[ANNOUNCEMENT] Yocto Project 3.3.2 (hardknott-25.0.2) is Released




We are pleased to announce the Yocto Project 3.3.2 (hardknott-25.0.2) Release is now available for download.





A gpg signed version of these release notes is available at:




Full Test Report:




Thank you for everyone's contributions to this release.


Vineela Tummalapalli,

Yocto Project Build and Release



- --------------------------

yocto-3.3.2 Release Notes

- --------------------------

- --------------------------


- --------------------------


Repository Name: poky

Repository Location: https://git.yoctoproject.org/git/poky

Branch: hardknott

Tag: yocto-3.3.2

Git Revision: 31c639eb8664059eb4ed711be9173c223b4cc940

Release Artefact: poky-hardknott-25.0.2

sha: 367049275bb85bac112aaa017a2c85eb292f61b0a54f4a93dcc3b4baf9ee4338

Download Locations:




Repository Name: openembedded-core

Repository Location: https://git.openembedded.org/openembedded-core

Branch: hardknott

Tag: 2021-04.2-hardknott

Git Revision: e458c15627e7b27392d158cbb9417f66424aa7d5

Release Artefact: oecore-hardknott-25.0.2

sha: 422a3d86a45d5b00e06e475330cf61ac33c15a51e8352331b5c344e4e4bb3f25

Download Locations:




Repository Name: meta-mingw

Repository Location: https://git.yoctoproject.org/git/meta-mingw

Branch: hardknott

Tag: yocto-3.3.2

Git Revision: 422b96cb2b6116442be1f40dfb5bd77447d1219e

Release Artefact: meta-mingw-hardknott-25.0.2

sha: 985ce3e81a1c2b93500714bfe0ec0c1f30b8f66f8ff349ffe617e1b9292ce80a

Download Locations:




Repository Name: meta-gplv2

Repository Location: https://git.yoctoproject.org/git/meta-gplv2

Branch: hardknott

Tag: yocto-3.3.2

Git Revision: 9e119f333cc8f53bd3cf64326f826dbc6ce3db0f

Release Artefact: meta-gplv2-hardknott-25.0.2

sha: 817c412acc13c929dfcc36818d81e1f2d42ae4ce65548724921a011a8643fd03

Download Locations:




Repository Name: bitbake

Repository Location: https://git.openembedded.org/bitbake

Branch: 1.50

Tag: 2021-04.2-hardknott

Git Revision: 731fb52eb03338c0bdb2a2256c22c64c22bcbace

Release Artefact: bitbake-hardknott-25.0.2

sha: 9504b632da89d28400847f5255a12444016ab5e77dd156701e0b7573a7aaba3e

Download Locations:




epository Name: yocto-docs

Repository Location: https://git.yoctoproject.org/git/yocto-docs

Branch: hardknott

Tag: yocto-3.3.2

Git Revision: dae6a0209d69c267d3cbace6589b0ac73e06abce


- ---------------


- ---------------

Alejandro Hernandez Samaniego

Alexander Kanavin

Andrea Adami

Andrej Valek

Anuj Mittal

Asfak Rahman

Bastian Krause

Bruce Ashfield

Changqing Li

Daniel McGregor

Florian Amstutz

Guillaume Champagne

Harald Brinkmann

Jain Sangeeta


Joshua Watt

Kai Kang

Khairul Rohaizzat Jamaluddin

Khem Raj

Marek Vasut

Michael Halstead

Michael Ho

Ming Liu

Mingli Yu

Nicolas Dechesne

Nikolay Papenkov

Peter Kjellerstedt

Richard Purdie

Robert P. J. Day

Ross Burton

Sakib Sajal

Scott Weaver

Stefan Ghinea

Stephen Jolley

Steve Sakoman

Tony Tascioglu

Trevor Gamblin

Vinay Kumar

Wadim Egorov


Yi Zhao




- ---------------

Known Issues

- ---------------

Bug 14388 - AB-INT PTEST: valgrind failed helgrind/tests/hg05_race2



- ---------------

Security Fixes

- ---------------

curl: Fix CVE-2021-22897

curl: Fix CVE-2021-22898

binutils: Fix CVE-2021-20197

rxvt-unicode: fix CVE-2021-33477

libconvert-asn1-perl: fix CVE-2013-7488

avahi: apply fix for CVE-2021-3468

libx11: fix CVE-2021-31535

curl: cleanup CVE patches for hardknott

expat: set CVE_PRODUCT

curl: fix CVE-2021-22876

curl: fix CVE-2021-22890

qemu: Exclude CVE-2020-3550[4/5/6] from cve-check

xinetd: Exclude CVE-2013-4342 from cve-check

cve-extra-exclusions.inc: add exclusion list for intractable CVE's

grub: Exclude CVE-2019-14865 from cve-check

grub2: Add CVE whitelist entries for issues fixed in 2.06

libxml2: Fix CVE-2021-3541

libxml2: Fix CVE-2021-3518

libxml2: fix CVE-2021-3537

libxml2: fix CVE-2021-3516

libxml2: fix CVE-2021-3517

cups: whitelist CVE-2021-25317

avahi: Exclude CVE-2021-26720 from cve-check

librsvg: Exclude CVE-2018-1000041 from cve-check

coreutils: Exclude CVE-2016-2781 from cve-check

tiff: Exclude CVE-2015-7313 from cve-check

bluez: Exclude CVE-2020-12352 CVE-2020-24490 from cve-check

ghostscript: Exclude CVE-2013-6629 from cve-check

cpio: Exclude CVE-2010-4226 from cve-check

unzip: Exclude CVE-2008-0888 from cve-check

openssh: Exclude CVE-2008-3844 from cve-check

openssh: Exclude CVE-2007-2768 from cve-check

logrotate: Exclude CVE-2011-1548,1549,1550 from cve-check

jquery: Exclude CVE-2007-2379 from cve-check

qemu: Exclude CVE-2018-18438 from cve-check

qemu: Exclude CVE-2007-0998 from cve-check

qemu: Exclude CVE-2017-5957 from cve-check

builder: whitelist CVE-2008-4178 (a different builder)

libnotify: whitelist CVE-2013-7381 (specific to the NodeJS bindings)

glibc: Document and whitelist CVE-2019-1010022-25



- ---------------


- ---------------

bitbake: data_smart: Allow colon in variable expansion regex

bitbake: data_smart/parse: Allow ':' characters in variable/function names

poky.conf: bump version for 3.3.2 hardknott release

documentation: prepare for 3.3.2 release

xserver-xorg: Fix builds without glx

busybox: add tmpdir option into mktemp applet

kernel-devsrc: fix scripts prepare for powerpc

kernel-devsrc: fix scripts/prepare for ARM64

dwarfsrcfiles: Avoid races over debug-link files

oeqa/selftest/multiprocesslauch: Fix test race

go: upgrade 1.16.4 -> 1.16.5

go: upgrade 1.16.3 -> 1.16.4

linux-yocto-dev: base AUTOREV on specified version

boost-build-native: workaround one rarely hang problem on fedora34

glibc-testsuite: Fix build failures when directly running recipe

runqemu: Remove potential lock races around tap device handling

perl: correct libpth and glibpth

busybox: upgrade 1.33.0 -> 1.33.1

linux-firmware: Package RSI 911x WiFi firmware

linux-yocto/5.10: scsi-debug needs scsi-disk

linux-yocto/5.4: update to v5.4.129

linux-yocto/5.10: update to v5.10.47

openssh: Remove temporary keys before generating new ones

oeqa/selftest/archiver: Allow tests to ignore empty directories

devtool: deploy-target: Fix preserving attributes when using --strip

sstate/staging: Handle directory creation race issue

oeqa/selftest/runcmd: Tweal test timeouts

bitbake: fetch2: add check for empty SRC_URI hash string

bitbake: fetch/svn: Fix parsing revision of SVN repos with redirects

bsps/5.10: update to v5.10.43

lttng-modules: update to v2.12.6

kernel-devsrc: adjust NM and OBJTOOL variables for target

kern-tools: Kconfiglib: add support for bare 'modules' keyword

kern-tools: add dropped options to audit output

curl: fix build when proxy is not enabled in PACKAGECONFIG

libgcrypt: upgrade 1.9.2 -> 1.9.3

kernel-devicetree: Fix interaction when packaging disabled

sstate.bbclass: fix errors about read-only sstate mirrors

Use the label provided when formating a dos partition

linux-yocto/5.10: rcu: Fix stall-warning deadlock due to non-release of rcu_node ->lock

linux-yocto/5.4: update to v5.4.128

linux-yocto/5.10: features/nft_tables: refresh config options

linux-yocto/5.10: update to v5.10.46

kernel: Fix interaction when packaging disabled

selftest/fetch: Avoid occasional selftest failure from poor temp file name choice

ifupdown: Skip wrong test item

package_pkgdata: Avoid task hash mismatches for generic task changes

devtool upgrade: rebase override-only patches as well

uboot-sign.bbclass: fix some install commands

linux-yocto/5.10: cgroup1: fix leaked context root causing sporadic NULL deref in LTP

linux-yocto/5.10: update to v5.10.43

linux-yocto/5.10: update to v5.10.42

kernel.bbclass: fix do_sizecheck() comparison

perf: Use python3targetconfig to ensure we use target libraries

valgrind: Actually install list of non-deterministic ptests

valgrind: remove buggy ptest from arm64

linuxloader: Be aware of riscv32 ldso

linux-yocto/5.4: update to v5.4.125

lttng-tools: upgrade 2.12.3 -> 2.12.4

linux-yocto/5.4: update to v5.4.124

native.bbclass: Do not remove "-native" in the middle of recipe names

util-linux.inc: Do not modify BPN

linux-firmware: upgrade 20210315 -> 20210511

image-live.bbclass: order do_bootimg after do_rootfs

linux-yocto/5.4: update to v5.4.123

linux-yocto/5.10: update to v5.10.41

linux-yocto/5.4: update to v5.4.120

linux-yocto/5.10: update to v5.10.38

linux-yocto/5.4: update to v5.4.119

linux-yocto/5.10: update to v5.10.37

linux-yocto/5.4: update to v5.4.118

linux-yocto/5.10: update to v5.10.36

linux-yocto/5.10: ktypes/standard: disable obsolete crypto options by default

linux-yocto/5.4: update to v5.4.117

linux-yocto/5.10: update to v5.10.35

classes/reproducible_build: Use atomic rename for SDE file

valgrind: Improve non-deterministic ptest reliability

valgrind: fix a typo

python3: upgrade 3.9.4 -> 3.9.5

oeqa/runtime/rpm: Drop log message counting test component

package_rpm: pass XZ_THREADS to rpm

pkgconfig: update SRC_URI

flex: correct license information

bind: upgrade 9.16.15 -> 9.16.16

bind: upgrade 9.16.13 -> 9.16.15

bind: upgrade 9.16.12 -> 9.16.13

lib/oe/gpg_sign.py: Fix gpg verification

sstate: Ignore sstate signing key

boost: fix do_fetch failure

baremetal-image: Fix post process command rootfs_update_timestamp

ltp: Disable problematic tests causing autobuilder hangs

ccache: add packageconfig docs option

sstate: Handle manifest 'corruption' issue

glibc: Add 8GB VM usage cap for usermode test suite

uninative: Upgrade to 3.2 (gcc11 support)

meta/lib/oe/rootfs.py: Fix typo "Restoreing" -> "Restoring"

image.bbclass: fix comment "pacackages" -> "packages"

bitbake: server/process: Handle error in heartbeat funciton in OOM case

bitbake: fetch2/wget: when checking latest versions, consider all numerical directories