[ANNOUNCEMENT] Yocto Project 2.6.4 (thud 20.0.4) Released


Vineela
 

Hello,

We are pleased to announce the Yocto Project 2.6.4 (thud-20.0.4) Release is now available for download.

http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/poky-thud-20.0.4.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-2.6.4/poky-thud-20.0.4.tar.bz2

A gpg signed version of these release notes is available at:

http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/RELEASENOTES

Full Test Report:

http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/testreport.txt

Thank you for everyone's contributions to this release.

Note: Yocto Project has updated the expiration date on the release signing key.
Please import https://downloads.yoctoproject.org/releases/yocto/keys/yocto-release-key.asc to verify RELEASENOTES and git tags.

Sincerely,

Vineela Tummalapalli
Yocto Project Build and Release
vineela.tummalapalli@intel.com


- -------------------------
yocto-2.6.4 Release Notes
- -------------------------

- -----------------------
Repositories/Downloads
- -----------------------

Repository Name: poky
Repository Location: https://git.yoctoproject.org/git/poky
Branch: thud
Tag: yocto-2.6.4
Git revision: 51f6145f8f99a02df1dad937684f014b0172e72a
Release Artefact: poky-thud-20.0.4
md5: 9859b2ac90ced909bdd7293125295348
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/poky-thud-20.0.4.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-2.6.4/poky-thud-20.0.4.tar.bz2

Repository Name: openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: thud
Tag: yocto-2.6.4
Git revision: cd7cf933b3235560ec71576d8f3836dff736a39f
Release Artefact: oecore-thud-20.0.4
md5: a2f1d7fa021ca3d37c5c3a65ea27b2d7
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/oecore-thud-20.0.4.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-2.6.4/oecore-thud-20.0.4.tar.bz2

Repository Name: meta-mingw
Repository Location: https://git.yoctoproject.org/git/meta-mingw
Branch: thud
Tag: yocto-2.6.4
Git revision: 6556cde16fbdf42c7edae89bb186e5ae4982eff5
Release Artefact: meta-mingw-thud-20.0.4
md5: 8e20b388086db80a1420cfa5be5f5573
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/meta-mingw-thud-20.0.4.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-2.6.4/meta-mingw-thud-20.0.4.tar.bz2

Repository Name: meta-intel
Repository Location: https://git.yoctoproject.org/git/meta-intel
Branch: thud
Tag: yocto-2.6.4
Git revision: c200851435f39acd2fe4abbf7a05fbf617833964
Release Artefact: meta-intel-thud-20.0.4
md5: 4696150e7676a926baf0975e252f0964
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/meta-intel-thud-20.0.4.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-2.6.4/meta-intel-thud-20.0.4.tar.bz2

Repository Name: meta-gplv2
Repository Location: https://git.yoctoproject.org/git/meta-gplv2
Branch: thud
Tag: yocto-2.6.4
Git revision: aabc30f3bd03f97326fb8596910b94639fea7575
Release Artefact: meta-gplv2-thud-20.0.4
md5: 478bd5348e9b64fde6df18a82f691fd3
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-2.6.4/meta-gplv2-thud-20.0.4.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-2.6.4/meta-gplv2-thud-20.0.4.tar.bz2

- ---------------
Known Issues
- ---------------
Bug 13273 - Systemtap doesn't work on beaglebone
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13273

- ---------------
Security Fixes
- ---------------
curl: Security fix for CVE-2019-5482
libsolv: Security fix for CVEs: <CVE-2018-20532, CVE-2018-20533, CVE-2018-20534>
gnutls: Fix CVE-2019-3829 and CVE-2019-3836
glibc: Security fix for cve <CVE-2019-6488, CVE-2019-7309>
wget: Security fixes CVE-2018-20483
sqlite3: Security fix for CVE-2019-8457
perl: Fix CVE-2018-18311 to 18314
unzip: fix CVE-2019-13232
elfutils: CVE fix for elfutils
qemu: Fix 4 CVEs
pango: fix CVE-2019-1010238
patch: fix CVE-2019-13638
libxslt: fix CVE-2019-13117 CVE-2019-13118
libxslt: Cve fix CVE-2019-11068
python3: Fix CVEs
python: Fix 3 CVEs
binutils: Fix 4 CVEs
binutils: Security fix for CVE-2019-12972
binutils: Security fix for CVE-2019-14444
gcc: Security fix for CVE-2019-14250
libcomps: fix CVE-2019-3817
glib-2.0: fix CVE-2019-13012
dbus: fix CVE-2019-12749
curl: fix CVE-2018-16890 CVE-2019-3822 CVE-2019-3823
python3: fix CVE-2019-9740
patch: fix CVE-2019-13636


- ---------------
Fixes
- ---------------
build-appliance-image: Update to thud head revision
Revert "OpkgPM: use --add-ignore-recommends to process BAD_RECOMMENDATIONS"
build-appliance-image: Update to thud head revision
poky.conf: Bump version for 2.6.4 thud release
kernel-devsrc: check for localversion files in the kernel source tree
arch-arm64.inc: Lower the priority of aarch64 in MACHINEOVERRIDES
kernel.bbclass: fix installation of modules signing certificates
bitbake: cookerdata: Add mc conffiles hashes to cache hash
uninative: Update to 2.7 release
gnupg: Do not apply -Woverride-init guard for gcc >= 9
libgpg-error: Fix build with gawk 5.x
qemu: fix build issue on new hosts with glibc 2.30
json-c: Don't --enable-rdrand
oeqa/selftest/context: ensure log directory exists
linux-yocto/4.14: update to v4.14.143
patch: backport fixes
dhcp: Replace OE specific patch for compatibility with latest bind with upstream patch
dhcp: drop lost patch
dhcp: fix issue with new bind changes
go: update to 1.11.13, minor updates
bind: upgrade 9.11.5 -> 9.11.5-P4
bind: update to latest LTS 9.11.5
qemu: add a patch fixing the native build on newer kernels
buildhistory: call a dependency parser only on actual dependency lists
bitbake: tests/fetch: Resolve fetch error in bitbake-selftest
YP Docs: Set up the August 2019 date for 2.6.3 release.
bitbake: fetch2: show warning when renaming the archive with bad checksum failed
bitbake: utils: Fix movefile() exception handling with python3