Release notes for Yocto-4.0.21 (Kirkstone)
Security Fixes in Yocto-4.0.21
bind: Fix CVE-2024-4076, CVE-2024-1737, CVE-2024-0760 and CVE-2024-1975
apr: Fix CVE-2023-49582
busybox: Fix CVE-2023-42363, CVE-2023-42364, CVE-2023-42365, CVE-2023-42366 and CVE-2021-42380
curl: Ignore CVE-2024-32928
curl: Fix CVE-2024-7264
ghostscript: Fix CVE-2024-29506, CVE-2024-29509 and CVE-2024-29511
go: Fix CVE-2024-24789 and CVE-2024-24791
gtk+3: Fix CVE-2024-6655
libarchive: Ignore CVE-2024-37407
libyaml: Ignore CVE-2024-35325, CVE-2024-35326 and CVE-2024-35328
linux-yocto/5.15: Fix CVE-2022-48772, CVE-2024-35972, CVE-2024-35984, CVE-2024-35990, CVE-2024-35997, CVE-2024-36008, CVE-2024-36270, CVE-2024-36489, CVE-2024-36897, CVE-2024-36938, CVE-2024-36965, CVE-2024-36967, CVE-2024-36969, CVE-2024-36971, CVE-2024-36978, CVE-2024-38546, CVE-2024-38547, CVE-2024-38549, CVE-2024-38552, CVE-2024-38555, CVE-2024-38571, CVE-2024-38583, CVE-2024-38591, CVE-2024-38597, CVE-2024-38598, CVE-2024-38600, CVE-2024-38627, CVE-2024-38633, CVE-2024-38661, CVE-2024-38662, CVE-2024-38780, CVE-2024-39277, CVE-2024-39292, CVE-2024-39301, CVE-2024-39466, CVE-2024-39468, CVE-2024-39471, CVE-2024-39475, CVE-2024-39476, CVE-2024-39480, CVE-2024-39482, CVE-2024-39484, CVE-2024-39487, CVE-2024-39489, CVE-2024-39493, CVE-2024-39495, CVE-2024-39506, CVE-2024-40902, CVE-2024-40911, CVE-2024-40912, CVE-2024-40932, CVE-2024-40934, CVE-2024-40954, CVE-2024-40956, CVE-2024-40957, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40967, CVE-2024-40970, CVE-2024-40980, CVE-2024-40981, CVE-2024-40994, CVE-2024-40995, CVE-2024-41000, CVE-2024-41002, CVE-2024-41006, CVE-2024-41007, CVE-2024-41046, CVE-2024-41049, CVE-2024-41055, CVE-2024-41064, CVE-2024-41070, CVE-2024-41073, CVE-2024-41087, CVE-2024-41089, CVE-2024-41092, CVE-2024-41093, CVE-2024-41095, CVE-2024-41097, CVE-2024-42068, CVE-2024-42070, CVE-2024-42076, CVE-2024-42077, CVE-2024-42080, CVE-2024-42082, CVE-2024-42085, CVE-2024-42090, CVE-2024-42093, CVE-2024-42094, CVE-2024-42101, CVE-2024-42102, CVE-2024-42104, CVE-2024-42109, CVE-2024-42140, CVE-2024-42148, CVE-2024-42152, CVE-2024-42153, CVE-2024-42154, CVE-2024-42157, CVE-2024-42161, CVE-2024-42223, CVE-2024-42224, CVE-2024-42225, CVE-2024-42229, CVE-2024-42232, CVE-2024-42236, CVE-2024-42244 and CVE-2024-42247
llvm: Fix CVE-2023-46049 and CVE-2024-31852
ofono: fix CVE-2023-2794
orc: Fix CVE-2024-40897
python3-certifi: Fix CVE-2024-39689
python3-jinja2: Fix CVE-2024-34064
python3: Fix CVE-2024-8088
qemu: Fix CVE-2024-7409
ruby: Fix for CVE-2024-27282
tiff: Fix CVE-2024-7006
vim: Fix CVE-2024-22667, CVE-2024-41957, CVE-2024-41965 and CVE-2024-43374
wpa-supplicant: Fix CVE-2023-52160
Fixes in Yocto-4.0.21
apr: upgrade to 1.7.5
bind: Upgrade to 9.18.28
bitbake: data_smart: Improve performance for VariableHistory
build-appliance-image: Update to kirkstone head revision
cryptodev-module: Fix build for linux 5.10.220
gcc-runtime: remove bashism
grub: fs/fat: Don’t error when mtime is 0
image_types.bbclass: Use –force also with lz4,lzop
libsoup: fix compile error on centos7
linux-yocto/5.15: upgrade to v5.15.164
lttng-modules: Upgrade to 2.13.14
migration-guide: add release notes for 4.0.20
orc: upgrade to 0.4.39
poky.conf: bump version for 4.0.21
python3-jinja2: upgrade to 3.1.4
python3-pycryptodome(x): use python_setuptools_build_meta build class
python3: add PACKAGECONFIG[editline]
ref-manual: fix typo and move SYSROOT_DIRS example
sqlite3: CVE_ID correction for CVE-2023-7104 as patched
sqlite3: Rename patch for CVE-2022-35737
uboot-sign: Fix index error in concat_dtb_helper() with multiple configs
vim: upgrade to 9.1.0682
wireless-regdb: upgrade to 2024.07.04
Known Issues in Yocto-4.0.21
N/A
Contributors to Yocto-4.0.21
Archana Polampalli
Ashish Sharma
Bruce Ashfield
Deepthi Hemraj
Divya Chellam
Florian Amstutz
Guocai He
Hitendra Prajapati
Hugo SIMELIERE
Lee Chee Yang
Leon Anavi
Matthias Pritschet
Ming Liu
Niko Mauno
Peter Marko
Robert Yang
Rohini Sangam
Ross Burton
Siddharth Doshi
Soumya Sambu
Steve Sakoman
Vijay Anusuri
Vrushti Dabhi
Wang Mingyu
Yogita Urade
Repositories / Downloads for Yocto-4.0.21
poky
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/poky
Branch: kirkstone
Tag: yocto-4.0.21
Git Revision: 4cdc553814640851cce85f84ee9c0b58646cd33b
Release Artefact: poky-4cdc553814640851cce85f84ee9c0b58646cd33b
sha: 460e3a4ede491a9b66c5d262cd9498d5bcca1f2d880885342b08dc32b967f33d
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.21/poky-4cdc553814640851cce85f84ee9c0b58646cd33b.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.21/poky-4cdc553814640851cce85f84ee9c0b58646cd33b.tar.bz2
openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: kirkstone
Tag: yocto-4.0.21
Git Revision: c40a3fec49942ac6d25ba33e57e801a550e252c9
Release Artefact: oecore-c40a3fec49942ac6d25ba33e57e801a550e252c9
sha: afc2aaf312f9fb2590ae006615557ec605c98eff42bc380a1b2d6e39cfdf8930
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.21/oecore-c40a3fec49942ac6d25ba33e57e801a550e252c9.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.21/oecore-c40a3fec49942ac6d25ba33e57e801a550e252c9.tar.bz2
meta-mingw
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/meta-mingw
Branch: kirkstone
Tag: yocto-4.0.21
Git Revision: f6b38ce3c90e1600d41c2ebb41e152936a0357d7
Release Artefact: meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7
sha: 7d57167c19077f4ab95623d55a24c2267a3a3fb5ed83688659b4c03586373b25
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.21/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.21/meta-mingw-f6b38ce3c90e1600d41c2ebb41e152936a0357d7.tar.bz2
meta-gplv2
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/meta-gplv2
Branch: kirkstone
Tag: yocto-4.0.21
Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.21/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.21/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: 2.0
Tag: yocto-4.0.21
Git Revision: ec2a99a077da9aa0e99e8b05e0c65dcbd45864b1
Release Artefact: bitbake-ec2a99a077da9aa0e99e8b05e0c65dcbd45864b1
sha: 1cb102f4c8dbd067f0262072e4e629ec7cb423103111ccdde75a09fcb8f55e5f
Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.21/bitbake-ec2a99a077da9aa0e99e8b05e0c65dcbd45864b1.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.21/bitbake-ec2a99a077da9aa0e99e8b05e0c65dcbd45864b1.tar.bz2
yocto-docs
Repository Location: https://git.yoctoproject.org/cgit/cgit.cgi/yocto-docs
Branch: kirkstone
Tag: yocto-4.0.21
Git Revision: 512025edd9b3b6b8d0938b35bb6188c9f3b7f17d