-------------------------- yocto-4.0.23 Release Notes -------------------------- -------------------------- Repositories/Downloads -------------------------- Repository Name: poky Repository Location: https://git.yoctoproject.org/poky Branch: kirkstone Tag: yocto-4.0.23 Git Revision: 8e092852b63e998d990b8f8e1aa91297dec4430f Release Artefact: poky-8e092852b63e998d990b8f8e1aa91297dec4430f sha: 339d34d8432070dac948449e732ebf06a888eeb27ff548958b2395c9446b029d Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.23/poky-8e092852b63e998d990b8f8e1aa91297dec4430f.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.23/poky-8e092852b63e998d990b8f8e1aa91297dec4430f.tar.bz2 Repository Name: openembedded-core Repository Location: https://git.openembedded.org/openembedded-core Branch: kirkstone Tag: yocto-4.0.23 Git Revision: fb45c5cf8c2b663af293acb069d446610f77ff1a Release Artefact: oecore-fb45c5cf8c2b663af293acb069d446610f77ff1a sha: 1d394370ea7d43fb885ab8a952d6d1e43f1a850745a5152d5ead5565a283a0f5 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.23/oecore-fb45c5cf8c2b663af293acb069d446610f77ff1a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.23/oecore-fb45c5cf8c2b663af293acb069d446610f77ff1a.tar.bz2 Repository Name: meta-mingw Repository Location: https://git.yoctoproject.org/meta-mingw Branch: kirkstone Tag: yocto-4.0.23 Git Revision: 87c22abb1f11be430caf4372e6b833dc7d77564e Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.23/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.23/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2 Repository Name: meta-gplv2 Repository Location: https://git.yoctoproject.org/meta-gplv2 Branch: kirkstone Tag: yocto-4.0.23 Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.23/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.23/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 Repository Name: bitbake Repository Location: https://git.openembedded.org/bitbake Branch: 2.0 Tag: yocto-4.0.23 Git Revision: fb73c495c45d1d4107cfd60b67a5b4f11a99647b Release Artefact: bitbake-fb73c495c45d1d4107cfd60b67a5b4f11a99647b sha: 5cd271299951f25912a2e8d4de6d8769a4c0bb3bbcfc90815be41f23fd299a0b Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.23/bitbake-fb73c495c45d1d4107cfd60b67a5b4f11a99647b.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.23/bitbake-fb73c495c45d1d4107cfd60b67a5b4f11a99647b.tar.bz2 Repository Name: yocto-docs Repository Location: https://git.yoctoproject.org/yocto-docs Branch: kirkstone Tag: yocto-4.0.23 Git Revision: 188d4317fc7c6ebf0e6803e3240e9e3ba2024442 --------------- Contributors --------------- Aleksandar Nikolic Alexandre Belloni Antoine Lubineau Antonin Godard Archana Polampalli Ashish Sharma Baruch Siach Eilís 'pidge' Ní Fhlannagáin Jose Quaresma Julien Stephan Khem Raj Lee Chee Yang Macpaul Lin Martin Jansa Michael Opdenacker Ola x Nilsson Peter Marko Philip Lorenz Randolph Sapp Richard Purdie Robert Yang Rohini Sangam Ruiqiang Hao Siddharth Doshi Steve Sakoman Talel BELHAJSALEM Wang Mingyu Yogita Urade Zoltan Boszormenyi --------------- Known Issues --------------- N/A --------------- Security Fixes --------------- expat: Fix CVE-2024-50602 gstreamer1.0: Ignore CVE-2024-0444 curl: Fix CVE-2024-9681 ghostscript: Fix CVE-2023-46361 zstd: Fix CVE-2022-4899 python3: Ignore CVE-2023-27043 CVE-2024-6232 CVE-2024-7592 qemu: Fix CVE-2023-3019 openssl: Fix CVE-2024-9143 ghostscript: Fix CVE-2024-29508 libarchive: Fix CVE-2024-48957 CVE-2024-48958 gcc: Ignore CVE-2023-4039 vim: Fix CVE-2024-45306 --------------- Fixes --------------- at-spi2-core: backport a patch to fix build with gcc-14 on host bitbake: bitbake: doc/user-manual: Update the BB_HASHSERVE_UPSTREAM bitbake: codeparser: Fix handling of string AST nodes with older Python versions bitbake: fetch2/git: Use quote from shlex, not pipes bitbake: gitsm: Add call_process_submodules() to remove duplicated code bitbake: gitsm: Remove downloads/tmpdir when failed bitbake: tests/fetch: Use our own mirror of mobile-broadband-provider to decouple from gnome gitlab bitbake: tests/fetch: Use our own mirror of sysprof to decouple from gnome gitlab bmap-tools: update HOMEPAGE and SRC_URI build-appliance-image: Update to kirkstone head revision cmake: Fix sporadic issues when determining compiler internals cracklib: Modify patch to compile with GCC 14 cve-check: add CVSS vector string to CVE database and reports cve-check: add support for cvss v4.0 cve_check: Use a local copy of the database during builds dev-manual: document how to provide confs from layer.conf documentation: Makefile: add SPHINXLINTDOCS to specify subset to sphinx-lint documentation: Makefile: fix epub and latexpdf targets documentation: README: add instruction to run Vale on a subset documentation: brief-yoctoprojectqs: update BB_HASHSERVE_UPSTREAM for new infrastructure documentation: conf.py: add a bitbake_git extlink documentation: rename :cve: role to :cve_nist: documentation: styles: vocabularies: Yocto: add sstate documnetation: contributor-guide: Remove duplicated words gcc: restore a patch for Neoverse N2 core glib-2.0: patch regression of CVE-2023-32665 kmscube: create_framebuffer: backport modifier fix libffi: backport a fix to build libffi-native with gcc-14 linux-firmware: Upgrade to 20240909 local.conf.sample: update BB_HASHSERVE_UPSTREAM for new infrastructure migration-guide: add release notes for 4.0.22 migration-guide: release-notes-4.0: update BB_HASHSERVE_UPSTREAM for new infrastructure nativesdk-intercept: Fix bad intercept chgrp/chown logic orc: Upgrade to 0.4.40 overlayfs-etc: add option to skip creation of mount dirs overview-manual: concepts: add details on package splitting package: Switch debug source handling to use prefix map patch.py: Use shlex instead of deprecated pipe poky.conf: bump version for 4.0.23 pseudo: Disable LFS on 32bit arches pseudo: Fix envp bug and add posix_spawn wrapper pseudo: Fix to work with glibc 2.40 pseudo: Switch back to the master branch pseudo: Update to include logic fix pseudo: Update to include open symlink handling bugfix pseudo: Update to pull in fchmodat fix pseudo: Update to pull in fd leak fix pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept pseudo: Update to pull in linux-libc-headers race fix pseudo: Update to pull in python 3.12+ fix pseudo: Update to pull in syncfs probe fix ref-manual: add description for the "sysroot" term ref-manual: add missing CVE_CHECK manifest variables ref-manual: add missing EXTERNAL_KERNEL_DEVICETREE variable ref-manual: add missing OPKGBUILDCMD variable ref-manual: devtool-reference: document missing commands ref-manual: devtool-reference: refresh example outputs ref-manual: introduce CVE_CHECK_REPORT_PATCHED variable ref-manual: release-process: add a reference to the doc's release ref-manual: release-process: refresh the current LTS releases ref-manual: release-process: update releases.svg ref-manual: release-process: update releases.svg with month after "Current" ref-manual: structure.rst: document missing tmp/ dirs ref-manual: variables: add SIGGEN_LOCKEDSIGS* variables syslinux: Disable error on implicit-function-declaration util-linux: Define pidfd_* function signatures vala: add -Wno-error=incompatible-pointer-types work around vim: Upgrade to 9.1.0764 xmlto: backport a patch to fix build with gcc-14 on host zip: Fix build with gcc-14 zip: Make configure checks to be more robust