release-notes-5.0: document some cve, strace and qa changes

This patch should cover those commits (from poky) : * 789b10030c (cve-update-nvd2-native: remove rejected cve from database, 2024-03-15) * 19f27037b2 (cve-update-nvd2-native: add an age threshold for incremental update, 2024-03-13) * 6ce61b4357 (strace: disable bluetooth support by default, 2023-12-13) * 381ef628fa (ref-manual: add documentation for the unimplemented-ptest qa warning, 2023-10-10) (From yocto-docs rev: da44182aa084378dbf7a04bb010cbd87e508a607) Signed-off-by: Yoann Congal <yoann.congal@smile.fr> Reviewed-by: Michael Opdenacker <michael.opdenacker@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-01-29 21:08:42 +01:00 · 2024-04-09 16:55:44 +02:00
parent f6f6d98e6d
commit e050327407
1 changed files with 17 additions and 0 deletions
--- a/documentation/migration-guides/release-notes-5.0.rst
+++ b/documentation/migration-guides/release-notes-5.0.rst
@@ -10,6 +10,10 @@ New Features / Enhancements in 5.0

 -  New variables:

+   -  :term:`CVE_DB_INCR_UPDATE_AGE_THRES`: Configure the maximum age of the
+      internal CVE database for incremental update (instead of a full
+      redownload).
+
 -  Architecture-specific enhancements:

 -  Kernel-related enhancements:
@@ -44,6 +48,9 @@ New Features / Enhancements in 5.0

 -  Testing:

+   -  Add an optional ``unimplemented-ptest`` QA warning to detect upstream
+      packages with tests, that do not use ptest.
+
 -  Utility script changes:

   -  New ``recipetool/create_go.py`` script added to support Go recipe creation
@@ -54,6 +61,11 @@ New Features / Enhancements in 5.0

 -  Security improvements:

+   -  Improve incremental CVE database download from NVD. Rejected CVEs are
+      removed, configuration is kept up-to-date. The age threshold for
+      incremental update can be configured with :term:`CVE_DB_INCR_UPDATE_AGE_THRES`
+      variable.
+
 -  Prominent documentation updates:

 -  Miscellaneous changes:
@@ -64,10 +76,15 @@ New Features / Enhancements in 5.0
   -  ``systemd-boot`` can, from now on, be compiled as ``native``, thus
      providing ``ukify`` tool to build UKI images.

+   -  systemd: split bash completion for ``udevadm`` in a new
+      ``udev-bash-completion`` package.
+
   -  The :ref:`ref-classes-go-vendor` class was added to support offline builds
      (i.e., vendoring). It can also handle modules from the same repository,
      taking into account their versions.

+   -  Disable strace support of bluetooth by default.
+
 Known Issues in 5.0
 ~~~~~~~~~~~~~~~~~~~