diff options
author | Patrick Williams <patrick@stwcx.xyz> | 2024-03-01 23:30:19 +0300 |
---|---|---|
committer | Patrick Williams <patrick@stwcx.xyz> | 2024-03-02 00:24:34 +0300 |
commit | 7363086d8a6f87f6c162a314937f1c2e3c063b42 (patch) | |
tree | f37b4996342d0af75369338b4a1a0fc416c5feeb /poky/documentation/migration-guides/release-notes-4.3.2.rst | |
parent | d4fa64b8fbad9ed7bef03090adec4a99cf9ecd5b (diff) | |
download | openbmc-nanbield.tar.xz |
subtree updatesnanbield
meta-arm: 79c52afe74..9a4ae38e84:
Emekcan Aras (1):
arm-bsp/optee: Improve PIN counter handling robustness
Harsimran Singh Tungal (2):
corstone1000:arm-bsp/tftf: Fix tftf tests on mps3
arm-bsp/tf-a-tests: fix corstone1000
Ross Burton (2):
arm-bsp/documentation: upgrade Sphinx slightly
CI: use https: to fetch meta-virtualization
meta-openembedded: 2da6e1b0e4..da9063bdfb:
Changqing Li (2):
postgresql: upgrade 15.4 -> 15.5
redis: upgrade 6.2.13 -> 6.2.14
Khem Raj (1):
webkitgtk3: upgrade 2.42.0 -> 2.42.1
Meenali Gupta (1):
nginx: upgrade 1.25.2 -> 1.25.3
Mingli Yu (1):
mariadb: Upgrade to 10.11.6
Wang Mingyu (5):
strongswan: upgrade 5.9.12 -> 5.9.13
webkitgtk3: upgrade 2.42.1 -> 2.42.2
webkitgtk3: upgrade 2.42.2 -> 2.42.3
webkitgtk3: upgrade 2.42.3 -> 2.42.4
libssh: upgrade 0.10.5 -> 0.10.6
Yi Zhao (1):
samba: upgrade 4.18.8 -> 4.18.9
poky: 61a59d00a0..1a5c00f00c:
Alassane Yattara (1):
bitbake: toaster/toastergui: Bug-fix verify given layer path only if import/add local layer
Alexander Kanavin (2):
glibc-y2038-tests: do not run tests using 32 bit time APIs
icon-naming-utils: take tarball from debian
Alexander Sverdlin (1):
linux-firmware: upgrade 20231030 -> 20231211
Anuj Mittal (2):
base-passwd: upgrade 3.6.2 -> 3.6.3
glib-2.0: upgrade 2.78.1 -> 2.78.3
Baruch Siach (1):
contributor-guide: fix lore URL
Benjamin Bara (1):
glibc: stable 2.38 branch updates
Bruce Ashfield (8):
linux-yocto/6.1: update to v6.1.69
linux-yocto/6.1: update to v6.1.70
linux-yocto/6.1: update CVE exclusions
linux-yocto/6.1: update to v6.1.72
linux-yocto/6.1: update CVE exclusions
linux-yocto/6.1: security/cfg: add configs to harden protection
linux-yocto/6.1: update to v6.1.73
linux-yocto/6.1: update CVE exclusions
Chen Qi (2):
sudo: upgrade from 1.9.15p2 to 1.9.15p5
multilib_global.bbclass: fix parsing error with no kernel module split
Clay Chang (1):
devtool: deploy: provide max_process to strip_execs
Enguerrand de Ribaucourt (1):
manuals: document VSCode extension
Ilya A. Kriveshko (1):
dev-manual: update license manifest path
Jason Andryuk (3):
linux-firmware: Package iwlwifi .pnvm files
linux-firmware: Change bnx2 packaging
linux-firmware: Create bnx2x subpackage
Jeremy A. Puhlman (1):
create-spdx-2.2: combine spdx can try to write before dir creation
Joao Marcos Costa (1):
documentation.conf: fix do_menuconfig description
Jonathan GUILLOT (1):
udev-extraconf: fix unmount directories containing octal-escaped chars
Jose Quaresma (2):
go: update 1.20.10 -> 1.20.11
go: update 1.20.11 -> 1.20.12
Joshua Watt (2):
rpcbind: Specify state directory under /run
classes-global/sstate: Fix variable typo
Julien Stephan (1):
externalsrc: fix task dependency for do_populate_lic
Jörg Sommer (1):
documentation: Add UBOOT_BINARY, extend UBOOT_CONFIG
Kai Kang (1):
xserver-xorg: 21.1.9 -> 21.1.11
Khem Raj (2):
tiff: Backport fixes for CVE-2023-6277
tcl: Fix prepending to run-ptest script
Lee Chee Yang (5):
curl: Fix CVE-2023-46219
qemu: 8.1.2 -> 8.1.4
migration-guide: add release notes for 4.3.2
migration-guide: add release notes for 4.0.16
migration-guide: add release notes for 4.3.3
Markus Volk (1):
libadwaita: update 1.4.0 -> 1.4.2
Massimiliano Minella (1):
zstd: fix LICENSE statement
Maxin B. John (1):
ref-manual: classes: remove insserv bbclass
Michael Opdenacker (3):
contributor-guide: use "apt" instead of "aptitude"
release-notes-4.3: fix spacing
migration-guides: fix release notes for 4.3.3
Ming Liu (2):
grub: fs/fat: Don't error when mtime is 0
qemu.bbclass: fix a python TypeError
Mingli Yu (1):
python3-license-expression: Fix the ptest failure
Peter Kjellerstedt (1):
devtool: modify: Handle recipes with a menuconfig task correctly
Peter Marko (4):
dtc: preserve version also from shallow git clones
sqlite3: upgrade 3.43.1 -> 3.43.2
sqlite: drop obsolete CVE ignore
zlib: ignore CVE-2023-6992
Richard Purdie (9):
pseudo: Update to pull in syncfs probe fix
sstate: Fix dir ownership issues in SSTATE_DIR
curl: Disable two intermittently failing tests
lib/prservice: Improve lock handling robustness
oeqa/selftest/prservice: Improve test robustness
curl: Disable test 1091 due to intermittent failures
allarch: Fix allarch corner case
reproducible: Fix race with externalsrc/devtool over lockfile
pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept
Robert Berger (1):
uninative-tarball.xz - reproducibility fix
Robert Joslyn (1):
gtk: Set CVE_PRODUCT
Robert Yang (2):
nfs-utils: Upgrade 2.6.3 -> 2.6.4
nfs-utils: Update Upstream-Status
Rodrigo M. Duarte (1):
linux-firmware: Fix the linux-firmware-bcm4373 FILES variable
Ross Burton (4):
avahi: update URL for new project location
libssh2: backport fix for CVE-2023-48795
cve_check: handle CVE_STATUS being set to the empty string
cve_check: cleanup logging
Saul Wold (1):
package.py: OEHasPackage: Add MLPREFIX to packagename
Simone Weiß (5):
dev-manual: start.rst: Update use of Download page
dev-manual: start.rst: Update use of Download page
glibc: Set status for CVE-2023-5156 & CVE-2023-0687
dev-manual: gen-tapdevs need iptables installed
gcc: Update status of CVE-2023-4039
Soumya Sambu (1):
ncurses: Fix - tty is hung after reset
Steve Sakoman (2):
poky.conf: bump version for 4.3.3 release
build-appliance-image: Update to nanbield head revision
Trevor Gamblin (1):
scripts/runqemu: fix regex escape sequences
Wang Mingyu (9):
xwayland: upgrade 23.2.2 -> 23.2.3
libatomic-ops: upgrade 7.8.0 -> 7.8.2
libva-utils: upgrade 2.20.0 -> 2.20.1
kea: upgrade 2.4.0 -> 2.4.1
gstreamer1.0: upgrade 1.22.7 -> 1.22.8
aspell: upgrade 0.60.8 -> 0.60.8.1
at-spi2-core: upgrade 2.50.0 -> 2.50.1
cpio: upgrade 2.14 -> 2.15
gstreamer: upgrade 1.22.8 -> 1.22.9
William Lyu (1):
elfutils: Update license information
Xiangyu Chen (2):
shadow: Fix for CVE-2023-4641
sudo: upgrade 1.9.14p3 -> 1.9.15p2
Yang Xu (1):
rootfs.py: check depmodwrapper execution result
Yogita Urade (2):
tiff: fix CVE-2023-6228
tiff: fix CVE-2023-52355 and CVE-2023-52356
Zahir Hussain (1):
cmake: Unset CMAKE_CXX_IMPLICIT_INCLUDE_DIRECTORIES
baruch@tkos.co.il (1):
overlayfs: add missing closing parenthesis in selftest
Change-Id: I613697694d0eb51ae9451f7e869b69d6c1ba1fd3
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
Diffstat (limited to 'poky/documentation/migration-guides/release-notes-4.3.2.rst')
-rw-r--r-- | poky/documentation/migration-guides/release-notes-4.3.2.rst | 247 |
1 files changed, 247 insertions, 0 deletions
diff --git a/poky/documentation/migration-guides/release-notes-4.3.2.rst b/poky/documentation/migration-guides/release-notes-4.3.2.rst new file mode 100644 index 0000000000..3a40d83bc2 --- /dev/null +++ b/poky/documentation/migration-guides/release-notes-4.3.2.rst @@ -0,0 +1,247 @@ +.. SPDX-License-Identifier: CC-BY-SA-2.0-UK + +Release notes for Yocto-4.3.2 (Nanbield) +---------------------------------------- + +Security Fixes in Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- avahi: Fix :cve:`2023-1981`, :cve:`2023-38469`, :cve:`2023-38470`, :cve:`2023-38471`, :cve:`2023-38472` and :cve:`2023-38473` +- curl: Fix :cve:`2023-46218` +- ghostscript: Fix :cve:`2023-46751` +- grub: fix :cve:`2023-4692` and :cve:`2023-4693` +- gstreamer1.0: Fix :cve_mitre:`2023-44446` +- linux-yocto/6.1: Ignore :cve_mitre:`2023-39197`, :cve:`2023-39198`, :cve:`2023-5090`, :cve:`2023-5633`, :cve:`2023-6111`, :cve:`2023-6121` and :cve:`2023-6176` +- linux-yocto/6.5: Ignore :cve:`2022-44034`, :cve_mitre:`2023-39197`, :cve:`2023-39198`, :cve:`2023-5972`, :cve:`2023-6039`, :cve:`2023-6111` and :cve:`2023-6176` +- perl: fix :cve:`2023-47100` +- python3-urllib3: Fix :cve:`2023-45803` +- rust: Fix :cve:`2023-40030` +- vim: Fix :cve:`2023-48231`, :cve:`2023-48232`, :cve:`2023-48233`, :cve:`2023-48234`, :cve:`2023-48235`, :cve:`2023-48236` and :cve:`2023-48237` +- xserver-xorg: Fix :cve:`2023-5367` and :cve:`2023-5380` +- xwayland: Fix :cve:`2023-5367` + + +Fixes in Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~ + +- base-passwd: Upgrade to 3.6.2 +- bind: Upgrade to 9.18.20 +- binutils: stable 2.41 branch updates +- bitbake: command: Make parseRecipeFile() handle virtual recipes correctly +- bitbake: lib/bb: Add workaround for libgcc issues with python 3.8 and 3.9 +- bitbake: toastergui: verify that an existing layer path is given +- bluez5: fix connection for ps5/dualshock controllers +- build-appliance-image: Update to nanbield head revision +- cmake: Upgrade to 3.27.7 +- contributor-guide: add License-Update tag +- contributor-guide: fix command option +- cups: Add root,sys,wheel to system groups +- cve-update-nvd2-native: faster requests with API keys +- cve-update-nvd2-native: increase the delay between subsequent request failures +- cve-update-nvd2-native: make number of fetch attemtps configurable +- cve-update-nvd2-native: remove unused variable CVE_SOCKET_TIMEOUT +- dev-manual: Discourage the use of SRC_URI[md5sum] +- dev-manual: layers: update link to YP Compatible form +- dev-manual: runtime-testing: fix test module name +- devtool: finish/update-recipe: restrict mode srcrev to recipes fetched from SCM +- devtool: fix update-recipe dry-run mode +- ell: Upgrade to 0.60 +- enchant2: Upgrade to 2.6.2 +- ghostscript: Upgrade to 10.02.1 +- glib-2.0: Upgrade to 2.78.1 +- glibc: stable 2.38 branch updates +- gstreamer1.0: Upgrade to 1.22.7 +- gtk: Add rdepend on printbackend for cups +- harfbuzz: Upgrade to 8.2.2 +- json-c: fix icecc compilation +- kern-tools: bump :term:`SRCREV` for queue processing changes +- kern-tools: make lower context patches reproducible +- kern-tools: update :term:`SRCREV` to include SECURITY.md file +- kernel-arch: use ccache only for compiler +- kernel-yocto: improve metadata patching +- lib/oe/buildcfg.py: Include missing import +- lib/oe/buildcfg.py: Remove unused parameter +- lib/oe/patch: ensure os.chdir restoring always happens +- lib/oe/path: Deploy files can start only with a dot +- libgcrypt: Upgrade to 1.10.3 +- libjpeg-turbo: Upgrade to 3.0.1 +- libnewt: Upgrade to 0.52.24 +- libnsl2: Upgrade to 2.0.1 +- libsolv: Upgrade to 0.7.26 +- libxslt: Upgrade to 1.1.39 +- linux-firmware: add audio topology symlink to the X13's audio package +- linux-firmware: add missing depenencies on license packages +- linux-firmware: add new fw file to ${PN}-rtl8821 +- linux-firmware: add notice file to sdm845 modem firmware +- linux-firmware: create separate packages +- linux-firmware: package Qualcomm Venus 6.0 firmware +- linux-firmware: package Robotics RB5 sensors DSP firmware +- linux-firmware: package firmware for Qualcomm Adreno a702 +- linux-firmware: package firmware for Qualcomm QCM2290 / QRB4210 +- linux-firmware: Upgrade to 20231030 +- linux-yocto-rt/6.1: update to -rt18 +- linux-yocto/6.1: cfg: restore CONFIG_DEVMEM +- linux-yocto/6.1: drop removed IMA option +- linux-yocto/6.1: Upgrade to v6.1.68 +- linux-yocto/6.5: cfg: restore CONFIG_DEVMEM +- linux-yocto/6.5: cfg: split runtime and symbol debug +- linux-yocto/6.5: drop removed IMA option +- linux-yocto/6.5: fix AB-INT: QEMU kernel panic: No irq handler for vector +- linux-yocto/6.5: Upgrade to v6.5.13 +- linux/cve-exclusion6.1: Update to latest kernel point release +- log4cplus: Upgrade to 2.1.1 +- lsb-release: use https for :term:`UPSTREAM_CHECK_URI` +- manuals: brief-yoctoprojectqs: align variable order with default local.conf +- manuals: fix URL +- meson: use correct targets for rust binaries +- migration-guide: add release notes for 4.0.14, 4.0.15, 4.2.4, 4.3.1 +- migration-guides: release 3.5 is actually 4.0 +- migration-guides: reword fix in release-notes-4.3.1 +- msmtp: Upgrade to 1.8.25 +- oeqa/selftest/tinfoil: Add tests that parse virtual recipes +- openssl: improve handshake test error reporting +- package_ipk: Fix Source: field variable dependency +- patchtest: shorten patch signed-off-by test output +- perf: lift :term:`TARGET_CC_ARCH` modification out of security_flags.inc +- perl: Upgrade to 5.38.2 +- perlcross: Upgrade to 1.5.2 +- poky.conf: bump version for 4.3.2 release +- python3-ptest: skip test_storlines +- python3-urllib3: Upgrade to 2.0.7 +- qemu: Upgrade to 8.1.2 +- ref-manual: Fix reference to MIRRORS/PREMIRRORS defaults +- ref-manual: releases.svg: update nanbield release status +- useradd_base: sed -i destroys symlinks +- rootfs-postcommands: sed -i destroys symlinks +- sstate: Ensure sstate searches update file mtime +- strace: backport fix for so_peerpidfd-test +- systemd-boot: Fix build issues on armv7a-linux +- systemd-compat-units.bb: fix postinstall script +- systemd: fix DynamicUser issue +- systemd: update :term:`LICENSE` statement +- tcl: skip async and event tests in run-ptest +- tcl: skip timing-dependent tests in run-ptest +- test-manual: add links to python unittest +- test-manual: add or improve hyperlinks +- test-manual: explicit or fix file paths +- test-manual: resource updates +- test-manual: text and formatting fixes +- test-manual: use working example +- testimage: Drop target_dumper and most of monitor_dumper +- testimage: Exclude wtmp from target-dumper commands +- tzdata: Upgrade to 2023d +- update_gtk_icon_cache: Fix for GTK4-only builds +- useradd_base: Fix sed command line for passwd-expire +- vim: Upgrade to 9.0.2130 +- xserver-xorg: Upgrade to 21.1.9 +- xwayland: Upgrade to 23.2.2 + + +Known Issues in Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + +Contributors to Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- Adam Johnston +- Alexander Kanavin +- Anuj Mittal +- Bastian Krause +- Bruce Ashfield +- Chen Qi +- Deepthi Hemraj +- Dhairya Nagodra +- Dmitry Baryshkov +- Fahad Arslan +- Javier Tia +- Jermain Horsman +- Joakim Tjernlund +- Julien Stephan +- Justin Bronder +- Khem Raj +- Lee Chee Yang +- Marco Felsch +- Markus Volk +- Marta Rybczynska +- Massimiliano Minella +- Michael Opdenacker +- Paul Barker +- Peter Kjellerstedt +- Peter Marko +- Randy MacLeod +- Rasmus Villemoes +- Richard Purdie +- Ross Burton +- Shubham Kulkarni +- Simone Weiß +- Steve Sakoman +- Sundeep KOKKONDA +- Tim Orling +- Trevor Gamblin +- Vijay Anusuri +- Viswanath Kraleti +- Vyacheslav Yurkov +- Wang Mingyu +- William Lyu +- Zoltán Böszörményi + +Repositories / Downloads for Yocto-4.3.2 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.2 </poky/log/?h=yocto-4.3.2>` +- Git Revision: :yocto_git:`f768ffb8916feb6542fcbe3e946cbf30e247b151 </poky/commit/?id=f768ffb8916feb6542fcbe3e946cbf30e247b151>` +- Release Artefact: poky-f768ffb8916feb6542fcbe3e946cbf30e247b151 +- sha: 21ca1695d70aba9b4bd8626d160111feab76206883cd14fe41eb024692bdfd7b +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/poky-f768ffb8916feb6542fcbe3e946cbf30e247b151.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/poky-f768ffb8916feb6542fcbe3e946cbf30e247b151.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>` +- Tag: :oe_git:`yocto-4.3.2 </openembedded-core/log/?h=yocto-4.3.2>` +- Git Revision: :oe_git:`ff595b937d37d2315386aebf315cea719e2362ea </openembedded-core/commit/?id=ff595b937d37d2315386aebf315cea719e2362ea>` +- Release Artefact: oecore-ff595b937d37d2315386aebf315cea719e2362ea +- sha: a7c6332dc0e09ecc08221e78b11151e8e2a3fd9fa3eaad96a4c03b67012bfb97 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/oecore-ff595b937d37d2315386aebf315cea719e2362ea.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/oecore-ff595b937d37d2315386aebf315cea719e2362ea.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.2 </meta-mingw/log/?h=yocto-4.3.2>` +- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>` +- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2 +- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>` +- Tag: :oe_git:`yocto-4.3.2 </bitbake/log/?h=yocto-4.3.2>` +- Git Revision: :oe_git:`72bf75f0b2e7f36930185e18a1de8277ce7045d8 </bitbake/commit/?id=72bf75f0b2e7f36930185e18a1de8277ce7045d8>` +- Release Artefact: bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8 +- sha: 0b6ccd4796ccd211605090348a3d4378358c839ae1bb4c35964d0f36f2663187 +- Download Locations: + http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.2/bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8.tar.bz2 + http://mirrors.kernel.org/yocto/yocto/yocto-4.3.2/bitbake-72bf75f0b2e7f36930185e18a1de8277ce7045d8.tar.bz2 + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>` +- Tag: :yocto_git:`yocto-4.3.2 </yocto-docs/log/?h=yocto-4.3.2>` +- Git Revision: :yocto_git:`fac88b9e80646a68b31975c915a718a9b6b2b439 </yocto-docs/commit/?id=fac88b9e80646a68b31975c915a718a9b6b2b439>` + |