[ANNOUNCEMENT] Yocto Project 3.1.18 (dunfell-23.0.18) is Released
Hello
We are pleased to announce the Yocto Project 3.1.18 (dunfell-23.0.18) Release is now available for download.
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/poky-dunfell-23.0.18.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.1.18/poky-dunfell-23.0.18.tar.bz2
A gpg signed version of these release notes is available at:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/RELEASENOTES
Full Test Report:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/testreport.txt
Thank you for everyone's contributions to this release.
Chee Yang Lee chee.yang.lee@...
Yocto Project Build and Release
- --------------------------
yocto-3.1.18 Release Notes
- --------------------------
- --------------------------
Repositories/Downloads
- --------------------------
Repository Name: poky
Repository Location: https://git.yoctoproject.org/git/poky
Branch: dunfell
Tag: yocto-3.1.18
Git Revision: d695bd0d3dc66f2111a25c6922f617be2d991071
Release Artefact: poky-dunfell-23.0.18
sha: c83e55427d7f0f05f87d8da9c5ce97e3b3a1eb5c1c8cf3920bcade97ca9ab7e0
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/poky-dunfell-23.0.18.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.1.18/poky-dunfell-23.0.18.tar.bz2
Repository Name: openembedded-core
Repository Location: https://git.openembedded.org/openembedded-core
Branch: dunfell
Tag: yocto-3.1.18
Git Revision: 3f40d5f095ceb099b604750db96058df00fcd49e
Release Artefact: oecore-dunfell-23.0.18
sha: f0e09a67a6da10b8abfa743541f20fd53bd7374531499912f22e101c19ada0eb
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/oecore-dunfell-23.0.18.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.1.18/oecore-dunfell-23.0.18.tar.bz2
Repository Name: meta-mingw
Repository Location: https://git.yoctoproject.org/git/meta-mingw
Branch: dunfell
Tag: yocto-3.1.18
Git Revision: 524de686205b5d6736661d4532f5f98fee8589b7
Release Artefact: meta-mingw-dunfell-23.0.18
sha: d5c020953dd61fe93d2dfec469c269553bf39b64173eaa410d2aca362f915933
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/meta-mingw-dunfell-23.0.18.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.1.18/meta-mingw-dunfell-23.0.18.tar.bz2
Repository Name: meta-gplv2
Repository Location: https://git.yoctoproject.org/git/meta-gplv2
Branch: dunfell
Tag: yocto-3.1.18
Git Revision: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac
Release Artefact: meta-gplv2-dunfell-23.0.18
sha: f89e80e64b646ca84a73b1a8377f808c99c747f7ba682a269bfb502de5775194
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/meta-gplv2-dunfell-23.0.18.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.1.18/meta-gplv2-dunfell-23.0.18.tar.bz2
Repository Name: bitbake
Repository Location: https://git.openembedded.org/bitbake
Branch: dunfell
Tag: yocto-3.1.18
Git Revision: 7fc4cffebf5dcc1d050416c0b7f7d58c765c1d69
Release Artefact: bitbake-dunfell-23.0.18
sha: 0cc901eedbb2fec1208383e8fee3a5fc9935a67171926517eef1c69f7da6eb02
Download Locations:
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.18/bitbake-dunfell-23.0.18.tar.bz2
http://mirrors.kernel.org/yocto/yocto/yocto-3.1.18/bitbake-dunfell-23.0.18.tar.bz2
Repository Name: yocto-docs
Repository Location: https://git.yoctoproject.org/git/yocto-docs
Branch: dunfell
Tag: yocto-3.1.18
Git Revision: 882810d294762a6340909b59736acc660c4eaf5c
- ---------------
Known Issues
- ---------------
N/A
- ---------------
Security Fixes
- ---------------
grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow unprivileged user to read the file content
unzip: Port debian fixes for CVE-2022-0529 and CVE-2022-0530
unzip: Fix CVE-2021-4217
golang: Fix CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse when reading a very large header
golang: Fix CVE-2022-24675 encoding/pem: fix stack overflow in Decode
golang: Fix CVE-2021-44717 syscall: don't close fd 0 on ForkExec error
python-pip: Fix CVE-2021-3572 Incorrect handling of unicode separators in git references
openssh: Whitelist CVE-2021-36368
cups: Fix CVE-2022-26691
curl: Fix CVE-2022-27774, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32207, and CVE-2022-32208
libxslt: Mark CVE-2022-29824 as not applying
libxslt: Fix CVE-2021-30560
pcre2: Fix CVE-2022-1587 Out-of-bounds read
e2fsprogs: Fix CVE-2022-1304 out-of-bounds read/write via crafted filesystem
- ---------------
Fixes
- ---------------
IMAGE_LOCALES_ARCHIVE: add option to prevent locale archive creation
alsa-plugins: fix libavtp vs. avtp packageconfig
archiver: don't use machine variables in shared recipes
archiver: use bb.note instead of echo
bitbake: bin/bitbake-getvar: Add a new command to query a variable value (with history)
bitbake: fetch/git: Fix usehead for non-default names
bitbake: fetch/wget: Move files into place atomically
bitbake: knotty: display active tasks when printing keepAlive() message
bitbake: knotty: reduce keep-alive timeout from 5000s (83 minutes) to 10 minutes
bitbake: tinfoil/data_smart: Allow variable history emit() to function remotely
build-appliance-image: Update to dunfell head revision
classes/cve-check: Move get_patches_cves to library
curl: Fix CVE_CHECK_WHITELIST typo
cve-check: add coverage statistics on recipes with/without CVEs
cve-check: add support for Ignored CVEs
cve-check: hook cleanup to the BuildCompleted event, not CookerExit
cve-check: move update_symlinks to a library
cve-check: write empty fragment files in the text mode
cve-extra-exclusions.inc: Use CVE_CHECK_WHITELIST
cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
cve-update-db-native: make it possible to disable database updates
documentation: update for 3.1.18 release
dpkg: update to 1.19.8
dropbear: break dependency on base package for -dev package
e2fsprogs: add alternatives handling of lsattr as well
efivar: change branch name to main
gcc-source: Fix incorrect task dependencies from ${B}
initramfs-framework: move storage mounts to actual rootfs
insane.bbclass: host-user-contaminated: Correct per package home path
kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
license.bbclass: Bound beginline and endline in copy_license_files()
linux-firmware: add support for building snapshots
linux-firmware: upgrade 20220509 -> 20220610
linux-yocto-rt/5.4: fixup -rt build breakage
linux-yocto/5.4: update to v5.4.205
local.conf.sample: Update sstate url to new 'all' path
lttng-modules: Backport Linux 5.18+, 5.15.44+, 5.10.119+ fixes
manuals: switch to the sstate mirror shared between all versions
oe-selftest-image: Ensure the image has sftp as well as dropbear
oeqa/runtime/scp: Disable scp test for dropbear
oeqa/selftest/cve_check: add tests for Ignored and partial reports
oescripts: change compare logic in OEListPackageconfigTests
openssh: break dependency on base package for -dev package
openssl: update fix for ptest certificate expiration
openssl: update the epoch time for ct_test ptest
openssl: upgrade to 1.1.1q
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
poky.conf: bump version for 3.1.18 release
qemu: add PACKAGECONFIG for capstone
ref-manual: Add XZ_THREADS and XZ_MEMLIMIT
ref-manual: variables: remove sphinx directive from literal block
rootfs.py: close kernel_abi_ver_file
systemd: systemd-systemctl: Support instance conf files during enable
vim: upgrade to 9.0.0021
wic: fix WicError message
wireless-regdb: upgrade 2022.04.08 -> 2022.06.06