Release notes for Yocto-5.0.2 (Scarthgap)

Security Fixes in Yocto-5.0.2

Fixes in Yocto-5.0.2

  • appstream: Upgrade to 1.0.3

  • apr: submit 0001-Add-option-to-disable-timed-dependant-tests.patch upstream

  • base-files: profile: fix error sh: 1: unknown operand

  • bash: Fix file-substitution error-handling bug

  • bash: mark build-tests.patch as Inappropriate

  • binutils: Fix aarch64 disassembly abort

  • bitbake: bb: Use namedtuple for Task data

  • bitbake: cooker: Handle ImportError for websockets

  • bitbake: fetch2/gcp: Add missing runfetchcmd import

  • bitbake: fetch2/wget: Canonicalize DL_DIR paths for wget2 compatibility

  • bitbake: fetch2/wget: Fix failure path for files that are empty or don’t exist

  • bitbake: hashserv: client: Add batch stream API

  • bitbake: parse: Improve/fix cache invalidation via mtime

  • bitbake: runqueue: Add timing warnings around slow loops

  • bitbake: runqueue: Allow rehash loop to exit in case of interrupts

  • bitbake: runqueue: Improve rehash get_unihash parallelism

  • bitbake: runqueue: Process unihashes in parallel at init

  • bitbake: siggen/runqueue: Report which dependencies affect the taskhash

  • bitbake: siggen: Enable batching of unihash queries

  • bitbake: tests/fetch: Tweak test to match upstream repo url change

  • bitbake: tests/fetch: Tweak to work on Fedora40

  • build-appliance-image: Update to scarthgap head revision

  • busybox: update CVE-2022-28391 patches upstream status

  • cdrtools-native: Fix build with GCC 14

  • classes: image_types: apply EXTRA_IMAGECMD:squashfs* in oe_mksquashfs()

  • classes: image_types: quote variable assignment needed by dash

  • consolekit: Disable incompatible-pointer-types warning as error

  • cracklib: Modify patch to compile with GCC 14

  • cronie: Upgrade to 1.7.2

  • cups: Upgrade to 2.4.9

  • db: ignore implicit-int and implicit-function-declaration issues fatal with gcc-14

  • devtool: modify: Catch git submodule error for go code

  • devtool: standard: update-recipe/finish: fix update localfile in another layer

  • devtool: sync: Fix Execution error

  • expect: ignore various issues now fatal with gcc-14

  • expect: mark patches as Inactive-Upstream

  • gawk: fix readline detection

  • gcc : Upgrade to v13.3

  • gcc-runtime: libgomp fix for gcc 14 warnings with mandb selftest

  • gdk-pixbuf: Upgrade to 2.42.12

  • git: set –with-gitconfig=/etc/gitconfig for -native builds

  • git: Upgrade to 2.44.1

  • glib-2.0: Upgrade to 2.78.6

  • glibc: Update to latest on stable 2.39 branch (273a835fe7…)

  • glibc: correct LICENSE to “GPL-2.0-only & LGPL-2.1-or-later”

  • go: Drop the linkmode completely

  • goarch: Revert “disable dynamic linking globally”

  • gstreamer1.0-plugins-good: Include qttools-native during the build with qt5 PACKAGECONFIG

  • gtk4: Disable int-conversion warning as error

  • icu: add upstream submission links for fix-install-manx.patch

  • ipk: Fix clean up of extracted IPK payload

  • iproute2: Fix build with GCC-14

  • iproute2: drop obsolete patch

  • iputils: splitting the ping6 as a package

  • kea: Remove -fvisibility-inlines-hidden from C++ flags

  • kea: remove unnecessary reproducibility patch

  • kernel.bbclass: check, if directory exists before removing empty module directory

  • kexec-tools: Fix build with GCC-14 on musl

  • lib/oe/package-manager: allow including self in create_packages_dir

  • lib/package_manager/ipk: Do not hardcode payload compression algorithm

  • libarchive: Upgrade to 3.7.4

  • libcgroup: fix build on non-systemd systems

  • libgloss: Do not apply non-existent patch

  • libinput: fix building with debug-gui option

  • libtraceevent: submit meson.patch upstream

  • libunwind: ignore various issues now fatal with gcc-14

  • libusb1: Set CVE_PRODUCT

  • llvm: Switch to using release tarballs

  • llvm: Upgrade to 18.1.5

  • lrzsz connman-gnome libfm: ignore various issues fatal with gcc-14

  • ltp: Fix build with GCC-14

  • ltp: add iputils-ping6 to RDEPENDS

  • lttng-ust: Upgrade to 2.13.8

  • mesa: Upgrade to 24.0.5

  • oeqa/postactions: Do not use -l option with df

  • oeqa/sdk/assimp: Upgrade and fix for gcc 14

  • oeqa/sdkext/devtool: replace use of librdfa

  • oeqa/selftest/debuginfod: use localpkgfeed to speed server startup

  • oeqa/selftest/devtool: Revert fix test_devtool_add_git_style2”

  • oeqa/selftest/devtool: add test for modifying recipes using go.bbclass

  • oeqa/selftest/devtool: add test for updating local files into another layer

  • oeqa/selftest/devtool: fix _test_devtool_add_git_url

  • oeqa: selftest: context: run tests serially if testtools/subunit modules are not found

  • openssl: Upgrade to 3.2.2

  • p11-kit: ignore various issues fatal with gcc-14 (for 32bit MACHINEs)

  • patchtest: test_metadata: fix invalid escape sequences

  • poky.conf: bump version for 5.0.2

  • ppp: Add RSA-MD in LICENSE

  • procps: fix build with new glibc but old kernel headers

  • ptest-runner: Bump to 2.4.4 (95f528c)

  • recipetool: Handle several go-import tags in go resolver

  • recipetool: Handle unclean response in go resolver

  • run-postinsts.service: Removed –no-reload to fix reload warning when users execute systemctl in the first boot.

  • selftest/classes: add localpkgfeed class

  • serf: mark patch as inappropriate for upstream submission

  • taglib: Upgrade to 2.0.1

  • ttyrun: define CVE_PRODUCT

  • uboot-sign: fix loop in do_uboot_assemble_fitimage

  • update-rc.d: add +git to PV

  • webkitgtk: Upgrade to 2.44.1

  • xinput-calibrator: mark upstream as inactive in a patch

  • xserver-xorg: Upgrade to 21.1.12

  • yocto-uninative: Update to 4.5 for gcc 14

  • zip: Fix build with gcc-14

Known Issues in Yocto-5.0.2

  • N/A

Contributors to Yocto-5.0.2

  • Adriaan Schmidt

  • Alexander Kanavin

  • Alexandre Truong

  • Anton Almqvist

  • Archana Polampalli

  • Changqing Li

  • Deepthi Hemraj

  • Felix Nilsson

  • Heiko Thole

  • Jose Quaresma

  • Joshua Watt

  • Julien Stephan

  • Kai Kang

  • Khem Raj

  • Lei Maohui

  • Marc Ferland

  • Marek Vasut

  • Mark Hatle

  • Martin Hundebøll

  • Martin Jansa

  • Maxin B. John

  • Michael Halstead

  • Mingli Yu

  • Ola x Nilsson

  • Peter Marko

  • Philip Lorenz

  • Poonam Jadhav

  • Ralph Siemsen

  • Rasmus Villemoes

  • Ricardo Simoes

  • Richard Purdie

  • Robert Joslyn

  • Ross Burton

  • Rudolf J Streif

  • Siddharth Doshi

  • Soumya Sambu

  • Steve Sakoman

  • Sven Schwermer

  • Trevor Gamblin

  • Vincent Kriek

  • Wang Mingyu

  • Xiangyu Chen

  • Yogita Urade

  • Zev Weiss

  • Zoltan Boszormenyi

Repositories / Downloads for Yocto-5.0.2

poky

openembedded-core

meta-mingw

bitbake

yocto-docs