Release notes for Yocto-4.0.12 (Kirkstone)
Security Fixes in Yocto-4.0.12
bind: Fix CVE-2023-2828 and CVE-2023-2911
cups: Fix CVE-2023-34241
curl: Added CVE-2023-28320 Follow-up patch
dbus: Fix CVE-2023-34969
dmidecode: fix CVE-2023-30630
ghostscript: fix CVE-2023-36664
go: fix CVE-2023-24531, CVE-2023-24536, CVE-2023-29400, CVE-2023-29402, CVE-2023-29404, CVE-2023-29405 and CVE-2023-29406
libarchive: Ignore CVE-2023-30571
libcap: Fix CVE-2023-2602 and CVE-2023-2603
libjpeg-turbo: Fix CVE-2023-2804
libpcre2: Fix CVE-2022-41409
libtiff: fix CVE-2023-26965
libwebp: Fix CVE-2023-1999
libx11: Fix CVE-2023-3138
libxpm: Fix CVE-2022-44617
ninja: Ignore CVE-2021-4336
openssh: Fix CVE-2023-38408
openssl: Fix CVE-2023-2975, CVE-2023-3446 and CVE-2023-3817
perl: Fix CVE-2023-31486
python3: Ignore CVE-2023-36632
qemu: Fix CVE-2023-0330, CVE-2023-2861, CVE-2023-3255 and CVE-2023-3301
sqlite3: Fix CVE-2023-36191
tiff: Fix CVE-2023-0795, CVE-2023-0796, CVE-2023-0797, CVE-2023-0798, CVE-2023-0799, CVE-2023-25433, CVE-2023-25434 and CVE-2023-25435
vim: CVE-2023-2609 and CVE-2023-2610
Fixes in Yocto-4.0.12
babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature
babeltrace2: upgrade to 2.0.5
bitbake.conf: add unzstd in HOSTTOOLS
bitbake: bitbake-layers: initialize tinfoil before registering command line arguments
bitbake: runqueue: Fix deferred task/multiconfig race issue
blktrace: ask for python3 specifically
build-appliance-image: Update to kirkstone head revision
cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK
connman: fix warning by specifying runstatedir at configure time
cpio: Replace fix wrong CRC with ASCII CRC for large files with upstream backport
cve-update-nvd2-native: actually use API keys
cve-update-nvd2-native: always pass str for json.loads()
cve-update-nvd2-native: fix cvssV3 metrics
cve-update-nvd2-native: handle all configuration nodes, not just first
cve-update-nvd2-native: increase retry count
cve-update-nvd2-native: log a little more
cve-update-nvd2-native: retry all errors and sleep between retries
cve-update-nvd2-native: use exact times, don’t truncate
dbus: upgrade to 1.14.8
devtool: Fix the wrong variable in srcuri_entry
diffutils: upgrade to 3.10
docs: ref-manual: terms: fix typos in SPDX term
fribidi: upgrade to 1.0.13
gcc: upgrade to v11.4
gcc-testsuite: Fix ppc cpu specification
gcc: don’t pass –enable-standard-branch-protection
gcc: fix runpath errors in cc1 binary
grub: submit determinism.patch upstream
image_types: Fix reproducible builds for initramfs and UKI img
kernel: add missing path to search for debug files
kmod: remove unused ptest.patch
layer.conf: Add missing dependency exclusion
libassuan: upgrade to 2.5.6
libksba: upgrade to 1.6.4
libpng: Add ptest for libpng
libxcrypt: fix build with perl-5.38 and use master branch
libxcrypt: fix hard-coded “.so” extension
libxpm: upgrade to 3.5.16
linux-firmware: upgrade to 20230515
linux-yocto/5.10: cfg: fix DECNET configuration warning
linux-yocto/5.10: update to v5.10.185
linux-yocto/5.15: cfg: fix DECNET configuration warning
linux-yocto/5.15: update to v5.15.120
logrotate: Do not create logrotate.status file
lttng-ust: upgrade to 2.13.6
machine/arch-arm64: add -mbranch-protection=standard
maintainers.inc: correct Carlos Rafael Giani’s email address
maintainers.inc: correct unassigned entries
maintainers.inc: unassign Adrian Bunk from wireless-regdb
maintainers.inc: unassign Alistair Francis from opensbi
maintainers.inc: unassign Andreas Müller from itstool entry
maintainers.inc: unassign Pascal Bach from cmake entry
maintainers.inc: unassign Ricardo Neri from ovmf
maintainers.inc: unassign Richard Weinberger from erofs-utils entry
mdadm: fix 07revert-inplace ptest
mdadm: fix segfaults when running ptests
mdadm: fix util-linux ptest dependency
mdadm: skip running known broken ptests
meson.bbclass: Point to llvm-config from native sysroot
meta: lib: oe: npm_registry: Add more safe caracters
migration-guides: add release notes for 4.0.11
minicom: remove unused patch files
mobile-broadband-provider-info: upgrade to 20230416
oe-depends-dot: Handle new format for task-depends.dot
oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case
oeqa/selftest/bbtests: add non-existent prefile/postfile tests
oeqa/selftest/devtool: add unit test for “devtool add -b”
openssl: Upgrade to 3.0.10
openssl: add PERLEXTERNAL path to test its existence
openssl: use a glob on the PERLEXTERNAL to track updates on the path
package.bbclass: moving field data process before variable process in process_pkgconfig
pm-utils: fix multilib conflictions
poky.conf: bump version for 4.0.12
psmisc: Set ALTERNATIVE for pstree to resolve conflict with busybox
pybootchartgui: show elapsed time for each task
python3: fix missing comma in get_module_deps3.py
python3: upgrade to 3.10.12
recipetool: Fix inherit in created -native* recipes
ref-manual: add LTS and Mixin terms
ref-manual: document image-specific variant of INCOMPATIBLE_LICENSE
ref-manual: release-process: update for LTS releases
rust-llvm: backport a fix for build with gcc-13
scripts/runqemu: allocate unfsd ports in a way that doesn’t race or clash with unrelated processes
scripts/runqemu: split lock dir creation into a reusable function
sdk.py: error out when moving file fails
sdk.py: fix moving dnf contents
selftest reproducible.py: support different build targets
selftest/license: Exclude from world
selftest/reproducible: Allow chose the package manager
serf: upgrade to 1.3.10
strace: Disable failing test
strace: Merge two similar patches
strace: Update patches/tests with upstream fixes
sysfsutils: fetch a supported fork from github
systemd-systemctl: fix errors in instance name expansion
systemd: Backport nspawn: make sure host root can write to the uidmapped mounts we prepare for the container payload
tzdata: upgrade to 2023c
uboot-extlinux-config.bbclass: fix old override syntax in comment
unzip: fix configure check for cross compilation
useradd-staticids.bbclass: improve error message
util-linux: add alternative links for ipcs,ipcrm
v86d: Improve kernel dependency
vim: upgrade to 9.0.1592
wget: upgrade to 1.21.4
wic: Add dependencies for erofs-utils
wireless-regdb: upgrade to 2023.05.03
xdpyinfo: upgrade to 1.3.4
zip: fix configure check by using _Static_assert
Known Issues in Yocto-4.0.12
N/A
Contributors to Yocto-4.0.12
Alberto Planas
Alexander Kanavin
Alexander Sverdlin
Andrej Valek
Archana Polampalli
BELOUARGA Mohamed
Benjamin Bouvier
Bruce Ashfield
Charlie Wu
Chen Qi
Etienne Cordonnier
Fabien Mahot
Frieder Paape
Frieder Schrempf
Heiko Thole
Hitendra Prajapati
Jermain Horsman
Jose Quaresma
Kai Kang
Khem Raj
Lee Chee Yang
Marc Ferland
Marek Vasut
Martin Jansa
Mauro Queiros
Michael Opdenacker
Mikko Rapeli
Nikhil R
Ovidiu Panait
Peter Marko
Poonam Jadhav
Quentin Schulz
Richard Purdie
Ross Burton
Rusty Howell
Sakib Sajal
Soumya Sambu
Steve Sakoman
Sundeep KOKKONDA
Tim Orling
Tom Hochstein
Trevor Gamblin
Vijay Anusuri
Vivek Kumbhar
Wang Mingyu
Xiangyu Chen
Yoann Congal
Yogita Urade
Yuta Hayama
Repositories / Downloads for Yocto-4.0.12
poky
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/poky
Branch: kirkstone
Tag: yocto-4.0.12
Git Revision: d6b8790370500b99ca11f0d8a05c39b661ab2ba6
Release Artefact: poky-d6b8790370500b99ca11f0d8a05c39b661ab2ba6
sha: 35f0390e0c5a12f403ed471c0b1254c13cbb9d7c7b46e5a3538e63e36c1ac280
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/poky-d6b8790370500b99ca11f0d8a05c39b661ab2ba6.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/poky-d6b8790370500b99ca11f0d8a05c39b661ab2ba6.tar.bz2
openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: kirkstone
Tag: yocto-4.0.12
Git Revision: e1a604db8d2cf8782038b4016cc2e2052467333b
Release Artefact: oecore-e1a604db8d2cf8782038b4016cc2e2052467333b
sha: 8b302eb3f3ffe5643f88bc6e4ae8f9a5cda63544d67e04637ecc4197e9750a1d
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/oecore-e1a604db8d2cf8782038b4016cc2e2052467333b.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/oecore-e1a604db8d2cf8782038b4016cc2e2052467333b.tar.bz2
meta-mingw
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/meta-mingw
Branch: kirkstone
Tag: yocto-4.0.12
Git Revision: a90614a6498c3345704e9611f2842eb933dc51c1
Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1
sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
meta-gplv2
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2
Branch: kirkstone
Tag: yocto-4.0.12
Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: 2.0
Tag: yocto-4.0.12
Git Revision: 41b6684489d0261753344956042be2cc4adb0159
Release Artefact: bitbake-41b6684489d0261753344956042be2cc4adb0159
sha: efa2b1c4d0be115ed3960750d1e4ed958771b2db6d7baee2d13ad386589376e8
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.12/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.12/bitbake-41b6684489d0261753344956042be2cc4adb0159.tar.bz2
yocto-docs
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs
Branch: kirkstone
Tag: yocto-4.0.12
Git Revision: 4dfef81ac6164764c6541e39a9fef81d49227096