Release notes for Yocto-4.0.17 (Kirkstone)
Security Fixes in Yocto-4.0.17
bind: Fix CVE-2023-4408, CVE-2023-5517, CVE-2023-5679, CVE-2023-50868 and CVE-2023-50387
binutils: Fix CVE-2023-39129 and CVE-2023-39130
curl: Fix CVE-2023-46219
curl: Ignore CVE-2023-42915
gcc: Ignore CVE-2023-4039
gdb: Fix CVE-2023-39129 and CVE-2023-39130
glibc: Ignore CVE-2023-0687
go: Fix CVE-2023-29406, CVE-2023-45285, CVE-2023-45287, CVE-2023-45289, CVE-2023-45290, CVE-2024-24784 and CVE-2024-24785
less: Fix CVE-2022-48624
libgit2: Fix CVE-2024-24575 and CVE-2024-24577
libuv: fix CVE-2024-24806
libxml2: Fix for CVE-2024-25062
linux-yocto/5.15: Fix CVE-2022-36402, CVE-2022-40982, CVE-2022-47940, CVE-2023-1193, CVE-2023-1194, CVE-2023-3772, CVE-2023-3867, CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208, CVE-2023-4244, CVE-2023-4273, CVE-2023-4563, CVE-2023-4569, CVE-2023-4623, CVE-2023-4881, CVE-2023-4921, CVE-2023-5158, CVE-2023-5717, CVE-2023-6040, CVE-2023-6121, CVE-2023-6176, CVE-2023-6546, CVE-2023-6606, CVE-2023-6622, CVE-2023-6817, CVE-2023-6915, CVE-2023-6931, CVE-2023-6932, CVE-2023-20569, CVE-2023-20588, CVE-2023-25775, CVE-2023-31085, CVE-2023-32247, CVE-2023-32250, CVE-2023-32252, CVE-2023-32254, CVE-2023-32257, CVE-2023-32258, CVE-2023-34324, CVE-2023-35827, CVE-2023-38427, CVE-2023-38430, CVE-2023-38431, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-39194, CVE-2023-39198, CVE-2023-40283, CVE-2023-42752, CVE-2023-42753, CVE-2023-42754, CVE-2023-42755, CVE-2023-45871, CVE-2023-46343, CVE-2023-46813, CVE-2023-46838, CVE-2023-46862, CVE-2023-51042, CVE-2023-51779, CVE-2023-52340, CVE-2023-52429, CVE-2023-52435, CVE-2023-52436, CVE-2023-52438, CVE-2023-52439, CVE-2023-52441, CVE-2023-52442, CVE-2023-52443, CVE-2023-52444, CVE-2023-52445, CVE-2023-52448, CVE-2023-52449, CVE-2023-52451, CVE-2023-52454, CVE-2023-52456, CVE-2023-52457, CVE-2023-52458, CVE-2023-52463, CVE-2023-52464, CVE-2024-0340, CVE-2024-0584, CVE-2024-0607, CVE-2024-0641, CVE-2024-0646, CVE-2024-1085, CVE-2024-1086, CVE-2024-1151, CVE-2024-22705, CVE-2024-23849, CVE-2024-23850, CVE-2024-23851, CVE-2024-24860, CVE-2024-26586, CVE-2024-26589, CVE-2024-26591, CVE-2024-26592, CVE-2024-26593, CVE-2024-26594, CVE-2024-26597 and CVE-2024-26598
linux-yocto/5.15: Ignore CVE-2020-27418, CVE-2020-36766, CVE-2021-33630, CVE-2021-33631, CVE-2022-48619, CVE-2023-2430, CVE-2023-4610, CVE-2023-4732, CVE-2023-5090, CVE-2023-5178, CVE-2023-5197, CVE-2023-5345, CVE-2023-5633, CVE-2023-5972, CVE-2023-6111, CVE-2023-6200, CVE-2023-6531, CVE-2023-6679, CVE-2023-7192, CVE-2023-40791, CVE-2023-42756, CVE-2023-44466, CVE-2023-45862, CVE-2023-45863, CVE-2023-45898, CVE-2023-51043, CVE-2023-51780, CVE-2023-51781, CVE-2023-51782, CVE-2023-52433, CVE-2023-52440, CVE-2023-52446, CVE-2023-52450, CVE-2023-52453, CVE-2023-52455, CVE-2023-52459, CVE-2023-52460, CVE-2023-52461, CVE-2023-52462, CVE-2024-0193, CVE-2024-0443, CVE-2024-0562, CVE-2024-0582, CVE-2024-0639, CVE-2024-0775, CVE-2024-26581, CVE-2024-26582, CVE-2024-26590, CVE-2024-26596 and CVE-2024-26599
linux-yocto/5.10: Fix CVE-2023-6040, CVE-2023-6121, CVE-2023-6606, CVE-2023-6817, CVE-2023-6915, CVE-2023-6931, CVE-2023-6932, CVE-2023-39198, CVE-2023-46838, CVE-2023-51779, CVE-2023-51780, CVE-2023-51781, CVE-2023-51782, CVE-2023-52340, CVE-2024-0584 and CVE-2024-0646
linux-yocto/5.10: Ignore CVE-2021-33630, CVE-2021-33631, CVE-2022-1508, CVE-2022-36402, CVE-2022-48619, CVE-2023-2430, CVE-2023-4610, CVE-2023-5972, CVE-2023-6039, CVE-2023-6200, CVE-2023-6531, CVE-2023-6546, CVE-2023-6622, CVE-2023-6679, CVE-2023-7192, CVE-2023-46343, CVE-2023-51042, CVE-2023-51043, CVE-2024-0193, CVE-2024-0443, CVE-2024-0562, CVE-2024-0582, CVE-2024-0639, CVE-2024-0641, CVE-2024-0775, CVE-2024-1085 and CVE-2024-22705
openssl: Fix CVE-2024-0727
python3-pycryptodome: Fix CVE-2023-52323
qemu: Fix CVE-2023-6693, CVE-2023-42467 and CVE-2024-24474
vim: Fix CVE-2024-22667
xwayland: Fix CVE-2023-6377 and CVE-2023-6478
Fixes in Yocto-4.0.17
bind: Upgrade to 9.18.24
bitbake: bitbake/codeparser.py: address ast module deprecations in py 3.12
bitbake: bitbake/lib/bs4/tests/test_tree.py: python 3.12 regex
bitbake: codeparser: replace deprecated ast.Str and ‘s’
bitbake: fetch2: Ensure that git LFS objects are available
bitbake: tests/fetch: Add real git lfs tests and decorator
bitbake: tests/fetch: git-lfs restore _find_git_lfs
bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer
build-appliance-image: Update to kirkstone head revision
cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES
contributor-guide: fix lore URL
curl: don’t enable debug builds
cve_check: cleanup logging
dbus: Add missing CVE_PRODUCT
dev-manual: sbom: Rephrase spdx creation
dev-manual: runtime-testing: gen-tapdevs need iptables installed
dev-manual: packages: clarify shared PR service constraint
dev-manual: packages: need enough free space
dev-manual: start: remove idle line
feature-microblaze-versions.inc: python 3.12 regex
ghostscript: correct LICENSE with AGPLv3
image-live.bbclass: LIVE_ROOTFS_TYPE support compression
kernel.bbclass: Set pkg-config variables for building modules
kernel.bbclass: introduce KERNEL_LOCALVERSION
kernel: fix localversion in v6.3+
kernel: make LOCALVERSION consistent between recipes
ldconfig-native: Fix to point correctly on the DT_NEEDED entries in an ELF file
librsvg: Fix do_package_qa error for librsvg
linux-firmware: upgrade to 20231211
linux-yocto/5.10: update to v5.10.210
linux-yocto/5.15: update to v5.15.150
manuals: add minimum RAM requirements
manuals: suppress excess use of “following” word
manuals: update disk space requirements
manuals: update references to buildtools
manuals: updates for building on Windows (WSL 2)
meta/lib/oeqa: python 3.12 regex
meta/recipes: python 3.12 regex
migration-guide: add release notes for 4.0.16
oeqa/selftest/oelib/buildhistory: git default branch
oeqa/selftest/recipetool: downgrade meson version to not use pyproject.toml
oeqa/selftest/recipetool: expect meson.bb
oeqa/selftest/recipetool: fix for python 3.12
oeqa/selftest/runtime_test: only run the virgl tests on qemux86-64
oeqa: replace deprecated assertEquals
openssl: Upgrade to 3.0.13
poky.conf: bump version for 4.0.17
populate_sdk_ext: use ConfigParser instead of SafeConfigParser
python3-jinja2: upgrade to 3.1.3
recipetool/create_buildsys_python: use importlib instead of imp
ref-manual: system-requirements: recommend buildtools for not supported distros
ref-manual: system-requirements: add info on buildtools-make-tarball
ref-manual: release-process: grammar fix
ref-manual: system-requirements: fix AlmaLinux variable name
ref-manual: system-requirements: modify anchor
ref-manual: system-requirements: remove outdated note
ref-manual: system-requirements: simplify supported distro requirements
ref-manual: system-requirements: update packages to build docs
scripts/runqemu: add qmp socket support
scripts/runqemu: direct mesa to use its own drivers, rather than ones provided by host distro
scripts/runqemu: fix regex escape sequences
scripts: python 3.12 regex
selftest: skip virgl gtk/sdl test on ubuntu 18.04
systemd: Only add myhostname to nsswitch.conf if in PACKAGECONFIG
tzdata : Upgrade to 2024a
u-boot: Move UBOOT_INITIAL_ENV back to u-boot.inc
useradd-example: do not use unsupported clear text password
vim: upgrade to v9.0.2190
yocto-bsp: update to v5.15.150
Known Issues in Yocto-4.0.17
N/A
Contributors to Yocto-4.0.17
Adrian Freihofer
Alassane Yattara
Alexander Kanavin
Alexander Sverdlin
Archana Polampalli
Baruch Siach
Bruce Ashfield
Chen Qi
Chris Laplante
Deepthi Hemraj
Dhairya Nagodra
Fabien Mahot
Fabio Estevam
Hitendra Prajapati
Hugo SIMELIERE
Jermain Horsman
Kai Kang
Lee Chee Yang
Ludovic Jozeau
Michael Opdenacker
Ming Liu
Munehisa Kamata
Narpat Mali
Nikhil R
Paul Eggleton
Paulo Neves
Peter Marko
Philip Lorenz
Poonam Jadhav
Priyal Doshi
Ross Burton
Simone Weiß
Soumya Sambu
Steve Sakoman
Tim Orling
Trevor Gamblin
Vijay Anusuri
Vivek Kumbhar
Wang Mingyu
Zahir Hussain
Repositories / Downloads for Yocto-4.0.17
poky
Repository Location: https://git.yoctoproject.org/poky
Branch: kirkstone
Tag: yocto-4.0.17
Git Revision: 6d1a878bbf24c66f7186b270f823fcdf82e35383
Release Artefact: poky-6d1a878bbf24c66f7186b270f823fcdf82e35383
sha: 3bc3010340b674f7b0dd0a7997f0167b2240b794fbd4aa28c0c4217bddd15e30
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/poky-6d1a878bbf24c66f7186b270f823fcdf82e35383.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/poky-6d1a878bbf24c66f7186b270f823fcdf82e35383.tar.bz2
openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: kirkstone
Tag: yocto-4.0.17
Git Revision: 2501534c9581c6c3439f525d630be11554a57d24
Release Artefact: oecore-2501534c9581c6c3439f525d630be11554a57d24
sha: 52cc6cce9e920bdce078584b89136e81cc01e0c55616fab5fca6c3e04264c88e
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/oecore-2501534c9581c6c3439f525d630be11554a57d24.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/oecore-2501534c9581c6c3439f525d630be11554a57d24.tar.bz2
meta-mingw
Repository Location: https://git.yoctoproject.org/meta-mingw
Branch: kirkstone
Tag: yocto-4.0.17
Git Revision: f6b38ce3c90e1600d41c2ebb41e152936a0357d7
Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7
sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2
meta-gplv2
Repository Location: https://git.yoctoproject.org/meta-gplv2
Branch: kirkstone
Tag: yocto-4.0.17
Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
meta-clang
Repository Location: https://git.yoctoproject.org/meta-clang
Branch: kirkstone
Tag: yocto-4.0.17
Git Revision: eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52
Release Artefact: meta-clang-eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52
sha: 3299e96e069a22c0971e903fbc191f2427efffc83d910ac51bf0237caad01d17
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/meta-clang-eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/meta-clang-eebe4ff2e539f3ffb01c5060cc4ca8b226ea8b52.tar.bz2
bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: 2.0
Tag: yocto-4.0.17
Git Revision: 40fd5f4eef7460ca67f32cfce8e229e67e1ff607
Release Artefact: bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607
sha: 5d20a0e4c5d0fce44bd84778168714a261a30a4b83f67c88df3b8a7e7115e444
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.17/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.17/bitbake-40fd5f4eef7460ca67f32cfce8e229e67e1ff607.tar.bz2
yocto-docs
Repository Location: https://git.yoctoproject.org/yocto-docs
Branch: kirkstone
Tag: yocto-4.0.17
Git Revision: 08ce7db2aa3a38deb8f5aa59bafc78542986babb