summaryrefslogtreecommitdiff
path: root/poky/documentation/migration-guides/release-notes-4.0.10.rst
diff options
context:
space:
mode:
authorPatrick Williams <patrick@stwcx.xyz>2023-06-15 13:43:17 +0300
committerPatrick Williams <patrick@stwcx.xyz>2023-06-15 19:22:24 +0300
commit91c4060797737f563a7b975d726f2efcb088e45f (patch)
tree0b2a543533ec0cf03a47e67056a95b0073b51524 /poky/documentation/migration-guides/release-notes-4.0.10.rst
parent821a859c1d68e8cfeea8c50e86f15daa87e71d59 (diff)
downloadopenbmc-91c4060797737f563a7b975d726f2efcb088e45f.tar.xz
kirkstone: subtree updateskirkstone
meta-raspberrypi: 2a06e4e84b..43683cb14b: Florin Sarbu (1): udev-rules-rpi: Use 99-com.rules directly from upstream meta-openembedded: df452d9d98..f95484417e: Arsalan H. Awan (1): meta-networking/licenses/netperf: remove unused license Bhargav Das (2): tslib: Add native & nativestdk package support pointercal: Add native & nativestdk package support Changqing Li (1): redis: fix do_patch fuzz warning Chee Yang Lee (3): tinyproxy: fix CVE-2022-40468 capnproto: upgrade to 0.9.2 freerdp: fix CVE-2022-39316/39318/39319 Gianluigi Spagnuolo (1): libbpf: add native and nativesdk BBCLASSEXTEND Jasper Orschulko (1): python3-gcovr: Add missing runtime dependency Jonas Gorski (3): frr: Security fix CVE-2022-36440 / CVE-2022-40302 frr: Security fix CVE-2022-40318 frr: Security fix CVE-2022-43681 Khem Raj (1): nodejs: Fix build with gcc13 Martin Jansa (1): abseil-cpp: backport a fix for build with gcc-13 Narpat Mali (3): python3-werkzeug: fix for CVE-2023-25577 python3-django: upgrade 4.0.2 -> 4.2.1 python3-m2crypto: fix for CVE-2020-25657 Natasha Bailey (1): libyang: backport a fix for CVE-2023-26916 Valeria Petrov (1): apache2: upgrade 2.4.56 -> 2.4.57 Xiangyu Chen (3): pahole: fix native package build error Revert "pahole: fix native package build error" libbpf: installing uapi headers for native package poky: 4cc0e9438b..43b94d2b84: Alexander Kanavin (1): dhcpcd: use git instead of tarballs Archana Polampalli (4): nasm: fix CVE-2022-44370 git: fix CVE-2023-29007 git: fix CVE-2023-25652 git: ignore CVE-2023-25815 Arturo Buzarra (1): run-postinsts: Set dependency for ldconfig to avoid boot issues Bhabu Bindu (4): curl: Fix CVE-2023-28319 curl: Fix CVE-2023-28320 curl: Fix CVE-2023-28321 curl: Fix CVE-2023-28322 Bruce Ashfield (9): linux-yocto/5.15: update to v5.15.106 linux-yocto/5.15: update to v5.15.107 linux-yocto/5.15: update to v5.15.108 kernel: improve initramfs bundle processing time linux-yocto/5.10: update to v5.10.176 linux-yocto/5.10: update to v5.10.177 linux-yocto/5.10: update to v5.10.178 linux-yocto/5.10: update to v5.10.179 linux-yocto/5.10: update to v5.10.180 C. Andy Martin (1): systemd-networkd: backport fix for rm unmanaged wifi Christoph Lauer (1): populate_sdk_base: add zip options Daniel Ammann (1): overview-manual: concepts.rst: Fix a typo Deepthi Hemraj (5): glibc: stable 2.35 branch updates. binutils : Fix CVE-2023-25584 binutils : Fix CVE-2023-25585 binutils : Fix CVE-2023-1972 binutils : Fix CVE-2023-25588 Dmitry Baryshkov (1): linux-firmware: upgrade 20230210 -> 20230404 Eero Aaltonen (1): avahi: fix D-Bus introspection Enrico Jörns (1): package_manager/ipk: fix config path generation in _create_custom_config() Hitendra Prajapati (2): connman: fix CVE-2023-28488 DoS in client.c sysstat: Fix CVE-2023-33204 Jan Luebbe (1): p11-kit: add native to BBCLASSEXTEND Joe Slater (1): ghostscript: fix CVE-2023-29979 Kai Kang (1): webkitgtk: fix CVE-2022-32888 & CVE-2022-32923 Khem Raj (2): gcc-runtime: Use static dummy libstdc++ quilt: Fix merge.test race condition Lee Chee Yang (1): migration-guides: add release notes for 4.0.10 Marek Vasut (1): cpio: Fix wrong CRC with ASCII CRC for large files Martin Jansa (3): populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override llvm: backport a fix for build with gcc-13 kernel-devicetree: make shell scripts posix compliant Martin Siegumfeldt (1): systemd-systemctl: fix instance template WantedBy symlink construction Michael Halstead (2): uninative: Upgrade to 3.10 to support gcc 13 uninative: Upgrade to 4.0 to include latest gcc 13.1.1 Michael Opdenacker (2): conf.py: add macro for Mitre CVE links migration-guides: use new cve_mitre macro Ming Liu (1): weston: add xwayland to DEPENDS for PACKAGECONFIG xwayland Mingli Yu (1): ruby: Fix CVE-2023-28755 Narpat Mali (3): ffmpeg: fix for CVE-2022-48434 python3-cryptography: fix for CVE-2023-23931 python3-requests: fix for CVE-2023-32681 Omkar Patil (1): curl: Correction for CVE-2023-27536 Pablo Saavedra (1): gstreamer1.0: upgrade 1.20.5 -> 1.20.6 Pascal Bach (1): cmake: add CMAKE_SYSROOT to generated toolchain file Peter Bergin (1): update-alternatives.bbclass: fix old override syntax Peter Kjellerstedt (1): license.bbclass: Include LICENSE in the output when it fails to parse Peter Marko (2): libxml2: patch CVE-2023-28484 and CVE-2023-29469 openssl: Upgrade 3.0.8 -> 3.0.9 Piotr Łobacz (1): libarchive: Enable acls, xattr for native as well as target Quentin Schulz (1): Revert "docs: conf.py: fix cve extlinks caption for sphinx <4.0" Randolph Sapp (4): wic/bootimg-efi: if fixed-size is set then use that for mkdosfs kernel-devicetree: allow specification of dtb directory package: enable recursion on file globs kernel-devicetree: recursively search for dtbs Ranjitsinh Rathod (1): libbsd: Add correct license for all packages Richard Purdie (3): maintainers.inc: Fix email address typo maintainers.inc: Move repo to unassigned selftest/reproducible: Allow native/cross reuse in test Riyaz Khan (1): openssh: Remove BSD-4-clause contents completely from codebase Ross Burton (1): xserver-xorg: backport fix for CVE-2023-1393 Sakib Sajal (1): go: fix CVE-2023-24540 Shubham Kulkarni (1): go: Security fix for CVE-2023-24538 Soumya (1): perl: fix CVE-2023-31484 Steve Sakoman (3): Revert "xserver-xorg: backport fix for CVE-2023-1393" poky.conf: bump version for 4.0.10 build-appliance-image: Update to kirkstone head revision Thomas Roos (1): oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set Tom Hochstein (2): piglit: Add PACKAGECONFIG for glx and opencl piglit: Add missing glslang dependencies Upgrade Helper (1): waffle: upgrade 1.7.0 -> 1.7.2 Virendra Thakur (1): qemu: Whitelist CVE-2023-0664 Vivek Kumbhar (3): freetype: fix CVE-2023-2004 integer overflowin in tt_hvadvance_adjust() in src/truetype/ttgxvar.c go: fix CVE-2023-24534 denial of service from excessive memory allocation go: fix CVE-2023-24539 html/template improper sanitization of CSS values Wang Mingyu (2): wpebackend-fdo: upgrade 1.14.0 -> 1.14.2 xserver-xorg: upgrade 21.1.7 -> 21.1.8 Yoann Congal (1): linux-yocto: Exclude 121 CVEs already fixed upstream Yogita Urade (2): xorg-lib-common: Add variable to set tarball type libxpm: upgrade 3.5.13 -> 3.5.15 Zhixiong Chi (1): libpam: Fix the xtests/tst-pam_motd[1|3] failures Zoltan Boszormenyi (1): piglit: Fix build time dependency bkylerussell@gmail.com (1): kernel-devsrc: depend on python3-core instead of python3 leimaohui (1): nghttp2: Deleted the entries for -client and -server, and removed a dependency on them from the main package. meta-security: cc20e2af2a..d398cc6ea6: Armin Kuster (1): apparmor: fix ownership issues Josh Harley (1): Add EROFS support to dm-verity-img class Maciej Borzęcki (1): dm-verity-img.bbclass: add squashfs images Peter Marko (1): tpm2-tss: upgrade to 3.2.2 to fix CVE-2023-22745 Signed-off-by: Patrick Williams <patrick@stwcx.xyz> Change-Id: I683201033cfd1b1135738f49b0faf6df2e6348b6
Diffstat (limited to 'poky/documentation/migration-guides/release-notes-4.0.10.rst')
-rw-r--r--poky/documentation/migration-guides/release-notes-4.0.10.rst180
1 files changed, 180 insertions, 0 deletions
diff --git a/poky/documentation/migration-guides/release-notes-4.0.10.rst b/poky/documentation/migration-guides/release-notes-4.0.10.rst
new file mode 100644
index 0000000000..f37c3471ea
--- /dev/null
+++ b/poky/documentation/migration-guides/release-notes-4.0.10.rst
@@ -0,0 +1,180 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-4.0.10 (Kirkstone)
+------------------------------------------
+
+Security Fixes in Yocto-4.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- binutils: Fix :cve:`2023-1579`, :cve:`2023-1972`, :cve_mitre:`2023-25584`, :cve_mitre:`2023-25585` and :cve_mitre:`2023-25588`
+- cargo : Ignore :cve:`2022-46176`
+- connman: Fix :cve:`2023-28488`
+- curl: Fix :cve:`2023-27533`, :cve:`2023-27534`, :cve:`2023-27535`, :cve:`2023-27536` and :cve:`2023-27538`
+- ffmpeg: Fix :cve:`2022-48434`
+- freetype: Fix :cve:`2023-2004`
+- ghostscript: Fix :cve_mitre:`2023-29979`
+- git: Fix :cve:`2023-25652` and :cve:`2023-29007`
+- go: Fix :cve:`2022-41722`, :cve:`2022-41724`, :cve:`2022-41725`, :cve:`2023-24534`, :cve:`2023-24537` and :cve:`2023-24538`
+- go: Ignore :cve:`2022-41716`
+- libxml2: Fix :cve:`2023-28484` and :cve:`2023-29469`
+- libxpm: Fix :cve:`2022-44617`, :cve:`2022-46285` and :cve:`2022-4883`
+- linux-yocto: Ignore :cve:`2021-3759`, :cve:`2021-4135`, :cve:`2021-4155`, :cve:`2022-0168`, :cve:`2022-0171`, :cve:`2022-1016`, :cve:`2022-1184`, :cve:`2022-1198`, :cve:`2022-1199`, :cve:`2022-1462`, :cve:`2022-1734`, :cve:`2022-1852`, :cve:`2022-1882`, :cve:`2022-1998`, :cve:`2022-2078`, :cve:`2022-2196`, :cve:`2022-2318`, :cve:`2022-2380`, :cve:`2022-2503`, :cve:`2022-26365`, :cve:`2022-2663`, :cve:`2022-2873`, :cve:`2022-2905`, :cve:`2022-2959`, :cve:`2022-3028`, :cve:`2022-3078`, :cve:`2022-3104`, :cve:`2022-3105`, :cve:`2022-3106`, :cve:`2022-3107`, :cve:`2022-3111`, :cve:`2022-3112`, :cve:`2022-3113`, :cve:`2022-3115`, :cve:`2022-3202`, :cve:`2022-32250`, :cve:`2022-32296`, :cve:`2022-32981`, :cve:`2022-3303`, :cve:`2022-33740`, :cve:`2022-33741`, :cve:`2022-33742`, :cve:`2022-33743`, :cve:`2022-33744`, :cve:`2022-33981`, :cve:`2022-3424`, :cve:`2022-3435`, :cve:`2022-34918`, :cve:`2022-3521`, :cve:`2022-3545`, :cve:`2022-3564`, :cve:`2022-3586`, :cve:`2022-3594`, :cve:`2022-36123`, :cve:`2022-3621`, :cve:`2022-3623`, :cve:`2022-3629`, :cve:`2022-3633`, :cve:`2022-3635`, :cve:`2022-3646`, :cve:`2022-3649`, :cve:`2022-36879`, :cve:`2022-36946`, :cve:`2022-3707`, :cve:`2022-39188`, :cve:`2022-39190`, :cve:`2022-39842`, :cve:`2022-40307`, :cve:`2022-40768`, :cve:`2022-4095`, :cve:`2022-41218`, :cve:`2022-4139`, :cve:`2022-41849`, :cve:`2022-41850`, :cve:`2022-41858`, :cve:`2022-42328`, :cve:`2022-42329`, :cve:`2022-42703`, :cve:`2022-42721`, :cve:`2022-42722`, :cve:`2022-42895`, :cve:`2022-4382`, :cve:`2022-4662`, :cve:`2022-47518`, :cve:`2022-47519`, :cve:`2022-47520`, :cve:`2022-47929`, :cve:`2023-0179`, :cve:`2023-0394`, :cve:`2023-0461`, :cve:`2023-0590`, :cve:`2023-1073`, :cve:`2023-1074`, :cve:`2023-1077`, :cve:`2023-1078`, :cve:`2023-1079`, :cve:`2023-1095`, :cve:`2023-1118`, :cve:`2023-1249`, :cve:`2023-1252`, :cve:`2023-1281`, :cve:`2023-1382`, :cve:`2023-1513`, :cve:`2023-1829`, :cve:`2023-1838`, :cve:`2023-1998`, :cve:`2023-2006`, :cve:`2023-2008`, :cve:`2023-2162`, :cve:`2023-2166`, :cve:`2023-2177`, :cve:`2023-22999`, :cve:`2023-23002`, :cve:`2023-23004`, :cve:`2023-23454`, :cve:`2023-23455`, :cve:`2023-23559`, :cve:`2023-25012`, :cve:`2023-26545`, :cve:`2023-28327` and :cve:`2023-28328`
+- nasm: Fix :cve:`2022-44370`
+- python3-cryptography: Fix :cve:`2023-23931`
+- qemu: Ignore :cve:`2023-0664`
+- ruby: Fix :cve:`2023-28755` and :cve:`2023-28756`
+- screen: Fix :cve:`2023-24626`
+- shadow: Fix :cve:`2023-29383`
+- tiff: Fix :cve:`2022-4645`
+- webkitgtk: Fix :cve:`2022-32888` and :cve:`2022-32923`
+- xserver-xorg: Fix :cve:`2023-1393`
+
+
+Fixes in Yocto-4.0.10
+~~~~~~~~~~~~~~~~~~~~~
+
+- bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system
+- build-appliance-image: Update to kirkstone head revision
+- cmake: add CMAKE_SYSROOT to generated toolchain file
+- glibc: stable 2.35 branch updates.
+- kernel-devsrc: depend on python3-core instead of python3
+- kernel: improve initramfs bundle processing time
+- libarchive: Enable acls, xattr for native as well as target
+- libbsd: Add correct license for all packages
+- libpam: Fix the xtests/tst-pam_motd[1|3] failures
+- libxpm: upgrade to 3.5.15
+- linux-firmware: upgrade to 20230404
+- linux-yocto/5.15: upgrade to v5.15.108
+- migration-guides: add release-notes for 4.0.9
+- oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set
+- openssl: Move microblaze to linux-latomic config
+- package.bbclass: correct check for /build in copydebugsources()
+- poky.conf: bump version for 4.0.10
+- populate_sdk_base: add zip options
+- populate_sdk_ext.bbclass: set :term:`METADATA_REVISION` with an :term:`DISTRO` override
+- run-postinsts: Set dependency for ldconfig to avoid boot issues
+- update-alternatives.bbclass: fix old override syntax
+- wic/bootimg-efi: if fixed-size is set then use that for mkdosfs
+- wpebackend-fdo: upgrade to 1.14.2
+- xorg-lib-common: Add variable to set tarball type
+- xserver-xorg: upgrade to 21.1.8
+
+
+Known Issues in Yocto-4.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+
+Contributors to Yocto-4.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- Archana Polampalli
+- Arturo Buzarra
+- Bruce Ashfield
+- Christoph Lauer
+- Deepthi Hemraj
+- Dmitry Baryshkov
+- Frank de Brabander
+- Hitendra Prajapati
+- Joe Slater
+- Kai Kang
+- Kyle Russell
+- Lee Chee Yang
+- Mark Hatle
+- Martin Jansa
+- Mingli Yu
+- Narpat Mali
+- Pascal Bach
+- Pawan Badganchi
+- Peter Bergin
+- Peter Marko
+- Piotr Łobacz
+- Randolph Sapp
+- Ranjitsinh Rathod
+- Ross Burton
+- Shubham Kulkarni
+- Siddharth Doshi
+- Steve Sakoman
+- Sundeep KOKKONDA
+- Thomas Roos
+- Virendra Thakur
+- Vivek Kumbhar
+- Wang Mingyu
+- Xiangyu Chen
+- Yash Shinde
+- Yoann Congal
+- Yogita Urade
+- Zhixiong Chi
+
+
+Repositories / Downloads for Yocto-4.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+- Repository Location: :yocto_git:`/poky`
+- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
+- Tag: :yocto_git:`yocto-4.0.10 </poky/log/?h=yocto-4.0.10>`
+- Git Revision: :yocto_git:`f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f </poky/commit/?id=f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f>`
+- Release Artefact: poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f
+- sha: 8820aeac857ce6bbd1c7ef26cadbb86eca02be93deded253b4a5f07ddd69255d
+- Download Locations:
+ http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f.tar.bz2
+ http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f.tar.bz2
+
+openembedded-core
+
+- Repository Location: :oe_git:`/openembedded-core`
+- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
+- Tag: :oe_git:`yocto-4.0.10 </openembedded-core/log/?h=yocto-4.0.10>`
+- Git Revision: :oe_git:`d2713785f9cd2d58731df877bc8b7bcc71b6c8e6 </openembedded-core/commit/?id=d2713785f9cd2d58731df877bc8b7bcc71b6c8e6>`
+- Release Artefact: oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6
+- sha: 78e084a1aceaaa6ec022702f29f80eaffade3159e9c42b6b8985c1b7ddd2fbab
+- Download Locations:
+ http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6.tar.bz2
+ http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6.tar.bz2
+
+meta-mingw
+
+- Repository Location: :yocto_git:`/meta-mingw`
+- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
+- Tag: :yocto_git:`yocto-4.0.10 </meta-mingw/log/?h=yocto-4.0.10>`
+- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>`
+- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1
+- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302
+- Download Locations:
+ http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
+ http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
+
+meta-gplv2
+
+- Repository Location: :yocto_git:`/meta-gplv2`
+- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
+- Tag: :yocto_git:`yocto-4.0.10 </meta-gplv2/log/?h=yocto-4.0.10>`
+- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
+- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
+- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
+- Download Locations:
+ http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+ http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+
+bitbake
+
+- Repository Location: :oe_git:`/bitbake`
+- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
+- Tag: :oe_git:`yocto-4.0.10 </bitbake/log/?h=yocto-4.0.10>`
+- Git Revision: :oe_git:`0c6f86b60cfba67c20733516957c0a654eb2b44c </bitbake/commit/?id=0c6f86b60cfba67c20733516957c0a654eb2b44c>`
+- Release Artefact: bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c
+- sha: 4caa94ee4d644017b0cc51b702e330191677f7d179018cbcec8b1793949ebc74
+- Download Locations:
+ http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2
+ http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2
+
+yocto-docs
+
+- Repository Location: :yocto_git:`/yocto-docs`
+- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
+- Tag: :yocto_git:`yocto-4.0.10 </yocto-docs/log/?h=yocto-4.0.10>`
+- Git Revision: :yocto_git:`8388be749806bd0bf4fccf1005dae8f643aa4ef4 </yocto-docs/commit/?id=8388be749806bd0bf4fccf1005dae8f643aa4ef4>`
+
generated by cgit v1.2.3 (git 2.39.0) at 2024-06-11 09:56:18 +0300