Release notes for Yocto-4.0.9 (Kirkstone)
Security Fixes in Yocto-4.0.9
- binutils: Fix CVE-2023-22608 
- curl: Fix CVE-2023-23914, CVE-2023-23915 and CVE-2023-23916 
- epiphany: Fix CVE-2023-26081 
- git: Ignore CVE-2023-22743 
- glibc: Fix CVE-2023-0687 
- gnutls: Fix CVE-2023-0361 
- go: Fix CVE-2022-2879, CVE-2022-41720 and CVE-2022-41723 
- harfbuzz: Fix CVE-2023-25193 
- less: Fix CVE-2022-46663 
- libmicrohttpd: Fix CVE-2023-27371 
- libsdl2: Fix CVE-2022-4743 
- openssl: Fix CVE-2022-3996, CVE-2023-0464, CVE-2023-0465 and CVE-2023-0466 
- pkgconf: Fix CVE-2023-24056 
- python3: Fix CVE-2023-24329 
- shadow: Ignore CVE-2016-15024 
- systemd: Fix CVE-2022-4415 
- tiff: Fix CVE-2023-0800, CVE-2023-0801, CVE-2023-0802, CVE-2023-0803 and CVE-2023-0804 
- vim: Fix CVE-2023-0433, CVE-2023-0512, CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264 and CVE-2023-1355 
- xserver-xorg: Fix CVE-2023-0494 
- xwayland: Fix CVE-2023-0494 
Fixes in Yocto-4.0.9
- base-files: Drop localhost.localdomain from hosts file 
- binutils: Fix nativesdk ld.so search 
- bitbake: cookerdata: Drop dubious exception handling code 
- bitbake: cookerdata: Improve early exception handling 
- bitbake: cookerdata: Remove incorrect SystemExit usage 
- bitbake: fetch/git: Fix local clone url to make it work with repo 
- bitbake: utils: Allow to_boolean to support int values 
- bmap-tools: switch to main branch 
- buildtools-tarball: Handle spaces within user $PATH 
- busybox: Fix depmod patch 
- cracklib: update github branch to ‘main’ 
- cups: add/fix web interface packaging 
- cups: check PACKAGECONFIG for pam feature 
- cups: use BUILDROOT instead of DESTDIR 
- curl: fix dependencies when building with ldap/ldaps 
- cve-check: Fix false negative version issue 
- dbus: upgrade to 1.14.6 
- devtool/upgrade: do not delete the workspace/recipes directory 
- dhcpcd: Fix install conflict when enable multilib. 
- dhcpcd: fix dhcpcd start failure on qemuppc64 
- gcc-shared-source: do not use ${S}/.. in deploy_source_date_epoch 
- glibc: Add missing binutils dependency 
- image_types: fix multiubi var init 
- iso-codes: upgrade to 4.13.0 
- json-c: Add ptest for json-c 
- kernel-yocto: fix kernel-meta data detection 
- lib/buildstats: handle tasks that never finished 
- lib/resulttool: fix typo breaking resulttool log –ptest 
- libjpeg-turbo: upgrade to 2.1.5.1 
- libmicrohttpd: upgrade to 0.9.76 
- libseccomp: fix for the ptest result format 
- libssh2: Clean up ptest patch/coverage 
- linux-firmware: add yamato fw files to qcom-adreno-a2xx package 
- linux-firmware: properly set license for all Qualcomm firmware 
- linux-firmware: upgrade to 20230210 
- linux-yocto-rt/5.15: update to -rt59 
- linux-yocto/5.10: upgrade to v5.10.175 
- linux-yocto/5.15: upgrade to v5.15.103 
- linux: inherit pkgconfig in kernel.bbclass 
- lttng-modules: fix for kernel 6.2+ 
- lttng-modules: upgrade to v2.13.9 
- lua: Fix install conflict when enable multilib. 
- mdadm: Fix raid0, 06wrmostly and 02lineargrow tests 
- meson: Fix wrapper handling of implicit setup command 
- migration-guides: add 4.0.8 release notes 
- nghttp2: never build python bindings 
- oeqa rtc.py: skip if read-only-rootfs 
- oeqa ssh.py: fix hangs in run() 
- oeqa/sdk: Improve Meson test 
- oeqa/selftest/prservice: Improve debug output for failure 
- oeqa/selftest/resulttooltests: fix minor typo 
- openssl: upgrade to 3.0.8 
- package.bbclase: Add check for /build in copydebugsources() 
- patchelf: replace a rejected patch with an equivalent uninative.bbclass tweak 
- poky.conf: bump version for 4.0.9 
- populate_sdk_ext: Handle spaces within user $PATH 
- pybootchartui: Fix python syntax issue 
- python3-git: fix indent error 
- python3-setuptools-rust-native: Add direct dependency of native python3 modules 
- qemu: Revert “fix CVE-2021-3507” as not applicable for qemu 6.2 
- rsync: Add missing prototypes to function declarations 
- rsync: Turn on -pedantic-errors at the end of ‘configure’ 
- runqemu: kill qemu if it hangs 
- scripts/lib/buildstats: handle top-level build_stats not being complete 
- selftest/recipetool: Stop test corrupting tinfoil class 
- selftest/runtime_test/virgl: Disable for all Rocky Linux 
- selftest: devtool: set BB_HASHSERVE_UPSTREAM when setting SSTATE_MIRROR 
- sstatesig: Improve output hash calculation 
- staging/multilib: Fix manifest corruption 
- staging: Separate out different multiconfig manifests 
- sudo: update 1.9.12p2 -> 1.9.13p3 
- systemd.bbclass: Add /usr/lib/systemd to searchpaths as well 
- systemd: add group sgx to udev package 
- systemd: fix wrong nobody-group assignment 
- timezone: use ‘tz’ subdir instead of ${WORKDIR} directly 
- toolchain-scripts: Handle spaces within user $PATH 
- tzcode-native: fix build with gcc-13 on host 
- tzdata: use separate B instead of WORKDIR for zic output 
- uninative: upgrade to 3.9 to include libgcc and glibc 2.37 
- vala: Fix install conflict when enable multilib. 
- vim: add missing pkgconfig inherit 
- vim: set modified-by to the recipe MAINTAINER 
- vim: upgrade to 9.0.1429 
- wic: Fix usage of fstype=none in wic 
- wireless-regdb: upgrade to 2023.02.13 
- xserver-xorg: upgrade to 21.1.7 
- xwayland: upgrade to 22.1.8 
Known Issues in Yocto-4.0.9
- N/A 
Contributors to Yocto-4.0.9
- Alexander Kanavin 
- Alexis Lothoré 
- Bruce Ashfield 
- Changqing Li 
- Chee Yang Lee 
- Dmitry Baryshkov 
- Federico Pellegrin 
- Geoffrey GIRY 
- Hitendra Prajapati 
- Hongxu Jia 
- Joe Slater 
- Kai Kang 
- Kenfe-Mickael Laventure 
- Khem Raj 
- Martin Jansa 
- Mateusz Marciniec 
- Michael Halstead 
- Michael Opdenacker 
- Mikko Rapeli 
- Ming Liu 
- Mingli Yu 
- Narpat Mali 
- Pavel Zhukov 
- Pawan Badganchi 
- Peter Marko 
- Piotr Łobacz 
- Poonam Jadhav 
- Randy MacLeod 
- Richard Purdie 
- Robert Yang 
- Romuald Jeanne 
- Ross Burton 
- Sakib Sajal 
- Saul Wold 
- Shubham Kulkarni 
- Siddharth Doshi 
- Simone Weiss 
- Steve Sakoman 
- Tim Orling 
- Tom Hochstein 
- Trevor Woerner 
- Ulrich Ölmann 
- Vivek Kumbhar 
- Wang Mingyu 
- Xiangyu Chen 
- Yash Shinde 
Repositories / Downloads for Yocto-4.0.9
poky
- Repository Location: https://git.yoctoproject.org/poky 
- Branch: kirkstone 
- Tag: yocto-4.0.9 
- Git Revision: 09def309f91929f47c6cce386016ccb777bd2cfc 
- Release Artefact: poky-09def309f91929f47c6cce386016ccb777bd2cfc 
- sha: 5c7ce209c8a6b37ec2898e5ca21858234d91999c11fa862880ba98e8bde62f63 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/poky-09def309f91929f47c6cce386016ccb777bd2cfc.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/poky-09def309f91929f47c6cce386016ccb777bd2cfc.tar.bz2 
openembedded-core
- Repository Location: https://git.openembedded.org/openembedded-core 
- Branch: kirkstone 
- Tag: yocto-4.0.9 
- Git Revision: ff4b57ffff903a93b710284c7c7f916ddd74712f 
- Release Artefact: oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f 
- sha: 726778ffc291136db1704316b196de979f68df9f96476b785e1791957fbb66b3 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/oecore-ff4b57ffff903a93b710284c7c7f916ddd74712f.tar.bz2 
meta-mingw
- Repository Location: https://git.yoctoproject.org/meta-mingw 
- Branch: kirkstone 
- Tag: yocto-4.0.9 
- Git Revision: a90614a6498c3345704e9611f2842eb933dc51c1 
- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 
- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 
meta-gplv2
- Repository Location: https://git.yoctoproject.org/meta-gplv2 
- Branch: kirkstone 
- Tag: yocto-4.0.9 
- Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 
- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a 
- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 
bitbake
- Repository Location: https://git.openembedded.org/bitbake 
- Branch: 2.0 
- Tag: yocto-4.0.9 
- Git Revision: 2802adb572eb73a3eb2725a74a9bbdaafc543fa7 
- Release Artefact: bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7 
- sha: 5c6e713b5e26b3835c0773095c7a1bc1f8affa28316b33597220ed86f1f1b643 
- Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.9/bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.9/bitbake-2802adb572eb73a3eb2725a74a9bbdaafc543fa7.tar.bz2 
yocto-docs
- Repository Location: https://git.yoctoproject.org/yocto-docs 
- Branch: kirkstone 
- Tag: yocto-4.0.9 
- Git Revision: 86d0b38a97941ad52b1af220c7b801a399d50e93