Release notes for Yocto-4.2.4 (Mickledore)

Security Fixes in Yocto-4.2.4

Fixes in Yocto-4.2.4

  • README: Update to point to new contributor guide

  • README: fix mail address in git example command

  • SECURITY.md: Add file

  • avahi: handle invalid service types gracefully

  • bind: upgrade to 9.18.19

  • bitbake.conf: add bunzip2 in HOSTTOOLS

  • bitbake: Fix disk space monitoring on cephfs

  • bitbake: SECURITY.md: add file

  • brief-yoctoprojectqs: use new CDN mirror for sstate

  • bsp-guide: bsp.rst: replace reference to wiki

  • bsp-guide: bsp: skip Intel machines no longer supported in Poky

  • build-appliance-image: Update to mickledore head revision

  • build-sysroots: Add SUMMARY field

  • build-sysroots: Ensure dependency chains are minimal

  • build-sysroots: target or native sysroot population need to be selected explicitly

  • buildtools-tarball: Add libacl

  • busybox: Set PATH in syslog initscript

  • busybox: remove coreutils dependency in busybox-ptest

  • cmake.bbclass: fix allarch override syntax

  • cml1: Fix KCONFIG_CONFIG_COMMAND not conveyed fully in do_menuconfig

  • contributor-guide/style-guide: Add a note about task idempotence

  • contributor-guide/style-guide: Refer to recipes, not packages

  • contributor-guide: deprecate “Accepted” patch status

  • contributor-guide: discourage marking patches as Inappropriate

  • contributor-guide: recipe-style-guide: add Upstream-Status

  • contributor-guide: recipe-style-guide: add more patch tagging examples

  • contributor-guide: recipe-style-guide: add section about CVE patches

  • contributor-guide: style-guide: discourage using Pending patch status

  • core-image-ptest: Define a fallback for SUMMARY field

  • cve-check: add CVSS vector string to CVE database and reports

  • cve-check: don’t warn if a patch is remote

  • cve-check: slightly more verbose warning when adding the same package twice

  • cve-check: sort the package list in the JSON report

  • cve-exclusion_6.1.inc: update for 6.1.57

  • dbus: add additional entries to CVE_PRODUCT

  • dbus: upgrade to 1.14.10

  • dev-manual: add security team processes

  • dev-manual: disk-space: improve wording for obsolete sstate cache files

  • dev-manual: disk-space: mention faster “find” command to trim sstate cache

  • dev-manual: fix testimage usage instructions

  • dev-manual: layers: Add notes about layer.conf

  • dev-manual: licenses: mention SPDX for license compliance

  • dev-manual: new-recipe.rst fix inconsistency with contributor guide

  • dev-manual: new-recipe.rst: add missing parenthesis to “Patching Code” section

  • dev-manual: new-recipe.rst: replace reference to wiki

  • dev-manual: remove unsupported :term: markup inside markup

  • dev-manual: start.rst: remove obsolete reference

  • ell: upgrade to 0.58

  • externalsrc: fix dependency chain issues

  • ffmpeg: upgrade to 5.1.3

  • ffmpeg: avoid neon on unsupported machines

  • file: fix call to localtime_r()

  • file: upgrade to 5.45

  • fontcache.bbclass: avoid native recipes depending on target fontconfig

  • gcc-crosssdk: ignore MULTILIB_VARIANTS in signature computation

  • gcc-runtime: remove bashism

  • gcc: backport a fix for ICE caused by CVE-2023-4039.patch

  • gcc: depend on zstd

  • gdb: fix RDEPENDS for PACKAGECONFIG[tui]

  • glib-2.0: libelf has a configure option now, specify it

  • glibc: stable 2.37 branch updates

  • gnupg: Fix reproducibility failure

  • gnupg: upgrade to 2.4.3

  • go: upgrade to 1.20.7

  • graphene: fix runtime detection of IEEE754 behaviour

  • gstreamer: upgrade to 1.22.6

  • gtk4: upgrade to 4.10.5

  • gzip: upgrade to 1.13

  • igt-gpu-tools: do not write shortened git commit hash into binaries

  • inetutils: don’t guess target paths

  • inetutils: remove obsolete cruft from do_configure

  • insane.bbclass: Count raw bytes in shebang-size

  • kernel.bbclass: Add force flag to rm calls

  • lib/package_manager: Improve repo artefact filtering

  • libc-test: Run as non-root user

  • libconvert-asn1-perl: upgrade to 0.34

  • libevent: fix patch Upstream-Status

  • libgudev: explicitly disable tests and vapi

  • librepo: upgrade to 1.15.2

  • librsvg: upgrade to 2.54.6

  • libsndfile1: upgrade to 1.2.2

  • libsoup-2.4: Only specify –cross-file when building for target

  • libsoup-2.4: update PACKAGECONFIG

  • libx11: upgrade to 1.8.7

  • libxkbcommon: add CVE_PRODUCT

  • libxpm: upgrade to 3.5.17

  • linux-firmware: add firmware files for NXP BT chipsets

  • linux-firmware: package Dragonboard 845c sensors DSP firmware

  • linux-firmware: package audio topology for Lenovo X13s

  • linux-firmware: upgrade to 20230804

  • linux-yocto/5.15: update to v5.15.133

  • linux-yocto/6.1: fix CONFIG_F2FS_IO_TRACE configuration warning

  • linux-yocto/6.1: fix IRQ-80 warnings

  • linux-yocto/6.1: fix uninitialized read in nohz_full/isolcpus setup

  • linux-yocto/6.1: tiny: fix arm 32 boot

  • linux-yocto/6.1: update to v6.1.57

  • linux-yocto: add script to generate kernel CVE_CHECK_IGNORE entries

  • linux-yocto: make sure the pahole-native available before do_kernel_configme

  • linux/cve-exclusion: add generated CVE_CHECK_IGNOREs

  • linux/generate-cve-exclusions: fix mishandling of boundary values

  • linux/generate-cve-exclusions: print the generated time in UTC

  • manuals: add new contributor guide

  • manuals: correct “yocto-linux” by “linux-yocto”

  • mdadm: Disable further tests due to intermittent failures

  • mdadm: skip running 04update-uuid and 07revert-inplace testcases

  • migration-guides: add release notes for 4.0.12

  • migration-guides: add release notes for 4.0.13

  • migration-guides: add release notes for 4.2.3

  • mpfr: upgrade to 4.2.1

  • multilib.conf: explicitly make MULTILIB_VARIANTS vardeps on MULTILIBS

  • nativesdk-intercept: Fix bad intercept chgrp/chown logic

  • nettle: avoid neon on unsupported machines

  • oe-depends-dot: improve ‘-w’ behavior

  • oeqa dnf_runtime.py: fix HTTP server IP address and port

  • oeqa selftest context.py: remove warning from missing meta-selftest

  • oeqa selftest context.py: whitespace fix

  • oeqa/concurrencytest: Remove invalid buffering option

  • oeqa/selftest/context.py: check git command return values

  • oeqa/selftest/wic: Improve assertTrue calls

  • oeqa/selftest: Fix broken symlink removal handling

  • oeqa/utils/gitarchive: Handle broken commit counts in results repo

  • openssl: upgrade to 3.1.4

  • openssl: build and install manpages only if they are enabled

  • openssl: ensure all ptest fails are caught

  • openssl: parallelize tests

  • overview: Add note about non-reproducibility side effects

  • packages.bbclass: Correct the check for conflicts with renamed packages

  • pango: explictly enable/disable libthai

  • patch.py: use –absolute-git-dir instead of –show-toplevel to retrieve gitdir

  • pixman: Remove duplication of license MIT

  • pixman: avoid neon on unsupported machines

  • poky.conf: bump version for 4.2.4 release

  • profile-manual: aesthetic cleanups

  • pseudo: Fix to work with glibc 2.38

  • ptest: report tests that were killed on timeout

  • python3-git: upgrade to 3.1.37

  • python3-urllib3: update to v1.26.18

  • python3: upgrade to 3.11.5

  • qemu: fix “Bad FPU state detected” fault on qemu-system-i386

  • ref-manual: Fix PACKAGECONFIG term and add an example

  • ref-manual: Warn about COMPATIBLE_MACHINE skipping native recipes

  • ref-manual: point outdated link to the new location

  • ref-manual: releases.svg: Scarthgap is now version 5.0

  • ref-manual: system-requirements: update supported distros

  • ref-manual: variables: add RECIPE_SYSROOT and RECIPE_SYSROOT_NATIVE

  • ref-manual: variables: add TOOLCHAIN_OPTIONS variable

  • ref-manual: variables: add example for SYSROOT_DIRS variable

  • ref-manual: variables: provide no-match example for COMPATIBLE_MACHINE

  • resulttool/report: Avoid divide by zero

  • runqemu: check permissions of available render nodes as well as their presence

  • screen: upgrade to 4.9.1

  • scripts/create-pull-request: update URLs to git repositories

  • sdk-manual: appendix-obtain: improve and update descriptions

  • sdk-manual: extensible.rst: fix multiple formatting issues

  • shadow: fix patch Upstream-Status

  • strace: parallelize ptest

  • sudo: upgrade to 1.9.15p2

  • systemd-bootchart: musl fixes have been rejected upstream

  • systemd: backport patch to fix warning in systemd-vconsole-setup

  • tar: upgrade to 1.35

  • tcl: Add a way to skip ptests

  • tcl: prevent installing another copy of tzdata

  • template: fix typo in section header

  • test-manual: reproducible-builds: stop mentioning LTO bug

  • uboot-extlinux-config.bbclass: fix missed override syntax migration

  • vim: upgrade to 9.0.2048

  • vim: update obsolete comment

  • wayland-utils: add libdrm PACKAGECONFIG

  • weston-init: fix init code indentation

  • weston-init: remove misleading comment about udev rule

  • wic: bootimg-partition: Fix file name in debug message

  • wic: fix wrong attempt to create file system in upartitioned regions

  • wireless-regdb: upgrade to 2023.09.01

  • xz: upgrade to 5.4.4

  • yocto-uninative: Update to 4.2 for glibc 2.38

  • yocto-uninative: Update to 4.3

Known Issues in Yocto-4.2.4

  • N/A

Contributors to Yocto-4.2.4

  • Alberto Planas

  • Alexander Kanavin

  • Alexis Lothoré

  • Antoine Lubineau

  • Anuj Mittal

  • Archana Polampalli

  • Arne Schwerdt

  • BELHADJ SALEM Talel

  • Benjamin Bara

  • Bruce Ashfield

  • Chen Qi

  • Colin McAllister

  • Daniel Semkowicz

  • Dmitry Baryshkov

  • Eilís ‘pidge’ Ní Fhlannagáin

  • Emil Kronborg Andersen

  • Etienne Cordonnier

  • Jaeyoon Jung

  • Jan Garcia

  • Joe Slater

  • Joshua Watt

  • Julien Stephan

  • Kai Kang

  • Khem Raj

  • Lee Chee Yang

  • Markus Niebel

  • Markus Volk

  • Marta Rybczynska

  • Martijn de Gouw

  • Martin Jansa

  • Michael Halstead

  • Michael Opdenacker

  • Mikko Rapeli

  • Mingli Yu

  • Narpat Mali

  • Otavio Salvador

  • Ovidiu Panait

  • Peter Kjellerstedt

  • Peter Marko

  • Peter Suti

  • Poonam Jadhav

  • Quentin Schulz

  • Richard Purdie

  • Robert P. J. Day

  • Roland Hieber

  • Ross Burton

  • Ryan Eatmon

  • Sakib Sajal

  • Samantha Jalabert

  • Sanjana

  • Sanjay Chitroda

  • Sean Nyekjaer

  • Siddharth Doshi

  • Soumya Sambu

  • Stefan Tauner

  • Steve Sakoman

  • Tan Wen Yan

  • Tom Hochstein

  • Trevor Gamblin

  • Vijay Anusuri

  • Wang Mingyu

  • Xiangyu Chen

  • Yash Shinde

  • Yoann Congal

  • Yogita Urade

  • Yuta Hayama

Repositories / Downloads for Yocto-4.2.4

poky

openembedded-core

meta-mingw

bitbake

yocto-docs