[ANNOUNCEMENT] Yocto Project 1.6.2 (daisy) now available.
|
Flanagan, Elizabeth <elizabeth.flanagan@...>
All,
We are pleased to release the second point release for the Yocto Project's "daisy" release. This release has fixes for 25 CVEs including CVE-2014-3566. Several fixes for CVE-2014-3566 (the SSL Poodle vulnerability) have been applied to OpenSSL in this release; however, due to the nature of the vulnerability you will need to ensure that SSL 3.0 support is either disabled, or alternatively that TLS_FALLBACK_SCSV is implemented in both clients and servers that use TLS/SSL. For more information, check with the upstream provider of TLS/SSL client / server software that you are using. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566 https://www.us-cert.gov/ncas/alerts/TA14-290A Downloads are available at: http://downloads.yoctoproject.org/releases/yocto/yocto-1.6.2/poky-daisy-11.0.2.tar.bz2 Release Name: poky-daisy-11.0.2 Branch: daisy Tag: daisy-11.0.2 Hash: e3dd621197548b4cf64988e757e9bc926082db73 md5sum: d0fec76994622bf668ce13779ac73f43 download: http://downloads.yoctoproject.org/releases/yocto/yocto-1.6.2/poky-daisy-11.0.2.tar.bz2 Release Name: meta-qt3-daisy-11.0.2 Branch: daisy Tag: daisy-11.0.2 Hash: 3016129d90b7ac8517a5227d819f10ad417b5b45 md5sum: 139394eca6575b9ab31d2f79f7830f2a download: http://downloads.yoctoproject.org/releases/yocto/yocto-1.6.2/meta-qt3-daisy-11.0.2.tar.bz2 Release Name: eclipse-poky-juno-daisy-11.0.2 Branch: daisy Tag: daisy-11.0.2 Hash: 26bfc407781aa185f244a47ba63120343cee4a37 md5sum: bce7d1644d6bf4ea528db9a511124bba download: http://downloads.yoctoproject.org/releases/yocto/yocto-1.6.2/eclipse-poky-juno-daisy-11.0.2.tar.bz2 Release Name: eclipse-poky-kepler-daisy-11.0.2 Branch: daisy Tag: daisy-11.0.2 Hash: 932891014ea068e196fcf1f9efedb8a672fb81a0 md5sum: f85546bfd1da67d72c0b743780146220 download: http://downloads.yoctoproject.org/releases/yocto/yocto-1.6.2/eclipse-poky-kepler-daisy-11.0.2.tar.bz2 Bug Fixes --------- adt-installer: fix sed input file error bash: Fix for exported function namespace change binutils: Add fix for recent patch on older gcc binutils: Apply the proper fix for PR 16428 bitbake: codeparser: don't interact with the cache for subshells bitbake: codeparser: Fix to better catch all getVar references build-appliance-image: Update to daisy head revision build-appliance-image: Update to daisy head revision cairo: explicitly disable LTO support by backporting patch which removes it crosssdk: Clear MACHINEOVERRIDES dev-manual: Updated the "Making Images More Secure" section. documentation: Added "November 2014" to manual history lists. documentation: Updated manual history tables to support 1.6.2 kernel: don't copy .so.dbg files into kernel source install kernelshark: Remove trace-cmd from the kernelshark package layer.conf: Add in useradd dependencies as ABISAFE dependencies layer.conf: Mark opkg-utils as ABISAFE for update-alternatives usage libarchive: avoid dependency on e2fsprogs libxml2: fix python packaging for nativesdk ltp: Added zip-native as a DEPENDS lttng-modules: Update to version 2.4.2 mega-manual.sed: Updates to support links to BB manual native/nativesdk: Clear MACHINEOVERRIDES openssh: avoid screen sessions being killed on disconnect with systemd openssl: upgrade to 1.0.1j openssl: Upgrade to 1.0.1j perf: add slang to the dependencies perf: explicitly disable libunwind perf: fix broken shell comparsion in do_install perf: split packging poky.conf: Bump DISTRO_VERISON for 1.6.2 poky-ent: Updated the YOCTO_RELEASE_NOTES variable. poky.ent: Updated variables to support a 1.6.2 release. populate_sdk_base: Fix grep command usage on old hosts populate_sdk_deb: Fix non x86_64 SDK builds profile-manual: Updates to the LTTng Documentation section. pseudo*.bb: update to pseudo 1.6.2 pseudo.inc: Clean up backport of version update to 1.6.2 python: force off_t size to 8 to enable large file support qemu: Explicitly disable libiscsi, its not in DEPENDS qt4: Fix Qt 4.8.5 source to new location readline: Patch for readline multikey dispatch issue ref-manual: Updated note in the "CentOS Packages" section. ref-manual, yocto-project-qs: Fixed some references to BitBake Manual. shadow-securetty: add freescale lpuart udev-cache.default: set PROBE_PLATFORM_BUS to "yes" by default udev: update init script for conditional probing of platform bus update-rc.d/systemd: Remove OVERRIDES dependency useradd-staticids.bbclass: Fix for Bug 6633 wic: Fix bad directory name in bootimg-efi wic: Remove fstype from mkefidisk canned wks Security Fixes -------------- bash: Fix CVE-2014-6271 bash: Fix CVE-2014-7169 bash: Fix for CVE-2014-6277 bash: Fix-for-CVE-2014-6278 bash: Fix for CVE-2014-7186 and CVE-2014-7187 curl: Security Advisory - curl - CVE-2014-3613 curl: Security Advisory - curl - CVE-2014-3620 dpkg: Security Advisory - CVE-2014-0471 dpkg: Security Advisory - CVE-2014-3127 eglibc: CVE-2014-5119 fix gnupg: CVE-2013-4242 gst-ffmpeg: Add CVE patches gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-0869 gst-ffmpeg: Security Advisory - ffmpeg - CVE-2013-4358 libpam: Security Advisory - CVE-2014-2583 libtiff: fix CVE-2013-1961 libtiff: Security Advisory - CVE-2012-4564 nspr: Fix for CVE-2014-1545 nss-3.15.1: fix CVE-2013-1739 nss: CVE-2013-5606 nss: CVE-2014-1544 perl: fix for CVE-2010-4777 pulseaudio: fix CVE-2014-3970 readline: Security Advisory - readline - CVE-2014-2524 wget: Fix for CVE-2014-4887 -- Elizabeth Flanagan Yocto Project Build and Release |
|
|