[ANNOUNCEMENT] Yocto Project 3.1.18 (dunfell-23.0.18) is Released

Lee Chee Yang


We are pleased to announce the Yocto Project 3.1.18 (dunfell-23.0.18) Release is now available for download.




A gpg signed version of these release notes is available at:




Full Test Report:




Thank you for everyone's contributions to this release.


Chee Yang Lee chee.yang.lee@...

Yocto Project Build and Release

- --------------------------

yocto-3.1.18 Release Notes

- --------------------------



- --------------------------


- --------------------------


Repository Name: poky

Repository Location: https://git.yoctoproject.org/git/poky

Branch: dunfell

Tag: yocto-3.1.18

Git Revision: d695bd0d3dc66f2111a25c6922f617be2d991071

Release Artefact: poky-dunfell-23.0.18

sha: c83e55427d7f0f05f87d8da9c5ce97e3b3a1eb5c1c8cf3920bcade97ca9ab7e0

Download Locations:




Repository Name: openembedded-core

Repository Location: https://git.openembedded.org/openembedded-core

Branch: dunfell

Tag: yocto-3.1.18

Git Revision: 3f40d5f095ceb099b604750db96058df00fcd49e

Release Artefact: oecore-dunfell-23.0.18

sha: f0e09a67a6da10b8abfa743541f20fd53bd7374531499912f22e101c19ada0eb

Download Locations:




Repository Name: meta-mingw

Repository Location: https://git.yoctoproject.org/git/meta-mingw

Branch: dunfell

Tag: yocto-3.1.18

Git Revision: 524de686205b5d6736661d4532f5f98fee8589b7

Release Artefact: meta-mingw-dunfell-23.0.18

sha: d5c020953dd61fe93d2dfec469c269553bf39b64173eaa410d2aca362f915933

Download Locations:




Repository Name: meta-gplv2

Repository Location: https://git.yoctoproject.org/git/meta-gplv2

Branch: dunfell

Tag: yocto-3.1.18

Git Revision: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac

Release Artefact: meta-gplv2-dunfell-23.0.18

sha: f89e80e64b646ca84a73b1a8377f808c99c747f7ba682a269bfb502de5775194

Download Locations:




Repository Name: bitbake

Repository Location: https://git.openembedded.org/bitbake

Branch: dunfell

Tag: yocto-3.1.18

Git Revision: 7fc4cffebf5dcc1d050416c0b7f7d58c765c1d69

Release Artefact: bitbake-dunfell-23.0.18

sha: 0cc901eedbb2fec1208383e8fee3a5fc9935a67171926517eef1c69f7da6eb02

Download Locations:




Repository Name: yocto-docs

Repository Location: https://git.yoctoproject.org/git/yocto-docs

Branch: dunfell

Tag: yocto-3.1.18

Git Revision: 882810d294762a6340909b59736acc660c4eaf5c



- ---------------

Known Issues

- ---------------




- ---------------

Security Fixes

- ---------------

grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow unprivileged user to read the file content

unzip: Port debian fixes for CVE-2022-0529 and CVE-2022-0530

unzip: Fix CVE-2021-4217

golang: Fix CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse when reading a very large header

golang: Fix CVE-2022-24675 encoding/pem: fix stack overflow in Decode

golang: Fix CVE-2021-44717 syscall: don't close fd 0 on ForkExec error

python-pip: Fix CVE-2021-3572 Incorrect handling of unicode separators in git references

openssh: Whitelist CVE-2021-36368

cups: Fix CVE-2022-26691

curl: Fix CVE-2022-27774, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32207, and CVE-2022-32208

libxslt: Mark CVE-2022-29824 as not applying

libxslt: Fix CVE-2021-30560

pcre2: Fix CVE-2022-1587 Out-of-bounds read

e2fsprogs: Fix CVE-2022-1304 out-of-bounds read/write via crafted filesystem



- ---------------


- ---------------

IMAGE_LOCALES_ARCHIVE: add option to prevent locale archive creation

alsa-plugins: fix libavtp vs. avtp packageconfig

archiver: don't use machine variables in shared recipes

archiver: use bb.note instead of echo

bitbake: bin/bitbake-getvar: Add a new command to query a variable value (with history)

bitbake: fetch/git: Fix usehead for non-default names

bitbake: fetch/wget: Move files into place atomically

bitbake: knotty: display active tasks when printing keepAlive() message

bitbake: knotty: reduce keep-alive timeout from 5000s (83 minutes) to 10 minutes

bitbake: tinfoil/data_smart: Allow variable history emit() to function remotely

build-appliance-image: Update to dunfell head revision

classes/cve-check: Move get_patches_cves to library


cve-check: add coverage statistics on recipes with/without CVEs

cve-check: add support for Ignored CVEs

cve-check: hook cleanup to the BuildCompleted event, not CookerExit

cve-check: move update_symlinks to a library

cve-check: write empty fragment files in the text mode

cve-extra-exclusions.inc: Use CVE_CHECK_WHITELIST

cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)

cve-update-db-native: make it possible to disable database updates

documentation: update for 3.1.18 release

dpkg: update to 1.19.8

dropbear: break dependency on base package for -dev package

e2fsprogs: add alternatives handling of lsattr as well

efivar: change branch name to main

gcc-source: Fix incorrect task dependencies from ${B}

initramfs-framework: move storage mounts to actual rootfs

insane.bbclass: host-user-contaminated: Correct per package home path

kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task

license.bbclass: Bound beginline and endline in copy_license_files()

linux-firmware: add support for building snapshots

linux-firmware: upgrade 20220509 -> 20220610

linux-yocto-rt/5.4: fixup -rt build breakage

linux-yocto/5.4: update to v5.4.205

local.conf.sample: Update sstate url to new 'all' path

lttng-modules: Backport Linux 5.18+, 5.15.44+, 5.10.119+ fixes

manuals: switch to the sstate mirror shared between all versions

oe-selftest-image: Ensure the image has sftp as well as dropbear

oeqa/runtime/scp: Disable scp test for dropbear

oeqa/selftest/cve_check: add tests for Ignored and partial reports

oescripts: change compare logic in OEListPackageconfigTests

openssh: break dependency on base package for -dev package

openssl: update fix for ptest certificate expiration

openssl: update the epoch time for ct_test ptest

openssl: upgrade to 1.1.1q

packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation

poky.conf: bump version for 3.1.18 release

qemu: add PACKAGECONFIG for capstone

ref-manual: Add XZ_THREADS and XZ_MEMLIMIT

ref-manual: variables: remove sphinx directive from literal block

rootfs.py: close kernel_abi_ver_file

systemd: systemd-systemctl: Support instance conf files during enable

vim: upgrade to 9.0.0021

wic: fix WicError message

wireless-regdb: upgrade 2022.04.08 -> 2022.06.06