From c615d00a361510b0425a57ea6afdda5a39069692 Mon Sep 17 00:00:00 2001 From: Michael Opdenacker Date: Tue, 4 Oct 2022 21:41:10 +0200 Subject: migration-guides: add 4.0.4 release notes (From yocto-docs rev: df129c47f866b933af722b1214f3296a8cfe483b) Signed-off-by: Lee Chee Yang Signed-off-by: Michael Opdenacker Signed-off-by: Richard Purdie --- documentation/migration-guides/release-4.0.rst | 1 + .../migration-guides/release-notes-4.0.4.rst | 299 +++++++++++++++++++++ 2 files changed, 300 insertions(+) create mode 100644 documentation/migration-guides/release-notes-4.0.4.rst (limited to 'documentation') diff --git a/documentation/migration-guides/release-4.0.rst b/documentation/migration-guides/release-4.0.rst index fe1efaec1f..9f67daaffb 100644 --- a/documentation/migration-guides/release-4.0.rst +++ b/documentation/migration-guides/release-4.0.rst @@ -8,3 +8,4 @@ Release 4.0 (kirkstone) release-notes-4.0.1 release-notes-4.0.2 release-notes-4.0.3 + release-notes-4.0.4 diff --git a/documentation/migration-guides/release-notes-4.0.4.rst b/documentation/migration-guides/release-notes-4.0.4.rst new file mode 100644 index 0000000000..2623a1dca7 --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.4.rst @@ -0,0 +1,299 @@ +Release notes for Yocto-4.0.4 (Kirkstone) +----------------------------------------- + +Security Fixes in Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils : fix :cve:`2022-38533` +- curl: fix :cve:`2022-35252` +- sqlite: fix :cve:`2022-35737` +- grub2: fix :cve:`2021-3695`, :cve:`2021-3696`, :cve:`2021-3697`, :cve:`2022-28733`, :cve:`2022-28734` and :cve:`2022-28735` +- u-boot: fix :cve:`2022-30552` and :cve:`2022-33967` +- libxml2: Ignore :cve:`2016-3709` +- libtiff: fix :cve:`2022-34526` +- zlib: fix :cve:`2022-37434` +- gnutls: fix :cve:`2022-2509` +- u-boot: fix :cve:`2022-33103` +- qemu: fix :cve:`2021-3507`, :cve:`2021-3929`, :cve:`2021-4158`, :cve:`2022-0216` and :cve:`2022-0358` + + +Fixes in Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~ + +- apr: Cache configure tests which use AC_TRY_RUN +- apr: Use correct strerror_r implementation based on libc type +- apt: fix nativesdk-apt build failure during the second time build +- archiver.bbclass: remove unsed do_deploy_archives[dirs] +- archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared source +- autoconf: Fix strict prototype errors in generated tests +- autoconf: Update K & R stype functions +- bind: upgrade to 9.18.5 +- bitbake.conf: set BB_DEFAULT_UMASK using ??= +- bitbake: ConfHandler/BBHandler: Improve comment error messages and add tests +- bitbake: ConfHandler: Remove lingering close +- bitbake: bb/utils: movefile: use the logger for printing +- bitbake: bb/utils: remove: check the path again the expand python glob +- bitbake: bitbake-user-manual: Correct description of the ??= operator +- bitbake: bitbake-user-manual: npm fetcher: improve description of SRC_URI format +- bitbake: bitbake: bitbake-user-manual: hashserv can be accessed on a dedicated domain +- bitbake: bitbake: runqueue: add cpu/io pressure regulation +- bitbake: bitbake: runqueue: add memory pressure regulation +- bitbake: cooker: Drop sre_constants usage +- bitbake: doc: bitbake-user-manual: add explicit target for crates fetcher +- bitbake: doc: bitbake-user-manual: document npm and npmsw fetchers +- bitbake: event.py: ignore exceptions from stdout and sterr operations in atexit +- bitbake: fetch2: Ensure directory exists before creating symlink +- bitbake: fetch2: gitsm: fix incorrect handling of git submodule relative urls +- bitbake: runqueue: Change pressure file warning to a note +- bitbake: runqueue: Fix unihash cache mismatch issues +- bitbake: toaster: fix kirkstone version +- bitbake: utils: Pass lock argument in fileslocked +- bluez5: upgrade to 5.65 +- boost: fix install of fiber shared libraries +- cairo: Adapt the license information based on what is being built +- classes: cve-check: Get shared database lock +- cmake: remove CMAKE_ASM_FLAGS variable in toolchain file +- connman: Backports for security fixes +- core-image.bbclass: Exclude openssh complementary packages +- cracklib: Drop using register keyword +- cracklib: upgrade to 2.9.8 +- create-spdx: Fix supplier field +- create-spdx: handle links to inaccessible locations +- create-spdx: ignore packing control files from ipk and deb +- cve-check: Don't use f-strings +- cve-check: close cursors as soon as possible +- devtool/upgrade: catch bb.fetch2.decodeurl errors +- devtool/upgrade: correctly clean up when recipe filename isn't yet known +- devtool: error out when workspace is using old override syntax +- ell: upgrade to 0.50 +- epiphany: upgrade to 42.4 +- externalsrc: Don't wipe out src dir when EXPORT_FUNCTIONS is used. +- gcc-multilib-config: Fix i686 toolchain relocation issues +- gcr: Define _GNU_SOURCE +- gdk-pixbuf: upgrade to 2.42.9 +- glib-networking: upgrade to 2.72.2 +- go: upgrade to v1.17.13 +- insane.bbclass: Skip patches not in oe-core by full path +- iso-codes: upgrade to 4.11.0 +- kernel-fitimage.bbclass: add padding algorithm property in config nodes +- kernel-fitimage.bbclass: only package unique DTBs +- kernel: Always set CC and LD for the kernel build +- kernel: Use consistent make flags for menuconfig +- lib:npm_registry: initial checkin +- libatomic-ops: upgrade to 7.6.14 +- libcap: upgrade to 2.65 +- libjpeg-turbo: upgrade to 2.1.4 +- libpam: use /run instead of /var/run in systemd tmpfiles +- libtasn1: upgrade to 4.19.0 +- liburcu: upgrade to 0.13.2 +- libwebp: upgrade to 1.2.4 +- libwpe: upgrade to 1.12.3 +- libxml2: Port gentest.py to Python-3 +- lighttpd: upgrade to 1.4.66 +- linux-yocto/5.10: update genericx86* machines to v5.10.135 +- linux-yocto/5.10: update to v5.10.137 +- linux-yocto/5.15: update genericx86* machines to v5.15.59 +- linux-yocto/5.15: update to v5.15.62 +- linux-yocto: Fix COMPATIBLE_MACHINE regex match +- linux-yocto: prepend the the value with a space when append to KERNEL_EXTRA_ARGS +- lttng-modules: fix 5.19+ build +- lttng-modules: fix build against mips and v5.19 kernel +- lttng-modules: fix build for kernel 5.10.137 +- lttng-modules: replace mips compaction fix with upstream change +- lz4: upgrade to 1.9.4 +- maintainers: update opkg maintainer +- meta: introduce UBOOT_MKIMAGE_KERNEL_TYPE +- migration guides: add missing release notes +- mobile-broadband-provider-info: upgrade to 20220725 +- nativesdk: Clear TUNE_FEATURES +- npm: replace 'npm pack' call by 'tar czf' +- npm: return content of 'package.json' in 'npm_pack' +- npm: take 'version' directly from 'package.json' +- npm: use npm_registry to cache package +- oeqa/gotoolchain: put writable files in the Go module cache +- oeqa/gotoolchain: set CGO_ENABLED=1 +- oeqa/parselogs: add qemuarmv5 arm-charlcd masking +- oeqa/qemurunner: add run_serial() comment +- oeqa/selftest: rename git.py to intercept.py +- oeqa: qemurunner: Report UNIX Epoch timestamp on login +- package_rpm: Do not replace square brackets in %files +- packagegroup-self-hosted: update for strace +- parselogs: Ignore xf86OpenConsole error +- perf: Fix reproducibility issues with 5.19 onwards +- pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses +- poky.conf: add ubuntu-22.04 to tested distros +- poky.conf: bump version for 4.0.4 +- pseudo: Update to include recent upstream minor fixes +- python3-pip: Fix RDEPENDS after the update +- ref-manual: add numa to machine features +- relocate_sdk.py: ensure interpreter size error causes relocation to fail +- rootfs-postcommands.bbclass: avoid moving ssh host keys if etc is writable +- rootfs.py: dont try to list installed packages for baremetal images +- rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils +- ruby: drop capstone support +- runqemu: Add missing space on default display option +- runqemu: display host uptime when starting +- sanity: add a comment to ensure CONNECTIVITY_CHECK_URIS is correct +- scripts/oe-setup-builddir: make it known where configurations come from +- scripts/runqemu.README: fix typos and trailing whitespaces +- selftest/wic: Tweak test case to not depend on kernel size +- shadow: Avoid nss warning/error with musl +- shadow: Enable subid support +- system-requirements.rst: Add Ubuntu 22.04 to list of supported distros +- systemd: Add 'no-dns-fallback' PACKAGECONFIG option +- systemd: Fix unwritable /var/lock when no sysvinit handling +- sysvinit-inittab/start_getty: Fix respawn too fast +- tcp-wrappers: Fix implicit-function-declaration warnings +- tzdata: upgrade to 2022b +- util-linux: Remove --enable-raw from EXTRA_OECONF +- vala: upgrade to 0.56.3 +- vim: Upgrade to 9.0.0453 +- watchdog: Include needed system header for function decls +- webkitgtk: upgrade to 2.36.5 +- weston: upgrade to 10.0.2 +- wic/bootimg-efi: use cross objcopy when building unified kernel image +- wic: add target tools to PATH when executing native commands +- wic: depend on cross-binutils +- wireless-regdb: upgrade to 2022.08.12 +- wpebackend-fdo: upgrade to 1.12.1 +- xinetd: Pass missing -D_GNU_SOURCE +- xz: update to 5.2.6 + + +Known Issues in Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Alejandro Hernandez Samaniego +- Alex Stewart +- Alexander Kanavin +- Alexandre Belloni +- Andrei Gherzan +- Anuj Mittal +- Aryaman Gupta +- Awais Belal +- Beniamin Sandu +- Bertrand Marquis +- Bruce Ashfield +- Changqing Li +- Chee Yang Lee +- Daiane Angolini +- Enrico Scholz +- Ernst Sjöstrand +- Gennaro Iorio +- Hitendra Prajapati +- Jacob Kroon +- Jon Mason +- Jose Quaresma +- Joshua Watt +- Kai Kang +- Khem Raj +- Kristian Amlie +- LUIS ENRIQUEZ +- Mark Hatle +- Martin Beeger +- Martin Jansa +- Mateusz Marciniec +- Michael Opdenacker +- Mihai Lindner +- Mikko Rapeli +- Ming Liu +- Niko Mauno +- Ola x Nilsson +- Otavio Salvador +- Paul Eggleton +- Pavel Zhukov +- Peter Bergin +- Peter Kjellerstedt +- Peter Marko +- Rajesh Dangi +- Randy MacLeod +- Rasmus Villemoes +- Richard Purdie +- Robert Joslyn +- Roland Hieber +- Ross Burton +- Sakib Sajal +- Shubham Kulkarni +- Steve Sakoman +- Ulrich Ölmann +- Yang Xu +- Yongxin Liu +- ghassaneben +- pgowda +- wangmy + +Repositories / Downloads for Yocto-4.0.4 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: https://git.yoctoproject.org/git/poky +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.4 ` +- Git Revision: :yocto_git:`d64bef1c7d713b92a51228e5ade945835e5a94a4 ` +- Release Artefact: poky-d64bef1c7d713b92a51228e5ade945835e5a94a4 +- sha: b5e92506b31f88445755bad2f45978b747ad1a5bea66ca897370542df5f1e7db +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 + +openembedded-core + +- Repository Location: https://git.openembedded.org/openembedded-core +- Branch: :oe_git:`kirkstone ` +- Tag: :oe_git:`yocto-4.0.4 ` +- Git Revision: :oe_git:`f7766da462905ec67bf549d46b8017be36cd5b2a ` +- Release Artefact: oecore-f7766da462905ec67bf549d46b8017be36cd5b2a +- sha: ce0ac011474db5e5f0bb1be3fb97f890a02e46252a719dbcac5813268e48ff16 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 + +meta-mingw + +- Repository Location: https://git.yoctoproject.org/git/meta-mingw +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.4 ` +- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 ` +- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 +- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 + +meta-gplv2 + +- Repository Location: https://git.yoctoproject.org/git/meta-gplv2 +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.4 ` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a ` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: https://git.openembedded.org/bitbake +- Branch: :oe_git:`2.0 ` +- Tag: :oe_git:`yocto-4.0.4 ` +- Git Revision: :oe_git:`ac576d6fad6bba0cfea931883f25264ea83747ca ` +- Release Artefact: bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca +- sha: 526c2768874eeda61ade8c9ddb3113c90d36ef44a026d6690f02de6f3dd0ea12 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 + +yocto-docs + +- Repository Location: https://git.yoctoproject.org/git/yocto-docs +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.4 ` +- Git Revision: :yocto_git:`f632dad24c39778f948014029e74db3c871d9d21 ` -- cgit v1.2.3-54-g00ecf