Release notes for Yocto-4.0.4 (Kirkstone)
Security Fixes in Yocto-4.0.4
- binutils : fix CVE-2022-38533 
- curl: fix CVE-2022-35252 
- sqlite: fix CVE-2022-35737 
- grub2: fix CVE-2021-3695, CVE-2021-3696, CVE-2021-3697, CVE-2022-28733, CVE-2022-28734 and CVE-2022-28735 
- u-boot: fix CVE-2022-30552 and CVE-2022-33967 
- libxml2: Ignore CVE-2016-3709 
- libtiff: fix CVE-2022-34526 
- zlib: fix CVE-2022-37434 
- gnutls: fix CVE-2022-2509 
- u-boot: fix CVE-2022-33103 
- qemu: fix CVE-2021-3507, CVE-2021-3929, CVE-2021-4158, CVE-2022-0216 and CVE-2022-0358 
Fixes in Yocto-4.0.4
- apr: Cache configure tests which use AC_TRY_RUN 
- apr: Use correct strerror_r implementation based on libc type 
- apt: fix nativesdk-apt build failure during the second time build 
- archiver.bbclass: remove unsed do_deploy_archives[dirs] 
- archiver.bbclass: some recipes that uses the kernelsrc bbclass uses the shared source 
- autoconf: Fix strict prototype errors in generated tests 
- autoconf: Update K & R stype functions 
- bind: upgrade to 9.18.5 
- bitbake.conf: set BB_DEFAULT_UMASK using ??= 
- bitbake: ConfHandler/BBHandler: Improve comment error messages and add tests 
- bitbake: ConfHandler: Remove lingering close 
- bitbake: bb/utils: movefile: use the logger for printing 
- bitbake: bb/utils: remove: check the path again the expand python glob 
- bitbake: bitbake-user-manual: Correct description of the ??= operator 
- bitbake: bitbake-user-manual: npm fetcher: improve description of SRC_URI format 
- bitbake: bitbake: bitbake-user-manual: hashserv can be accessed on a dedicated domain 
- bitbake: bitbake: runqueue: add cpu/io pressure regulation 
- bitbake: bitbake: runqueue: add memory pressure regulation 
- bitbake: cooker: Drop sre_constants usage 
- bitbake: doc: bitbake-user-manual: add explicit target for crates fetcher 
- bitbake: doc: bitbake-user-manual: document npm and npmsw fetchers 
- bitbake: event.py: ignore exceptions from stdout and sterr operations in atexit 
- bitbake: fetch2: Ensure directory exists before creating symlink 
- bitbake: fetch2: gitsm: fix incorrect handling of git submodule relative urls 
- bitbake: runqueue: Change pressure file warning to a note 
- bitbake: runqueue: Fix unihash cache mismatch issues 
- bitbake: toaster: fix kirkstone version 
- bitbake: utils: Pass lock argument in fileslocked 
- bluez5: upgrade to 5.65 
- boost: fix install of fiber shared libraries 
- cairo: Adapt the license information based on what is being built 
- classes: cve-check: Get shared database lock 
- cmake: remove CMAKE_ASM_FLAGS variable in toolchain file 
- connman: Backports for security fixes 
- core-image.bbclass: Exclude openssh complementary packages 
- cracklib: Drop using register keyword 
- cracklib: upgrade to 2.9.8 
- create-spdx: Fix supplier field 
- create-spdx: handle links to inaccessible locations 
- create-spdx: ignore packing control files from ipk and deb 
- cve-check: Don’t use f-strings 
- cve-check: close cursors as soon as possible 
- devtool/upgrade: catch bb.fetch2.decodeurl errors 
- devtool/upgrade: correctly clean up when recipe filename isn’t yet known 
- devtool: error out when workspace is using old override syntax 
- ell: upgrade to 0.50 
- epiphany: upgrade to 42.4 
- externalsrc: Don’t wipe out src dir when EXPORT_FUNCTIONS is used. 
- gcc-multilib-config: Fix i686 toolchain relocation issues 
- gcr: Define _GNU_SOURCE 
- gdk-pixbuf: upgrade to 2.42.9 
- glib-networking: upgrade to 2.72.2 
- go: upgrade to v1.17.13 
- insane.bbclass: Skip patches not in oe-core by full path 
- iso-codes: upgrade to 4.11.0 
- kernel-fitimage.bbclass: add padding algorithm property in config nodes 
- kernel-fitimage.bbclass: only package unique DTBs 
- kernel: Always set CC and LD for the kernel build 
- kernel: Use consistent make flags for menuconfig 
- lib:npm_registry: initial checkin 
- libatomic-ops: upgrade to 7.6.14 
- libcap: upgrade to 2.65 
- libjpeg-turbo: upgrade to 2.1.4 
- libpam: use /run instead of /var/run in systemd tmpfiles 
- libtasn1: upgrade to 4.19.0 
- liburcu: upgrade to 0.13.2 
- libwebp: upgrade to 1.2.4 
- libwpe: upgrade to 1.12.3 
- libxml2: Port gentest.py to Python-3 
- lighttpd: upgrade to 1.4.66 
- linux-yocto/5.10: update genericx86* machines to v5.10.135 
- linux-yocto/5.10: update to v5.10.137 
- linux-yocto/5.15: update genericx86* machines to v5.15.59 
- linux-yocto/5.15: update to v5.15.62 
- linux-yocto: Fix COMPATIBLE_MACHINE regex match 
- linux-yocto: prepend the the value with a space when append to KERNEL_EXTRA_ARGS 
- lttng-modules: fix 5.19+ build 
- lttng-modules: fix build against mips and v5.19 kernel 
- lttng-modules: fix build for kernel 5.10.137 
- lttng-modules: replace mips compaction fix with upstream change 
- lz4: upgrade to 1.9.4 
- maintainers: update opkg maintainer 
- meta: introduce UBOOT_MKIMAGE_KERNEL_TYPE 
- migration guides: add missing release notes 
- mobile-broadband-provider-info: upgrade to 20220725 
- nativesdk: Clear TUNE_FEATURES 
- npm: replace ‘npm pack’ call by ‘tar czf’ 
- npm: return content of ‘package.json’ in ‘npm_pack’ 
- npm: take ‘version’ directly from ‘package.json’ 
- npm: use npm_registry to cache package 
- oeqa/gotoolchain: put writable files in the Go module cache 
- oeqa/gotoolchain: set CGO_ENABLED=1 
- oeqa/parselogs: add qemuarmv5 arm-charlcd masking 
- oeqa/qemurunner: add run_serial() comment 
- oeqa/selftest: rename git.py to intercept.py 
- oeqa: qemurunner: Report UNIX Epoch timestamp on login 
- package_rpm: Do not replace square brackets in %files 
- packagegroup-self-hosted: update for strace 
- parselogs: Ignore xf86OpenConsole error 
- perf: Fix reproducibility issues with 5.19 onwards 
- pinentry: enable _XOPEN_SOURCE on musl for wchar usage in curses 
- poky.conf: add ubuntu-22.04 to tested distros 
- poky.conf: bump version for 4.0.4 
- pseudo: Update to include recent upstream minor fixes 
- python3-pip: Fix RDEPENDS after the update 
- ref-manual: add numa to machine features 
- relocate_sdk.py: ensure interpreter size error causes relocation to fail 
- rootfs-postcommands.bbclass: avoid moving ssh host keys if etc is writable 
- rootfs.py: dont try to list installed packages for baremetal images 
- rootfspostcommands.py: Cleanup subid backup files generated by shadow-utils 
- ruby: drop capstone support 
- runqemu: Add missing space on default display option 
- runqemu: display host uptime when starting 
- sanity: add a comment to ensure CONNECTIVITY_CHECK_URIS is correct 
- scripts/oe-setup-builddir: make it known where configurations come from 
- scripts/runqemu.README: fix typos and trailing whitespaces 
- selftest/wic: Tweak test case to not depend on kernel size 
- shadow: Avoid nss warning/error with musl 
- shadow: Enable subid support 
- system-requirements.rst: Add Ubuntu 22.04 to list of supported distros 
- systemd: Add ‘no-dns-fallback’ PACKAGECONFIG option 
- systemd: Fix unwritable /var/lock when no sysvinit handling 
- sysvinit-inittab/start_getty: Fix respawn too fast 
- tcp-wrappers: Fix implicit-function-declaration warnings 
- tzdata: upgrade to 2022b 
- util-linux: Remove –enable-raw from EXTRA_OECONF 
- vala: upgrade to 0.56.3 
- vim: Upgrade to 9.0.0453 
- watchdog: Include needed system header for function decls 
- webkitgtk: upgrade to 2.36.5 
- weston: upgrade to 10.0.2 
- wic/bootimg-efi: use cross objcopy when building unified kernel image 
- wic: add target tools to PATH when executing native commands 
- wic: depend on cross-binutils 
- wireless-regdb: upgrade to 2022.08.12 
- wpebackend-fdo: upgrade to 1.12.1 
- xinetd: Pass missing -D_GNU_SOURCE 
- xz: update to 5.2.6 
Known Issues in Yocto-4.0.4
- N/A 
Contributors to Yocto-4.0.4
- Alejandro Hernandez Samaniego 
- Alex Stewart 
- Alexander Kanavin 
- Alexandre Belloni 
- Andrei Gherzan 
- Anuj Mittal 
- Aryaman Gupta 
- Awais Belal 
- Beniamin Sandu 
- Bertrand Marquis 
- Bruce Ashfield 
- Changqing Li 
- Chee Yang Lee 
- Daiane Angolini 
- Enrico Scholz 
- Ernst Sjöstrand 
- Gennaro Iorio 
- Hitendra Prajapati 
- Jacob Kroon 
- Jon Mason 
- Jose Quaresma 
- Joshua Watt 
- Kai Kang 
- Khem Raj 
- Kristian Amlie 
- LUIS ENRIQUEZ 
- Mark Hatle 
- Martin Beeger 
- Martin Jansa 
- Mateusz Marciniec 
- Michael Opdenacker 
- Mihai Lindner 
- Mikko Rapeli 
- Ming Liu 
- Niko Mauno 
- Ola x Nilsson 
- Otavio Salvador 
- Paul Eggleton 
- Pavel Zhukov 
- Peter Bergin 
- Peter Kjellerstedt 
- Peter Marko 
- Rajesh Dangi 
- Randy MacLeod 
- Rasmus Villemoes 
- Richard Purdie 
- Robert Joslyn 
- Roland Hieber 
- Ross Burton 
- Sakib Sajal 
- Shubham Kulkarni 
- Steve Sakoman 
- Ulrich Ölmann 
- Yang Xu 
- Yongxin Liu 
- ghassaneben 
- pgowda 
- wangmy 
Repositories / Downloads for Yocto-4.0.4
poky
- Repository Location: https://git.yoctoproject.org/git/poky 
- Branch: kirkstone 
- Tag: yocto-4.0.4 
- Git Revision: d64bef1c7d713b92a51228e5ade945835e5a94a4 
- Release Artefact: poky-d64bef1c7d713b92a51228e5ade945835e5a94a4 
- sha: b5e92506b31f88445755bad2f45978b747ad1a5bea66ca897370542df5f1e7db 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/poky-d64bef1c7d713b92a51228e5ade945835e5a94a4.tar.bz2 
openembedded-core
- Repository Location: https://git.openembedded.org/openembedded-core 
- Branch: kirkstone 
- Tag: yocto-4.0.4 
- Git Revision: f7766da462905ec67bf549d46b8017be36cd5b2a 
- Release Artefact: oecore-f7766da462905ec67bf549d46b8017be36cd5b2a 
- sha: ce0ac011474db5e5f0bb1be3fb97f890a02e46252a719dbcac5813268e48ff16 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/oecore-f7766da462905ec67bf549d46b8017be36cd5b2a.tar.bz2 
meta-mingw
- Repository Location: https://git.yoctoproject.org/git/meta-mingw 
- Branch: kirkstone 
- Tag: yocto-4.0.4 
- Git Revision: a90614a6498c3345704e9611f2842eb933dc51c1 
- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 
- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 
meta-gplv2
- Repository Location: https://git.yoctoproject.org/git/meta-gplv2 
- Branch: kirkstone 
- Tag: yocto-4.0.4 
- Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 
- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 
- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 
bitbake
- Repository Location: https://git.openembedded.org/bitbake 
- Branch: 2.0 
- Tag: yocto-4.0.4 
- Git Revision: ac576d6fad6bba0cfea931883f25264ea83747ca 
- Release Artefact: bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca 
- sha: 526c2768874eeda61ade8c9ddb3113c90d36ef44a026d6690f02de6f3dd0ea12 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.4/bitbake-ac576d6fad6bba0cfea931883f25264ea83747ca.tar.bz2 
yocto-docs
- Repository Location: https://git.yoctoproject.org/git/yocto-docs 
- Branch: kirkstone 
- Tag: yocto-4.0.4 
- Git Revision: f632dad24c39778f948014029e74db3c871d9d21