe-init-build-env`` can generate a initial configuration (``.vscode``) + for VSCode and its "Yocto Project BitBake" extension. + + - The ``sstate-cache-management`` script has been rewritten in python for better performance and maintainability + + - ``bitbake-layers``: added an option to update the reference of repositories in layer setup + +- BitBake improvements: + + - New ``inherit_defer`` statement which works as + :ref:`inherit <bitbake:bitbake-user-manual/bitbake-user-manual-metadata:\`\`inherit\`\` directive>` + does, except that it is only evaluated at the end of parsing + --- recommended where a conditional expression is used, e.g.:: + + inherit_defer ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)} + + This allows conditional expressions to be evaluated 'late' meaning changes + to the variable after the line is parsed will take effect - with inherit this + is not the case. + + - Add support for :term:`BB_LOADFACTOR_MAX`, so Bitbake can stop running + extra tasks if the system load is too high, especially in distributions + where ``/proc/pressure`` is disabled. + + - ``taskexp_ncurses``: add ncurses version of ``taskexp``, the dependency + explorer originally implemented with GTK. + + - Improve ``runqueue`` performance by adding a cache mechanism in + ``build_taskdepdata``. + + - ``bitbake.conf``: add ``runtimedir`` to represent the path to the runtime + state directory (i.e., ``/run``). + + - Allow to disable colored text output through the + `NO_OUTPUT <https://no-color.org/>`__ environment variable. + + - ``git-make-shallow`` script: add support for Git's ``safe.bareRepository=explicit`` + configuration setting. + + - Hash equivalence gained a number of scalability improvements including: + + - Support for a wide range of database backends through `SQLAlchemy` + + - Support for hash equivalence server and client to communicate over websockets + + - Support for per-user permissions in the hashserver, and on the client side + specifying credentials via the environment or ``.netrc`` + + - Add garbage collection to remove unused unihashes from the database. + +- devtool improvements: + + - Introduce a new ``ide-sdk`` plugin to generate a configuration to use + the eSDK through an IDE. + + - Add ``--no-pypi`` option for Python projects that are not hosted on PyPI. + + - Add support for Git submodules. + + - ``ide``: ``vscode``: generate files from recipe sysroots and debug the + root filesystem in read-only mode to avoid confusion. + + - ``modify``: add support for multiple sources in :term:`SRC_URI`. + + - Support plugins within plugins. + +- recipetool improvements: + + - ``appendsrcfile(s)``: add a mode to update the recipe itself. + + - ``appendsrcfile(s)``: add ``--dry-run`` mode. + + - ``create``: add handler to create Go recipes. + + - ``create``: improve identification of licenses. + + - ``create``: add support for modern Python PEP-517 build systems including + hatchling, maturin, meson-python. + + - ``create``: add PyPi support. + + - ``create``: prefix created Python recipes with ``python3-``. + +- Packaging changes: + + - ``package_rpm``: the RPM package compressor's mode can now be overriden. + + - ipk packaging (using ``opkg``) now uses ``zstd`` compression instead of + ``xz`` for better compression and performance. + +- Security improvements: + + - Improve incremental CVE database download from NVD. Rejected CVEs are + removed, configuration is kept up-to-date. The age threshold for + incremental update can be configured with :term:`CVE_DB_INCR_UPDATE_AGE_THRES` + variable. + +- Toaster Web UI improvements: + + - Numerous bugfixes, and additional input validation + + - Add `pytest` support and add/update test cases + +- Prominent documentation updates: + + - Documentation for using the new ``devtool ide-sdk`` command and features. + See :ref:`using_devtool` for details. + + - New ":doc:`bitbake:bitbake-user-manual/bitbake-user-manual-ref-variables-context`" + section in the BitBake User Manual. + + - New ``make stylecheck`` command to run `Vale <https://vale.sh>`__, + to perform text style checks and comply with text writing standards in + the industry. + + - New ``make sphinx-lint`` command to run `sphinx-lint + <https://github.com/sphinx-contrib/sphinx-lint>`__. After customization, + this will allow us to enforce Sphinx syntax style choices. + +- Miscellaneous changes: + + - Systemd's following :term:`PACKAGECONFIG` options were added: + ``cryptsetup-plugins``, ``no-ntp-fallback``, and ``p11kit``. + + - New PACKAGECONFIG options added to ``libarchive``, ``libinput``, + ``libunwind``, ``mesa``, ``mesa-gl``, ``openssh``, ``perf``, + ``python3-pyyaml``, ``qemu``, ``rpm``, ``shadow``, ``strace``, + ``syslinux``, ``systemd``, ``vte``, ``webkitgtk``, ``xserver-xorg``. + + - ``systemd-boot`` can, from now on, be compiled as ``native``, thus + providing ``ukify`` tool to build UKI images. + + - systemd: split bash completion for ``udevadm`` in a new + ``udev-bash-completion`` package. + + - The :ref:`ref-classes-go-vendor` class was added to support offline builds + (i.e., vendoring). It can also handle modules from the same repository, + taking into account their versions. + + - Disable strace support of bluetooth by default. + + - ``openssh`` now has a systemd service: ``sshd.service``. + + - The :ref:`ref-classes-python_mesonpy` class was added (moved in from + ``meta-python``) to support Python package builds using the meson-python + PEP-517 build backend. + + - Support for unpacking ``.7z`` archives in :term:`SRC_URI` using ``p7zip``. + + - Add minimal VS Code configuration to avoid VS Code's indexer from choking + on build directories. + + +Known Issues in 5.0 +~~~~~~~~~~~~~~~~~~~ + +- ``gpgme`` has had Python binding support disabled since upstream does not yet support Python 3.12. + + +Recipe License changes in 5.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +- ``elfutils``: split license for libraries & backend and utilities. +- ``ghostscript``: correct :term:`LICENSE` to ``AGPL-3.0-or-later``. +- ``kbd``: update license for consolefont and keymaps. +- ``libsystemd``: set its own :term:`LICENSE` value (``LGPL-2.1-or-later``) to add more granularity. +- ``libtest-warnings-perl``: update :term:`LICENSE` ``Artistic-1.0`` to ``Artistic-1.0-Perl``. +- ``linux-firmware``: set package :term:`LICENSE` appropriately for ``carl9170``, ``rockchip`` and ``powerpr``. +- ``newlib``: add license ``Apache-2.0-with-LLVM-exception``. +- ``python3-poetry-core``: add license ``BSD-3-Clause`` for ``fastjsonschema``. +- ``systemd``: make the scope of ``LGPL`` more accurate (``LGPL-2.1`` -> ``LGPL-2.1-or-later``). +- ``util-linux``: add ``GPL-1.0-or-later`` license for fdisk and ``MIT`` license for ``flock``. +- ``zstd``: set to dual-licensed ``BSD-3-Clause`` or ``GPL-2.0-only``. + +Security Fixes in 5.0 +~~~~~~~~~~~~~~~~~~~~~ + +- avahi: :cve:`2023-1981`, :cve:`2023-38469`, :cve:`2023-38470`, :cve:`2023-38471`, :cve:`2023-38469`, :cve:`2023-38470`, :cve:`2023-38471`, :cve:`2023-38472`, :cve:`2023-38473` +- bind: :cve:`2023-4408`, :cve:`2023-5517`, :cve:`2023-5679`, :cve:`2023-50387` +- bluez5: :cve:`2023-45866` +- coreutils: :cve:`2024-0684` +- cups: :cve:`2023-4504` +- curl: :cve:`2023-46218` +- expat: :cve:`2024-28757` +- gcc: :cve:`2023-4039` +- glibc: :cve:`2023-5156`, :cve:`2023-0687` +- gnutls: :cve:`2024-0553`, :cve:`2024-0567`, :cve:`2024-28834`, :cve:`2024-28835` +- go: :cve:`2023-45288` +- grub: :cve:`2023-4692`, :cve:`2023-4693` +- grub2: :cve:`2023-4001` (ignored), :cve:`2024-1048` (ignored) +- libgit2: :cve:`2024-24575`, :cve:`2024-24577` +- libsndfile1: :cve:`2022-33065` +- libssh2: :cve:`2023-48795` +- libuv: :cve:`2024-24806` +- libxml2: :cve:`2023-45322` (ignored) +- linux-yocto/6.6: :cve:`2020-16119` +- openssh: :cve:`2023-48795`, :cve:`2023-51384`, :cve:`2023-51385` +- openssl: :cve:`2023-5363`, :cve:`2023-5678`, :cve:`2023-6129`, :cve_mitre:`2023-6237`, :cve:`2024-0727`, :cve:`2024-2511` +- perl: :cve:`2023-47100` +- pixman: :cve:`2023-37769` (ignored) +- python3-cryptography{-vectors}: :cve:`2023-49083`, :cve:`2024-26130` +- python3-urllib3: :cve:`2023-45803` +- shadow: :cve:`2023-4641` +- sudo: :cve:`2023-42456` +- tiff: :cve:`2023-6228`, :cve:`2023-6277`, :cve:`2023-52355`, :cve:`2023-52356` +- vim: :cve:`2023-46246`, :cve:`2023-48231`, :cve:`2023-48232`, :cve:`2023-48233`, :cve:`2023-48234`, :cve:`2023-48235`, :cve:`2023-48236`, :cve:`2023-48237`, :cve:`2024-22667` +- wpa-supplicant: :cve:`2023-52160` +- xserver-xorg: :cve:`2023-5574`, :cve:`2023-6816`, :cve:`2024-0229`, :cve:`2024-0408`, :cve:`2024-0409`, :cve:`2024-21885`, :cve:`2024-21886` +- xwayland: :cve:`2023-5367`, :cve:`2024-0408`, :cve:`2024-0409`, :cve:`2023-6816`, :cve:`2024-0229`, :cve:`2024-21885`, :cve:`2024-21886` +- zlib: :cve:`2023-45853` (ignored), :cve:`2023-6992` (ignored) + + +Recipe Upgrades in 5.0 +~~~~~~~~~~~~~~~~~~~~~~ + +- acl 2.3.1 -> 2.3.2 +- acpica 20230628 -> 20240322 +- alsa-lib 1.2.10 -> 1.2.11 +- alsa-tools 1.2.5 -> 1.2.11 +- alsa-ucm-conf 1.2.10 -> 1.2.11 +- alsa-utils 1.2.10 -> 1.2.11 +- appstream 0.16.3 -> 1.0.2 +- autoconf 2.72c -> 2.72e +- bash 5.2.15 -> 5.2.21 +- bash-completion 2.11 -> 2.12.0 +- binutils 2.41 -> 2.42 +- bluez5 5.69 -> 5.72 +- boost 1.83.0 -> 1.84.0 +- boost-build-native 1.83.0 -> 1.84.0 +- btrfs-tools 6.5.1 -> 6.7.1 +- cairo 1.16.0 -> 1.18.0 +- cargo 1.70.0 -> 1.75.0 +- cargo-c-native 0.9.18 -> 0.9.30+cargo-0.77.0 +- ccache 4.8.3 -> 4.9.1 +- cmake 3.27.7 -> 3.28.3 +- cmake-native 3.27.7 -> 3.28.3 +- createrepo-c 1.0.0 -> 1.0.4 +- cronie 1.6.1 -> 1.7.1 +- cross-localedef-native 2.38+git -> 2.39+git +- cups 2.4.6 -> 2.4.7 +- curl 8.4.0 -> 8.7.1 +- dbus-wait 0.1+git (6cc6077a36fe…) -> 0.1+git (64bc7c8fae61…) +- debianutils 5.13 -> 5.16 +- desktop-file-utils 0.26 -> 0.27 +- dhcpcd 10.0.2 -> 10.0.6 +- diffoscope 249 -> 259 +- diffstat 1.65 -> 1.66 +- dnf 4.17.0 -> 4.19.0 +- dos2unix 7.5.1 -> 7.5.2 +- ed 1.19 -> 1.20.1 +- efivar 38+39+git -> 39+39+git +- elfutils 0.189 -> 0.191 +- ell 0.60 -> 0.63 +- enchant2 2.6.2 -> 2.6.7 +- epiphany 44.6 -> 46.0 +- erofs-utils 1.6 -> 1.7.1 +- ethtool 6.5 -> 6.7 +- eudev 3.2.12 -> 3.2.14 +- expat 2.5.0 -> 2.6.2 +- ffmpeg 6.0 -> 6.1.1 +- fontconfig 2.14.2 -> 2.15.0 +- gawk 5.2.2 -> 5.3.0 +- gcr 4.1.0 -> 4.2.0 +- gdb 13.2 -> 14.2 +- gettext 0.22 -> 0.22.5 +- gettext-minimal-native 0.22 -> 0.22.5 +- gi-docgen 2023.1 -> 2023.3 +- git 2.42.0 -> 2.44.0 +- glib-2.0 2.78.3 -> 2.78.4 +- glib-networking 2.76.1 -> 2.78.1 +- glibc 2.38+git -> 2.39+git +- glibc-locale 2.38 -> 2.39+git +- glibc-mtrace 2.38 -> 2.39+git +- glibc-scripts 2.38 -> 2.39+git +- glibc-testsuite 2.38+git -> 2.39+git +- glibc-y2038-tests 2.38+git -> 2.39+git +- glslang 1.3.261.1 -> 1.3.275.0 +- gnu-config 20230216+git -> 20240101+git +- gnupg 2.4.3 -> 2.4.4 +- gnutls 3.8.3 -> 3.8.4 +- go 1.20.12 -> 1.22.2 +- go-binary-native 1.20.12 -> 1.22.2 +- go-native 1.20.12 -> 1.22.2 +- go-runtime 1.20.12 -> 1.22.2 +- gpgme 1.22.0 -> 1.23.2 +- grub 2.06 -> 2.12 +- grub-efi 2.06 -> 2.12 +- gsettings-desktop-schemas 44.0 -> 46.0 +- gst-devtools 1.22.9 -> 1.22.11 +- gstreamer1.0 1.22.9 -> 1.22.11 +- gstreamer1.0-libav 1.22.9 -> 1.22.11 +- gstreamer1.0-omx 1.22.9 -> 1.22.11 +- gstreamer1.0-plugins-bad 1.22.9 -> 1.22.11 +- gstreamer1.0-plugins-base 1.22.9 -> 1.22.11 +- gstreamer1.0-plugins-good 1.22.9 -> 1.22.11 +- gstreamer1.0-plugins-ugly 1.22.9 -> 1.22.11 +- gstreamer1.0-python 1.22.9 -> 1.22.11 +- gstreamer1.0-rtsp-server 1.22.9 -> 1.22.11 +- gstreamer1.0-vaapi 1.22.9 -> 1.22.11 +- gtk+3 3.24.38 -> 3.24.41 +- gtk4 4.12.3 -> 4.14.1 +- harfbuzz 8.2.2 -> 8.3.0 +- hwlatdetect 2.5 -> 2.6 +- icu 73-2 -> 74-1 +- inetutils 2.4 -> 2.5 +- init-system-helpers 1.65.2 -> 1.66 +- iproute2 6.5.0 -> 6.7.0 +- iptables 1.8.9 -> 1.8.10 +- iputils 20221126 -> 20240117 +- iso-codes 4.15.0 -> 4.16.0 +- iw 5.19 -> 6.7 +- json-glib 1.6.6 -> 1.8.0 +- kbd 2.6.3 -> 2.6.4 +- kexec-tools 2.0.27 -> 2.0.28 +- kmod 30 -> 31 +- kmscube git -> 0.0.1+git +- libadwaita 1.4.2 -> 1.5.0 +- libbsd 0.11.7 -> 0.12.1 +- libcap-ng 0.8.3 -> 0.8.4 +- libcap-ng-python 0.8.3 -> 0.8.4 +- libcomps 0.1.19 -> 0.1.20 +- libdnf 0.71.0 -> 0.73.0 +- libdrm 2.4.116 -> 2.4.120 +- libffi 3.4.4 -> 3.4.6 +- libgit2 1.7.1 -> 1.7.2 +- libgloss 4.3.0+git -> 4.4.0+git +- libgpg-error 1.47 -> 1.48 +- libhandy 1.8.2 -> 1.8.3 +- libical 3.0.16 -> 3.0.17 +- libidn2 2.3.4 -> 2.3.7 +- libinput 1.24.0 -> 1.25.0 +- libksba 1.6.4 -> 1.6.6 +- libmicrohttpd 0.9.77 -> 1.0.1 +- libnl 3.8.0 -> 3.9.0 +- libnotify 0.8.2 -> 0.8.3 +- libpciaccess 0.17 -> 0.18 +- libpcre2 10.42 -> 10.43 +- libpng 1.6.40 -> 1.6.42 +- libproxy 0.5.3 -> 0.5.4 +- libpsl 0.21.2 -> 0.21.5 +- librepo 1.16.0 -> 1.17.0 +- librsvg 2.56.3 -> 2.57.1 +- libsdl2 2.28.4 -> 2.30.0 +- libseccomp 2.5.4 -> 2.5.5 +- libsecret 0.21.1 -> 0.21.4 +- libsolv 0.7.26 -> 0.7.28 +- libsoup 3.4.2 -> 3.4.4 +- libstd-rs 1.70.0 -> 1.75.0 +- libtest-warnings-perl 0.031 -> 0.033 +- libtirpc 1.3.3 -> 1.3.4 +- libubootenv 0.3.4 -> 0.3.5 +- libunistring 1.1 -> 1.2 +- liburi-perl 5.21 -> 5.27 +- libusb1 1.0.26 -> 1.0.27 +- libuv 1.46.0 -> 1.48.0 +- libva 2.19.0 -> 2.20.0 +- libva-initial 2.19.0 -> 2.20.0 +- libwpe 1.14.1 -> 1.14.2 +- libxext 1.3.5 -> 1.3.6 +- libxkbcommon 1.5.0 -> 1.6.0 +- libxkbfile 1.1.2 -> 1.1.3 +- libxml-parser-perl 2.46 -> 2.47 +- libxml2 2.11.7 -> 2.12.5 +- libxmlb 0.3.14 -> 0.3.15 +- libxrandr 1.5.3 -> 1.5.4 +- libxvmc 1.0.13 -> 1.0.14 +- lighttpd 1.4.71 -> 1.4.74 +- linux-firmware 20240220 -> 20240312 +- linux-libc-headers 6.5 -> 6.6 +- linux-yocto 6.1.78+git, 6.5.13+git -> 6.6.23+git +- linux-yocto-dev 6.6+git -> 6.9+git +- linux-yocto-rt 6.1.78+git, 6.5.13+git -> 6.6.23+git +- linux-yocto-tiny 6.1.78+git, 6.5.13+git -> 6.6.23+git +- llvm 17.0.3 -> 18.1.3 +- lsof 4.98.0 -> 4.99.3 +- ltp 20230516 -> 20240129 +- lttng-modules 2.13.10 -> 2.13.12 +- lttng-ust 2.13.6 -> 2.13.7 +- lzip 1.23 -> 1.24 +- makedepend 1.0.8 -> 1.0.9 +- man-db 2.11.2 -> 2.12.0 +- man-pages 6.05.01 -> 6.06 +- mc 4.8.30 -> 4.8.31 +- mesa 23.2.1 -> 24.0.2 +- mesa-gl 23.2.1 -> 24.0.2 +- meson 1.2.2 -> 1.3.1 +- minicom 2.8 -> 2.9 +- mmc-utils 0.1+git (613495ecaca9…) -> 0.1+git (b5ca140312d2…) +- mpg123 1.31.3 -> 1.32.5 +- newlib 4.3.0+git -> 4.4.0+git +- nghttp2 1.57.0 -> 1.61.0 +- numactl 2.0.16 -> 2.0.18 +- ofono 2.1 -> 2.4 +- opensbi 1.2 -> 1.4 +- openssh 9.5p1 -> 9.6p1 +- openssl 3.1.5 -> 3.2.1 +- opkg 0.6.2 -> 0.6.3 +- opkg-utils 0.6.2 -> 0.6.3 +- orc 0.4.34 -> 0.4.38 +- ovmf edk2-stable202308 -> edk2-stable202402 +- p11-kit 0.25.0 -> 0.25.3 +- pango 1.51.0 -> 1.52.0 +- pciutils 3.10.0 -> 3.11.1 +- piglit 1.0+gitr (71c21b1157c4…) -> 1.0+gitr (22eaf6a91cfd…) +- pkgconf 2.0.3 -> 2.1.1 +- psplash 0.1+git (44afb7506d43…) -> 0.1+git (ecc191375669…) +- ptest-runner 2.4.2+git -> 2.4.3+git +- pulseaudio 16.1 -> 17.0 +- puzzles 0.0+git (2d9e414ee316…) -> 0.0+git (80aac3104096…) +- python3 3.11.5 -> 3.12.3 +- python3-alabaster 0.7.13 -> 0.7.16 +- python3-attrs 23.1.0 -> 23.2.0 +- python3-babel 2.12.1 -> 2.14.0 +- python3-bcrypt 4.0.1 -> 4.1.2 +- python3-beartype 0.15.0 -> 0.17.2 +- python3-build 1.0.3 -> 1.1.1 +- python3-certifi 2023.7.22 -> 2024.2.2 +- python3-cffi 1.15.1 -> 1.16.0 +- python3-cryptography 41.0.4 -> 42.0.5 +- python3-cryptography-vectors 41.0.4 -> 42.0.5 +- python3-cython 0.29.36 -> 3.0.8 +- python3-dbusmock 0.29.1 -> 0.31.1 +- python3-dtschema 2023.7 -> 2024.2 +- python3-git 3.1.36 -> 3.1.42 +- python3-gitdb 4.0.10 -> 4.0.11 +- python3-hatch-fancy-pypi-readme 23.1.0 -> 24.1.0 +- python3-hatch-vcs 0.3.0 -> 0.4.0 +- python3-hatchling 1.18.0 -> 1.21.1 +- python3-hypothesis 6.86.2 -> 6.98.15 +- python3-idna 3.4 -> 3.6 +- python3-importlib-metadata 6.8.0 -> 7.0.1 +- python3-iso8601 2.0.0 -> 2.1.0 +- python3-jsonschema 4.17.3 -> 4.21.1 +- python3-license-expression 30.1.1 -> 30.2.0 +- python3-lxml 4.9.3 -> 5.0.0 +- python3-mako 1.2.4 -> 1.3.2 +- python3-markdown 3.4.4 -> 3.5.2 +- python3-markupsafe 2.1.3 -> 2.1.5 +- python3-more-itertools 10.1.0 -> 10.2.0 +- python3-numpy 1.26.0 -> 1.26.4 +- python3-packaging 23.1 -> 23.2 +- python3-pathspec 0.11.2 -> 0.12.1 +- python3-pbr 5.11.1 -> 6.0.0 +- python3-pip 23.2.1 -> 24.0 +- python3-pluggy 1.3.0 -> 1.4.0 +- python3-poetry-core 1.7.0 -> 1.9.0 +- python3-psutil 5.9.5 -> 5.9.8 +- python3-pyasn1 0.5.0 -> 0.5.1 +- python3-pycairo 1.24.0 -> 1.26.0 +- python3-pycryptodome 3.19.0 -> 3.20.0 +- python3-pycryptodomex 3.19.0 -> 3.20.0 +- python3-pygments 2.16.1 -> 2.17.2 +- python3-pyopenssl 23.2.0 -> 24.0.0 +- python3-pyrsistent 0.19.3 -> 0.20.0 +- python3-pytest 7.4.2 -> 8.0.2 +- python3-pytest-runner 6.0.0 -> 6.0.1 +- python3-pytz 2023.3 -> 2024.1 +- python3-ruamel-yaml 0.17.32 -> 0.18.6 +- python3-scons 4.5.2 -> 4.6.0 +- python3-setuptools 68.2.2 -> 69.1.1 +- python3-setuptools-rust 1.7.0 -> 1.9.0 +- python3-setuptools-scm 7.1.0 -> 8.0.4 +- python3-spdx-tools 0.8.1 -> 0.8.2 +- python3-sphinx-rtd-theme 1.3.0 -> 2.0.0 +- python3-sphinxcontrib-applehelp 1.0.4 -> 1.0.8 +- python3-sphinxcontrib-devhelp 1.0.2 -> 1.0.6 +- python3-sphinxcontrib-htmlhelp 2.0.1 -> 2.0.5 +- python3-sphinxcontrib-qthelp 1.0.3 -> 1.0.7 +- python3-sphinxcontrib-serializinghtml 1.1.5 -> 1.1.10 +- python3-subunit 1.4.2 -> 1.4.4 +- python3-testtools 2.6.0 -> 2.7.1 +- python3-trove-classifiers 2023.9.19 -> 2024.2.23 +- python3-typing-extensions 4.8.0 -> 4.10.0 +- python3-unittest-automake-output 0.1 -> 0.2 +- python3-urllib3 2.0.7 -> 2.2.1 +- python3-wcwidth 0.2.6 -> 0.2.13 +- python3-wheel 0.41.2 -> 0.42.0 +- qemu 8.1.4 -> 8.2.1 +- qemu-native 8.1.4 -> 8.2.1 +- qemu-system-native 8.1.4 -> 8.2.1 +- repo 2.36.1 -> 2.42 +- resolvconf 1.91 -> 1.92 +- rpm 4.18.1 -> 4.19.1 +- rt-tests 2.5 -> 2.6 +- rust 1.70.0 -> 1.75.0 +- rust-cross-canadian 1.70.0 -> 1.75.0 +- rust-llvm 1.70.0 -> 1.75.0 +- shaderc 2023.6 -> 2023.8 +- shadow 4.13 -> 4.14.2 +- shared-mime-info 2.2 -> 2.4 +- socat 1.7.4.4 -> 1.8.0.0 +- spirv-headers 1.3.261.1 -> 1.3.275.0 +- spirv-tools 1.3.261.1 -> 1.3.275.0 +- sqlite3 3.43.2 -> 3.45.1 +- strace 6.5 -> 6.7 +- stress-ng 0.16.05 -> 0.17.05 +- subversion 1.14.2 -> 1.14.3 +- swig 4.1.1 -> 4.2.1 +- sysstat 12.7.4 -> 12.7.5 +- systemd 254.4 -> 255.4 +- systemd-boot 254.4 -> 255.4 +- systemd-bootchart 234 -> 235 +- systemtap 4.9 -> 5.0 +- systemtap-native 4.9 -> 5.0 +- taglib 1.13.1 -> 2.0 +- ttyrun 2.29.0 -> 2.31.0 +- u-boot 2023.10 -> 2024.01 +- u-boot-tools 2023.10 -> 2024.01 +- update-rc.d 0.8 (8636cf478d42…) -> 0.8 (b8f950105010…) +- usbutils 015 -> 017 +- util-linux 2.39.2 -> 2.39.3 +- util-linux-libuuid 2.39.2 -> 2.39.3 +- vala 0.56.13 -> 0.56.15 +- valgrind 3.21.0 -> 3.22.0 +- vim 9.0.2190 -> 9.1.0114 +- vim-tiny 9.0.2190 -> 9.1.0114 +- virglrenderer 0.10.4 -> 1.0.1 +- vte 0.72.2 -> 0.74.2 +- vulkan-headers 1.3.261.1 -> 1.3.275.0 +- vulkan-loader 1.3.261.1 -> 1.3.275.0 +- vulkan-tools 1.3.261.1 -> 1.3.275.0 +- vulkan-validation-layers 1.3.261.1 -> 1.3.275.0 +- wayland-protocols 1.32 -> 1.33 +- webkitgtk 2.40.5 -> 2.44.0 +- weston 12.0.2 -> 13.0.0 +- xkbcomp 1.4.6 -> 1.4.7 +- xkeyboard-config 2.39 -> 2.41 +- xprop 1.2.6 -> 1.2.7 +- xwayland 23.2.4 -> 23.2.5 +- xz 5.4.4 -> 5.4.6 +- zlib 1.3 -> 1.3.1 + + +Contributors to 5.0 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Adam Johnston +- Adithya Balakumar +- Adrian Freihofer +- Alassane Yattara +- Alejandro Hernandez Samaniego +- Aleksey Smirnov +- Alexander Kanavin +- Alexander Lussier-Cullen +- Alexander Sverdlin +- Alexandre Belloni +- Alexandre Truong +- Alex Bennée +- Alexis Lothoré +- Alex Kiernan +- Alex Stewart +- André Draszik +- Anibal Limon +- Anuj Mittal +- Archana Polampalli +- Arne Schwerdt +- Bartosz Golaszewski +- Baruch Siach +- Bastian Krause +- BELHADJ SALEM Talel +- BELOUARGA Mohamed +- Bruce Ashfield +- Changhyeok Bae +- Changqing Li +- Charlie Johnston +- Chen Qi +- Chi Xu +- Chris Laplante +- Christian Taedcke +- Christoph Vogtländer +- Claus Stovgaard +- Clay Chang +- Clément Péron +- Colin McAllister +- Corentin Guillevic +- Daniel Ammann +- david d zuhn +- David Reyna +- Deepthi Hemraj +- Denys Dmytriyenko +- Derek Erdmann +- Desone Burns +- Dhairya Nagodra +- Dmitry Baryshkov +- Eero Aaltonen +- Eilís 'pidge' Ní Fhlannagáin +- Emil Kronborg +- Enguerrand de Ribaucourt +- Enrico Jörns +- Enrico Scholz +- Etienne Cordonnier +- Fabien Mahot +- Fabio Estevam +- Fahad Arslan +- Felix Moessbauer +- Florian Wickert +- Geoff Parker +- Glenn Strauss +- Harish Sadineni +- Hongxu Jia +- Ilya A. Kriveshko +- Jamin Lin +- Jan Vermaete +- Jason Andryuk +- Javier Tia +- Jeremy A. Puhlman +- Jérémy Rosen +- Jermain Horsman +- Jiang Kai +- Joakim Tjernlund +- Joao Marcos Costa +- Joe Slater +- Johan Bezem +- Johannes Schneider +- Jonathan GUILLOT +- Jon Mason +- Jörg Sommer +- Jose Quaresma +- Joshua Watt +- Julien Stephan +- Justin Bronder +- Kai Kang +- Kareem Zarka +- Kevin Hao +- Khem Raj +- Konrad Weihmann +- Lee Chee Yang +- Lei Maohui +- lixiaoyong +- Logan Gunthorpe +- Luca Ceresoli +- luca fancellu +- Lucas Stach +- Ludovic Jozeau +- Lukas Funke +- Maanya Goenka +- Malte Schmidt +- Marcel Ziswiler +- Marco Felsch +- Marcus Folkesson +- Marek Vasut +- Mark Asselstine +- Mark Hatle +- Markus Fuchs +- Markus Volk +- Marlon Rodriguez Garcia +- Marta Rybczynska +- Martin Hundebøll +- Martin Jansa +- Massimiliano Minella +- Maxin B. John +- Max Krummenacher +- Meenali Gupta +- Michael Halstead +- Michael Opdenacker +- Michal Sieron +- Mikko Rapeli +- Ming Liu +- Mingli Yu +- Munehisa Kamata +- Nick Owens +- Niko Mauno +- Ola x Nilsson +- Oleh Matiusha +- Patrick Williams +- Paul Barker +- Paul Eggleton +- Paul Gortmaker +- Pavel Zhukov +- Peter A. Bigot +- Peter Kjellerstedt +- Peter Marko +- Petr Vorel +- Philip Balister +- Philip Lorenz +- Philippe Rivest +- Piotr Łobacz +- Priyal Doshi +- Quentin Schulz +- Ragesh Nair +- Randolph Sapp +- Randy MacLeod +- Rasmus Villemoes +- Renat Khalikov +- Richard Haar +- Richard Purdie +- Robert Berger +- Robert Joslyn +- Robert P. J. Day +- Robert Yang +- Rodrigo M. Duarte +- Ross Burton +- Rouven Czerwinski +- Ryan Eatmon +- Sam Van Den Berge +- Saul Wold +- Sava Jakovljev +- Sean Nyekjaer +- Sergei Zhmylev +- Shinji Matsunaga +- Shubham Kulkarni +- Simone Weiß +- Siong W.LIM +- Soumya Sambu +- Sourav Kumar Pramanik +- Stefan Herbrechtsmeier +- Stéphane Veyret +- Steve Sakoman +- Sundeep KOKKONDA +- Thomas Perrot +- Thomas Wolber +- Timon Bergelt +- Tim Orling +- Timotheus Giuliani +- Tobias Hagelborn +- Tom Hochstein +- Tom Rini +- Toni Lammi +- Trevor Gamblin +- Trevor Woerner +- Ulrich Ölmann +- Valek Andrej +- venkata pyla +- Victor Kamensky +- Vijay Anusuri +- Vikas Katariya +- Vincent Davis Jr +- Viswanath Kraleti +- Vyacheslav Yurkov +- Wang Mingyu +- William A. Kennington III +- William Hauser +- William Lyu +- Xiangyu Chen +- Xiaotian Wu +- Yang Xu +- Yannick Rodriguez +- Yash Shinde +- Yi Zhao +- Yoann Congal +- Yogesh Tyagi +- Yogita Urade +- Zahir Hussain +- Zang Ruochen +- Zoltan Boszormenyi + +Repositories / Downloads for Yocto-5.0 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0 </poky/log/?h=yocto-5.0>` +- Git Revision: :yocto_git:`fb91a49387cfb0c8d48303bb3354325ba2a05587 </poky/commit/?id=fb91a49387cfb0c8d48303bb3354325ba2a05587>` +- Release Artefact: poky-fb91a49387cfb0c8d48303bb3354325ba2a05587 +- sha: 8a0dff4b677b9414ab814ed35d1880196123732ea16ab2fafa388bcc509b32ab +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/poky-fb91a49387cfb0c8d48303bb3354325ba2a05587.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/poky-fb91a49387cfb0c8d48303bb3354325ba2a05587.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>` +- Tag: :oe_git:`yocto-5.0 </openembedded-core/log/?h=yocto-5.0>` +- Git Revision: :oe_git:`b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277 </openembedded-core/commit/?id=b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277>` +- Release Artefact: oecore-b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277 +- sha: c7fd05d1a00c70acba2540e60dce01a1bdc4701ebff9a808784960240c69261d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/oecore-b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/oecore-b65b4e5a8e4473d8ca43835ba17bc8bd4bdca277.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0 </meta-mingw/log/?h=yocto-5.0>` +- Git Revision: :yocto_git:`acbba477893ef87388effc4679b7f40ee49fc852 </meta-mingw/commit/?id=acbba477893ef87388effc4679b7f40ee49fc852>` +- Release Artefact: meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852 +- sha: 3b7c2f475dad5130bace652b150367f587d44b391218b1364a8bbc430b48c54c +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>` +- Tag: :oe_git:`yocto-5.0 </bitbake/log/?h=yocto-5.0>` +- Git Revision: :oe_git:`c86466d51e8ff14e57a734c1eec5bb651fdc73ef </bitbake/commit/?id=c86466d51e8ff14e57a734c1eec5bb651fdc73ef>` +- Release Artefact: bitbake-c86466d51e8ff14e57a734c1eec5bb651fdc73ef +- sha: 45c91294c1fa5a0044f1bb72a9bb69456bb458747114115af85c7664bf672d48 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-5.0/bitbake-c86466d51e8ff14e57a734c1eec5bb651fdc73ef.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-5.0/bitbake-c86466d51e8ff14e57a734c1eec5bb651fdc73ef.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>` +- Tag: :yocto_git:`yocto-5.0 </yocto-docs/log/?h=yocto-5.0>` +- Git Revision: :yocto_git:`0cdc0afd3332459d30cfc8f4c2e62bdcc23f5ed5 </yocto-docs/commit/?id=0cdc0afd3332459d30cfc8f4c2e62bdcc23f5ed5>` + diff --git a/documentation/migration-guides/release-notes-5.1.rst b/documentation/migration-guides/release-notes-5.1.rst new file mode 100644 index 0000000000..32cb2de2b4 --- /dev/null +++ b/documentation/migration-guides/release-notes-5.1.rst @@ -0,0 +1,67 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for 5.1 (styhead) +--------------------------------- + +New Features / Enhancements in 5.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Linux kernel 6.X, gcc 14.X, glibc 2.X, LLVM 18.X, and over XXX other recipe upgrades + +- New variables: + +- Architecture-specific enhancements: + +- Kernel-related enhancements: + +- New core recipes: + +- QEMU / ``runqemu`` enhancements: + +- Rust improvements: + +- wic Image Creator enhancements: + +- SDK-related improvements: + +- Testing: + +- Utility script changes: + +- BitBake improvements: + +- devtool improvements: + +- recipetool improvements: + +- Packaging changes: + +- Security improvements: + +- Toaster Web UI improvements: + +- Prominent documentation updates: + +- Miscellaneous changes: + +Known Issues in 5.1 +~~~~~~~~~~~~~~~~~~~ + +Recipe License changes in 5.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The following corrections have been made to the :term:`LICENSE` values set by recipes: + +Security Fixes in 5.1 +~~~~~~~~~~~~~~~~~~~~~ + +Recipe Upgrades in 5.1 +~~~~~~~~~~~~~~~~~~~~~~ + +Contributors to 5.1 +~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +Repositories / Downloads for Yocto-5.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |