Release notes for Yocto-5.2.2 (Walnascar)
Security Fixes in Yocto-5.2.2
bind: Fix CVE-2025-40775
binutils: Fix CVE-2025-1153, CVE-2025-1178, CVE-2025-1180, CVE-2025-1181, CVE-2025-1182, CVE-2025-3198 and CVE-2025-5244
binutils: Ignore CVE-2025-1153 (fixed in current version)
epiphany: Fix CVE-2025-3839
go: Fix CVE-2025-0913, CVE-2025-4673 and CVE-2025-22874
go: Ignore CVE-2024-3566
kea: Fix CVE-2025-32801, CVE-2025-32802 and CVE-2025-32803
libarchive: Fix CVE-2025-5914
libsoup-2.4: Fix CVE-2024-52530, CVE-2024-52531, CVE-2025-2784, CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-32050, CVE-2025-32052, CVE-2025-32053, CVE-2025-32906, CVE-2025-32907, CVE-2025-32909, CVE-2025-32910, CVE-2025-32912, CVE-2025-32913, CVE-2025-32914, CVE-2025-46420 and CVE-2025-46421
libsoup: Fix CVE-2025-4476, CVE-2025-4948, CVE-2025-4969, CVE-2025-32907, CVE-2025-32908 and CVE-2025-32914
linux-yocto: Fix CVE-2023-3079, CVE-2023-52904, CVE-2023-52979, CVE-2025-22102, CVE-2025-37800, CVE-2025-37801, CVE-2025-37802, CVE-2025-37805, CVE-2025-37821, CVE-2025-37838, CVE-2025-37890, CVE-2025-37891, CVE-2025-37894, CVE-2025-37895, CVE-2025-37897, CVE-2025-37899, CVE-2025-37900, CVE-2025-37901, CVE-2025-37903, CVE-2025-37905, CVE-2025-37907, CVE-2025-37908, CVE-2025-37909, CVE-2025-37910, CVE-2025-37911, CVE-2025-37912, CVE-2025-37913, CVE-2025-37914, CVE-2025-37915, CVE-2025-37916, CVE-2025-37917, CVE-2025-37918, CVE-2025-37919, CVE-2025-37920, CVE-2025-37921, CVE-2025-37922, CVE-2025-37923, CVE-2025-37924, CVE-2025-37926, CVE-2025-37927, CVE-2025-37928, CVE-2025-37929, CVE-2025-37930, CVE-2025-37931, CVE-2025-37932, CVE-2025-37933, CVE-2025-37934, CVE-2025-37935, CVE-2025-37936, CVE-2025-37946, CVE-2025-37947, CVE-2025-37948, CVE-2025-37949, CVE-2025-37951, CVE-2025-37952, CVE-2025-37953, CVE-2025-37954, CVE-2025-37955, CVE-2025-37956, CVE-2025-37957, CVE-2025-37958, CVE-2025-37959, CVE-2025-37960, CVE-2025-37961, CVE-2025-37962, CVE-2025-37963, CVE-2025-37964, CVE-2025-37965, CVE-2025-37967, CVE-2025-37968, CVE-2025-37969, CVE-2025-37970, CVE-2025-37971, CVE-2025-37972, CVE-2025-37973, CVE-2025-37974, CVE-2025-37990, CVE-2025-37991, CVE-2025-37992, CVE-2025-37993, CVE-2025-37994, CVE-2025-37995, CVE-2025-37997, CVE-2025-37998 and CVE-2025-37999
linux-yocto: Ignore CVE-2023-3079 and CVE-2025-37996
net-tools: Fix CVE-2025-46836
ofono: Fix CVE-2024-7537
python3-setuptools: Fix CVE-2025-47273
python3-urllib3: Fix CVE-2025-50181 and CVE-2025-50182
sqlite3: Fix CVE-2025-3277 and CVE-2025-29088
sqlite3: mark CVE-2025-29087 as patched
systemd: Fix CVE-2025-4598
xz: Fix CVE-2025-31115
Fixes in Yocto-5.2.2
bind: upgrade to 9.20.9
bitbake: toaster/tests/buildtest: Switch to new CDN
brief-yoctoprojectqs/index.rst: replace removed macro
brief-yoctoprojectqs/ref-manual: Switch to new CDN
bsp guide: update kernel version example to 6.12
bsp-guide: update all of section 1.8.2 to reflect current beaglebone conf file
bsp-guide: update lonely “4.12” kernel reference to “6.12”
build-appliance-image: Update to walnascar head revision
cmake: Correctly handle cost data of tests with arbitrary chars in name
conf.py: tweak SearchEnglish to be hyphen-friendly
cve-exclusion_6.12.inc: Update using current cvelistV5
cve-exclusions: correct cve status for 5 entries
docs: Clean up explanation of minimum required version numbers
docs: README: specify how to contribute instead of pointing at another file
docs: conf.py: silence SyntaxWarning on js_splitter_code
docs: sphinx-lint: superfluous backtick in front of role
docs: sphinx-lint: unbalanced inline literal markup
epiphany: upgrade to 48.3
gcc: Upgrade to GCC 14.3
gcc: fix incorrect preprocessor line numbers in large files
genericarm64.conf: increase INITRAMFS_MAXSIZE
ghostscript: upgrade to 10.05.1
glibc: stable 2.41 branch updates
go: upgrade to 1.24.4
kea: upgrade to 2.6.3
libarchive: upgrade to 3.7.9
libmatchbox: upgrade to 1.14
libsoup: upgrade to 3.6.5
linux-yocto/6.12: bsp/genericarm64: modular configuration updates
linux-yocto/6.12: libbpf: silence maybe-uninitialized warning from clang
linux-yocto/6.12: update to v6.12.31
linux-yoto/6.12: bsp/arm: fix CONFIG_CRYPTO_LIB_CHACHA
linux/cve-exclusion: Execute the script after changing to the new data source
linux/cve-exclusion: correct fixed-version calculation
linux/cve-exclusion: do not shift first_affected
linux/cve-exclusion: update exclusions after script fixes
linux/cve-exclusion: update with latest cvelistV5
linux/generate-cve-exclusions: show the name and version of the data source
linux/generate-cve-exclusions: use data from CVEProject
linux: cve-exclusions: Amend terminology
linux: cve-exclusions: Fix false negatives
local.conf.sample: Switch to new CDN
migration-guides: add release notes for 4.0.27, 5.0.10, 5.2.1
nfs-utils: don’t use signals to shut down nfs server.
oeqa/sstatetests: Fix NATIVELSBSTRING handling
oeqa/sstatetests: Improve/fix sstate creation tests
overview-manual: small number of pedantic cleanups
package_rpm.bbclass: Remove empty build directory
poky.conf: bump version for 5.2.2
python3-pygobject: RDEPENDS on gobject-introspection
python3-requests: upgrade to 2.32.4
python3: backport the full fix for importlib scanning invalid distributions
python3: drop old nis module dependencies
python3: remove obsolete deletion of non-deterministic .pyc files
python3: upgrade to 3.13.4
ref-manual/variables.rst: document IMAGE_ROOTFS_MAXSIZE INHIBIT_DEFAULT_RUST_DEPS INHIBIT_UPDATERCD_BBCLASS INITRAMFS_MAXSIZE KERNEL_SPLIT_MODULES SSTATE_SKIP_CREATION
ref-manual: clarify KCONFIG_MODE default behaviour
ref-manual: classes: nativesdk: move note to appropriate section
ref-manual: classes: reword to clarify that native/nativesdk options are exclusive
scripts/install-buildtools: Update to 5.2.1
sstate: apply proper umask when fetching from SSTATE_MIRROR
sstatetests: Switch to new CDN
systemd.bbclass: generate preset for templates
systemd: upgrade to 257.6
tcf-agent: correct the SRC_URI
testimage: get real os-release file
tune-cortexr52: Remove aarch64 for ARM Cortex-R52
util-linux: fix agetty segfault issue
xwayland: Add missing libtirpc dependency
Known Issues in Yocto-5.2.2
N/A
Contributors to Yocto-5.2.2
Aleksandar Nikolic
Alper Ak
Antonin Godard
Archana Polampalli
Bruce Ashfield
Carlos Sánchez de La Lama
Changqing Li
Christos Gavros
Colin Pinnell McAllister
Daniel Turull
Deepesh Varatharajan
Dixit Parmar
Enrico Jörns
Etienne Cordonnier
Guocai He
Guðni Már Gilbert
Gyorgy Sarvari
Harish Sadineni
Jiaying Song
Lee Chee Yang
Mathieu Dubois-Briand
Mikko Rapeli
Moritz Haase
NeilBrown
Niko Mauno
Patrick Williams
Peter Marko
Praveen Kumar
Quentin Schulz
Randy MacLeod
Rasmus Villemoes
Richard Purdie
Robert P. J. Day
Robert Yang
Ross Burton
Sandeep Gundlupet Raju
Steve Sakoman
Trevor Gamblin
Trevor Woerner
Wang Mingyu
Yash Shinde
Yi Zhao
Yogita Urade
Yongxin Liu
Repositories / Downloads for Yocto-5.2.2
poky
Repository Location: https://git.yoctoproject.org/poky
Branch: walnascar
Tag: yocto-5.2.2
Git Revision: 41038342a471b4a8884548568ad147a1704253a3
Release Artefact: poky-41038342a471b4a8884548568ad147a1704253a3
sha: 4b1e9c80949e5c5ab5ffeb4fa3dadb43b74b813fc9d132caabf1fc8c38bd8f5e
Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/poky-41038342a471b4a8884548568ad147a1704253a3.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/poky-41038342a471b4a8884548568ad147a1704253a3.tar.bz2
openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: walnascar
Tag: yocto-5.2.2
Git Revision: c855be07828c9cff3aa7ddfa04eb0c4df28658e4
Release Artefact: oecore-c855be07828c9cff3aa7ddfa04eb0c4df28658e4
sha: c510b69b984be7ad8045236a3dde9bc4f5833bc9f3045dc04d6442a9453165f4
Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/oecore-c855be07828c9cff3aa7ddfa04eb0c4df28658e4.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/oecore-c855be07828c9cff3aa7ddfa04eb0c4df28658e4.tar.bz2
meta-mingw
Repository Location: https://git.yoctoproject.org/meta-mingw
Branch: walnascar
Tag: yocto-5.2.2
Git Revision: edce693e1b8fabd84651aa6c0888aafbcf238577
Release Artefact: meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577
sha: 6cfed41b54f83da91a6cf201ec1c2cd4ac284f642b1268c8fa89d2335ea2bce1
Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: 2.12
Tag: yocto-5.2.2
Git Revision: 74c28e14a9b5e2ff908a03f93c189efa6f56b0ca
Release Artefact: bitbake-74c28e14a9b5e2ff908a03f93c189efa6f56b0ca
sha: 1d417990d922289152af6274d461d7809d06c290d57e5373fd46bb0112e6b812
Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/bitbake-74c28e14a9b5e2ff908a03f93c189efa6f56b0ca.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/bitbake-74c28e14a9b5e2ff908a03f93c189efa6f56b0ca.tar.bz2
meta-yocto
Repository Location: https://git.yoctoproject.org/meta-yocto
Branch: walnascar
Tag: yocto-5.2.2
Git Revision: 5754fb5efb54cf06f96012a88619baba0995b0fc
yocto-docs
Repository Location: https://git.yoctoproject.org/yocto-docs
Branch: walnascar
Tag: yocto-5.2.2
Git Revision: 85f8e5c799ef38c6dcca615d7cc6baff325df259