[ANNOUNCEMENT] Yocto Project 3.1.17 (dunfell-23.0.17) is Released


Lee Chee Yang
 

Hello

We are pleased to announce the Yocto Project 3.1.17 (dunfell-23.0.17) Release is now available for download.

 

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2

 

A gpg signed version of these release notes is available at:

 

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/RELEASENOTES

 

Full Test Report:

 

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/testreport.txt

 

Thank you for everyone's contributions to this release.

 

Chee Yang Lee <chee.yang.lee@...>

Yocto Project Build and Release

 

 

- --------------------------

yocto-3.1.17 Release Notes

- --------------------------

 

 

- --------------------------

Repositories/Downloads

- --------------------------

 

Repository Name: poky

Repository Location: https://git.yoctoproject.org/git/poky

Branch: dunfell

Tag: yocto-3.1.17

Git Revision: 1e298a42223dd2628288b372caf66c52506a8081

Release Artefact: poky-dunfell-23.0.17

sha: deef3a590ed7e36b362ba4f35fe59dd6386360756cf4635e7d1adef350053f27

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2

 

Repository Name: openembedded-core

Repository Location: https://git.openembedded.org/openembedded-core

Branch: dunfell

Tag: yocto-3.1.17

Git Revision: 4051d1a3aa5f70da96c381f9dea5f52cd9306939

Release Artefact: oecore-dunfell-23.0.17

sha: 71c768008842298d94c6769b105ed14033721286b20a0744f70c819242542dd5

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/oecore-dunfell-23.0.17.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/oecore-dunfell-23.0.17.tar.bz2

 

Repository Name: meta-mingw

Repository Location: https://git.yoctoproject.org/git/meta-mingw

Branch: dunfell

Tag: yocto-3.1.17

Git Revision: 524de686205b5d6736661d4532f5f98fee8589b7

Release Artefact: meta-mingw-dunfell-23.0.17

sha: a2ffb2bf5505707eb77a60e21bcf14b3182bb192e102a61f991a98ca20d9289f

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/meta-mingw-dunfell-23.0.17.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/meta-mingw-dunfell-23.0.17.tar.bz2

 

Repository Name: meta-gplv2

Repository Location: https://git.yoctoproject.org/git/meta-gplv2

Branch: dunfell

Tag: yocto-3.1.17

Git Revision: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac

Release Artefact: meta-gplv2-dunfell-23.0.17

sha: e3c0ceb64ae564f3dac6334e8d741bce62888c6c414701166cec0c0c30d805a6

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/meta-gplv2-dunfell-23.0.17.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/meta-gplv2-dunfell-23.0.17.tar.bz2

 

Repository Name: bitbake

Repository Location: https://git.openembedded.org/bitbake

Branch: dunfell

Tag: yocto-3.1.17

Git Revision: 0784db7dd0fef6f0621ad8d74372f44e87fef950

Release Artefact: bitbake-dunfell-23.0.17

sha: 0b70a8d48a9b7a71a9ed19f60f6250e3beff3b910b1a066515dc2356a8a99cfe

Download Locations:

http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/bitbake-dunfell-23.0.17.tar.bz2

http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/bitbake-dunfell-23.0.17.tar.bz2

 

Repository Name: yocto-docs

Repository Location: https://git.yoctoproject.org/git/yocto-docs

Branch: dunfell

Tag: yocto-3.1.17

Git Revision: 8dd19c901813263554ac2bc6bda2cf9a1c3c1e58

 

 

- ---------------

Known Issues

- ---------------

Openssl did have some ptest failures due to expired certificates in the tests themselves, this will be fixed in the next point release. openssl itself doesn't have any known issues.

 

 

- ---------------

Security Fixes

- ---------------

libxml2: Fix CVE-2022-29824 for libxml2

ncurses: Fix CVE-2022-29458

ffmpeg: Fix for CVE-2022-1475

libsdl2: Add fix for CVE-2021-33657

ruby: Whitelist CVE-2021-28966 as this affects Windows OS only

pcre2: CVE-2022-1586 Out-of-bounds read

freetype: Fix CVE-2022-27404 CVE-2022-27405 CVE-2022-27406

tiff: fix CVE-2022-0865 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924

curl: Fix CVE-2022-22576 CVE-2022-27775 CVE-2022-27776

busybox: fix CVE-2022-28391

libinput: Add fix for CVE-2022-1215

fribidi: Add fix for CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310

python3: ignore CVE-2015-20107

tiff: Fix CVE-2022-0891

 

 

- ---------------

Fixes

- ---------------

openssl: Backport fix for ptest cert expiry

poky.conf: bump version for 3.1.17 release

documentation: update for 3.1.17 release

cve-check: Allow warnings to be disabled

cve-check: Only include installed packages for rootfs manifest

cve-check: Add helper for symlink handling

cve-check.bbclass: Added do_populate_sdk[recrdeptask].

ruby: Upgrade ruby to 2.7.6 for security fix

oeqa/selftest/cve_check: add tests for recipe and image reports

mobile-broadband-provider-info: upgrade 20220315 -> 20220511

cve-check: Fix report generation

manuals: add missing space in appends

selftest: skip virgl test on alma 8.6

linux-firmware: upgrade 20220411 -> 20220509

linux-firmware: replace mkdir by install

openssl: Minor security upgrade 1.1.1n to 1.1.1o

vim: Upgrade to 8.2.5034

scripts/git: Ensure we don't have circular references

scripts: Make git intercept global

base: Avoid circular references to our own scripts

rootfs-postcommands: fix symlinks where link and output path are equal

volatile-binds: Change DefaultDependencies from false to no

cve-check: fix symlinks where link and output path are equal

cve-check: add JSON format to summary output

cve-update-db-native: let the user to drive the update interval

cve-check: no need to depend on the fetch task

linux-yocto/5.4: update to v5.4.192

uninative: Upgrade to 3.6 with gcc 12 support

neard: Switch SRC_URI to git repo

base: Drop git intercept

install/devshell: Introduce git intercept script due to fakeroot issues

cases/buildepoxy.py: fix typo

busybox: Use base_bindir instead of hardcoding /bin path

scripts/contrib/oe-build-perf-report-email.py: remove obsolete check for phantomjs and optipng

perf-build-test/report: Drop phantomjs and html email reports support

cve-check: add json format

cve-update-db-native: update the CVE database once a day only

linux-firmware: correct license for ar3k firmware

boost: don't specify gcc version

git: Use CVE_CHECK_WHITELIST instead of CVE_CHECK_IGNORE

 

 

 

Join yocto-announce@lists.yoctoproject.org to automatically receive all group messages.