Release notes for Yocto-4.3.4 (Nanbield)
Security Fixes in Yocto-4.3.4
bind: Fix CVE-2023-4408, CVE-2023-5517, CVE-2023-5679 and CVE-2023-50387
gcc: Update CVE_STATUS for CVE-2023-4039 as fixed
glibc: Fix CVE-2023-6246, CVE-2023-6779 and CVE-2023-6780
gnutls: Fix CVE-2024-0553 and CVE-2024-0567
gstreamer: Fix CVE-2024-0444
libssh2: fix CVE-2023-48795
libxml2: Fix CVE-2024-25062
linux-yocto/6.1: Fix CVE-2023-6610, CVE-2023-6915, CVE-2023-46838, CVE-2023-50431, CVE-2024-1085, CVE-2024-1086 and CVE-2024-23849
linux-yocto/6.1: Ignore CVE-2021-33630, CVE-2021-33631, CVE-2022-36402, CVE-2023-5717, CVE-2023-6200, CVE-2023-35827, CVE-2023-40791, CVE-2023-46343, CVE-2023-46813, CVE-2023-46862, CVE-2023-51042, CVE-2023-51043, CVE-2023-52340, CVE-2024-0562, CVE-2024-0565, CVE-2024-0582, CVE-2024-0584, CVE-2024-0607, CVE-2024-0639, CVE-2024-0641, CVE-2024-0646, CVE-2024-0775 and CVE-2024-22705
openssl: fix CVE-2024-0727
python3-jinja2: Fix CVE-2024-22195
tiff: Fix CVE-2023-6228, CVE-2023-52355 and CVE-2023-52356
vim: Fix CVE-2024-22667
wpa-supplicant: Fix CVE-2023-52160
xserver-xorg: Fix CVE-2023-6377, CVE-2023-6478, CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885 and CVE-2024-21886
xwayland: Fix CVE-2023-6816, CVE-2024-0408 and CVE-2024-0409
zlib: Ignore CVE-2023-6992
Fixes in Yocto-4.3.4
allarch: Fix allarch corner case
at-spi2-core: Upgrade to 2.50.1
bind: Upgrade to 9.18.24
build-appliance-image: Update to nanbield head revision
contributor-guide: add notes for tests
contributor-guide: be more specific about meta-* trees
core-image-ptest: Increase disk size to 1.5G for strace ptest image
cpio: Upgrade to 2.15
curl: improve run-ptest
curl: increase test timeouts
cve-check: Log if CVE_STATUS set but not reported for component
cve-update-nvd2-native: Add an age threshold for incremental update
cve-update-nvd2-native: Fix CVE configuration update
cve-update-nvd2-native: Fix typo in comment
cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition
cve-update-nvd2-native: Remove rejected CVE from database
cve-update-nvd2-native: nvd_request_next: Improve comment
cve_check: cleanup logging
cve_check: handle CVE_STATUS being set to the empty string
dev-manual: Rephrase spdx creation
dev-manual: improve descriptions of ‘bitbake -S printdiff’
dev-manual: packages: clarify shared PR service constraint
dev-manual: packages: fix capitalization
dev-manual: packages: need enough free space
docs: add initial stylechecks with Vale
docs: correct sdk installation default path
docs: document VIRTUAL-RUNTIME variables
docs: suppress excess use of “following” word
docs: use “manual page(s)”
docs: Makefile: remove releases.rst in “make clean”
externalsrc: fix task dependency for do_populate_lic
glibc: Remove duplicate CVE_STATUS for CVE-2023-4527
glibc: stable 2.38 branch updates (2.38+gitd37c2b20a4)
gnutls: Upgrade to 3.8.3
gstreamer1.0: skip a test that is known to be flaky
gstreamer: Upgrade to 1.22.9
gtk: Set CVE_PRODUCT
kernel.bbclass: Set pkg-config variables for building modules
libxml2: Upgrade to 2.11.7
linux-firmware: Upgrade to 20240220
linux-yocto/6.1: update to v6.1.78
mdadm: Disable ptests
migration-guides: add release notes for 4.3.3
migration-guides: add release notes for 4.0.17
migration-guides: fix release notes for 4.3.3 linux-yocto/6.1 CVE entries
multilib_global.bbclass: fix parsing error with no kernel module split
openssl: fix crash on aarch64 if BTI is enabled but no Crypto instructions
openssl: Upgrade to 3.1.5
overlayfs: add missing closing parenthesis in selftest
poky.conf: bump version for 4.3.4 release
profile-manual: usage.rst: fix reference to bug report
profile-manual: usage.rst: formatting fixes
profile-manual: usage.rst: further style improvements
pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept
python3-jinja2: Upgrade to 3.1.3
ref-manual: release-process: grammar fix
ref-manual: system-requirements: update packages to build docs
ref-manual: tasks: do_cleanall: recommend using ‘-f’ instead
ref-manual: tasks: do_cleansstate: recommend using ‘-f’ instead for a shared sstate
ref-manual: variables: adding multiple groups in GROUPADD_PARAM
ref-manual: variables: add documentation of the variable SPDX_NAMESPACE_PREFIX
reproducible: Fix race with externalsrc/devtool over lockfile
sdk-manual: extensible: correctly describe separate build-sysroots tasks in direct sdk workflows
tzdata : Upgrade to 2024a
udev-extraconf: fix unmount directories containing octal-escaped chars
vim: Upgrade to v9.0.2190
wireless-regdb: Upgrade to 2024.01.23
xserver-xorg: Upgrade to 21.1.11
xwayland: Upgrade to 23.2.4
yocto-uninative: Update to 4.4 for glibc 2.39
Known Issues in Yocto-4.3.4
N/A
Contributors to Yocto-4.3.4
Alex Kiernan
Alexander Kanavin
Alexander Sverdlin
Baruch Siach
BELOUARGA Mohamed
Benjamin Bara
Bruce Ashfield
Chen Qi
Claus Stovgaard
Dhairya Nagodra
Geoff Parker
Johan Bezem
Jonathan GUILLOT
Julien Stephan
Kai Kang
Khem Raj
Lee Chee Yang
Luca Ceresoli
Martin Jansa
Michael Halstead
Michael Opdenacker
Munehisa Kamata
Pavel Zhukov
Peter Marko
Priyal Doshi
Richard Purdie
Robert Joslyn
Ross Burton
Simone Weiß
Soumya Sambu
Steve Sakoman
Tim Orling
Wang Mingyu
Yoann Congal
Yogita Urade
Repositories / Downloads for Yocto-4.3.4
poky
Repository Location: https://git.yoctoproject.org/poky
Branch: nanbield
Tag: yocto-4.3.4
Git Revision: 7b8aa378d069ee31373f22caba3bd7fc7863f447
Release Artefact: poky-7b8aa378d069ee31373f22caba3bd7fc7863f447
sha: 0cb14125f215cc9691cff43982e2c540a5b6018df4ed25c10933135b5bf21d0f
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/poky-7b8aa378d069ee31373f22caba3bd7fc7863f447.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/poky-7b8aa378d069ee31373f22caba3bd7fc7863f447.tar.bz2
openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: nanbield
Tag: yocto-4.3.4
Git Revision: d0e68072d138ccc1fb5957fdc46a91871eb6a3e1
Release Artefact: oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1
sha: d311fe22ff296c466f9bea1cd26343baee5630bc37f3dda42f2d9d8cc99e3add
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1.tar.bz2
meta-mingw
Repository Location: https://git.yoctoproject.org/meta-mingw
Branch: nanbield
Tag: yocto-4.3.4
Git Revision: 49617a253e09baabbf0355bc736122e9549c8ab2
Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2
sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2
bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: 2.6
Tag: yocto-4.3.4
Git Revision: 380a9ac97de5774378ded5e37d40b79b96761a0c
Release Artefact: bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c
sha: 78f579b9d29e72d09b6fb10ac62aa925104335e92d2afb3155bc9ab1994e36c1
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2
yocto-docs
Repository Location: https://git.yoctoproject.org/yocto-docs
Branch: nanbield
Tag: yocto-4.3.4
Git Revision: 05d08b0bbaef760157c8d35a78d7405bc5ffce55