Release notes for Yocto-5.2.4 (Walnascar)

Security Fixes in Yocto-5.2.4

• binutils: Fix CVE-2025-8225

• binutils: Ignore CVE-2025-8224

• cups: Fix CVE-2025-58060 and CVE-2025-58364

• curl: Fix CVE-2025-9086 and CVE-2025-10148

• elfutils: Fix CVE-2025-1352, CVE-2025-1365, CVE-2025-1371, CVE-2025-1372, CVE-2025-1376 and CVE-2025-1377

• expat: Fix CVE-2025-59375

• ffmpeg: Fix CVE-2025-7700

• glib-2.0: Fix CVE-2025-4056, CVE-2025-6052 and CVE-2025-7039

• gnutls: Ignore CVE-2025-32989 and CVE-2025-32990

• grub2: Fix CVE-2024-56738

• grub2: Ignore CVE-2024-2312

• gstreamer1.0: Ignore CVE-2025-2759, CVE-2025-3887, CVE-2025-47183, CVE-2025-47219, CVE-2025-47806, CVE-2025-47807 and CVE-2025-47808

• libarchive: Fix CVE-2025-5916, CVE-2025-5917 and CVE-2025-5918

• libpre2: Fix CVE-2025-58050

• linux-yocto/6.12: Ignore CVE-2022-50233, CVE-2023-3865, CVE-2023-3866, CVE-2023-3867, CVE-2023-4130, CVE-2023-4515, CVE-2023-32246, CVE-2023-32249, CVE-2024-58238, CVE-2024-58239, CVE-2024-58240, CVE-2025-21884, CVE-2025-22103, CVE-2025-22113, CVE-2025-22115, CVE-2025-22124, CVE-2025-22125, CVE-2025-23133, CVE-2025-37925, CVE-2025-37984, CVE-2025-38067, CVE-2025-38104, CVE-2025-38272, CVE-2025-38306, CVE-2025-38335, CVE-2025-38349, CVE-2025-38350, CVE-2025-38351, CVE-2025-38352, CVE-2025-38353, CVE-2025-38354, CVE-2025-38355, CVE-2025-38356, CVE-2025-38357, CVE-2025-38358, CVE-2025-38360, CVE-2025-38361, CVE-2025-38362, CVE-2025-38363, CVE-2025-38364, CVE-2025-38365, CVE-2025-38366, CVE-2025-38367, CVE-2025-38368, CVE-2025-38369, CVE-2025-38370, CVE-2025-38371, CVE-2025-38372, CVE-2025-38373, CVE-2025-38374, CVE-2025-38375, CVE-2025-38376, CVE-2025-38377, CVE-2025-38378, CVE-2025-38379, CVE-2025-38380, CVE-2025-38381, CVE-2025-38382, CVE-2025-38383, CVE-2025-38384, CVE-2025-38385, CVE-2025-38386, CVE-2025-38387, CVE-2025-38388, CVE-2025-38389, CVE-2025-38390, CVE-2025-38391, CVE-2025-38392, CVE-2025-38393, CVE-2025-38394, CVE-2025-38395, CVE-2025-38396, CVE-2025-38397, CVE-2025-38398, CVE-2025-38399, CVE-2025-38400, CVE-2025-38401, CVE-2025-38402, CVE-2025-38403, CVE-2025-38404, CVE-2025-38405, CVE-2025-38406, CVE-2025-38407, CVE-2025-38408, CVE-2025-38409, CVE-2025-38410, CVE-2025-38411, CVE-2025-38412, CVE-2025-38413, CVE-2025-38414, CVE-2025-38415, CVE-2025-38416, CVE-2025-38417, CVE-2025-38418, CVE-2025-38419, CVE-2025-38420, CVE-2025-38421, CVE-2025-38422, CVE-2025-38423, CVE-2025-38424, CVE-2025-38425, CVE-2025-38427, CVE-2025-38428, CVE-2025-38429, CVE-2025-38430, CVE-2025-38431, CVE-2025-38432, CVE-2025-38433, CVE-2025-38434, CVE-2025-38435, CVE-2025-38436, CVE-2025-38437, CVE-2025-38438, CVE-2025-38439, CVE-2025-38440, CVE-2025-38441, CVE-2025-38442, CVE-2025-38443, CVE-2025-38444, CVE-2025-38445, CVE-2025-38446, CVE-2025-38447, CVE-2025-38448, CVE-2025-38449, CVE-2025-38450, CVE-2025-38451, CVE-2025-38452, CVE-2025-38453, CVE-2025-38454, CVE-2025-38455, CVE-2025-38456, CVE-2025-38457, CVE-2025-38458, CVE-2025-38459, CVE-2025-38460, CVE-2025-38461, CVE-2025-38462, CVE-2025-38463, CVE-2025-38464, CVE-2025-38465, CVE-2025-38466, CVE-2025-38467, CVE-2025-38468, CVE-2025-38469, CVE-2025-38470, CVE-2025-38471, CVE-2025-38472, CVE-2025-38473, CVE-2025-38474, CVE-2025-38475, CVE-2025-38476, CVE-2025-38477, CVE-2025-38478, CVE-2025-38480, CVE-2025-38481, CVE-2025-38482, CVE-2025-38483, CVE-2025-38484, CVE-2025-38485, CVE-2025-38486, CVE-2025-38487, CVE-2025-38488, CVE-2025-38489, CVE-2025-38490, CVE-2025-38491, CVE-2025-38492, CVE-2025-38493, CVE-2025-38494, CVE-2025-38495, CVE-2025-38496, CVE-2025-38497, CVE-2025-38498, CVE-2025-38499, CVE-2025-38500, CVE-2025-38501, CVE-2025-38502, CVE-2025-38503, CVE-2025-38504, CVE-2025-38505, CVE-2025-38506, CVE-2025-38507, CVE-2025-38508, CVE-2025-38509, CVE-2025-38510, CVE-2025-38511, CVE-2025-38512, CVE-2025-38513, CVE-2025-38514, CVE-2025-38515, CVE-2025-38516, CVE-2025-38517, CVE-2025-38518, CVE-2025-38519, CVE-2025-38520, CVE-2025-38521, CVE-2025-38522, CVE-2025-38523, CVE-2025-38524, CVE-2025-38525, CVE-2025-38526, CVE-2025-38527, CVE-2025-38528, CVE-2025-38529, CVE-2025-38530, CVE-2025-38531, CVE-2025-38532, CVE-2025-38533, CVE-2025-38534, CVE-2025-38535, CVE-2025-38536, CVE-2025-38537, CVE-2025-38538, CVE-2025-38539, CVE-2025-38540, CVE-2025-38541, CVE-2025-38542, CVE-2025-38543, CVE-2025-38544, CVE-2025-38545, CVE-2025-38546, CVE-2025-38547, CVE-2025-38548, CVE-2025-38549, CVE-2025-38550, CVE-2025-38551, CVE-2025-38552, CVE-2025-38553, CVE-2025-38554, CVE-2025-38555, CVE-2025-38556, CVE-2025-38557, CVE-2025-38558, CVE-2025-38559, CVE-2025-38560, CVE-2025-38561, CVE-2025-38562, CVE-2025-38563, CVE-2025-38564, CVE-2025-38565, CVE-2025-38566, CVE-2025-38567, CVE-2025-38568, CVE-2025-38569, CVE-2025-38570, CVE-2025-38571, CVE-2025-38572, CVE-2025-38573, CVE-2025-38574, CVE-2025-38576, CVE-2025-38577, CVE-2025-38578, CVE-2025-38579, CVE-2025-38580, CVE-2025-38581, CVE-2025-38582, CVE-2025-38583, CVE-2025-38585, CVE-2025-38586, CVE-2025-38587, CVE-2025-38588, CVE-2025-38589, CVE-2025-38590, CVE-2025-38592, CVE-2025-38593, CVE-2025-38594, CVE-2025-38595, CVE-2025-38596, CVE-2025-38598 and CVE-2025-38599

• linux-yocto/6.12: Ignore CVE-2025-38600, CVE-2025-38601, CVE-2025-38602, CVE-2025-38603, CVE-2025-38604, CVE-2025-38606, CVE-2025-38607, CVE-2025-38608, CVE-2025-38609, CVE-2025-38610, CVE-2025-38611, CVE-2025-38612, CVE-2025-38613, CVE-2025-38614, CVE-2025-38615, CVE-2025-38616, CVE-2025-38617, CVE-2025-38618, CVE-2025-38619, CVE-2025-38620, CVE-2025-38622, CVE-2025-38623, CVE-2025-38624, CVE-2025-38625, CVE-2025-38626, CVE-2025-38628, CVE-2025-38629, CVE-2025-38630, CVE-2025-38631, CVE-2025-38632, CVE-2025-38633, CVE-2025-38634, CVE-2025-38635, CVE-2025-38638, CVE-2025-38639, CVE-2025-38640, CVE-2025-38641, CVE-2025-38642, CVE-2025-38644, CVE-2025-38645, CVE-2025-38646, CVE-2025-38647, CVE-2025-38648, CVE-2025-38649, CVE-2025-38650, CVE-2025-38651, CVE-2025-38652, CVE-2025-38653, CVE-2025-38654, CVE-2025-38655, CVE-2025-38657, CVE-2025-38658, CVE-2025-38659, CVE-2025-38660, CVE-2025-38661, CVE-2025-38662, CVE-2025-38663, CVE-2025-38664, CVE-2025-38665, CVE-2025-38666, CVE-2025-38667, CVE-2025-38668, CVE-2025-38669, CVE-2025-38670, CVE-2025-38671, CVE-2025-38672, CVE-2025-38673, CVE-2025-38674, CVE-2025-38675, CVE-2025-38676, CVE-2025-38677, CVE-2025-38679, CVE-2025-38680, CVE-2025-38681, CVE-2025-38682, CVE-2025-38683, CVE-2025-38684, CVE-2025-38685, CVE-2025-38686, CVE-2025-38687, CVE-2025-38688, CVE-2025-38689, CVE-2025-38690, CVE-2025-38691, CVE-2025-38692, CVE-2025-38693, CVE-2025-38694, CVE-2025-38695, CVE-2025-38696, CVE-2025-38697, CVE-2025-38698, CVE-2025-38699, CVE-2025-38700, CVE-2025-38701, CVE-2025-38702, CVE-2025-38703, CVE-2025-38704, CVE-2025-38705, CVE-2025-38706, CVE-2025-38707, CVE-2025-38708, CVE-2025-38709, CVE-2025-38710, CVE-2025-38711, CVE-2025-38712, CVE-2025-38713, CVE-2025-38714, CVE-2025-38715, CVE-2025-38716, CVE-2025-38717, CVE-2025-38718, CVE-2025-38719, CVE-2025-38720, CVE-2025-38721, CVE-2025-38722, CVE-2025-38723, CVE-2025-38724, CVE-2025-38725, CVE-2025-38726, CVE-2025-38727, CVE-2025-38728, CVE-2025-38729, CVE-2025-38730, CVE-2025-38731, CVE-2025-38732, CVE-2025-38733, CVE-2025-38734, CVE-2025-38735, CVE-2025-38736, CVE-2025-38737, CVE-2025-39673, CVE-2025-39674, CVE-2025-39675, CVE-2025-39676, CVE-2025-39679, CVE-2025-39680, CVE-2025-39681, CVE-2025-39682, CVE-2025-39683, CVE-2025-39684, CVE-2025-39685, CVE-2025-39686, CVE-2025-39687, CVE-2025-39689, CVE-2025-39690, CVE-2025-39691, CVE-2025-39692, CVE-2025-39693, CVE-2025-39694, CVE-2025-39695, CVE-2025-39696, CVE-2025-39697, CVE-2025-39698, CVE-2025-39699, CVE-2025-39700, CVE-2025-39701, CVE-2025-39702, CVE-2025-39703, CVE-2025-39704, CVE-2025-39705, CVE-2025-39706, CVE-2025-39707, CVE-2025-39708, CVE-2025-39709, CVE-2025-39710, CVE-2025-39711, CVE-2025-39712, CVE-2025-39713, CVE-2025-39714, CVE-2025-39715, CVE-2025-39716, CVE-2025-39717, CVE-2025-39718, CVE-2025-39719, CVE-2025-39720, CVE-2025-39721, CVE-2025-39722, CVE-2025-39723, CVE-2025-39724, CVE-2025-39725, CVE-2025-39726, CVE-2025-39727, CVE-2025-39729, CVE-2025-39730, CVE-2025-39731, CVE-2025-39732, CVE-2025-39733, CVE-2025-39734, CVE-2025-39736, CVE-2025-39737, CVE-2025-39738, CVE-2025-39739, CVE-2025-39740, CVE-2025-39741, CVE-2025-39742, CVE-2025-39743, CVE-2025-39744, CVE-2025-39746, CVE-2025-39747, CVE-2025-39748, CVE-2025-39749, CVE-2025-39750, CVE-2025-39751, CVE-2025-39752, CVE-2025-39753, CVE-2025-39754, CVE-2025-39756, CVE-2025-39757, CVE-2025-39758, CVE-2025-39759, CVE-2025-39760, CVE-2025-39761, CVE-2025-39763, CVE-2025-39765, CVE-2025-39766, CVE-2025-39767, CVE-2025-39768, CVE-2025-39769, CVE-2025-39770, CVE-2025-39771, CVE-2025-39772, CVE-2025-39773, CVE-2025-39774, CVE-2025-39775, CVE-2025-39776, CVE-2025-39777, CVE-2025-39779, CVE-2025-39780, CVE-2025-39781, CVE-2025-39782, CVE-2025-39783, CVE-2025-39784, CVE-2025-39785, CVE-2025-39786, CVE-2025-39787, CVE-2025-39788, CVE-2025-39790, CVE-2025-39791, CVE-2025-39792, CVE-2025-39793, CVE-2025-39794, CVE-2025-39795, CVE-2025-39796, CVE-2025-39797, CVE-2025-39798 and CVE-2025-39799

• libxslt: Fix CVE-2025-7424

• pulseaudio: Ignore CVE-2024-11586

• tiff: Fix CVE-2024-13978, CVE-2025-8176, CVE-2025-8177, CVE-2025-8534, CVE-2025-8961 and CVE-2025-9165

• tiff: Ignore CVE-2025-8851

• vim: Fix CVE-2025-53905, CVE-2025-53906, CVE-2025-55157 and CVE-2025-55158

Fixes in Yocto-5.2.4

• bash: use -std=gnu17 also for native CFLAGS

• binutils: Fix gprofng broken symbolic link with gp-*

• bitbake: Use a “fork” multiprocessing context

• bitbake: bitbake: Bump version to 2.12.1

• bitbake: tests/fetch: Update tests after bitbake tag removal

• build-appliance-image: Update to walnascar head revision

• buildtools-tarball: fix unbound variable issues under ‘set -u’

• cve-update-db-native: Fix fetcher for CVEs missing nodes

• default-distrovars.inc: Fix CONNECTIVITY_CHECK_URIS redirect issue

• dev-manual/security-subjects.rst: update mailing lists

• expat: upgrade to 2.7.2

• ffmpeg: upgrade to 7.1.2

• glib-2.0: update to 2.84.4

• go: upgrade 1.24.6

• gst-devtools: upgrade 1.24.13

• gstreamer1.0-libav: upgrade 1.24.13

• gstreamer1.0-plugins-bad: upgrade 1.24.13

• gstreamer1.0-plugins-base: upgrade 1.24.13

• gstreamer1.0-plugins-good: upgrade 1.24.13

• gstreamer1.0-plugins-ugly: upgrade 1.24.13

• gstreamer1.0-python: upgrade 1.24.13

• gstreamer1.0-rtsp-server: upgrade 1.24.13

• gstreamer1.0-vaapi: upgrade 1.24.13

• gstreamer1.0: upgrade 1.24.13

• lib/oe/utils: use multiprocessing from bb

• libpcre2: upgrade 10.46

• license.py: avoid deprecated ast.Str

• linux-firmware: fix FILES to drop RDEPENDS on full package

• linux-yocto/6.12: Revert “linux-yocto/6.12: riscv: Enable TUNE_FEATURES based KERNEL_FEATURES”

• linux-yocto/6.12: update to 6.12.47

• migration-guides: add release notes for 4.0.29, 5.0.12 and 5.2.3

• pkgconfig: fix build with gcc-15

• poky.conf: bump version for 5.2.4

• pulseaudio: Add audio group explicitly

• python3-setuptools: restore build_scripts.executable support

• ref-manual/variables.rst: expand IMAGE_OVERHEAD_FACTOR glossary entry

• rpm: correct tool path in macros for no usrmerge

• rpm: keep leading ‘/’ from sed operation

• runqemu: fix special characters bug

• rust-target-config: Add has-thread-local option

• sanity.conf: Update minimum bitbake version to 2.12.1

• sdk: The main in the C example should return an int

• systemd-systemctl-native: Install systemd-sysv-install

• systemd-systemctl-native: Use += instead of :append

• systemd.bbclass: Make systemd_postinst run as intended

• vim: upgrade 9.1.1652

• vulnerabilities: update nvdcve file name

• yocto-uninative: Update to 4.9 for glibc 2.42 and GCC 15.1

Known Issues in Yocto-5.2.4

• N/A

Contributors to Yocto-5.2.4

• Antonin Godard

• Archana Polampalli

• Bruce Ashfield

• Deepak Rathore

• Haixiao Yan

• Harish Sadineni

• Hongxu Jia

• Jan Vermaete

• Joao Marcos Costa

• Joshua Watt

• Kyungjik Min

• Lee Chee Yang

• Libo Chen

• Markus Kurz

• Markus Volk

• Martin Jansa

• Mathieu Dubois-Briand

• Michael Halstead

• Patryk Seregiet

• Per x Johansson

• Peter Kjellerstedt

• Peter Marko

• Praveen Kumar

• Ross Burton

• Siddharth Doshi

• Soumya Sambu

• Steve Sakoman

• Yi Zhao

• Yogita Urade

Repositories / Downloads for Yocto-5.2.4

poky

• Repository Location: https://git.yoctoproject.org/poky

• Branch: walnascar

• Tag: yocto-5.2.4

• Git Revision: d0b46a6624ec9c61c47270745dd0b2d5abbe6ac1

• Release Artefact: poky-d0b46a6624ec9c61c47270745dd0b2d5abbe6ac1

• sha: b5fa58650f7069c1c001f48aa8eeb12ab78b5f50a414de46df1a196fdc3be8cb

• Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.4/poky-d0b46a6624ec9c61c47270745dd0b2d5abbe6ac1.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.4/poky-d0b46a6624ec9c61c47270745dd0b2d5abbe6ac1.tar.bz2

openembedded-core

• Repository Location: https://git.openembedded.org/openembedded-core

• Branch: walnascar

• Tag: yocto-5.2.4

• Git Revision: ff1c54df4e7b15df2e2c9fced59d9ad3e92ed565

• Release Artefact: oecore-ff1c54df4e7b15df2e2c9fced59d9ad3e92ed565

• sha: a348eb7c759cc02c1415d2b506903ac1d5530708c9b47550a4ae8c8d86c75728

• Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.4/oecore-ff1c54df4e7b15df2e2c9fced59d9ad3e92ed565.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.4/oecore-ff1c54df4e7b15df2e2c9fced59d9ad3e92ed565.tar.bz2

meta-mingw

• Repository Location: https://git.yoctoproject.org/meta-mingw

• Branch: walnascar

• Tag: yocto-5.2.4

• Git Revision: edce693e1b8fabd84651aa6c0888aafbcf238577

• Release Artefact: meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577

• sha: 6cfed41b54f83da91a6cf201ec1c2cd4ac284f642b1268c8fa89d2335ea2bce1

• Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.4/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.4/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2

bitbake

• Repository Location: https://git.openembedded.org/bitbake

• Branch: 2.12

• Tag: yocto-5.2.4

• Git Revision: ac097300921590ed6a814f2c3fa08a59f4ded92d

• Release Artefact: bitbake-ac097300921590ed6a814f2c3fa08a59f4ded92d

• sha: ad8afd956f5378691172317c95bdd1c098d6144a7269975d7d3230707305e88a

• Download Locations: https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.4/bitbake-ac097300921590ed6a814f2c3fa08a59f4ded92d.tar.bz2 https://mirrors.kernel.org/yocto/yocto/yocto-5.2.4/bitbake-ac097300921590ed6a814f2c3fa08a59f4ded92d.tar.bz2

meta-yocto

• Repository Location: https://git.yoctoproject.org/meta-yocto

• Branch: walnascar

• Tag: yocto-5.2.4

• Git Revision: 0993c45a1f78f302fd40c78a2a1f709daa7a0ae0

yocto-docs

• Repository Location: https://git.yoctoproject.org/yocto-docs

• Branch: walnascar

• Tag: yocto-5.2.4

• Git Revision: 29330751c8a2b82b4bd80659d2a0a8bac51afca5