-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - -------------------------- yocto-4.0.10 Release Notes - -------------------------- - -------------------------- Repositories/Downloads - -------------------------- Repository Name: poky Repository Location: https://git.yoctoproject.org/poky Branch: kirkstone Tag: yocto-4.0.10 Git Revision: f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f Release Artefact: poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f sha: 8820aeac857ce6bbd1c7ef26cadbb86eca02be93deded253b4a5f07ddd69255d Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/poky-f53ab3a2ff206a130cdc843839dd0ea5ec4ad02f.tar.bz2 Repository Name: openembedded-core Repository Location: https://git.openembedded.org/openembedded-core Branch: kirkstone Tag: yocto-4.0.10 Git Revision: d2713785f9cd2d58731df877bc8b7bcc71b6c8e6 Release Artefact: oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6 sha: 78e084a1aceaaa6ec022702f29f80eaffade3159e9c42b6b8985c1b7ddd2fbab Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/oecore-d2713785f9cd2d58731df877bc8b7bcc71b6c8e6.tar.bz2 Repository Name: meta-mingw Repository Location: https://git.yoctoproject.org/meta-mingw Branch: kirkstone Tag: yocto-4.0.10 Git Revision: a90614a6498c3345704e9611f2842eb933dc51c1 Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 Repository Name: meta-gplv2 Repository Location: https://git.yoctoproject.org/meta-gplv2 Branch: kirkstone Tag: yocto-4.0.10 Git Revision: d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 Repository Name: bitbake Repository Location: https://git.openembedded.org/bitbake Branch: 2.0 Tag: yocto-4.0.10 Git Revision: 0c6f86b60cfba67c20733516957c0a654eb2b44c Release Artefact: bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c sha: 4caa94ee4d644017b0cc51b702e330191677f7d179018cbcec8b1793949ebc74 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.10/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.10/bitbake-0c6f86b60cfba67c20733516957c0a654eb2b44c.tar.bz2 Repository Name: yocto-docs Repository Location: https://git.yoctoproject.org/yocto-docs Branch: 2.0 Tag: yocto-4.0.10 Git Revision: 8388be749806bd0bf4fccf1005dae8f643aa4ef4 - --------------- Contributors - --------------- Archana Polampalli Arturo Buzarra Bruce Ashfield Christoph Lauer Deepthi Hemraj Dmitry Baryshkov Frank de Brabander Hitendra Prajapati Joe Slater Kai Kang Kyle Russell Lee Chee Yang Mark Hatle Martin Jansa Mingli Yu Narpat Mali Pascal Bach Pawan Badganchi Peter Bergin Peter Marko Piotr Ɓobacz Randolph Sapp Ranjitsinh Rathod Ross Burton Shubham Kulkarni Siddharth Doshi Steve Sakoman Sundeep KOKKONDA Thomas Roos Virendra Thakur Vivek Kumbhar Wang Mingyu Xiangyu Chen Yash Shinde Yoann Congal Yogita Urade Zhixiong Chi - --------------- Known Issues - --------------- N/A - --------------- Security Fixes - --------------- binutils: Fix CVE-2023-1579 CVE-2023-1972 CVE-2023-25584 CVE-2023-25585 CVE-2023-25588 cargo : Ignore cve-2022-46176 connman: Fix CVE-2023-28488 curl: Fix CVE-2023-27533 CVE-2023-27534 CVE-2023-27535 CVE-2023-27536 CVE-2023-27538 ffmpeg: Fix CVE-2022-48434 freetype: Fix CVE-2023-2004 ghostscript: Fix CVE-2023-29979 git: Fix CVE-2023-25652 CVE-2023-29007 go: Fix CVE-2022-41722 CVE-2022-41724 CVE-2022-41725 CVE-2023-24534 CVE-2023-24537 CVE-2023-24538 go: Ignore CVE-2022-41716 libxml2: Fix CVE-2023-28484 CVE-2023-29469 libxpm: Fix CVE-2022-4883 CVE-2022-44617 CVE-2022-46285 linux-yocto: Ignore CVE-2021-3759 CVE-2021-4135 CVE-2021-4155 CVE-2022-0168 CVE-2022-0171 CVE-2022-1016 CVE-2022-1184 CVE-2022-1198 CVE-2022-1199 CVE-2022-1462 CVE-2022-1734 CVE-2022-1852 CVE-2022-1882 CVE-2022-1998 CVE-2022-2078 CVE-2022-2196 CVE-2022-2318 CVE-2022-2380 CVE-2022-2503 CVE-2022-26365 CVE-2022-2663 CVE-2022-2873 CVE-2022-2905 CVE-2022-2959 CVE-2022-3028 CVE-2022-3078 CVE-2022-3104 CVE-2022-3105 CVE-2022-3106 CVE-2022-3107 CVE-2022-3111 CVE-2022-3112 CVE-2022-3113 CVE-2022-3115 CVE-2022-3202 CVE-2022-32250 CVE-2022-32296 CVE-2022-32981 CVE-2022-3303 CVE-2022-33740 CVE-2022-33741 CVE-2022-33742 CVE-2022-33743 CVE-2022-33744 CVE-2022-33981 CVE-2022-3424 CVE-2022-3435 CVE-2022-34918 CVE-2022-3521 CVE-2022-3545 CVE-2022-3564 CVE-2022-3586 CVE-2022-3594 CVE-2022-36123 CVE-2022-3621 CVE-2022-3623 CVE-2022-3629 CVE-2022-3633 CVE-2022-3635 CVE-2022-3646 CVE-2022-3649 CVE-2022-36879 CVE-2022-36946 CVE-2022-3707 CVE-2022-39188 CVE-2022-39190 CVE-2022-39842 CVE-2022-40307 CVE-2022-40768 CVE-2022-4095 CVE-2022-41218 CVE-2022-4139 CVE-2022-41849 CVE-2022-41850 CVE-2022-41858 CVE-2022-42328 CVE-2022-42329 CVE-2022-42703 CVE-2022-42721 CVE-2022-42722 CVE-2022-42895 CVE-2022-4382 CVE-2022-4662 CVE-2022-47518 CVE-2022-47519 CVE-2022-47520 CVE-2022-47929 CVE-2023-0179 CVE-2023-0394 CVE-2023-0461 CVE-2023-0590 CVE-2023-1073 CVE-2023-1074 CVE-2023-1077 CVE-2023-1078 CVE-2023-1079 CVE-2023-1095 CVE-2023-1118 CVE-2023-1249 CVE-2023-1252 CVE-2023-1281 CVE-2023-1382 CVE-2023-1513 CVE-2023-1829 CVE-2023-1838 CVE-2023-1998 CVE-2023-2006 CVE-2023-2008 CVE-2023-2162 CVE-2023-2166 CVE-2023-2177 CVE-2023-22999 CVE-2023-23002 CVE-2023-23004 CVE-2023-23454 CVE-2023-23455 CVE-2023-23559 CVE-2023-25012 CVE-2023-26545 CVE-2023-28327 CVE-2023-28328 nasm: Fix CVE-2022-44370 python3-cryptography: Fix CVE-2023-23931 qemu: Ignore CVE-2023-0664 ruby: Fix CVE-2023-28755 CVE-2023-28756 screen: Fix CVE-2023-24626 shadow: Fix CVE-2023-29383 tiff: Fix CVE-2022-4645 webkitgtk: Fix CVE-2022-32888 CVE-2022-32923 xserver-xorg: Fix CVE-2023-1393 - --------------- Fixes - --------------- bitbake: bin/utils: Ensure locale en_US.UTF-8 is available on the system build-appliance-image: Update to kirkstone head revision cmake: add CMAKE_SYSROOT to generated toolchain file glibc: stable 2.35 branch updates. kernel-devsrc: depend on python3-core instead of python3 kernel: improve initramfs bundle processing time libarchive: Enable acls, xattr for native as well as target libbsd: Add correct license for all packages libpam: Fix the xtests/tst-pam_motd[1|3] failures libxpm: upgrade to 3.5.15 linux-firmware: upgrade to 20230404 linux-yocto/5.15: upgrade to v5.15.108 migration-guides: add release-notes for 4.0.9 oeqa/utils/metadata.py: Fix running oe-selftest running with no distro set openssl: Move microblaze to linux-latomic config package.bbclass: correct check for /build in copydebugsources() poky.conf: bump version for 4.0.10 populate_sdk_base: add zip options populate_sdk_ext.bbclass: set METADATA_REVISION with an DISTRO override run-postinsts: Set dependency for ldconfig to avoid boot issues update-alternatives.bbclass: fix old override syntax wic/bootimg-efi: if fixed-size is set then use that for mkdosfs wpebackend-fdo: upgrade to 1.14.2 xorg-lib-common: Add variable to set tarball type xserver-xorg: upgrade to 21.1.8 -----BEGIN PGP SIGNATURE----- iQEzBAEBCgAdFiEETAATlWjYlkbLPLeFXGgH0cJ5dnMFAmRtZVsACgkQXGgH0cJ5 dnPngAf/TqAfTgHu4xpCYO1zUe36PzxsmoQGuSDnHAZ0lgpN9QjsdNcH0eTqBsNC XP8pQTg1ioDg188Ox4/F5tvDXyr2/magtmKG8xIbMo2u284BExpqq8kKfrKHzSKW RAxuctuqnV1hpiF1lIJS/5c3VCNpG6a5kYKcVD466s/h9nZBJduixbMhBWVfGEPN aqIdV0p5cCs9MBBovsZOhM+IK7jQJR4T0GiXr37tD4k1s4tXKJTeRDHhxFDWeTrz N2jOhOt3Y13aJaUAKtvwR8GjzfK9nrj4M1AvgQ4pZG95DI1R3GbW3leNSjKbNzqI eJC7gfrwWZiklRKHjxJ7o2GD3C121Q== =3t8E -----END PGP SIGNATURE-----