[ANNOUNCEMENT] Yocto Project 3.1.15 (dunfell-23.0.15) is Released

Lee Chee Yang


We are pleased to announce the Yocto Project 3.1.15 (dunfell-23.0.15) Release is now available for download.





A gpg signed version of these release notes is available at:




Full Test Report:




Thank you for everyone's contributions to this release.


Chee Yang Lee chee.yang.lee@...

Yocto Project Build and Release


- --------------------------

yocto-3.1.15 Release Notes

- --------------------------



- --------------------------


- --------------------------


Repository Name: poky

Repository Location: https://git.yoctoproject.org/git/poky

Branch: dunfell

Tag: yocto-3.1.15

Git Revision: b41d4e46d30ed32e11d68466721a0f4056bad700

Release Artefact: poky-dunfell-23.0.15

sha: 23159261eda1f927d22a79e6c45cfac757f232215680e3ca4d24320eb49fe1d1

Download Locations:




Repository Name: openembedded-core

Repository Location: https://git.openembedded.org/openembedded-core

Branch: dunfell

Tag: yocto-3.1.15

Git Revision: 8906aa9ec0a80b0f8998fb793f4e9491b3179179

Release Artefact: oecore-dunfell-23.0.15

sha: 7cd1cf62649cec885b3ccafb8ffe980def7b4c78db7fa4309674926f960bd0e0

Download Locations:




Repository Name: meta-mingw

Repository Location: https://git.yoctoproject.org/git/meta-mingw

Branch: dunfell

Tag: yocto-3.1.15

Git Revision: 524de686205b5d6736661d4532f5f98fee8589b7

Release Artefact: meta-mingw-dunfell-23.0.15

sha: 0229d0fad2049100e90ec8b88981a08187ff976f7d16fee579786427e5035a91

Download Locations:





Repository Name: meta-gplv2

Repository Location: https://git.yoctoproject.org/git/meta-gplv2

Branch: dunfell

Tag: yocto-3.1.15

Git Revision: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac

Release Artefact: meta-gplv2-dunfell-23.0.15

sha: 61ccc7be0d74ecf83a4589e16fd00f6167e3ebb901dbd5a261c925608b650fb6

Download Locations:




Repository Name: bitbake

Repository Location: https://git.openembedded.org/bitbake

Branch: dunfell

Tag: yocto-3.1.15

Git Revision: d22cc1e587c650fd5f90cda32f5720f8a3105aac

Release Artefact: bitbake-dunfell-23.0.15

sha: 5660e5d241209833084f4ad3aa6b6e3f73f0782b765f4cc1e5263d63d7363af8

Download Locations:




Repository Name: yocto-docs

Repository Location: https://git.yoctoproject.org/git/yocto-docs

Branch: dunfell

Tag: yocto-3.1.15

Git Revision: 14e7f0c3d8b482e11e9df18364b39019779a619c



- ---------------

Known Issues

- ---------------




- ---------------

Security Fixes

- ---------------

binutils: Fix CVE-2021-45078

connman: fix CVE-2021-33833

connman: fix CVE-2022-23096-7

connman: fix CVE-2022-23098

expat: fix CVE-2022-23852

expat: fix CVE-2022-23990

expat: fix CVE-2022-25235

expat: fix CVE-2022-25236

expat: fix CVE-2022-25313

expat: fix CVE-2022-25314

expat: fix CVE-2022-25315

ghostscript: fix CVE-2021-45949

go: fix CVE-2022-23772

go: fix CVE-2022-23806

grub: add a fix for CVE-2020-25632

grub: add a fix for CVE-2020-25647

libarchive: Fix for CVE-2021-36976

lighttpd: backport a fix for CVE-2022-22707

openssl: Add fix for CVE-2021-4160

systemd: Fix CVE-2021-3997

tiff: fix CVE-2022-0561 and CVE-2022-0562

tiff: fix for CVE-2022-22844

util-linux: Fix for CVE-2021-3995 and CVE-2021-3996

wpa-supplicant: fix CVE-2022-23303-4



- ---------------


- ---------------

Revert "cve-check: add lockfile to task"

asciidoc: update git repository

bind: update to 9.11.36

binutils: Backport Include members in the variable table used when resolving DW_AT_specification tags.

bitbake: tests/fetch: Handle upstream master -> main branch change

bootchart2: Add missing python3-math dependency

buildhistory.bbclass: create the buildhistory directory when needed

cmake: remove bogus CMAKE_LDFLAGS_FLAGS definition from toolchain file

cml1.bbclass: Handle ncurses-native being available via pkg-config

common-licenses: add Spencer-94

cve-check: get_cve_info should open the database read-only

coreutils: remove obsolete ignored CVE list

cve-check: create directory of CVE_CHECK_MANIFEST before copy

default-distrovars.inc: Switch connectivity check to a yoctoproject.org page

devtool: deploy-target: Remove stripped binaries in pseudo context

docs: fix hardcoded link warning messages

documentation: update for 3.1.14 release

e2fsprogs: Use specific BSD license variant

expat: add missing Upstream-status, CVE tag and sign-off to CVE-2021-46143.patch

freetype: add missing CVE tag CVE-2020-15999

glib-2.0: Use specific BSD license variant

glibc: update to lastest 2.31 release HEAD

grub: fixed several NULL pointer, integer overflow, memory leak and possible NULL dereference

grub: add a fix for a crash in scripts

grub: add a fix for a length check

grub: add a fix for a possible negative shift

grub: add a fix for a possible unintended sign extension

grub: add a fix for an incorrect cast

grub: add a fix for malformed device path handling

grub: add a fix for unnecessary assignements

grub: add a fix for unused variable in gnulib

grub: add a missing NULL check

grub: add structure initialization in zstd

grub: fix a dangling memory pointer

grub: fix an error check

grub: fix an unitialized re_token in gnulib

grub: fix an unitialized token in gnulib

grub: fix incorrect use of a negative value

grub: fix wrong handling of argc == 0

grub: remove dead code

grub: remove unneeded return value

grub: test for malformed jpeg files

libcap: Use specific BSD license variant

libusb1: correct SRC_URI

libxml-parser-perl: Add missing RDEPENDS

linux-firmware: Add CLM blob to linux-firmware-bcm4373 package

linux-firmware: upgrade 20211216 -> 20220209

linux-yocto/5.4: update to v5.4.178

linux-yocto: update genericx86* to v5.4.178

lsof: correct LICENSE

perf-tests: add bash into RDEPENDS (v5.12-rc5+)

poky.conf: Bump version for 3.1.15 release

poky.conf: update tested distros

puzzles: Upstream changed to main branch for development

recipetool: Fix circular reference in SRC_URI

ref-system-requirements.rst: update list of supported distros

releases: update to include 3.1.14

rpm: fix intermittent compression failure in do_package_write_rpm

ruby: 2.7.4 -> 2.7.5

ruby: correctly set native/target dependencies

ruby: fix DEPENDS append

sdk: fix search for dynamic loader

shadow-sysroot: sync license with shadow

shadow: Use specific BSD license variant

sstate: A third fix for for touching files inside pseudo

sstate: inside the threadedpool don't write to the shared localdata

systemd: Ensure uid/gid ranges are set deterministically

tzdata: Remove BSD License specifier

uninative: Add version to uninative tarball name

uninative: Upgrade to 3.5

vim: Update to 8.2.4524 for further CVE fixes

vim: do not report upstream version check as broken

vim: set PACKAGECONFIG idiomatically

wireless-regdb: upgrade 2021.08.28 -> 2022.02.18


Join {yocto-announce@lists.yoctoproject.org to automatically receive all group messages.