build-appliance-image: Update to scarthgap head revision

(From OE-Core rev: 7af6b75221d5703ba5bf43c7cd9f1e7a2e0ed20b) Signed-off-by: Steve Sakoman <steve@sakoman.com>
poky.conf: bump version for 5.0.13
2026-02-20 08:29:42 +01:00 · 2025-10-13 12:48:55 -07:00 · 2025-10-13 12:46:28 -07:00 · 2025-10-13 12:42:58 -07:00 · 2025-10-13 12:42:58 -07:00 · 2025-10-13 12:42:58 -07:00
532 changed files with 38321 additions and 3111 deletions
--- a/bitbake/bin/bitbake
+++ b/bitbake/bin/bitbake
@@ -27,7 +27,7 @@ from bb.main import bitbake_main, BitBakeConfigParameters, BBMainException

 bb.utils.check_system_locale()

-__version__ = "2.8.0"
+__version__ = "2.8.1"

 if __name__ == "__main__":
    if __version__ != bb.__version__:
--- a/bitbake/lib/bb/init.py
+++ b/bitbake/lib/bb/init.py
@@ -9,7 +9,7 @@
 # SPDX-License-Identifier: GPL-2.0-only
 #

-__version__ = "2.8.0"
+__version__ = "2.8.1"

 import sys
 if sys.version_info < (3, 8, 0):
@@ -37,6 +37,34 @@ class BBHandledException(Exception):
 import os
 import logging
 from collections import namedtuple
+import multiprocessing as mp
+
+# Python 3.14 changes the default multiprocessing context from "fork" to
+# "forkserver". However, bitbake heavily relies on "fork" behavior to
+# efficiently pass data to the child processes. Places that need this should do:
+#   from bb import multiprocessing
+# in place of
+#   import multiprocessing
+
+class MultiprocessingContext(object):
+    """
+    Multiprocessing proxy object that uses the "fork" context for a property if
+    available, otherwise goes to the main multiprocessing module. This allows
+    it to be a drop-in replacement for the multiprocessing module, but use the
+    fork context
+    """
+    def __init__(self):
+        super().__setattr__("_ctx", mp.get_context("fork"))
+
+    def __getattr__(self, name):
+        if hasattr(self._ctx, name):
+            return getattr(self._ctx, name)
+        return getattr(mp, name)
+
+    def __setattr__(self, name, value):
+        raise AttributeError(f"Unable to set attribute {name}")
+
+multiprocessing = MultiprocessingContext()


 class NullHandler(logging.Handler):
--- a/bitbake/lib/bb/asyncrpc/serv.py
+++ b/bitbake/lib/bb/asyncrpc/serv.py
@@ -11,7 +11,7 @@ import os
 import signal
 import socket
 import sys
-import multiprocessing
+from bb import multiprocessing
 import logging
 from .connection import StreamConnection, WebsocketConnection
 from .exceptions import ClientError, ServerError, ConnectionClosedError, InvokeError
--- a/bitbake/lib/bb/cooker.py
+++ b/bitbake/lib/bb/cooker.py
@@ -12,7 +12,7 @@
 import sys, os, glob, os.path, re, time
 import itertools
 import logging
-import multiprocessing
+from bb import multiprocessing
 import threading
 from io import StringIO, UnsupportedOperation
 from contextlib import closing
--- a/bitbake/lib/bb/fetch2/init.py
+++ b/bitbake/lib/bb/fetch2/init.py
@@ -237,7 +237,7 @@ class URI(object):
        # to RFC compliant URL format. E.g.:
        #   file://foo.diff -> file:foo.diff
        if urlp.scheme in self._netloc_forbidden:
-            uri = re.sub("(?<=:)//(?!/)", "", uri, 1)
+            uri = re.sub(r"(?<=:)//(?!/)", "", uri, count=1)
            reparse = 1

        if reparse:
--- a/bitbake/lib/bb/fetch2/gcp.py
+++ b/bitbake/lib/bb/fetch2/gcp.py
@@ -23,7 +23,6 @@ import urllib.parse, urllib.error
 from bb.fetch2 import FetchMethod
 from bb.fetch2 import FetchError
 from bb.fetch2 import logger
-from bb.fetch2 import runfetchcmd

 class GCP(FetchMethod):
    """
@@ -48,7 +47,6 @@ class GCP(FetchMethod):
            ud.basename = os.path.basename(ud.path)

        ud.localfile = d.expand(urllib.parse.unquote(ud.basename))
-        ud.basecmd = "gsutil stat"

    def get_gcp_client(self):
        from google.cloud import storage
@@ -59,17 +57,20 @@ class GCP(FetchMethod):
        Fetch urls using the GCP API.
        Assumes localpath was called first.
        """
+        from google.api_core.exceptions import NotFound
        logger.debug2(f"Trying to download gs://{ud.host}{ud.path} to {ud.localpath}")
        if self.gcp_client is None:
            self.get_gcp_client()

-        bb.fetch2.check_network_access(d, ud.basecmd, f"gs://{ud.host}{ud.path}")
-        runfetchcmd("%s %s" % (ud.basecmd, f"gs://{ud.host}{ud.path}"), d)
+        bb.fetch2.check_network_access(d, "blob.download_to_filename", f"gs://{ud.host}{ud.path}")

        # Path sometimes has leading slash, so strip it
        path = ud.path.lstrip("/")
        blob = self.gcp_client.bucket(ud.host).blob(path)
-        blob.download_to_filename(ud.localpath)
+        try:
+            blob.download_to_filename(ud.localpath)
+        except NotFound:
+            raise FetchError("The GCP API threw a NotFound exception")

        # Additional sanity checks copied from the wget class (although there
        # are no known issues which mean these are required, treat the GCP API
@@ -91,8 +92,7 @@ class GCP(FetchMethod):
        if self.gcp_client is None:
            self.get_gcp_client()

-        bb.fetch2.check_network_access(d, ud.basecmd, f"gs://{ud.host}{ud.path}")
-        runfetchcmd("%s %s" % (ud.basecmd, f"gs://{ud.host}{ud.path}"), d)
+        bb.fetch2.check_network_access(d, "gcp_client.bucket(ud.host).blob(path).exists()", f"gs://{ud.host}{ud.path}")

        # Path sometimes has leading slash, so strip it
        path = ud.path.lstrip("/")
--- a/bitbake/lib/bb/parse/ast.py
+++ b/bitbake/lib/bb/parse/ast.py
@@ -391,6 +391,14 @@ def finalize(fn, d, variant = None):
        if d.getVar("_FAILPARSINGERRORHANDLED", False) == True:
            raise bb.BBHandledException()

+        while True:
+            inherits = d.getVar('__BBDEFINHERITS', False) or []
+            if not inherits:
+                break
+            inherit, filename, lineno = inherits.pop(0)
+            d.setVar('__BBDEFINHERITS', inherits)
+            bb.parse.BBHandler.inherit(inherit, filename, lineno, d, deferred=True)
+
        for var in d.getVar('__BBHANDLERS', False) or []:
            # try to add the handler
            handlerfn = d.getVarFlag(var, "filename", False)
@@ -444,14 +452,6 @@ def multi_finalize(fn, d):
        logger.debug("Appending .bbappend file %s to %s", append, fn)
        bb.parse.BBHandler.handle(append, d, True)

-    while True:
-        inherits = d.getVar('__BBDEFINHERITS', False) or []
-        if not inherits:
-            break
-        inherit, filename, lineno = inherits.pop(0)
-        d.setVar('__BBDEFINHERITS', inherits)
-        bb.parse.BBHandler.inherit(inherit, filename, lineno, d, deferred=True)
-
    onlyfinalise = d.getVar("__ONLYFINALISE", False)

    safe_d = d
@@ -487,7 +487,9 @@ def multi_finalize(fn, d):
                d.setVar("BBEXTENDVARIANT", variantmap[name])
            else:
                d.setVar("PN", "%s-%s" % (pn, name))
-            bb.parse.BBHandler.inherit(extendedmap[name], fn, 0, d)
+            inherits = d.getVar('__BBDEFINHERITS', False) or []
+            inherits.append((extendedmap[name], fn, 0))
+            d.setVar('__BBDEFINHERITS', inherits)

        safe_d.setVar("BBCLASSEXTEND", extended)
        _create_variants(datastores, extendedmap.keys(), extendfunc, onlyfinalise)
--- a/bitbake/lib/bb/runqueue.py
+++ b/bitbake/lib/bb/runqueue.py
@@ -729,6 +729,8 @@ class RunQueueData:
                if mc == frommc:
                    fn = taskData[mcdep].build_targets[pn][0]
                    newdep = '%s:%s' % (fn,deptask)
+                    if newdep not in taskData[mcdep].taskentries:
+                        bb.fatal("Task mcdepends on non-existent task %s" % (newdep))
                    taskData[mc].taskentries[tid].tdepends.append(newdep)

        for mc in taskData:
--- a/bitbake/lib/bb/server/process.py
+++ b/bitbake/lib/bb/server/process.py
@@ -13,7 +13,7 @@
 import bb
 import bb.event
 import logging
-import multiprocessing
+from bb import multiprocessing
 import threading
 import array
 import os
--- a/bitbake/lib/bb/tests/fetch.py
+++ b/bitbake/lib/bb/tests/fetch.py
@@ -1421,7 +1421,7 @@ class FetchLatestVersionTest(FetcherTest):
        # combination version pattern
        ("sysprof", "git://git.yoctoproject.org/sysprof.git;protocol=https;branch=master", "cd44ee6644c3641507fb53b8a2a69137f2971219", "", "")
            : "1.2.0",
-        ("u-boot-mkimage", "git://source.denx.de/u-boot/u-boot.git;branch=master;protocol=https", "62c175fbb8a0f9a926c88294ea9f7e88eb898f6c", "", "")
+        ("u-boot-mkimage", "git://git.yoctoproject.org/bbfetchtests-u-boot.git;branch=master;protocol=https", "62c175fbb8a0f9a926c88294ea9f7e88eb898f6c", "", "")
            : "2014.01",
        # version pattern "yyyymmdd"
        ("mobile-broadband-provider-info", "git://git.yoctoproject.org/mobile-broadband-provider-info.git;protocol=https;branch=master", "4ed19e11c2975105b71b956440acdb25d46a347d", "", "")
--- a/bitbake/lib/bb/tests/runqueue-tests/recipes/g1.bb
+++ b/bitbake/lib/bb/tests/runqueue-tests/recipes/g1.bb
@@ -0,0 +1,2 @@
+do_build[mcdepends] = "mc::mc-1:h1:do_invalid"
+
--- a/bitbake/lib/bb/tests/runqueue-tests/recipes/h1.bb
+++ b/bitbake/lib/bb/tests/runqueue-tests/recipes/h1.bb
--- a/bitbake/lib/bb/tests/runqueue.py
+++ b/bitbake/lib/bb/tests/runqueue.py
@@ -26,7 +26,7 @@ class RunQueueTests(unittest.TestCase):
    a1_sstatevalid = "a1:do_package a1:do_package_qa a1:do_packagedata a1:do_package_write_ipk a1:do_package_write_rpm a1:do_populate_lic a1:do_populate_sysroot"
    b1_sstatevalid = "b1:do_package b1:do_package_qa b1:do_packagedata b1:do_package_write_ipk b1:do_package_write_rpm b1:do_populate_lic b1:do_populate_sysroot"

-    def run_bitbakecmd(self, cmd, builddir, sstatevalid="", slowtasks="", extraenv=None, cleanup=False):
+    def run_bitbakecmd(self, cmd, builddir, sstatevalid="", slowtasks="", extraenv=None, cleanup=False, allowfailure=False):
        env = os.environ.copy()
        env["BBPATH"] = os.path.realpath(os.path.join(os.path.dirname(__file__), "runqueue-tests"))
        env["BB_ENV_PASSTHROUGH_ADDITIONS"] = "SSTATEVALID SLOWTASKS TOPDIR"
@@ -41,6 +41,8 @@ class RunQueueTests(unittest.TestCase):
            output = subprocess.check_output(cmd, env=env, stderr=subprocess.STDOUT,universal_newlines=True, cwd=builddir)
            print(output)
        except subprocess.CalledProcessError as e:
+            if allowfailure:
+                return e.output
            self.fail("Command %s failed with %s" % (cmd, e.output))
        tasks = []
        tasklog = builddir + "/task.log"
@@ -314,6 +316,13 @@ class RunQueueTests(unittest.TestCase):
                       ["mc_2:a1:%s" % t for t in rerun_tasks]
            self.assertEqual(set(tasks), set(expected))

+            # Check that a multiconfig that doesn't exist rasies a correct error message
+            error_output = self.run_bitbakecmd(["bitbake", "g1"], tempdir, "", extraenv=extraenv, cleanup=True, allowfailure=True)
+            self.assertIn("non-existent task", error_output)
+            # If the word 'Traceback' or 'KeyError' is in the output we've regressed
+            self.assertNotIn("Traceback", error_output)
+            self.assertNotIn("KeyError", error_output)
+
            self.shutdown(tempdir)

    def test_hashserv_single(self):
--- a/bitbake/lib/bb/tests/support/httpserver.py
+++ b/bitbake/lib/bb/tests/support/httpserver.py
@@ -3,7 +3,7 @@
 #

 import http.server
-import multiprocessing
+from bb import multiprocessing
 import os
 import traceback
 import signal
@@ -43,7 +43,7 @@ class HTTPService(object):
        self.process = multiprocessing.Process(target=self.server.server_start, args=[self.root_dir, self.logger])

        # The signal handler from testimage.bbclass can cause deadlocks here
-        # if the HTTPServer is terminated before it can restore the standard 
+        # if the HTTPServer is terminated before it can restore the standard
        #signal behaviour
        orig = signal.getsignal(signal.SIGTERM)
        signal.signal(signal.SIGTERM, signal.SIG_DFL)
--- a/bitbake/lib/bb/utils.py
+++ b/bitbake/lib/bb/utils.py
@@ -14,7 +14,7 @@ import logging
 import bb
 import bb.msg
 import locale
-import multiprocessing
+from bb import multiprocessing
 import fcntl
 import importlib
 import importlib.machinery
@@ -1174,8 +1174,6 @@ def process_profilelog(fn, pout = None):
 #
 def multiprocessingpool(*args, **kwargs):

-    import multiprocessing.pool
-    #import multiprocessing.util
    #multiprocessing.util.log_to_stderr(10)
    # Deal with a multiprocessing bug where signals to the processes would be delayed until the work
    # completes. Putting in a timeout means the signals (like SIGINT/SIGTERM) get processed.
@@ -1854,6 +1852,15 @@ def path_is_descendant(descendant, ancestor):

    return False

+# Recomputing the sets in signal.py is expensive (bitbake -pP idle)
+# so try and use _signal directly to avoid it
+valid_signals = signal.valid_signals()
+try:
+    import _signal
+    sigmask = _signal.pthread_sigmask
+except ImportError:
+    sigmask = signal.pthread_sigmask
+
 # If we don't have a timeout of some kind and a process/thread exits badly (for example
 # OOM killed) and held a lock, we'd just hang in the lock futex forever. It is better
 # we exit at some point than hang. 5 minutes with no progress means we're probably deadlocked.
@@ -1863,7 +1870,7 @@ def path_is_descendant(descendant, ancestor):
@contextmanager
 def lock_timeout(lock):
    try:
-        s = signal.pthread_sigmask(signal.SIG_BLOCK, signal.valid_signals())
+        s = sigmask(signal.SIG_BLOCK, valid_signals)
        held = lock.acquire(timeout=5*60)
        if not held:
            bb.server.process.serverlog("Couldn't get the lock for 5 mins, timed out, exiting.\n%s" % traceback.format_stack())
@@ -1871,16 +1878,16 @@ def lock_timeout(lock):
        yield held
    finally:
        lock.release()
-        signal.pthread_sigmask(signal.SIG_SETMASK, s)
+        sigmask(signal.SIG_SETMASK, s)

 # A version of lock_timeout without the check that the lock was locked and a shorter timeout
@contextmanager
 def lock_timeout_nocheck(lock):
    try:
-        s = signal.pthread_sigmask(signal.SIG_BLOCK, signal.valid_signals())
+        s = sigmask(signal.SIG_BLOCK, valid_signals)
        l = lock.acquire(timeout=10)
        yield l
    finally:
        if l:
            lock.release()
-        signal.pthread_sigmask(signal.SIG_SETMASK, s)
+        sigmask(signal.SIG_SETMASK, s)
--- a/bitbake/lib/hashserv/tests.py
+++ b/bitbake/lib/hashserv/tests.py
@@ -11,7 +11,7 @@ from bb.asyncrpc import InvokeError
 from .client import ClientPool
 import hashlib
 import logging
-import multiprocessing
+from bb import multiprocessing
 import os
 import sys
 import tempfile
--- a/bitbake/lib/toaster/tests/builds/buildtest.py
+++ b/bitbake/lib/toaster/tests/builds/buildtest.py
@@ -128,7 +128,7 @@ class BuildTest(unittest.TestCase):
        if os.environ.get("TOASTER_TEST_USE_SSTATE_MIRROR"):
            ProjectVariable.objects.get_or_create(
                name="SSTATE_MIRRORS",
-                value="file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH",
+                value="file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH",
                project=project)

        ProjectTarget.objects.create(project=project,
--- a/documentation/README
+++ b/documentation/README
@@ -429,5 +429,22 @@ both the Yocto Project and BitBake manuals:
 Submitting documentation changes
 ================================

-Please see the top level README file in this repository for details of where
-to send patches.
+Please refer to our contributor guide here: https://docs.yoctoproject.org/contributor-guide/
+for full details on how to submit changes.
+
+As a quick guide, patches should be sent to docs@lists.yoctoproject.org
+The git command to do that would be:
+
+     git send-email -M -1 --to docs@lists.yoctoproject.org
+
+The 'To' header can be set as default for this repository:
+
+     git config sendemail.to docs@lists.yoctoproject.org
+
+Now you can just do 'git send-email origin/master..' to send all local patches.
+
+Read the other sections in this document and documentation/standards.md for
+rules to follow when contributing to the documentation.
+
+Git repository: https://git.yoctoproject.org/yocto-docs
+Mailing list: docs@lists.yoctoproject.org
--- a/documentation/brief-yoctoprojectqs/index.rst
+++ b/documentation/brief-yoctoprojectqs/index.rst
@@ -44,7 +44,7 @@ following requirements:
   much more will help to run multiple builds and increase
   performance by reusing build artifacts.

-  At least &MIN_RAM; Gbytes of RAM, though a modern modern build host with as
+-  At least &MIN_RAM; Gbytes of RAM, though a modern build host with as
   much RAM and as many CPU cores as possible is strongly recommended to
   maximize build performance.

@@ -57,7 +57,7 @@ following requirements:
   :ref:`dev-manual/start:preparing the build host`
   section in the Yocto Project Development Tasks Manual.

-
+-  Ensure that the following utilities have these minimum version numbers:

   -  Git &MIN_GIT_VERSION; or greater
   -  tar &MIN_TAR_VERSION; or greater
@@ -65,7 +65,7 @@ following requirements:
   -  gcc &MIN_GCC_VERSION; or greater.
   -  GNU make &MIN_MAKE_VERSION; or greater

-If your build host does not meet any of these three listed version
+If your build host does not satisfy all of the above version
 requirements, you can take steps to prepare the system so that you
 can still use the Yocto Project. See the
 :ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions`
@@ -182,7 +182,7 @@ an entire Linux distribution, including the toolchain, from source.
      page of the Yocto Project Wiki.

 #. **Initialize the Build Environment:** From within the ``poky``
-   directory, run the :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``
+   directory, run the :ref:`ref-manual/structure:``oe-init-build-env```
   environment
   setup script to define Yocto Project's build environment on your
   build host.
@@ -252,7 +252,7 @@ an entire Linux distribution, including the toolchain, from source.
      file in the :term:`Build Directory`::

         BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws"
-         SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
+         SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
         BB_HASHSERVE = "auto"
         BB_SIGNATURE_HANDLER = "OEEquivHash"

--- a/documentation/bsp-guide/bsp.rst
+++ b/documentation/bsp-guide/bsp.rst
@@ -81,7 +81,7 @@ directory of that Layer. This directory is what you add to the
 ``conf/bblayers.conf`` file found in your
 :term:`Build Directory`, which is
 established after you run the OpenEmbedded build environment setup
-script (i.e. :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``).
+script (i.e. :ref:`ref-manual/structure:``oe-init-build-env```).
 Adding the root directory allows the :term:`OpenEmbedded Build System`
 to recognize the BSP
 layer and from it build an image. Here is an example::
@@ -166,7 +166,7 @@ section.
   BSPs, which are maintained in their own layers or in layers designed
   to contain several BSPs. To get an idea of machine support through
   BSP layers, you can look at the
-   :yocto_dl:`index of machines </releases/yocto/yocto-&DISTRO;/machines>`
+   :yocto_dl:`index of machines </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines>`
   for the release.

 #. *Optionally Clone the meta-intel BSP Layer:* If your hardware is
@@ -229,7 +229,7 @@ section.

 #. *Initialize the Build Environment:* While in the root directory of
   the Source Directory (i.e. ``poky``), run the
-   :ref:`ref-manual/structure:\`\`oe-init-build-env\`\`` environment
+   :ref:`ref-manual/structure:``oe-init-build-env``` environment
   setup script to define the OpenEmbedded build environment on your
   build host. ::

@@ -674,21 +674,21 @@ to the kernel recipe by using a similarly named append file, which is
 located in the BSP Layer for your target device (e.g. the
 ``meta-bsp_root_name/recipes-kernel/linux`` directory).

-Suppose you are using the ``linux-yocto_4.4.bb`` recipe to build the
+Suppose you are using the ``linux-yocto_6.12.bb`` recipe to build the
 kernel. In other words, you have selected the kernel in your
 ``"bsp_root_name".conf`` file by adding
 :term:`PREFERRED_PROVIDER` and :term:`PREFERRED_VERSION`
 statements as follows::

   PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-   PREFERRED_VERSION_linux-yocto ?= "4.4%"
+   PREFERRED_VERSION_linux-yocto ?= "6.12%"

 .. note::

   When the preferred provider is assumed by default, the :term:`PREFERRED_PROVIDER`
   statement does not appear in the ``"bsp_root_name".conf`` file.

-You would use the ``linux-yocto_4.4.bbappend`` file to append specific
+You would use the ``linux-yocto_6.12.bbappend`` file to append specific
 BSP settings to the kernel, thus configuring the kernel for your
 particular BSP.

@@ -698,14 +698,19 @@ in the Yocto Project Linux Kernel Development Manual.

 An alternate scenario is when you create your own kernel recipe for the
 BSP. A good example of this is the Raspberry Pi BSP. If you examine the
-``recipes-kernel/linux`` directory you see the following::
+``recipes-kernel/linux`` directory in that layer you see the following
+Raspberry Pi-specific recipes and associated files::

+   files/
+   linux-raspberrypi_6.12.bb
+   linux-raspberrypi_6.1.bb
+   linux-raspberrypi_6.6.bb
   linux-raspberrypi-dev.bb
   linux-raspberrypi.inc
-   linux-raspberrypi_4.14.bb
-   linux-raspberrypi_4.9.bb
-
-The directory contains three kernel recipes and a common include file.
+   linux-raspberrypi-v7_6.12.bb
+   linux-raspberrypi-v7_6.1.bb
+   linux-raspberrypi-v7_6.6.bb
+   linux-raspberrypi-v7.inc

 Developing a Board Support Package (BSP)
 ========================================
@@ -1177,7 +1182,7 @@ Use these steps to create a BSP layer:

 -  *Create a Kernel Recipe:* Create a kernel recipe in
   ``recipes-kernel/linux`` by either using a kernel append file or a
-   new custom kernel recipe file (e.g. ``linux-yocto_4.12.bb``). The BSP
+   new custom kernel recipe file (e.g. ``linux-yocto_6.12.bb``). The BSP
   layers mentioned in the previous step also contain different kernel
   examples. See the ":ref:`kernel-dev/common:modifying an existing recipe`"
   section in the Yocto Project Linux Kernel Development Manual for
@@ -1242,7 +1247,7 @@ located in :yocto_git:`poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf

   PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg"

-   MACHINE_EXTRA_RRECOMMENDS = "kernel-modules kernel-devicetree"
+   MACHINE_EXTRA_RRECOMMENDS = "kernel-modules"

   EXTRA_IMAGEDEPENDS += "virtual/bootloader"

@@ -1258,23 +1263,21 @@ located in :yocto_git:`poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
   SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyO0 115200;ttyAMA0"

   PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-   PREFERRED_VERSION_linux-yocto ?= "6.1%"
+   PREFERRED_VERSION_linux-yocto ?= "6.12%"

   KERNEL_IMAGETYPE = "zImage"
-   KERNEL_DEVICETREE = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
-   KERNEL_EXTRA_ARGS += "LOADADDR=${UBOOT_ENTRYPOINT}"
+   DTB_FILES = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
+   KERNEL_DEVICETREE = '${@' '.join('ti/omap/%s' % d for d in '${DTB_FILES}'.split())}'

   PREFERRED_PROVIDER_virtual/bootloader ?= "u-boot"

   SPL_BINARY = "MLO"
   UBOOT_SUFFIX = "img"
   UBOOT_MACHINE = "am335x_evm_defconfig"
-   UBOOT_ENTRYPOINT = "0x80008000"
-   UBOOT_LOADADDRESS = "0x80008000"

   MACHINE_FEATURES = "usbgadget usbhost vfat alsa"

-   IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${KERNEL_DEVICETREE}"
+   IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${DTB_FILES}"

   # support runqemu
   EXTRA_IMAGEDEPENDS += "qemu-native qemu-helper-native"
@@ -1328,12 +1331,12 @@ Project Reference Manual.
   needed in the root filesystem. In this case, the U-Boot recipe must
   be built for the image.

-   At the end of the file, we also use this setings to implement
+   At the end of the file, we also use this setting to implement
   ``runqemu`` support on the host machine.

 -  :term:`DEFAULTTUNE`: Machines
   use tunings to optimize machine, CPU, and application performance.
-   These features, which are collectively known as "tuning features",
+   These features --- collectively known as "tuning features" ---
   are set in the :term:`OpenEmbedded-Core (OE-Core)` layer. In this
   example, the default tuning file is :oe_git:`tune-cortexa8
   </openembedded-core/tree/meta/conf/machine/include/arm/armv7a/tune-cortexa8.inc>`.
@@ -1363,8 +1366,7 @@ Project Reference Manual.
   to create the sysroot when building a Wic image.

 -  :term:`SERIAL_CONSOLES`:
-   Defines a serial console (TTY) to enable using getty. In this case,
-   the baud rate is "115200" and the device name is "ttyO0".
+   Defines one or more serial consoles (TTYs) to enable using getty.

 -  :term:`PREFERRED_PROVIDER_virtual/kernel <PREFERRED_PROVIDER>`:
   Specifies the recipe that provides "virtual/kernel" when more than
@@ -1374,7 +1376,7 @@ Project Reference Manual.

 -  :term:`PREFERRED_VERSION_linux-yocto <PREFERRED_VERSION>`:
   Defines the version of the recipe used to build the kernel, which is
-   "6.1" in this case.
+   "6.12" in this case.

 -  :term:`KERNEL_IMAGETYPE`:
   The type of kernel to build for the device. In this case, the
@@ -1416,12 +1418,6 @@ Project Reference Manual.
      Specifies the value passed on the make command line when building
      a U-Boot image.

-   -  :term:`UBOOT_ENTRYPOINT`:
-      Specifies the entry point for the U-Boot image.
-
-   -  :term:`UBOOT_LOADADDRESS`:
-      Specifies the load address for the U-Boot image.
-
 -  :term:`MACHINE_FEATURES`:
   Specifies the list of hardware features the BeagleBone device is
   capable of supporting. In this case, the device supports "usbgadget
--- a/documentation/conf.py
+++ b/documentation/conf.py
@@ -13,6 +13,7 @@
 # documentation root, use os.path.abspath to make it absolute, like shown here.
 #
 import os
+import re
 import sys
 import datetime
 try:
@@ -111,6 +112,9 @@ extlinks = {
    'wikipedia': ('https://en.wikipedia.org/wiki/%s', None),
 }

+# To be able to use :manpage:`<something>` in the docs.
+manpages_url = 'https://manpages.debian.org/{path}'
+
 # Intersphinx config to use cross reference with BitBake user manual
 intersphinx_mapping = {
    'bitbake': ('https://docs.yoctoproject.org/bitbake/' + bitbake_version, None)
@@ -170,6 +174,24 @@ latex_elements = {
    'preamble': '\\usepackage[UTF8]{ctex}\n\\setcounter{tocdepth}{2}',
 }

+
+from sphinx.search import SearchEnglish
+from sphinx.search import languages
+class DashFriendlySearchEnglish(SearchEnglish):
+
+    # Accept words that can include 'inner' hyphens or dots
+    _word_re = re.compile(r'[\w]+(?:[\.\-][\w]+)*')
+
+    js_splitter_code = r"""
+function splitQuery(query) {
+    return query
+        .split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}\-\.]+/gu)
+        .filter(term => term.length > 0);
+}
+"""
+
+languages['en'] = DashFriendlySearchEnglish
+
 # Make the EPUB builder prefer PNG to SVG because of issues rendering Inkscape SVG
 from sphinx.builders.epub3 import Epub3Builder
 Epub3Builder.supported_image_types = ['image/png', 'image/gif', 'image/jpeg']
--- a/documentation/contributor-guide/submit-changes.rst
+++ b/documentation/contributor-guide/submit-changes.rst
@@ -123,110 +123,116 @@ to add the upgraded version.

      $ git commit -s file1 file2 dir1 dir2 ...

-   To include **a**\ ll staged files::
+   To include all staged files::

      $ git commit -sa

-   -  The ``-s`` option of ``git commit`` adds a "Signed-off-by:" line
-      to your commit message. There is the same requirement for contributing
-      to the Linux kernel. Adding such a line signifies that you, the
-      submitter, have agreed to the `Developer's Certificate of Origin 1.1
-      <https://www.kernel.org/doc/html/latest/process/submitting-patches.html#sign-your-work-the-developer-s-certificate-of-origin>`__
-      as follows:
+   #.  The ``-s`` option of ``git commit`` adds a "Signed-off-by:" line
+       to your commit message. There is the same requirement for contributing
+       to the Linux kernel. Adding such a line signifies that you, the
+       submitter, have agreed to the `Developer's Certificate of Origin 1.1
+       <https://www.kernel.org/doc/html/latest/process/submitting-patches.html#sign-your-work-the-developer-s-certificate-of-origin>`__
+       as follows:

-      .. code-block:: none
+       .. code-block:: none

-         Developer's Certificate of Origin 1.1
+          Developer's Certificate of Origin 1.1

-         By making a contribution to this project, I certify that:
+          By making a contribution to this project, I certify that:

-         (a) The contribution was created in whole or in part by me and I
-             have the right to submit it under the open source license
-             indicated in the file; or
+          (a) The contribution was created in whole or in part by me and I
+              have the right to submit it under the open source license
+              indicated in the file; or

-         (b) The contribution is based upon previous work that, to the best
-             of my knowledge, is covered under an appropriate open source
-             license and I have the right under that license to submit that
-             work with modifications, whether created in whole or in part
-             by me, under the same open source license (unless I am
-             permitted to submit under a different license), as indicated
-             in the file; or
+          (b) The contribution is based upon previous work that, to the best
+              of my knowledge, is covered under an appropriate open source
+              license and I have the right under that license to submit that
+              work with modifications, whether created in whole or in part
+              by me, under the same open source license (unless I am
+              permitted to submit under a different license), as indicated
+              in the file; or

-         (c) The contribution was provided directly to me by some other
-             person who certified (a), (b) or (c) and I have not modified
-             it.
+          (c) The contribution was provided directly to me by some other
+              person who certified (a), (b) or (c) and I have not modified
+              it.

-         (d) I understand and agree that this project and the contribution
-             are public and that a record of the contribution (including all
-             personal information I submit with it, including my sign-off) is
-             maintained indefinitely and may be redistributed consistent with
-             this project or the open source license(s) involved.
+          (d) I understand and agree that this project and the contribution
+              are public and that a record of the contribution (including all
+              personal information I submit with it, including my sign-off) is
+              maintained indefinitely and may be redistributed consistent with
+              this project or the open source license(s) involved.

-   -  Provide a single-line summary of the change and, if more
-      explanation is needed, provide more detail in the body of the
-      commit. This summary is typically viewable in the "shortlist" of
-      changes. Thus, providing something short and descriptive that
-      gives the reader a summary of the change is useful when viewing a
-      list of many commits. You should prefix this short description
-      with the recipe name (if changing a recipe), or else with the
-      short form path to the file being changed.
+   #.  Provide a single-line summary of the change and, if more
+       explanation is needed, provide more detail in the description of the
+       commit. This summary is typically viewable in the "shortlist" of
+       changes. Thus, providing something short and descriptive that
+       gives the reader a summary of the change is useful when viewing a
+       list of many commits. You should prefix this short description
+       with the recipe name (if changing a recipe), or else with the
+       short form path to the file being changed.
+
+       .. note::
+
+          To find a suitable prefix for the commit summary, a good idea
+          is to look for prefixes used in previous commits touching the
+          same files or directories::
+
+             git log --oneline <paths>
+
+   #.  For the commit description, provide detailed information
+       that describes what you changed, why you made the change, and the
+       approach you used. It might also be helpful if you mention how you
+       tested the change. Provide as much detail as you can in the commit
+       description.
+
+       .. note::
+
+          If the single line summary is enough to describe a simple
+          change, the commit description can be left empty.
+
+   #.  If the change addresses a specific bug or issue that is associated
+       with a bug-tracking ID, include a reference to that ID in the body of the
+       commit message. For example, the Yocto Project uses a
+       specific convention for bug references --- any commit that addresses
+       a specific bug should use the following form for the body of the commit
+       message. Be sure to use the actual bug-tracking ID from
+       Bugzilla for bug-id::
+
+          single-line summary of change
+
+          Fixes [YOCTO #bug-id]
+
+          detailed description of change
+
+   #. If other people participated in this patch, add some tags to the commit
+      description to credit other contributors to the change:
+
+      -  ``Reported-by``: name and email of a person reporting a bug
+         that your commit is trying to fix. This is a good practice
+         to encourage people to go on reporting bugs and let them
+         know that their reports are taken into account.
+
+      -  ``Suggested-by``: name and email of a person to credit for the
+         idea of making the change.
+
+      -  ``Tested-by``, ``Reviewed-by``: name and email for people having
+         tested your changes or reviewed their code. These fields are
+         usually added by the maintainer accepting a patch, or by
+         yourself if you submitted your patches to early reviewers,
+         or are submitting an unmodified patch again as part of a
+         new iteration of your patch series.
+
+      -  ``Cc``: name and email of people you want to send a copy
+         of your changes to. This field will be used by ``git send-email``.
+
+      See `more guidance about using such tags
+      <https://www.kernel.org/doc/html/latest/process/submitting-patches.html#using-reported-by-tested-by-reviewed-by-suggested-by-and-fixes>`__
+      in the Linux kernel documentation.

      .. note::

-         To find a suitable prefix for the commit summary, a good idea
-         is to look for prefixes used in previous commits touching the
-         same files or directories::
-
-            git log --oneline <paths>
-
-   -  For the body of the commit message, provide detailed information
-      that describes what you changed, why you made the change, and the
-      approach you used. It might also be helpful if you mention how you
-      tested the change. Provide as much detail as you can in the body
-      of the commit message.
-
-      .. note::
-
-         If the single line summary is enough to describe a simple
-         change, the body of the commit message can be left empty.
-
-   -  If the change addresses a specific bug or issue that is associated
-      with a bug-tracking ID, include a reference to that ID in your
-      detailed description. For example, the Yocto Project uses a
-      specific convention for bug references --- any commit that addresses
-      a specific bug should use the following form for the detailed
-      description. Be sure to use the actual bug-tracking ID from
-      Bugzilla for bug-id::
-
-         Fixes [YOCTO #bug-id]
-
-         detailed description of change
-
-#. *Crediting contributors:* By using the ``git commit --amend`` command,
-   you can add some tags to the commit description to credit other contributors
-   to the change:
-
-   -  ``Reported-by``: name and email of a person reporting a bug
-      that your commit is trying to fix. This is a good practice
-      to encourage people to go on reporting bugs and let them
-      know that their reports are taken into account.
-
-   -  ``Suggested-by``: name and email of a person to credit for the
-      idea of making the change.
-
-   -  ``Tested-by``, ``Reviewed-by``: name and email for people having
-      tested your changes or reviewed their code. These fields are
-      usually added by the maintainer accepting a patch, or by
-      yourself if you submitted your patches to early reviewers,
-      or are submitting an unmodified patch again as part of a
-      new iteration of your patch series.
-
-   -  ``CC:`` Name and email of people you want to send a copy
-      of your changes to. This field will be used by ``git send-email``.
-
-   See `more guidance about using such tags
-   <https://www.kernel.org/doc/html/latest/process/submitting-patches.html#using-reported-by-tested-by-reviewed-by-suggested-by-and-fixes>`__
-   in the Linux kernel documentation.
+         One can amend an existing git commit message to add missing tags for
+         contributors with the ``git commit --amend`` command.

 Test your changes
 -----------------
@@ -776,6 +782,38 @@ argument to ``git format-patch`` with a version number::

   git format-patch -v2 <ref-branch>

+
+After generating updated patches (v2, v3, and so on) via ``git
+format-patch``, ideally developers will add a patch version changelog
+to each patch that describes what has changed between each revision of
+the patch. Add patch version changelogs after the ``---`` marker in the
+patch, indicating that this information is part of this patch, but is not
+suitable for inclusion in the commit message (i.e. the git history) itself.
+Providing a patch version changelog makes it easier for maintainers and
+reviewers to succinctly understand what changed in all versions of the
+patch, without having to consult alternate sources of information, such as
+searching through messages on a mailing list. For example::
+
+   <patch title>
+
+   <commit message>
+
+   <Signed-off-by/other trailers>
+   ---
+   changes in v4:
+   - provide a clearer commit message
+   - fix spelling mistakes
+
+   changes in v3:
+   - replace func() to use other_func() instead
+
+   changes in v2:
+   - this patch was added in v2
+   ---
+   <diffstat output>
+
+   <unified diff>
+
 Lastly please ensure that you also test your revised changes. In particular
 please don't just edit the patch file written out by ``git format-patch`` and
 resend it.
--- a/documentation/dev-manual/building.rst
+++ b/documentation/dev-manual/building.rst
@@ -909,6 +909,11 @@ to point to that directory::

   EXTERNALSRC_BUILD:pn-myrecipe = "path-to-your-source-tree"

+.. note::
+
+   The values of :term:`EXTERNALSRC` and :term:`EXTERNALSRC_BUILD`
+   must be absolute paths.
+
 Replicating a Build Offline
 ===========================

--- a/documentation/dev-manual/debugging.rst
+++ b/documentation/dev-manual/debugging.rst
@@ -36,7 +36,7 @@ section:
   use the BitBake ``-e`` option to examine variable values after a
   recipe has been parsed.

-  ":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
+-  ":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
   describes how to use the ``oe-pkgdata-util`` utility to query
   :term:`PKGDATA_DIR` and
   display package-related information for built packages.
--- a/documentation/dev-manual/new-recipe.rst
+++ b/documentation/dev-manual/new-recipe.rst
@@ -56,7 +56,7 @@ necessary when adding a recipe to build a new piece of software to be
 included in a build.

 You can find a complete description of the ``devtool add`` command in
-the ":ref:`sdk-manual/extensible:a closer look at \`\`devtool add\`\``" section
+the ":ref:`sdk-manual/extensible:a closer look at ``devtool add```" section
 in the Yocto Project Application Development and the Extensible Software
 Development Kit (eSDK) manual.

--- a/documentation/dev-manual/qemu.rst
+++ b/documentation/dev-manual/qemu.rst
@@ -75,7 +75,7 @@ available. Follow these general steps to run QEMU:
      your :term:`Build Directory`.

   -  If you have not built an image, you can go to the
-      :yocto_dl:`machines/qemu </releases/yocto/yocto-&DISTRO;/machines/qemu/>` area and download a
+      :yocto_dl:`machines/qemu </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines/qemu/>` area and download a
      pre-built image that matches your architecture and can be run on
      QEMU.

--- a/documentation/dev-manual/sbom.rst
+++ b/documentation/dev-manual/sbom.rst
@@ -30,16 +30,9 @@ To make this happen, you must inherit the

   INHERIT += "create-spdx"

-Upon building an image, you will then get:
-
-  :term:`SPDX` output in JSON format as an ``IMAGE-MACHINE.spdx.json`` file in
-   ``tmp/deploy/images/MACHINE/`` inside the :term:`Build Directory`.
-
-  This toplevel file is accompanied by an ``IMAGE-MACHINE.spdx.index.json``
-   containing an index of JSON :term:`SPDX` files for individual recipes.
-
-  The compressed archive ``IMAGE-MACHINE.spdx.tar.zst`` contains the index
-   and the files for the single recipes.
+Upon building an image, you will then get the compressed archive
+``IMAGE-MACHINE.spdx.tar.zst`` contains the index and the files for the single
+recipes.

 The :ref:`ref-classes-create-spdx` class offers options to include
 more information in the output :term:`SPDX` data:
@@ -56,7 +49,7 @@ more information in the output :term:`SPDX` data:

 Though the toplevel :term:`SPDX` output is available in
 ``tmp/deploy/images/MACHINE/`` inside the :term:`Build Directory`, ancillary
-generated files are available in ``tmp/deploy/spdx/MACHINE`` too, such as:
+generated files are available in ``tmp/deploy/spdx`` too, such as:

 -  The individual :term:`SPDX` JSON files in the ``IMAGE-MACHINE.spdx.tar.zst``
   archive.
--- a/documentation/dev-manual/security-subjects.rst
+++ b/documentation/dev-manual/security-subjects.rst
@@ -52,19 +52,24 @@ for them for significant issues.
 Security-related discussions at the Yocto Project
 -------------------------------------------------

-We have set up two security-related mailing lists:
+We have set up two security-related emails/mailing lists:

-  -  Public List: yocto [dash] security [at] yoctoproject[dot] org
+  -  Public Mailing List: yocto [dash] security [at] yoctoproject[dot] org

-    This is a public mailing list for anyone to subscribe to. This list is an
-    open list to discuss public security issues/patches and security-related
-    initiatives. For more information, including subscription information,
-    please see the  :yocto_lists:`yocto-security mailing list info page </g/yocto-security>`.
+     This is a public mailing list for anyone to subscribe to. This list is an
+     open list to discuss public security issues/patches and security-related
+     initiatives. For more information, including subscription information,
+     please see the  :yocto_lists:`yocto-security mailing list info page
+     </g/yocto-security>`.

-  - Private List: security [at] yoctoproject [dot] org
+     This list requires moderator approval for new topics to be posted, to avoid
+     private security reports to be posted by mistake.

-    This is a private mailing list for reporting non-published potential
-    vulnerabilities. The list is monitored by the Yocto Project Security team.
+  -  Yocto Project Security Team: security [at] yoctoproject [dot] org
+
+     This is an email for reporting non-published potential vulnerabilities.
+     Emails sent to this address are forwarded to the Yocto Project Security
+     Team members.


 What you should do if you find a security vulnerability
--- a/documentation/dev-manual/start.rst
+++ b/documentation/dev-manual/start.rst
@@ -543,6 +543,7 @@ your Yocto Project build host:
         DISKPART> select vdisk file="<path_to_VHDX_file>"
         DISKPART> attach vdisk readonly
         DISKPART> compact vdisk
+         DISKPART> detach
         DISKPART> exit

 .. note::
@@ -615,7 +616,7 @@ Accessing Source Archives
 The Yocto Project also provides source archives of its releases, which
 are available on :yocto_dl:`/releases/yocto/`. Then, choose the subdirectory
 containing the release you wish to use, for example
-:yocto_dl:`yocto-&DISTRO; </releases/yocto/yocto-&DISTRO;/>`.
+:yocto_dl:`&DISTRO_REL_LATEST_TAG; </releases/yocto/&DISTRO_REL_LATEST_TAG;/>`.

 You will find there source archives of individual components (if you wish
 to use them individually), and of the corresponding Poky release bundling
--- a/documentation/dev-manual/upgrading-recipes.rst
+++ b/documentation/dev-manual/upgrading-recipes.rst
@@ -333,7 +333,7 @@ Manually Upgrading a Recipe

 If for some reason you choose not to upgrade recipes using
 :ref:`dev-manual/upgrading-recipes:Using the Auto Upgrade Helper (AUH)` or
-by :ref:`dev-manual/upgrading-recipes:Using \`\`devtool upgrade\`\``,
+by :ref:`dev-manual/upgrading-recipes:Using ``devtool upgrade```,
 you can manually edit the recipe files to upgrade the versions.

 .. note::
--- a/documentation/kernel-dev/common.rst
+++ b/documentation/kernel-dev/common.rst
@@ -650,13 +650,9 @@ the Broadcom 2708/2709 chipset::

   KBUILD_DEFCONFIG:raspberrypi2 ?= "bcm2709_defconfig"

-Aside from modifying your kernel recipe and providing your own
-``defconfig`` file, you need to be sure no files or statements set
-:term:`SRC_URI` to use a ``defconfig`` other than your "in-tree" file (e.g.
-a kernel's ``linux-``\ `machine`\ ``.inc`` file). In other words, if the
-build system detects a statement that identifies an "out-of-tree"
-``defconfig`` file, that statement will override your
-:term:`KBUILD_DEFCONFIG` variable.
+If the build system detects a statement that identifies an "out-of-tree"
+``defconfig`` file, your :term:`KBUILD_DEFCONFIG` variable will take precedence
+over it.

 See the
 :term:`KBUILD_DEFCONFIG`
@@ -672,7 +668,7 @@ The steps in this procedure show you how you can patch the kernel using

   Before attempting this procedure, be sure you have performed the
   steps to get ready for updating the kernel as described in the
-   ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
+   ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
   section.

 Patching the kernel involves changing or adding configurations to an
@@ -685,7 +681,7 @@ output at boot time through ``printk`` statements in the kernel's
 ``calibrate.c`` source code file. Applying the patch and booting the
 modified image causes the added messages to appear on the emulator's
 console. The example is a continuation of the setup procedure found in
-the ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``" Section.
+the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Section.

 #. *Check Out the Kernel Source Files:* First you must use ``devtool``
   to checkout the kernel source code in its workspace.
@@ -693,7 +689,7 @@ the ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``" Se
   .. note::

      See this step in the
-      ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
+      ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
      section for more information.

   Use the following ``devtool`` command to check out the code::
@@ -804,7 +800,7 @@ the ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``" Se
   .. note::

      See Step 3 of the
-      ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
+      ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
      section for information on setting up this layer.

   Once the command
@@ -1190,7 +1186,7 @@ appear in the ``.config`` file, which is in the :term:`Build Directory`.

   For more information about where the ``.config`` file is located, see the
   example in the
-   ":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
+   ":ref:`kernel-dev/common:using ``menuconfig```"
   section.

 It is simple to create a configuration fragment. One method is to use
@@ -1286,7 +1282,7 @@ when you override a policy configuration in a hardware configuration
 fragment.

 In order to run this task, you must have an existing ``.config`` file.
-See the ":ref:`kernel-dev/common:using \`\`menuconfig\`\``" section for
+See the ":ref:`kernel-dev/common:using ``menuconfig```" section for
 information on how to create a configuration file.

 Here is sample output from the :ref:`ref-tasks-kernel_configcheck` task:
@@ -1359,7 +1355,7 @@ and
 tasks until they produce no warnings.

 For more information on how to use the ``menuconfig`` tool, see the
-:ref:`kernel-dev/common:using \`\`menuconfig\`\`` section.
+:ref:`kernel-dev/common:using ``menuconfig``` section.

 Fine-Tuning the Kernel Configuration File
 -----------------------------------------
--- a/documentation/kernel-dev/intro.rst
+++ b/documentation/kernel-dev/intro.rst
@@ -122,7 +122,7 @@ general information and references for further information.
   Using ``devtool`` requires that you have a clean build
   of the image. For
   more information, see the
-   ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
+   ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
   section.

   Using traditional kernel development requires that you have the
--- a/documentation/migration-guides/release-4.0.rst
+++ b/documentation/migration-guides/release-4.0.rst
@@ -32,3 +32,7 @@ Release 4.0 (kirkstone)
   release-notes-4.0.23
   release-notes-4.0.24
   release-notes-4.0.25
+   release-notes-4.0.26
+   release-notes-4.0.27
+   release-notes-4.0.28
+   release-notes-4.0.29
--- a/documentation/migration-guides/release-5.0.rst
+++ b/documentation/migration-guides/release-5.0.rst
@@ -14,4 +14,8 @@ Release 5.0 (scarthgap)
   release-notes-5.0.5
   release-notes-5.0.6
   release-notes-5.0.7
-
+   release-notes-5.0.8
+   release-notes-5.0.9
+   release-notes-5.0.10
+   release-notes-5.0.11
+   release-notes-5.0.12
--- a/documentation/migration-guides/release-notes-4.0.26.rst
+++ b/documentation/migration-guides/release-notes-4.0.26.rst
@@ -0,0 +1,263 @@
+Release notes for Yocto-4.0.26 (Kirkstone)
+------------------------------------------
+
+Security Fixes in Yocto-4.0.26
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+
+-  bind: Fix :cve_nist:`2024-11187` and :cve_nist:`2024-12705`
+-  binutils: Fix :cve_nist:`2025-0840`
+-  elfutils: Fix :cve_nist:`2025-1352` and :cve_nist:`2025-1372`
+-  ffmpeg: Fix CVE-2024-28661, :cve_nist:`2024-35369`, :cve_nist:`2024-36613`, :cve_nist:`2024-36616`,
+   :cve_nist:`2024-36617`, :cve_nist:`2024-36618`, :cve_nist:`2025-0518` and :cve_nist:`2025-25473`
+-  ffmpeg: Ignore :cve_nist:`2023-46407`, :cve_nist:`2023-47470`, :cve_nist:`2024-7272`,
+   :cve_nist:`2024-22860`, :cve_nist:`2024-22861` and :cve_nist:`2024-22862`
+-  freetype: Fix :cve_nist:`2025-27363`
+-  gnutls: Fix :cve_nist:`2024-12243`
+-  grub: Fix :cve_nist:`2024-45774`, :cve_nist:`2024-45775`, :cve_nist:`2024-45776`,
+   :cve_nist:`2024-45777`, :cve_nist:`2024-45778`, :cve_nist:`2024-45779`, :cve_nist:`2024-45780`,
+   :cve_nist:`2024-45781`, :cve_nist:`2024-45782`, :cve_nist:`2024-45783`, :cve_nist:`2024-56737`,
+   :cve_nist:`2025-0622`, :cve_nist:`2025-0624`, :cve_nist:`2025-0677`, :cve_nist:`2025-0684`,
+   :cve_nist:`2025-0685`, :cve_nist:`2025-0686`, :cve_nist:`2025-0689`, :cve_nist:`2025-0678`,
+   :cve_nist:`2025-0690`, :cve_nist:`2025-1118` and :cve_nist:`2025-1125`
+-  gstreamer1.0-rtsp-server: fix :cve_nist:`2024-44331`
+-  libarchive: Fix :cve_nist:`2025-25724`
+-  libarchive: Ignore :cve_nist:`2025-1632`
+-  libcap: Fix :cve_nist:`2025-1390`
+-  linux-yocto/5.10: Fix :cve_nist:`2024-36476`, :cve_nist:`2024-43098`, :cve_nist:`2024-47143`,
+   :cve_nist:`2024-48881`, :cve_nist:`2024-50051`, :cve_nist:`2024-50074`, :cve_nist:`2024-50082`,
+   :cve_nist:`2024-50083`, :cve_nist:`2024-50099`, :cve_nist:`2024-50115`, :cve_nist:`2024-50116`,
+   :cve_nist:`2024-50117`, :cve_nist:`2024-50142`, :cve_nist:`2024-50148`, :cve_nist:`2024-50150`,
+   :cve_nist:`2024-50151`, :cve_nist:`2024-50167`, :cve_nist:`2024-50168`, :cve_nist:`2024-50171`,
+   :cve_nist:`2024-50185`, :cve_nist:`2024-50192`, :cve_nist:`2024-50193`, :cve_nist:`2024-50194`,
+   :cve_nist:`2024-50195`, :cve_nist:`2024-50198`, :cve_nist:`2024-50201`, :cve_nist:`2024-50202`,
+   :cve_nist:`2024-50205`, :cve_nist:`2024-50208`, :cve_nist:`2024-50209`, :cve_nist:`2024-50229`,
+   :cve_nist:`2024-50230`, :cve_nist:`2024-50233`, :cve_nist:`2024-50234`, :cve_nist:`2024-50236`,
+   :cve_nist:`2024-50237`, :cve_nist:`2024-50251`, :cve_nist:`2024-50262`, :cve_nist:`2024-50264`,
+   :cve_nist:`2024-50265`, :cve_nist:`2024-50267`, :cve_nist:`2024-50268`, :cve_nist:`2024-50269`,
+   :cve_nist:`2024-50273`, :cve_nist:`2024-50278`, :cve_nist:`2024-50279`, :cve_nist:`2024-50282`,
+   :cve_nist:`2024-50287`, :cve_nist:`2024-50292`, :cve_nist:`2024-50296`, :cve_nist:`2024-50299`,
+   :cve_nist:`2024-50301`, :cve_nist:`2024-50302`, :cve_nist:`2024-53042`, :cve_nist:`2024-53052`,
+   :cve_nist:`2024-53057`, :cve_nist:`2024-53059`, :cve_nist:`2024-53060`, :cve_nist:`2024-53061`,
+   :cve_nist:`2024-53063`, :cve_nist:`2024-53066`, :cve_nist:`2024-53096`, :cve_nist:`2024-53097`,
+   :cve_nist:`2024-53101`, :cve_nist:`2024-53103`, :cve_nist:`2024-53104`, :cve_nist:`2024-53145`,
+   :cve_nist:`2024-53146`, :cve_nist:`2024-53150`, :cve_nist:`2024-53155`, :cve_nist:`2024-53156`,
+   :cve_nist:`2024-53157`, :cve_nist:`2024-53161`, :cve_nist:`2024-53165`, :cve_nist:`2024-53171`,
+   :cve_nist:`2024-53173`, :cve_nist:`2024-53174`, :cve_nist:`2024-53194`, :cve_nist:`2024-53197`,
+   :cve_nist:`2024-53217`, :cve_nist:`2024-53226`, :cve_nist:`2024-53227`, :cve_nist:`2024-53237`,
+   :cve_nist:`2024-53239`, :cve_nist:`2024-55916`, :cve_nist:`2024-56548`, :cve_nist:`2024-56558`,
+   :cve_nist:`2024-56567`, :cve_nist:`2024-56568`, :cve_nist:`2024-56569`, :cve_nist:`2024-56572`,
+   :cve_nist:`2024-56574`, :cve_nist:`2024-56581`, :cve_nist:`2024-56587`, :cve_nist:`2024-56593`,
+   :cve_nist:`2024-56595`, :cve_nist:`2024-56596`, :cve_nist:`2024-56598`, :cve_nist:`2024-56600`,
+   :cve_nist:`2024-56601`, :cve_nist:`2024-56602`, :cve_nist:`2024-56603`, :cve_nist:`2024-56605`,
+   :cve_nist:`2024-56606`, :cve_nist:`2024-56615`, :cve_nist:`2024-56619`, :cve_nist:`2024-56623`,
+   :cve_nist:`2024-56629`, :cve_nist:`2024-56634`, :cve_nist:`2024-56642`, :cve_nist:`2024-56643`,
+   :cve_nist:`2024-56648`, :cve_nist:`2024-56650`, :cve_nist:`2024-56659`, :cve_nist:`2024-56662`,
+   :cve_nist:`2024-56670`, :cve_nist:`2024-56688`, :cve_nist:`2024-56698`, :cve_nist:`2024-56704`,
+   :cve_nist:`2024-56716`, :cve_nist:`2024-56720`, :cve_nist:`2024-56723`, :cve_nist:`2024-56724`,
+   :cve_nist:`2024-56728`, :cve_nist:`2024-56739`, :cve_nist:`2024-56746`, :cve_nist:`2024-56747`,
+   :cve_nist:`2024-56748`, :cve_nist:`2024-56754`, :cve_nist:`2024-56756`, :cve_nist:`2024-56770`,
+   :cve_nist:`2024-56779`, :cve_nist:`2024-56780`, :cve_nist:`2024-56781`, :cve_nist:`2024-56785`,
+   :cve_nist:`2024-57802`, :cve_nist:`2024-57807`, :cve_nist:`2024-57850`, :cve_nist:`2024-57874`,
+   :cve_nist:`2024-57890`, :cve_nist:`2024-57896`, :cve_nist:`2024-57900`, :cve_nist:`2024-57901`,
+   :cve_nist:`2024-57902`, :cve_nist:`2024-57910`, :cve_nist:`2024-57911`, :cve_nist:`2024-57913`,
+   :cve_nist:`2024-57922`, :cve_nist:`2024-57938`, :cve_nist:`2024-57939`, :cve_nist:`2024-57946`,
+   :cve_nist:`2024-57951`, :cve_nist:`2025-21638`, :cve_nist:`2025-21687`, :cve_nist:`2025-21689`,
+   :cve_nist:`2025-21692`, :cve_nist:`2025-21694`, :cve_nist:`2025-21697` and :cve_nist:`2025-21699`
+-  linux-yocto/5.15: Fix :cve_nist:`2024-57979`, :cve_nist:`2024-58034`, :cve_nist:`2024-58052`,
+   :cve_nist:`2024-58055`, :cve_nist:`2024-58058`, :cve_nist:`2024-58063`, :cve_nist:`2024-58069`,
+   :cve_nist:`2024-58071`, :cve_nist:`2024-58076`, :cve_nist:`2024-58083`, :cve_nist:`2025-21700`,
+   :cve_nist:`2025-21703`, :cve_nist:`2025-21715`, :cve_nist:`2025-21722`, :cve_nist:`2025-21727`,
+   :cve_nist:`2025-21731`, :cve_nist:`2025-21753`, :cve_nist:`2025-21756`, :cve_nist:`2025-21760`,
+   :cve_nist:`2025-21761`, :cve_nist:`2025-21762`, :cve_nist:`2025-21763`, :cve_nist:`2025-21764`,
+   :cve_nist:`2025-21796`, :cve_nist:`2025-21811`, :cve_nist:`2025-21887`, :cve_nist:`2025-21898`,
+   :cve_nist:`2025-21904`, :cve_nist:`2025-21905`, :cve_nist:`2025-21912`, :cve_nist:`2025-21917`,
+   :cve_nist:`2025-21919`, :cve_nist:`2025-21920`, :cve_nist:`2025-21922`, :cve_nist:`2025-21934`,
+   :cve_nist:`2025-21943`, :cve_nist:`2025-21948` and :cve_nist:`2025-21951`
+-  libpcre2: Ignore :cve_nist:`2022-1586`
+-  libtasn1: Fix :cve_nist:`2024-12133`
+-  libxml2: Fix :cve_nist:`2022-49043`, :cve_nist:`2024-56171`, :cve_nist:`2025-24928` and
+   :cve_nist:`2025-27113`
+-  libxslt: Fix :cve_nist:`2024-55549` and :cve_nist:`2025-24855`
+-  llvm: Fix :cve_nist:`2024-0151`
+-  mpg123: Fix :cve_nist:`2024-10573`
+-  openssh: Fix :cve_nist:`2025-26465`
+-  ovmf: Revert Fix for CVE-2023-45236 :cve_nist:`2023-45237`
+-  perl: Ignore :cve_nist:`2023-47038`
+-  puzzles: Ignore :cve_nist:`2024-13769`, :cve_nist:`2024-13770` and :cve_nist:`2025-0837`
+-  python3: Fix :cve_nist:`2025-0938`
+-  ruby: Fix :cve_nist:`2024-41946`, :cve_nist:`2025-27219` and :cve_nist:`2025-27220`
+-  subversion: Ignore :cve_nist:`2024-45720`
+-  systemd: Fix :cve_nist:`2022-3821`, :cve_nist:`2022-4415`, :cve_nist:`2022-45873` and
+   :cve_nist:`2023-7008`
+-  tiff: mark :cve_nist:`2023-30774` as patched with existing patch
+-  u-boot: Fix :cve_nist:`2022-2347`, :cve_nist:`2022-30767`, :cve_nist:`2022-30790`,
+   :cve_nist:`2024-57254`, :cve_nist:`2024-57255`, :cve_nist:`2024-57256`, :cve_nist:`2024-57257`,
+   :cve_nist:`2024-57258` and :cve_nist:`2024-57259`
+-  vim: Fix :cve_nist:`2025-1215`, :cve_nist:`2025-22134`, :cve_nist:`2025-24014`,
+   :cve_nist:`2025-26603`, :cve_nist:`2025-27423` and :cve_nist:`2025-29768`
+-  xserver-xorg: Fix :cve_nist:`2022-49737`, :cve_nist:`2025-26594`, :cve_nist:`2025-26595`,
+   :cve_nist:`2025-26596`, :cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`,
+   :cve_nist:`2025-26600` and :cve_nist:`2025-26601`
+-  xwayland: Fix :cve_nist:`2022-49737`, :cve_nist:`2024-9632`, :cve_nist:`2024-21885`,
+   :cve_nist:`2024-21886`, :cve_nist:`2024-31080`, :cve_nist:`2024-31081`, :cve_nist:`2024-31083`,
+   :cve_nist:`2025-26594`, :cve_nist:`2025-26595`, :cve_nist:`2025-26596`, :cve_nist:`2025-26597`,
+   :cve_nist:`2025-26598`, :cve_nist:`2025-26599`, :cve_nist:`2025-26600` and :cve_nist:`2025-26601`
+-  zlib: Fix :cve_nist:`2014-9485`
+
+
+
+Fixes in Yocto-4.0.26
+~~~~~~~~~~~~~~~~~~~~~
+
+-  bind: Upgrade to 9.18.33
+-  bitbake: cache: bump cache version
+-  bitbake: siggen.py: Improve taskhash reproducibility
+-  boost: fix do_fetch error
+-  build-appliance-image: Update to kirkstone head revision
+-  contributor-guide/submit-changes: add policy on AI generated code
+-  cve-update-nvd2-native: handle missing vulnStatus
+-  docs: Add favicon for the documentation html
+-  docs: Remove all mention of core-image-lsb
+-  libtasn1: upgrade to 4.20.0
+-  libxcrypt-compat: Remove libcrypt.so to fix conflict with libcrypt
+-  libxml2: fix compilation of explicit child axis in pattern
+-  linux-yocto/5.10: update to v5.10.234
+-  linux-yocto/5.15: update to v5.15.179
+-  mesa: Fix missing GLES3 headers in SDK sysroot
+-  mesa: Update :term:`SRC_URI`
+-  meta: Enable '-o pipefail' for the SDK installer
+-  migration-guides: add release notes for 4.0.25
+-  poky.conf: add ubuntu2404 to :term:`SANITY_TESTED_DISTROS`
+-  poky.conf: bump version for 4.0.26
+-  procps: replaced one use of fputs(3) with a write(2) call
+-  ref-manual: don't refer to poky-lsb
+-  scripts/install-buildtools: Update to 4.0.24
+-  scritps/runqemu: Ensure we only have two serial ports
+-  systemd: upgrade to 250.14
+-  tzcode-native: Fix compiler setting from 2023d version
+-  tzcode: Update :term:`SRC_URI`
+-  tzdata/tzcode-native: upgrade 2025a
+-  vim: Upgrade to 9.1.1198
+-  virglrenderer: fix do_fetch error
+-  vulnerabilities/classes: remove references to cve-check text format
+-  xz: Update :term:`SRC_URI`
+-  yocto-uninative: Update to 4.7 for glibc 2.41
+
+
+Known Issues in Yocto-4.0.26
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+
+Contributors to Yocto-4.0.26
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Thanks to the following people who contributed to this release:
+
+-  Aleksandar Nikolic
+-  Alessio Cascone
+-  Antonin Godard
+-  Archana Polampalli
+-  Ashish Sharma
+-  Bruce Ashfield
+-  Carlos Dominguez
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Guocai He
+-  Hitendra Prajapati
+-  Hongxu Jia
+-  Jiaying Song
+-  Johannes Kauffmann
+-  Kai Kang
+-  Lee Chee Yang
+-  Libo Chen
+-  Marta Rybczynska
+-  Michael Halstead
+-  Mingli Yu
+-  Moritz Haase
+-  Narpat Mali
+-  Paulo Neves
+-  Peter Marko
+-  Priyal Doshi
+-  Richard Purdie
+-  Robert Yang
+-  Ross Burton
+-  Sakib Sajal
+-  Steve Sakoman
+-  Vijay Anusuri
+-  Yogita Urade
+-  Zhang Peng
+
+
+Repositories / Downloads for Yocto-4.0.26
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.26 </poky/log/?h=yocto-4.0.26>`
+-  Git Revision: :yocto_git:`d70d287a77d5026b698ac237ab865b2dafd36bb8 </poky/commit/?id=d70d287a77d5026b698ac237ab865b2dafd36bb8>`
+-  Release Artefact: poky-d70d287a77d5026b698ac237ab865b2dafd36bb8
+-  sha: 3ebfadb8bff4c1ca12b3cf3e4ef6e3ac2ce52b73570266daa98436c9959249f2
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/poky-d70d287a77d5026b698ac237ab865b2dafd36bb8.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/poky-d70d287a77d5026b698ac237ab865b2dafd36bb8.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
+-  Tag:  :oe_git:`yocto-4.0.26 </openembedded-core/log/?h=yocto-4.0.26>`
+-  Git Revision: :oe_git:`1efbe1004bc82e7c14c1e8bd4ce644f5015c3346 </openembedded-core/commit/?id=1efbe1004bc82e7c14c1e8bd4ce644f5015c3346>`
+-  Release Artefact: oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346
+-  sha: d3805e034dabd0865dbf55488b2c16d4ea0351d37aa826f0054a6bfdde5a8be9
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.26 </meta-mingw/log/?h=yocto-4.0.26>`
+-  Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
+-  Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
+-  sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+
+meta-gplv2
+
+-  Repository Location: :yocto_git:`/meta-gplv2`
+-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.26 </meta-gplv2/log/?h=yocto-4.0.26>`
+-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
+-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
+-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
+-  Tag:  :oe_git:`yocto-4.0.26 </bitbake/log/?h=yocto-4.0.26>`
+-  Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
+-  Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
+-  sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.26 </yocto-docs/log/?h=yocto-4.0.26>`
+-  Git Revision: :yocto_git:`9b4c36f7b02dd4bedfec90206744a1e90e37733c </yocto-docs/commit/?id=9b4c36f7b02dd4bedfec90206744a1e90e37733c>`
+
--- a/documentation/migration-guides/release-notes-4.0.27.rst
+++ b/documentation/migration-guides/release-notes-4.0.27.rst
@@ -0,0 +1,153 @@
+Release notes for Yocto-4.0.27 (Kirkstone)
+------------------------------------------
+
+Security Fixes in Yocto-4.0.27
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: Fix :cve_nist:`2025-1178`
+-  busybox: fix :cve_nist:`2023-39810`
+-  connman :fix :cve_nist:`2025-32743`
+-  curl: Ignore :cve_nist:`2025-0725`
+-  ghostscript: Fix :cve_nist:`2025-27830`, :cve_nist:`2025-27831`, :cve_nist:`2025-27832`,
+   :cve_nist:`2025-27834`, :cve_nist:`2025-27835` and :cve_nist:`2025-27836`
+-  ghostscript: Ignore :cve_nist:`2024-29507`, :cve_nist:`2025-27833` and :cve_nist:`2025-27837`
+-  glib-2.0: Fix :cve_nist:`2025-3360`
+-  go: Fix :cve_nist:`2025-22871`
+-  libarchive: Ignore :cve_nist:`2024-48615`
+-  libpam: Fix :cve_nist:`2024-10041`
+-  libsoup-2.4: Fix :cve_nist:`2024-52532`, :cve_nist:`2025-32906` and :cve_nist:`2025-32909`
+-  libsoup: Fix :cve_nist:`2024-52532`, :cve_nist:`2025-32906`, :cve_nist:`2025-32909`,
+   :cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`
+   and :cve_nist:`2025-32914`
+-  libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
+-  ofono: Fix :cve_nist:`2024-7537`
+-  perl: Fix :cve_nist:`2024-56406`
+-  ppp: Fix :cve_nist:`2024-58250`
+-  python3-setuptools: Fix :cve_nist:`2024-6345`
+-  qemu: Ignore :cve_nist:`2023-1386`
+-  ruby: Fix :cve_nist:`2024-43398`
+-  sqlite3: Fix :cve_nist:`2025-29088`
+-  systemd: Ignore :cve_nist:`2022-3821`, :cve_nist:`2022-4415` and :cve_nist:`2022-45873`
+
+
+Fixes in Yocto-4.0.27
+~~~~~~~~~~~~~~~~~~~~~
+
+-  Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
+-  build-appliance-image: Update to kirkstone head revision
+-  cve-update-nvd2-native: add workaround for json5 style list
+-  docs: Fix dead links that use the :term:`DISTRO` macro
+-  docs: manuals: remove repeated word
+-  docs: poky.yaml: introduce DISTRO_LATEST_TAG
+-  glibc: Add single-threaded fast path to rand()
+-  glibc: stable 2.35 branch updates
+-  module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
+-  perl: enable _GNU_SOURCE define via d_gnulibc
+-  poky.conf: bump version for 4.0.27
+-  ref-manual/variables.rst: document autotools class related variables
+-  scripts/install-buildtools: Update to 4.0.26
+-  systemd: backport patch to fix journal issue
+-  systemd: systemd-journald fails to setup LogNamespace
+-  tzdata/tzcode-native: upgrade to 2025b
+
+
+Known Issues in Yocto-4.0.27
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+
+Contributors to Yocto-4.0.27
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Aleksandar Nikolic
+-  Alexander Kanavin
+-  Alon Bar-Lev
+-  Andrew Kreimer
+-  Antonin Godard
+-  Chen Qi
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Haitao Liu
+-  Haixiao Yan
+-  Hitendra Prajapati
+-  Peter Marko
+-  Praveen Kumar
+-  Priyal Doshi
+-  Shubham Kulkarni
+-  Soumya Sambu
+-  Steve Sakoman
+-  Vijay Anusuri
+-  Yogita Urade
+
+
+Repositories / Downloads for Yocto-4.0.27
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.27 </poky/log/?h=yocto-4.0.27>`
+-  Git Revision: :yocto_git:`ab9a994a8cd8e06b519a693db444030999d273b7 </poky/commit/?id=ab9a994a8cd8e06b519a693db444030999d273b7>`
+-  Release Artefact: poky-ab9a994a8cd8e06b519a693db444030999d273b7
+-  sha: 77a366c17cf29eef15c6ff3f44e73f81c07288c723fd4a6dbd8c7ee9b79933f3
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/poky-ab9a994a8cd8e06b519a693db444030999d273b7.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/poky-ab9a994a8cd8e06b519a693db444030999d273b7.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
+-  Tag:  :oe_git:`yocto-4.0.27 </openembedded-core/log/?h=yocto-4.0.27>`
+-  Git Revision: :oe_git:`e8be08a624b2d024715a5c8b0c37f2345a02336b </openembedded-core/commit/?id=e8be08a624b2d024715a5c8b0c37f2345a02336b>`
+-  Release Artefact: oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b
+-  sha: cc5b0fadab021c6dc61f37fc4ff01a1cf657e7c219488ce264bede42f7f6212f
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.27 </meta-mingw/log/?h=yocto-4.0.27>`
+-  Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
+-  Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
+-  sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+
+meta-gplv2
+
+-  Repository Location: :yocto_git:`/meta-gplv2`
+-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.27 </meta-gplv2/log/?h=yocto-4.0.27>`
+-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
+-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
+-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
+-  Tag:  :oe_git:`yocto-4.0.27 </bitbake/log/?h=yocto-4.0.27>`
+-  Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
+-  Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
+-  sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.27 </yocto-docs/log/?h=yocto-4.0.27>`
+-  Git Revision: :yocto_git:`0d51e553d5f83eea6634e03ddc9c7740bf72fcea </yocto-docs/commit/?id=0d51e553d5f83eea6634e03ddc9c7740bf72fcea>`
+
--- a/documentation/migration-guides/release-notes-4.0.28.rst
+++ b/documentation/migration-guides/release-notes-4.0.28.rst
@@ -0,0 +1,224 @@
+Release notes for Yocto-4.0.28 (Kirkstone)
+------------------------------------------
+
+Security Fixes in Yocto-4.0.28
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: Fix :cve_nist:`2025-1180`, :cve_nist:`2025-1182`, :cve_nist:`2025-5244` and
+   :cve_nist:`2025-5245`
+-  connman: Fix :cve_nist:`2025-32366`
+-  ffmpeg: Fix :cve_nist:`2025-1373`, :cve_nist:`2025-22919` and :cve_nist:`2025-22921`
+-  ffmpeg: Ignore :cve_nist:`2022-48434`
+-  ghostscript: Fix :cve_nist:`2025-48708`
+-  git: Fix :cve_nist:`2024-50349` and :cve_nist:`2024-52006`
+-  glib-2.0: Fix :cve_nist:`2025-4373`
+-  glibc: Fix for :cve_nist:`2025-4802`
+-  go: Fix :cve_nist:`2025-4673`
+-  go: ignore :cve_nist:`2024-3566`
+-  icu: Fix :cve_nist:`2025-5222`
+-  iputils: Fix :cve_nist:`2025-47268`
+-  libsoup-2.4: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4476`, :cve_nist:`2025-4948`,
+   :cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32052`, :cve_nist:`2025-32053`,
+   :cve_nist:`2025-32907`, :cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`,
+   :cve_nist:`2025-32913`, :cve_nist:`2025-32914`, :cve_nist:`2025-46420` and :cve_nist:`2025-46421`
+-  libsoup: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4476`, :cve_nist:`2025-4948`,
+   :cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32051`, :cve_nist:`2025-32052`,
+   :cve_nist:`2025-32053`, :cve_nist:`2025-32907`, :cve_nist:`2025-46420` and :cve_nist:`2025-46421`
+-  linux-yocto/5.15: Fix :cve_nist:`2024-26952`, :cve_nist:`2025-21941`, :cve_nist:`2025-21957`,
+   :cve_nist:`2025-21959`, :cve_nist:`2025-21962`, :cve_nist:`2025-21963`, :cve_nist:`2025-21964`,
+   :cve_nist:`2025-21968`, :cve_nist:`2025-21996`, :cve_nist:`2025-22018`, :cve_nist:`2025-22020`,
+   :cve_nist:`2025-22035`, :cve_nist:`2025-22054`, :cve_nist:`2025-22056`, :cve_nist:`2025-22063`,
+   :cve_nist:`2025-22066`, :cve_nist:`2025-22081`, :cve_nist:`2025-22097`, :cve_nist:`2025-23136`,
+   :cve_nist:`2025-37785`, :cve_nist:`2025-37803`, :cve_nist:`2025-37805`, :cve_nist:`2025-38152`,
+   :cve_nist:`2025-39728` and :cve_nist:`2025-39735`
+-  net-tools: Fix :cve_nist:`2025-46836`
+-  openssh: Fix :cve_nist:`2025-32728`
+-  python3: Fix :cve_nist:`2024-12718`, :cve_nist:`2025-0938`, :cve_nist:`2025-4138`,
+   :cve_nist:`2025-4330`, :cve_nist:`2025-4435`, :cve_nist:`2025-4516` and :cve_nist:`2025-4517`
+-  python3-requests: Fix :cve_nist:`2024-47081`
+-  python3-setuptools: Fix :cve_nist:`2025-47273`
+-  ruby: Fix :cve_nist:`2025-27221`
+-  screen: Fix :cve_nist:`2025-46802`, :cve_nist:`2025-46804` and :cve_nist:`2025-46805`
+-  taglib: Fix :cve_nist:`2023-47466`
+
+
+Fixes in Yocto-4.0.28
+~~~~~~~~~~~~~~~~~~~~~
+
+-  babeltrace/libatomic-ops: correct the :term:`SRC_URI`
+-  brief-yoctoprojectqs/ref-manual: Switch to new CDN
+-  bsp guide: update kernel version example to 6.12
+-  bsp-guide: update lonely "4.12" kernel reference to "6.12"
+-  build-appliance-image: Update to kirkstone head revision
+-  cmake: Correctly handle cost data of tests with arbitrary chars in name
+-  conf.py: tweak SearchEnglish to be hyphen-friendly
+-  contributor-guide/submit-changes: encourage patch version changelogs
+-  dev-manual/sbom.rst: fix wrong build outputs
+-  docs: Clean up explanation of minimum required version numbers
+-  docs: README: specify how to contribute instead of pointing at another file
+-  docs: conf.py: silence SyntaxWarning on js_splitter_code
+-  e2fsprogs: removed 'sed -u' option
+-  ffmpeg: Add "libswresample libavcodec" to :term:`CVE_PRODUCT`
+-  ffmpeg: upgrade to 5.0.3
+-  gcc: AArch64 - Fix strict-align cpymem/setmem
+-  glibc: nptl Fix indentation
+-  glibc: nptl Remove unnecessary catch-all-wake in condvar group switch
+-  glibc: nptl Remove unnecessary quadruple check in pthread_cond_wait
+-  glibc: nptl Update comments and indentation for new condvar implementation
+-  glibc: nptl Use a single loop in pthread_cond_wait instaed of a nested loop
+-  glibc: nptl Use all of g1_start and g_signals
+-  glibc: nptl rename __condvar_quiesce_and_switch_g1
+-  glibc: pthreads NPTL lost wakeup fix 2
+-  kernel.bbclass: add original package name to :term:`RPROVIDES` for -image and -base
+-  libpng: Improve ptest
+-  linux-yocto/5.15: update to v5.15.184
+-  migration-guides: add release notes for 4.0.26 and 4.0.27
+-  nfs-utils: don't use signals to shut down nfs server.
+-  poky.conf: bump version for 4.0.28
+-  python3: upgrade to 3.10.18
+-  ref-manual/release-process: update releases.svg
+-  ref-manual/variables.rst: document :term:`INHIBIT_DEFAULT_RUST_DEPS`
+   :term:`INHIBIT_UPDATERCD_BBCLASS` :term:`SSTATE_SKIP_CREATION` :term:`WIC_CREATE_EXTRA_ARGS`
+   :term:`IMAGE_ROOTFS_MAXSIZE` :term:`INITRAMFS_MAXSIZE`
+-  ref-manual: clarify :term:`KCONFIG_MODE` default behaviour
+-  ref-manual: classes: nativesdk: move note to appropriate section
+-  ref-manual: classes: reword to clarify that native/nativesdk options are exclusive
+-  ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
+-  scripts/install-buildtools: Update to 4.0.27
+-  sphinx-lint: role missing opening tag colon
+-  sphinx-lint: trailing whitespace
+-  sphinx-lint: unbalanced inline literal markup
+-  sysstat: correct the :term:`SRC_URI`
+-  systemtap: add sysroot Python paths to configure flags
+-  test-manual/intro: remove Buildbot version used
+-  util-linux: Add fix to isolate test fstab entries using CUSTOM_FSTAB
+-  xz: Update :term:`LICENSE` variable for xz packages
+
+
+Known Issues in Yocto-4.0.28
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+
+Contributors to Yocto-4.0.28
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Aditya Tayade
+-  Adrian Freihofer
+-  Aleksandar Nikolic
+-  Alper Ak
+-  Antonin Godard
+-  Archana Polampalli
+-  Ashish Sharma
+-  Bruce Ashfield
+-  Carlos Sánchez de La Lama
+-  Changqing Li
+-  Christos Gavros
+-  Colin Pinnell McAllister
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Enrico Jörns
+-  Etienne Cordonnier
+-  Guocai He
+-  Harish Sadineni
+-  Hitendra Prajapati
+-  Jiaying Song
+-  Lee Chee Yang
+-  Martin Jansa
+-  Moritz Haase
+-  NeilBrown
+-  Peter Marko
+-  Poonam Jadhav
+-  Praveen Kumar
+-  Quentin Schulz
+-  Richard Purdie
+-  Robert P. J. Day
+-  Soumya Sambu
+-  Steve Sakoman
+-  Sundeep KOKKONDA
+-  Sunil Dora
+-  Trevor Woerner
+-  Vijay Anusuri
+-  Virendra Thakur
+-  Yi Zhao
+-  aszh07
+
+
+Repositories / Downloads for Yocto-4.0.28
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.28 </poky/log/?h=yocto-4.0.28>`
+-  Git Revision: :yocto_git:`78c9cb3eaf071932567835742608404d5ce23cc4 </poky/commit/?id=78c9cb3eaf071932567835742608404d5ce23cc4>`
+-  Release Artefact: poky-78c9cb3eaf071932567835742608404d5ce23cc4
+-  sha: 9c73c6f89e70c2041a52851e5cc582e5a2f05ad2fdc110d2c518f2c4994e8de3
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/poky-78c9cb3eaf071932567835742608404d5ce23cc4.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/poky-78c9cb3eaf071932567835742608404d5ce23cc4.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
+-  Tag:  :oe_git:`yocto-4.0.28 </openembedded-core/log/?h=yocto-4.0.28>`
+-  Git Revision: :oe_git:`75e54301c5076eb0454aee33c870adf078f563fd </openembedded-core/commit/?id=75e54301c5076eb0454aee33c870adf078f563fd>`
+-  Release Artefact: oecore-75e54301c5076eb0454aee33c870adf078f563fd
+-  sha: c5ffceab90881c4041ec4304da8b7b32d9c1f89a4c63ee7b8cbd53c796b0187b
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/oecore-75e54301c5076eb0454aee33c870adf078f563fd.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/oecore-75e54301c5076eb0454aee33c870adf078f563fd.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.28 </meta-mingw/log/?h=yocto-4.0.28>`
+-  Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
+-  Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
+-  sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+
+meta-gplv2
+
+-  Repository Location: :yocto_git:`/meta-gplv2`
+-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.28 </meta-gplv2/log/?h=yocto-4.0.28>`
+-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
+-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
+-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
+-  Tag:  :oe_git:`yocto-4.0.28 </bitbake/log/?h=yocto-4.0.28>`
+-  Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
+-  Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
+-  sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
+
+meta-yocto
+
+-  Repository Location: :yocto_git:`/meta-yocto`
+-  Branch: :yocto_git:`kirkstone </meta-yocto/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.28 </meta-yocto/log/?h=yocto-4.0.28>`
+-  Git Revision: :yocto_git:`0bf3dcef1caa80fb047bf9c3514314ab658e30ea </meta-yocto/commit/?id=0bf3dcef1caa80fb047bf9c3514314ab658e30ea>`
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.28 </yocto-docs/log/?h=yocto-4.0.28>`
+-  Git Revision: :yocto_git:`97cd3ee7f3bf1de8454708d1852ea9cdbd45c39b </yocto-docs/commit/?id=97cd3ee7f3bf1de8454708d1852ea9cdbd45c39b>`
+
--- a/documentation/migration-guides/release-notes-4.0.29.rst
+++ b/documentation/migration-guides/release-notes-4.0.29.rst
@@ -0,0 +1,178 @@
+Release notes for Yocto-4.0.29 (Kirkstone)
+------------------------------------------
+
+Security Fixes in Yocto-4.0.29
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  avahi: Fix :cve_nist:`2024-52615`
+-  binutils: Fix :cve_nist:`2025-7545` and :cve_nist:`2025-7546`
+-  coreutils: Fix :cve_nist:`2025-5278`
+-  curl: Fix :cve_nist:`2024-11053` and :cve_nist:`2025-0167`
+-  dropbear: Fix :cve_nist:`2025-47203`
+-  ffmpeg: Ignore :cve_nist:`2022-3109` and :cve_nist:`2022-3341`
+-  gdk-pixbuf: Fix :cve_nist:`2025-7345`
+-  ghostscript: Ignore :cve_nist:`2025-46646`
+-  gnupg: Fix :cve_nist:`2025-30258`
+-  gnutls: Fix :cve_nist:`2025-6395`, :cve_nist:`2025-32988`, :cve_nist:`2025-32989` and
+   :cve_nist:`2025-32990`
+-  iputils: Fix :cve_nist:`2025-48964`
+-  libarchive: Fix :cve_nist:`2025-5914`, :cve_nist:`2025-5915`, :cve_nist:`2025-5916` and
+   :cve_nist:`2025-5917`
+-  libpam: Fix :cve_nist:`2025-6020`
+-  libsoup-2.4: Fix :cve_nist:`2025-4945`
+-  libsoup-2.4: Fix :cve_nist:`2025-4969` (update patch)
+-  libsoup: Fix :cve_nist:`2025-4945`, :cve_nist:`2025-6021`, :cve_nist:`2025-6170`,
+   :cve_nist:`2025-49794` and :cve_nist:`2025-49796`
+-  ncurses: Fix :cve_nist:`2025-6141`
+-  ofono: Fix :cve_nist:`2023-4232` and :cve_nist:`2023-4235`
+-  openssl: Fix :cve_nist:`2024-41996`
+-  python3-urllib3: Fix :cve_nist:`2025-50181`
+-  ruby: Fix :cve_nist:`2024-43398` (update patches)
+-  sqlite3: Fix :cve_nist:`2025-6965` and :cve_nist:`2025-7458`
+-  sqlite3: Ignore :cve_nist:`2025-3277`
+-  systemd: Fix :cve_nist:`2025-4598`
+-  xwayland: Fix :cve_nist:`2025-49175`, :cve_nist:`2025-49176`, :cve_nist:`2025-49177`,
+   :cve_nist:`2025-49178`, :cve_nist:`2025-49179` and :cve_nist:`2025-49180`
+
+
+Fixes in Yocto-4.0.29
+~~~~~~~~~~~~~~~~~~~~~
+
+-  bintuils: stable 2.38 branch update
+-  bitbake: test/fetch: Switch u-boot based test to use our own mirror
+-  build-appliance-image: Update to kirkstone head revision
+-  conf.py: improve SearchEnglish to handle terms with dots
+-  db: ignore implicit-int and implicit-function-declaration issues fatal with gcc-14
+-  dev-manual/start.rst: added missing command in Optimize your VHDX file using DiskPart
+-  glibc: stable 2.35 branch updates
+-  gnutls: patch read buffer overrun in the "pre_shared_key" extension
+-  gnutls: patch reject zero-length version in certificate request
+-  linux-yocto/5.15: update to v5.15.186
+-  migration-guides: add release notes for 4.0.28
+-  oeqa/core/decorator: add decorators to skip based on :term:`HOST_ARCH`
+-  openssl: upgrade to 3.0.17
+-  orc: set :term:`CVE_PRODUCT`
+-  overview-manual/concepts.rst: fix sayhello hardcoded bindir
+-  poky.conf: bump version for 4.0.29
+-  python3: update CVE product
+-  ref-manual: document :term:`KERNEL_SPLIT_MODULES` variable
+-  scripts/install-buildtools: Update to 4.0.28
+-  sudo: upgrade to 1.9.17p1
+-  tcf-agent: correct the :term:`SRC_URI`
+
+
+Known Issues in Yocto-4.0.29
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A 
+
+
+Contributors to Yocto-4.0.29
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Aleksandar Nikolic
+-  Antonin Godard
+-  Archana Polampalli
+-  Bruce Ashfield
+-  Changqing Li
+-  Chen Qi
+-  Colin Pinnell McAllister
+-  Daniel Díaz
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Dixit Parmar
+-  Enrico Jörns
+-  Guocai He
+-  Hitendra Prajapati
+-  Lee Chee Yang
+-  Marco Cavallini
+-  Martin Jansa
+-  Peter Marko
+-  Praveen Kumar
+-  Richard Purdie
+-  Rob Woolley
+-  Ross Burton
+-  Steve Sakoman
+-  Vijay Anusuri
+-  Yash Shinde
+-  Yogita Urade
+-  Zhang Peng
+
+
+Repositories / Downloads for Yocto-4.0.29
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.29 </poky/log/?h=yocto-4.0.29>`
+-  Git Revision: :yocto_git:`81ab000fa437ca04f584a3327b076f7a512dc6d0 </poky/commit/?id=81ab000fa437ca04f584a3327b076f7a512dc6d0>`
+-  Release Artefact: poky-81ab000fa437ca04f584a3327b076f7a512dc6d0
+-  sha: 2fecf3cac5c2361c201b5ae826960af92289862ec9be13837a8431138e534fd2
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.29/poky-81ab000fa437ca04f584a3327b076f7a512dc6d0.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.29/poky-81ab000fa437ca04f584a3327b076f7a512dc6d0.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
+-  Tag:  :oe_git:`yocto-4.0.29 </openembedded-core/log/?h=yocto-4.0.29>`
+-  Git Revision: :oe_git:`bd620eb14660075fd0f7476bbbb65d5da6293874 </openembedded-core/commit/?id=bd620eb14660075fd0f7476bbbb65d5da6293874>`
+-  Release Artefact: oecore-bd620eb14660075fd0f7476bbbb65d5da6293874
+-  sha: f32ab195c7090268e6e87ccf8db2813cf705c517030654326d14b25d926de88e
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.29/oecore-bd620eb14660075fd0f7476bbbb65d5da6293874.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.29/oecore-bd620eb14660075fd0f7476bbbb65d5da6293874.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.29 </meta-mingw/log/?h=yocto-4.0.29>`
+-  Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
+-  Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
+-  sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.29/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.29/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
+
+meta-gplv2
+
+-  Repository Location: :yocto_git:`/meta-gplv2`
+-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
+-  Tag:  :yocto_git:`yocto-4.0.29 </meta-gplv2/log/?h=yocto-4.0.29>`
+-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
+-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
+-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.29/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.29/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
+-  Tag:  :oe_git:`yocto-4.0.29 </bitbake/log/?h=yocto-4.0.29>`
+-  Git Revision: :oe_git:`8e2d1f8de055549b2101614d85454fcd1d0f94b2 </bitbake/commit/?id=8e2d1f8de055549b2101614d85454fcd1d0f94b2>`
+-  Release Artefact: bitbake-8e2d1f8de055549b2101614d85454fcd1d0f94b2
+-  sha: fad4e7699bae62082118e89785324b031b0af0743064caee87c91ba28549afb0
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.29/bitbake-8e2d1f8de055549b2101614d85454fcd1d0f94b2.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.29/bitbake-8e2d1f8de055549b2101614d85454fcd1d0f94b2.tar.bz2
+
+meta-yocto
+
+-  Repository Location: :yocto_git:`/meta-yocto`
+-  Branch: :yocto_git:`kirkstone </meta-yocto/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.29 </meta-yocto/log/?h=yocto-4.0.29>`
+-  Git Revision: :yocto_git:`e916d3bad58f955b73e2c67aba975e63cd191394 </meta-yocto/commit/?id=e916d3bad58f955b73e2c67aba975e63cd191394>`
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
+-  Tag: :yocto_git:`yocto-4.0.29 </yocto-docs/log/?h=yocto-4.0.29>`
+-  Git Revision: :yocto_git:`bf855ecaf4bec4cef9bbfea2e50caa65a8339828 </yocto-docs/commit/?id=bf855ecaf4bec4cef9bbfea2e50caa65a8339828>`
+
--- a/documentation/migration-guides/release-notes-4.3.rst
+++ b/documentation/migration-guides/release-notes-4.3.rst
@@ -295,7 +295,7 @@ New Features / Enhancements in 4.3
   -  Generation of :term:`SPDX` manifests is now enabled by default.

   -  Git based recipes in OE-Core which used the ``git``  protocol have been
-      changed to use `https`` where possible, as it is typically faster and
+      changed to use ``https`` where possible, as it is typically faster and
      more reliable.

   -  The ``os-release`` recipe added a ``CPE_NAME`` to the fields provided, with the
--- a/documentation/migration-guides/release-notes-5.0.10.rst
+++ b/documentation/migration-guides/release-notes-5.0.10.rst
@@ -0,0 +1,208 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-5.0.10 (Scarthgap)
+------------------------------------------
+
+Security Fixes in Yocto-5.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: Fix :cve_nist:`2025-1153`, :cve_nist:`2025-1179`, :cve_nist:`2025-1180` and
+   :cve_nist:`2025-1182`
+-  connman: Fix :cve_nist:`2025-32366` and :cve_nist:`2025-32743`
+-  curl: Fix :cve_nist:`2024-11053` and :cve_nist:`2025-0167`
+-  elfutils: Fix :cve_nist:`2025-1371`
+-  ffmpeg: Fix :cve_nist:`2024-7055`, :cve_nist:`2024-32230`, :cve_nist:`2024-35366`,
+   :cve_nist:`2024-36613`, :cve_nist:`2024-36616`, :cve_nist:`2024-36617` and :cve_nist:`2024-36619`
+-  git: Fix :cve_nist:`2024-50349` and :cve_nist:`2024-52006`
+-  glib-2.0: fix :cve_nist:`2025-3360` and :cve_nist:`2025-4373`
+-  iputils: Fix :cve_nist:`2025-47268`
+-  libpam: Fix :cve_nist:`2024-10041`
+-  libsoup-2.4: Fix :cve_nist:`2024-52530`, :cve_nist:`2024-52531`, :cve_nist:`2024-52532`,
+   :cve_nist:`2025-32906`, :cve_nist:`2025-32909`, :cve_nist:`2025-32910`, :cve_nist:`2025-32911`,
+   :cve_nist:`2025-32912`, :cve_nist:`2025-32913`, :cve_nist:`2025-32914` and :cve_nist:`2025-46420`
+-  libsoup: Fix :cve_nist:`2025-4476`, :cve_nist:`2025-32906`, :cve_nist:`2025-32909`,
+   :cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`,
+   :cve_nist:`2025-32914` and :cve_nist:`2025-46420`
+-  libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
+-  openssh: Fix :cve_nist:`2025-32728`
+-  perl: Fix :cve_nist:`2024-56406`
+-  ppp: Fix :cve_nist:`2024-58250`
+-  python3-jinja2: Fix :cve_nist:`2024-56201`, :cve_nist:`2024-56326` and :cve_nist:`2025-27516`
+-  ruby: Fix :cve_nist:`2025-27221`
+-  sqlite3: Fix :cve_nist:`2025-3277`, :cve_nist:`2025-29087` and :cve_nist:`2025-29088`
+
+
+Fixes in Yocto-5.0.10
+~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: stable 2.42 branch updates
+-  bluez5: add missing tools to noinst-tools package
+-  bluez5: backport a patch to fix btmgmt -i
+-  bluez5: make media control a :term:`PACKAGECONFIG` option
+-  build-appliance-image: Update to scarthgap head revision
+-  buildtools-tarball: Make buildtools respects host CA certificates
+-  buildtools-tarball: add envvars into :term:`BB_ENV_PASSTHROUGH_ADDITIONS`
+-  buildtools-tarball: move setting of envvars to respective envfile
+-  contributor-guide/submit-changes: encourage patch version changelogs
+-  cve-check.bbclass: Fix symlink handling also for text files
+-  cve-update-nvd2-native: Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
+-  dev-manual/sbom.rst: fix wrong build outputs
+-  docs: Fix dead links that use the :term:`DISTRO` macro
+-  docs: conf.py: tweak SearchEnglish to be hyphen-friendly
+-  docs:conf.py: define a manpage url
+-  ffmpeg: upgrade to 6.1.2
+-  git: upgrade to 2.44.3
+-  glibc-y2038-tests: remove glibc-y2038-tests_2.39.bb recipe
+-  glibc: Add single-threaded fast path to rand()
+-  glibc: stable 2.39 branch updates
+-  initscripts: add function log_success_msg/log_failure_msg/log_warning_msg
+-  libatomic-ops: Update :term:`GITHUB_BASE_URI`
+-  manuals: remove repeated word
+-  migration-guides: add release notes for 4.0.26, 5.0.8, 5.0.9
+-  module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
+-  perl: upgrade to 5.38.4
+-  perlcross: upgrade to 1.6.2
+-  poky.conf: bump version for 5.0.10
+-  poky.yaml: introduce DISTRO_LATEST_TAG
+-  python3-jinja2: upgrade to 3.1.6
+-  ref-manual/release-process: update releases.svg
+-  ref-manual/variables.rst: HOST_CC_ARCH: fix wrong SDK reference
+-  ref-manual/variables.rst: WATCHDOG_TIMEOUT: fix recipe name
+-  ref-manual/variables.rst: add manpage links for toolchain variables
+-  ref-manual/variables.rst: add missing documentation for BUILD_* variables
+-  ref-manual/variables.rst: document HOST_*_ARCH variables
+-  ref-manual/variables.rst: document :term:`INHIBIT_DEFAULT_RUST_DEPS`
+-  ref-manual/variables.rst: document :term:`INHIBIT_UPDATERCD_BBCLASS`
+-  ref-manual/variables.rst: document :term:`SSTATE_SKIP_CREATION`
+-  ref-manual/variables.rst: document :term:`WIC_CREATE_EXTRA_ARGS`
+-  ref-manual/variables.rst: document autotools class related variables
+-  ref-manual/variables.rst: document missing SDK_*_ARCH variables
+-  ref-manual/variables.rst: document the :term:`IMAGE_ROOTFS_MAXSIZE` variable
+-  ref-manual/variables.rst: document the :term:`INITRAMFS_MAXSIZE` variable
+-  ref-manual/variables.rst: improve the :term:`PKGV` documentation
+-  ref-manual/variables.rst: update :term:`ROOT_HOME` documentation
+-  ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
+-  scripts/install-buildtools: Update to 5.0.9
+-  sphinx-lint: missing space after literal
+-  sphinx-lint: trailing whitespace
+-  sphinx-lint: unbalanced inline literal markup
+-  systemd: Password agents shouldn't be optional
+-  systemd: upgrade to 255.18
+-  test-manual/intro: remove Buildbot version used
+-  tzdata/tzcode-native: upgrade 2025a -> 2025b
+-  u-boot: ensure keys are generated before assembling U-Boot FIT image
+-  util-linux: Add fix to isolate test fstab entries using CUSTOM_FSTAB
+-  wic: bootimg-efi: Support + symbol in filenames
+
+
+Known Issues in Yocto-5.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  There is an issue where the target libsoup-2.4 build may fail if apachectl is present on the build
+   host. The issue only affects test binaries which aren't actually used. The issue can be fixed by
+   disabling the tests or updating to more recent changes on the scarthgap branch which fix this.
+
+
+Contributors to Yocto-5.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Thanks to the following people who contributed to this release:
+
+-  Adrian Freihofer
+-  Aleksandar Nikolic
+-  Alexander Kanavin
+-  Alon Bar-Lev
+-  Alper Ak
+-  Andrew Kreimer
+-  Antonin Godard
+-  Archana Polampalli
+-  Ashish Sharma
+-  Changqing Li
+-  Christos Gavros
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Divyanshu Rathore
+-  Enrico Jörns
+-  Etienne Cordonnier
+-  Guðni Már Gilbert
+-  Haixiao Yan
+-  Harish Sadineni
+-  Igor Opaniuk
+-  Jeroen Hofstee
+-  Lee Chee Yang
+-  Nguyen Dat Tho
+-  Niko Mauno
+-  Peter Marko
+-  Praveen Kumar
+-  Priyal Doshi
+-  Rogerio Guerra Borin
+-  Shubham Kulkarni
+-  Soumya Sambu
+-  Steve Sakoman
+-  Sunil Dora
+-  Trevor Woerner
+-  Vijay Anusuri
+-  Virendra Thakur
+-  Vyacheslav Yurkov
+-  Yi Zhao
+-  Yogita Urade
+-  rajmohan r
+
+Repositories / Downloads for Yocto-5.0.10
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.10 </poky/log/?h=yocto-5.0.10>`
+-  Git Revision: :yocto_git:`ac257900c33754957b2696529682029d997a8f28 </poky/commit/?id=ac257900c33754957b2696529682029d997a8f28>`
+-  Release Artefact: poky-ac257900c33754957b2696529682029d997a8f28
+-  sha: ddca7e54b331e78214bea65b346320d4fbcddf4b51103bfbbd9fc3960f32cdc7
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/poky-ac257900c33754957b2696529682029d997a8f28.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/poky-ac257900c33754957b2696529682029d997a8f28.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
+-  Tag:  :oe_git:`yocto-5.0.10 </openembedded-core/log/?h=yocto-5.0.10>`
+-  Git Revision: :oe_git:`d5342ffc570d47a723b18297d75bd2f63c2088db </openembedded-core/commit/?id=d5342ffc570d47a723b18297d75bd2f63c2088db>`
+-  Release Artefact: oecore-d5342ffc570d47a723b18297d75bd2f63c2088db
+-  sha: daa62094f2327f4b3fbcc485e8964d1b86a4722f58fb37e0d8e8e9885094a262
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/oecore-d5342ffc570d47a723b18297d75bd2f63c2088db.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/oecore-d5342ffc570d47a723b18297d75bd2f63c2088db.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.10 </meta-mingw/log/?h=yocto-5.0.10>`
+-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
+-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
+-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
+-  Tag:  :oe_git:`yocto-5.0.10 </bitbake/log/?h=yocto-5.0.10>`
+-  Git Revision: :oe_git:`696c2c1ef095f8b11c7d2eff36fae50f58c62e5e </bitbake/commit/?id=696c2c1ef095f8b11c7d2eff36fae50f58c62e5e>`
+-  Release Artefact: bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e
+-  sha: fc83f879cd6dd14b9b7eba0161fec23ecc191fed0fb00556ba729dceef6c145f
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.10 </yocto-docs/log/?h=yocto-5.0.10>`
+-  Git Revision: :yocto_git:`3996388e337377bedc113d072a51fe9d68dd40c6 </yocto-docs/commit/?id=3996388e337377bedc113d072a51fe9d68dd40c6>`
+
--- a/documentation/migration-guides/release-notes-5.0.11.rst
+++ b/documentation/migration-guides/release-notes-5.0.11.rst
@@ -0,0 +1,219 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-5.0.11 (Scarthgap)
+------------------------------------------
+
+Security Fixes in Yocto-5.0.11
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: Fix :cve_nist:`2025-5244` and :cve_nist:`2025-5245`
+-  busybox: Fix :cve_nist:`2022-48174`
+-  coreutils: Fix :cve_nist:`2025-5278`
+-  curl: Ignore :cve_nist:`2025-5025` if :term:`PACKAGECONFIG` set with openssl
+-  ffmpeg: Fix :cve_nist:`2025-1373`
+-  glibc: fix :cve_nist:`2025-4802` and :cve_nist:`2025-5702`
+-  gnupg: Fix :cve_nist:`2025-30258`
+-  go: Fix :cve_nist:`2025-4673`
+-  go: Ignore :cve_nist:`2024-3566`
+-  icu: Fix :cve_nist:`2025-5222`
+-  kea: Fix :cve_nist:`2025-32801`, :cve_nist:`2025-32802` and :cve_nist:`2025-32803`
+-  libarchive: fix :cve_nist:`2025-5914`, :cve_nist:`2025-5915`, :cve_nist:`2025-5916`,
+   :cve_nist:`2025-5917` and :cve_nist:`2025-5918`
+-  libsoup-2.4: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4476`, :cve_nist:`2025-4945`,
+   :cve_nist:`2025-4948`, :cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32052`,
+   :cve_nist:`2025-32053`, :cve_nist:`2025-32907` and :cve_nist:`2025-46421`
+-  libsoup-3.4: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4945`, :cve_nist:`2025-4948`,
+   :cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32051`, :cve_nist:`2025-32052`,
+   :cve_nist:`2025-32053`, :cve_nist:`2025-32907`, :cve_nist:`2025-32908` and :cve_nist:`2025-46421`
+-  libxml2: Fix :cve_nist:`2025-6021`
+-  linux-yocto-6.6: Fix :cve_nist:`2025-21995`, :cve_nist:`2025-21996`, :cve_nist:`2025-21997`,
+   :cve_nist:`2025-21999`, :cve_nist:`2025-22001`, :cve_nist:`2025-22003`, :cve_nist:`2025-22004`,
+   :cve_nist:`2025-22005`, :cve_nist:`2025-22007`, :cve_nist:`2025-22009`, :cve_nist:`2025-22010`,
+   :cve_nist:`2025-22014`, :cve_nist:`2025-22018`, :cve_nist:`2025-22020`, :cve_nist:`2025-22027`,
+   :cve_nist:`2025-22033`, :cve_nist:`2025-22035`, :cve_nist:`2025-22038`, :cve_nist:`2025-22040`,
+   :cve_nist:`2025-22041`, :cve_nist:`2025-22054`, :cve_nist:`2025-22056`, :cve_nist:`2025-22063`,
+   :cve_nist:`2025-22066`, :cve_nist:`2025-22080`, :cve_nist:`2025-22081`, :cve_nist:`2025-22088`,
+   :cve_nist:`2025-22097`, :cve_nist:`2025-23136`, :cve_nist:`2025-37785`, :cve_nist:`2025-37800`,
+   :cve_nist:`2025-37801`, :cve_nist:`2025-37803`, :cve_nist:`2025-37805`, :cve_nist:`2025-37838`,
+   :cve_nist:`2025-37893`, :cve_nist:`2025-38152`, :cve_nist:`2025-39728` and :cve_nist:`2025-39735`
+-  net-tools: Fix :cve_nist:`2025-46836`
+-  python3-setuptools: Fix :cve_nist:`2025-47273`
+-  python3-requests: fix :cve_nist:`2024-47081`
+-  python3-urllib3: Fix :cve_nist:`2025-50181`
+-  python3: Fix CVE 2024-12718 CVE 2025-4138 CVE 2025-4330 CVE 2025-4435 :cve_nist:`2025-4516` CVE
+   2025-4517
+-  screen: fix :cve_nist:`2025-46802`, :cve_nist:`2025-46804` and :cve_nist:`2025-46805`
+-  sudo: Fix :cve_nist:`2025-32462`
+-  xwayland: Fix :cve_nist:`2025-49175`, :cve_nist:`2025-49176`, :cve_nist:`2025-49177`,
+   :cve_nist:`2025-49178`, :cve_nist:`2025-49179` and :cve_nist:`2025-49180`
+
+
+Fixes in Yocto-5.0.11
+~~~~~~~~~~~~~~~~~~~~~
+
+-  bitbake: ast: Change deferred inherits to happen per recipe
+-  bitbake: fetch2: Avoid deprecation warning
+-  bitbake: gcp.py: remove slow calls to gsutil stat
+-  bitbake: toaster/tests/buildtest: Switch to new CDN
+-  brief-yoctoprojectqs/ref-manual: Switch to new CDN
+-  bsp-guide: update kernel version example to 6.12
+-  bsp-guide: update all of section 1.8.2 to reflect current beaglebone conf file
+-  bsp-guide: update lonely "4.12" kernel reference to "6.12"
+-  build-appliance-image: Update to scarthgap head revision
+-  cmake: Correctly handle cost data of tests with arbitrary chars in name
+-  conf.py: improve SearchEnglish to handle terms with dots
+-  docs: Clean up explanation of minimum required version numbers
+-  docs: README: specify how to contribute instead of pointing at another file
+-  docs: conf.py: silence SyntaxWarning on js_splitter_code
+-  gcc: Upgrade to GCC 13.4
+-  ghostscript: upgrade to 10.05.1
+-  glibc: stable 2.39 branch updates (06a70769fd...)
+-  gnupg: update to 2.4.8
+-  gtk+: add missing libdrm dependency
+-  kea: upgrade to 2.4.2
+-  libpng: Add ptest
+-  libsoup-2.4: fix do_compile failure
+-  linux-yocto/6.6: fix beaglebone ethernet
+-  linux-yocto/6.6: update to v6.6.96
+-  local.conf.sample: Switch to new CDN
+-  ltp: backport patch to fix compilation error for x86_64
+-  migration-guides: add release notes for 4.0.27, 4.0.28, 5.0.10
+-  minicom: correct the :term:`SRC_URI`
+-  nfs-utils: don't use signals to shut down nfs server.
+-  overview-manual/concepts.rst: fix sayhello hardcoded bindir
+-  overview-manual: small number of pedantic cleanups
+-  package: export debugsources in :term:`PKGDESTWORK` as json
+-  poky.conf: bump version for 5.0.11
+-  python3-requests: upgrade to 2.32.4
+-  python3: upgrade to 3.12.11
+-  ref-manual: clarify :term:`KCONFIG_MODE` default behaviour
+-  ref-manual: classes: nativesdk: move note to appropriate section
+-  ref-manual: classes: reword to clarify that native/nativesdk options are exclusive
+-  ref-manual: document :term:`KERNEL_SPLIT_MODULES` variable
+-  scripts/install-buildtools: Update to 5.0.10
+-  spdx: add option to include only compiled sources
+-  sstatetests: Switch to new CDN
+-  systemd: Rename systemd_v255.21 to systemd_255.21
+-  systemd: upgrade to 255.21
+-  tcf-agent: correct the :term:`SRC_URI`
+-  testimage: get real os-release file
+-  tune-cortexr52: Remove aarch64 for ARM Cortex-R52
+-  uboot: Allow for customizing installed/deployed file names
+
+
+Known Issues in Yocto-5.0.11
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+Contributors to Yocto-5.0.11
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Thanks to the following people who contributed to this release:
+-  Aleksandar Nikolic
+-  Andrew Fernandes
+-  Antonin Godard
+-  Archana Polampalli
+-  Ashish Sharma
+-  Bruce Ashfield
+-  Carlos Sánchez de La Lama
+-  Changqing Li
+-  Chen Qi
+-  Colin Pinnell McAllister
+-  Daniel Turull
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Dixit Parmar
+-  Enrico Jörns
+-  Etienne Cordonnier
+-  Guocai He
+-  Guðni Már Gilbert
+-  Hitendra Prajapati
+-  Jiaying Song
+-  Lee Chee Yang
+-  Moritz Haase
+-  NeilBrown
+-  Peter Marko
+-  Poonam Jadhav
+-  Praveen Kumar
+-  Preeti Sachan
+-  Quentin Schulz
+-  Richard Purdie
+-  Robert P. J. Day
+-  Roland Kovacs
+-  Ryan Eatmon
+-  Sandeep Gundlupet Raju
+-  Savvas Etairidis
+-  Steve Sakoman
+-  Victor Giraud
+-  Vijay Anusuri
+-  Virendra Thakur
+-  Wang Mingyu
+-  Yogita Urade
+
+
+Repositories / Downloads for Yocto-5.0.11
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.11 </poky/log/?h=yocto-5.0.11>`
+-  Git Revision: :yocto_git:`ae2d52758fc2fcb0ed996aa234430464ebf4b310 </poky/commit/?id=ae2d52758fc2fcb0ed996aa234430464ebf4b310>`
+-  Release Artefact: poky-ae2d52758fc2fcb0ed996aa234430464ebf4b310
+-  sha: 48dec434dd51e5c9c626abdccc334da300fa2b4975137d526f5df6703e5a930e
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/poky-ae2d52758fc2fcb0ed996aa234430464ebf4b310.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/poky-ae2d52758fc2fcb0ed996aa234430464ebf4b310.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
+-  Tag:  :oe_git:`yocto-5.0.11 </openembedded-core/log/?h=yocto-5.0.11>`
+-  Git Revision: :oe_git:`7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b </openembedded-core/commit/?id=7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b>`
+-  Release Artefact: oecore-7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b
+-  sha: fb50992a28298915fe195e327628d6d5872fd2dbc74189c2d840178cd860bb2e
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/oecore-7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/oecore-7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.11 </meta-mingw/log/?h=yocto-5.0.11>`
+-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
+-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
+-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
+-  Tag:  :oe_git:`yocto-5.0.11 </bitbake/log/?h=yocto-5.0.11>`
+-  Git Revision: :oe_git:`139f61fe9eec221745184a14b3618d2dfa650b91 </bitbake/commit/?id=139f61fe9eec221745184a14b3618d2dfa650b91>`
+-  Release Artefact: bitbake-139f61fe9eec221745184a14b3618d2dfa650b91
+-  sha: 86669d4220c50d35c0703f151571954ad9c6285cc91a870afbb878d2e555d2ca
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/bitbake-139f61fe9eec221745184a14b3618d2dfa650b91.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/bitbake-139f61fe9eec221745184a14b3618d2dfa650b91.tar.bz2
+
+meta-yocto
+
+-  Repository Location: :yocto_git:`/meta-yocto`
+-  Branch: :yocto_git:`scarthgap </meta-yocto/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.11 </meta-yocto/log/?h=yocto-5.0.11>`
+-  Git Revision: :yocto_git:`50e5c0d85d3775ac1294bdcd7f11deaa382c9d08 </meta-yocto/commit/?id=50e5c0d85d3775ac1294bdcd7f11deaa382c9d08>`
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.11 </yocto-docs/log/?h=yocto-5.0.11>`
+-  Git Revision: :yocto_git:`3f88cb85cca8f9128cfaab36882c4563457b03d9 </yocto-docs/commit/?id=3f88cb85cca8f9128cfaab36882c4563457b03d9>`
+
--- a/documentation/migration-guides/release-notes-5.0.12.rst
+++ b/documentation/migration-guides/release-notes-5.0.12.rst
@@ -0,0 +1,184 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-5.0.12 (Scarthgap)
+------------------------------------------
+
+Security Fixes in Yocto-5.0.12
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  avahi: Fix :cve_nist:`2024-52615`
+-  binutils: Fix :cve_nist:`2025-7545` and :cve_nist:`2025-7546`
+-  busybox: Fix :cve_nist:`2023-39810`
+-  dropbear: Fix :cve_nist:`2025-47203`
+-  gdk-pixbuf: Fix :cve_nist:`2025-7345`
+-  git: Fix :cve_nist:`2025-27613`, :cve_nist:`2025-27614`, :cve_nist:`2025-46334`,
+   :cve_nist:`2025-46835`, :cve_nist:`2025-48384`, :cve_nist:`2025-48385` and :cve_nist:`2025-48386`
+-  glib-2.0: Ignore :cve_nist:`2025-4056`
+-  glibc: Fix :cve_nist:`2025-8058`
+-  gnutls: Fix :cve_nist:`2025-6395`, :cve_nist:`2025-32988`, :cve_nist:`2025-32989` and
+   :cve_nist:`2025-32990`
+-  go: Ignore :cve_nist:`2025-0913`
+-  gstreamer1.0-plugins-base: Fix :cve_nist:`2025-47806` and :cve_nist:`2025-47808`
+-  gstreamer1.0-plugins-good: Fix :cve_nist:`2025-47183` and :cve_nist:`2025-47219`
+-  iputils: Fix :cve_nist:`2025-48964`
+-  libpam: Fix :cve_nist:`2025-6020`
+-  libxml2: Fix :cve_nist:`2025-6170`, :cve_nist:`2025-49794`, :cve_nist:`2025-49795` and
+   :cve_nist:`2025-49796`
+-  libxml2: Ignore :cve_nist:`2025-8732`
+-  ncurses: Fix :cve_nist:`2025-6141`
+-  openssl: Fix :cve_nist:`2024-41996` and :cve_nist:`2025-27587`
+-  python3: Fix :cve_nist:`2025-8194`
+-  sqlite3: Fix :cve_nist:`2025-6965`
+-  sudo: Fix :cve_nist:`2025-32463`
+-  xserver-xorg: Fix :cve_nist:`2022-49737`, :cve_nist:`2025-49175`, :cve_nist:`2025-49176`,
+   :cve_nist:`2025-49177`, :cve_nist:`2025-49178`, :cve_nist:`2025-49179`, :cve_nist:`2025-49180`
+   and :cve_nist:`2025-49176`
+-  xz: Ignore :cve_nist:`2024-47611`
+
+
+Fixes in Yocto-5.0.12
+~~~~~~~~~~~~~~~~~~~~~
+
+-  bash: Stick to C17 std
+-  bash: use -std=gnu17 also for native :term:`CFLAGS`
+-  binutils: stable 2.42 branch updates
+-  bitbake: bitbake: runqueue: Verify mcdepends are valid
+-  bitbake: test/fetch: Switch u-boot based test to use our own mirror
+-  bitbake: utils: Optimise signal/sigmask performance
+-  build-appliance-image: Update to scarthgap head revision
+-  cairo: fix build with gcc-15 on host
+-  cmake: Add :term:`PACKAGECONFIG` option for debugger support
+-  cve-check: Add missing call to exit_if_errors
+-  dev-manual/start.rst: added missing command in Optimize your VHDX file using DiskPart
+-  e2fsprogs: Fix build failure with gcc 15
+-  git: Upgrade to 2.44.4
+-  glibc: stable 2.39 branch updates
+-  gnutls: patch read buffer overrun in the "pre_shared_key" extension
+-  gnutls: patch reject zero-length version in certificate request
+-  go-helloworld: fix license
+-  kea: set correct permissions for /var/run/kea
+-  linux-libc-headers: Fix invalid conversion in cn_proc.h
+-  migration-guides: add release notes for 5.0.11
+-  mtools: upgrade to 4.0.49
+-  oe-debuginfod: add option for data storage
+-  orc: set :term:`CVE_PRODUCT`
+-  overview-manual/yp-intro.rst: fix broken link to article
+-  parted: Fix build with GCC 15
+-  poky.conf: bump version for 5.0.12
+-  python3: update CVE product
+-  ref-manual/classes.rst: document the testexport class
+-  ref-manual/system-requirements.rst: update supported distributions
+-  ref-manual/variables.rst: document :term:`SPL_DTB_BINARY` :term:`FIT_CONF_PREFIX` variable
+-  scripts/install-buildtools: Update to 5.0.11
+-  sudo: upgrade to 1.9.17p1
+-  timedated: wait for jobs before SetNTP response
+-  variables.rst: remove references to obsolete tar packaging
+-  xserver-xorg: upgrade to 21.1.18
+
+
+Known Issues in Yocto-5.0.12
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+Contributors to Yocto-5.0.12
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Thanks to the following people who contributed to this release:
+-  Aleksandar Nikolic
+-  Alexander Kanavin
+-  Antonin Godard
+-  Archana Polampalli
+-  Daniel Turull
+-  Deepesh Varatharajan
+-  Erik Lindsten
+-  Fabio Berton
+-  Hitendra Prajapati
+-  Jinfeng Wang
+-  Joe Slater
+-  Khem Raj
+-  Lee Chee Yang
+-  Marco Cavallini
+-  Mark Hatle
+-  Martin Jansa
+-  Michal Seben
+-  Nikhil R
+-  Peter Marko
+-  Philip Lorenz
+-  Praveen Kumar
+-  Quentin Schulz
+-  Richard Purdie
+-  Robert P. J. Day
+-  Roland Kovacs
+-  Steve Sakoman
+-  Vijay Anusuri
+-  Wang Mingyu
+-  Yash Shinde
+-  Yi Zhao
+-  Zhang Peng
+
+Repositories / Downloads for Yocto-5.0.12
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.12 </poky/log/?h=yocto-5.0.12>`
+-  Git Revision: :yocto_git:`ec220ae083dba35c279192b2249ad03fe238446e </poky/commit/?id=ec220ae083dba35c279192b2249ad03fe238446e>`
+-  Release Artefact: poky-ec220ae083dba35c279192b2249ad03fe238446e
+-  sha: a5f8c2ad491c59d0bdfb85f46a136b0ee66cfdd4359ab1ab9dac2430d0a52c17
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.12/poky-ec220ae083dba35c279192b2249ad03fe238446e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.12/poky-ec220ae083dba35c279192b2249ad03fe238446e.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
+-  Tag:  :oe_git:`yocto-5.0.12 </openembedded-core/log/?h=yocto-5.0.12>`
+-  Git Revision: :oe_git:`93c7489d843a0e46fe4fc685b356d0ae885300d7 </openembedded-core/commit/?id=93c7489d843a0e46fe4fc685b356d0ae885300d7>`
+-  Release Artefact: oecore-93c7489d843a0e46fe4fc685b356d0ae885300d7
+-  sha: 49695592179cd777eee337d922aae354dad4ab503628f0344b1b53329900c4d9
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.12/oecore-93c7489d843a0e46fe4fc685b356d0ae885300d7.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.12/oecore-93c7489d843a0e46fe4fc685b356d0ae885300d7.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.12 </meta-mingw/log/?h=yocto-5.0.12>`
+-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
+-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
+-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.12/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.12/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
+-  Tag:  :oe_git:`yocto-5.0.12 </bitbake/log/?h=yocto-5.0.12>`
+-  Git Revision: :oe_git:`982645110a19ebb94d519926a4e14c8a2a205cfd </bitbake/commit/?id=982645110a19ebb94d519926a4e14c8a2a205cfd>`
+-  Release Artefact: bitbake-982645110a19ebb94d519926a4e14c8a2a205cfd
+-  sha: f8d777d322b8f05372d7ce75c67df2db2b7de3f64d5b7769b8051c507161245d
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.12/bitbake-982645110a19ebb94d519926a4e14c8a2a205cfd.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.12/bitbake-982645110a19ebb94d519926a4e14c8a2a205cfd.tar.bz2
+
+meta-yocto
+
+-  Repository Location: :yocto_git:`/meta-yocto`
+-  Branch: :yocto_git:`scarthgap </meta-yocto/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.12 </meta-yocto/log/?h=yocto-5.0.12>`
+-  Git Revision: :yocto_git:`82602cda1a89644d1acbe230a81c93e3fb5031c8 </meta-yocto/commit/?id=82602cda1a89644d1acbe230a81c93e3fb5031c8>`
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.12 </yocto-docs/log/?h=yocto-5.0.12>`
+-  Git Revision: :yocto_git:`dd665216fa578a1f2f268790d708c6a5d2912ecf </yocto-docs/commit/?id=dd665216fa578a1f2f268790d708c6a5d2912ecf>`
+
--- a/documentation/migration-guides/release-notes-5.0.8.rst
+++ b/documentation/migration-guides/release-notes-5.0.8.rst
@@ -0,0 +1,226 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-5.0.8 (Scarthgap)
+-----------------------------------------
+
+Security Fixes in Yocto-5.0.8
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: Fix :cve_nist:`2025-0840`
+-  curl: Ignore :cve_nist:`2025-0725`
+-  elfutils: Fix :cve_nist:`2025-1352`, :cve_nist:`2025-1365` and :cve_nist:`2025-1372`
+-  ffmpeg: Fix :cve_nist:`2024-35365`, :cve_nist:`2024-35369`, :cve_nist:`2024-36613`,
+   :cve_nist:`2024-36616`, :cve_nist:`2024-36617`, :cve_nist:`2024-36618`, :cve_nist:`2024-36619`,
+   :cve_nist:`2025-0518`, :cve_nist:`2025-22919`, :cve_nist:`2025-22921` and :cve_nist:`2025-25473`
+-  glibc: Fix :cve_nist:`2025-0395`
+-  gnutls: Fix :cve_nist:`2024-12243`
+-  go: Fix :cve_nist:`2024-45336`, :cve_nist:`2024-45341` and :cve_nist:`2025-22866`
+-  gstreamer1.0-rtsp-server: Fix :cve_nist:`2024-44331`
+-  libcap: Fix :cve_nist:`2025-1390`
+-  libtasn1: Fix :cve_nist:`2024-12133`
+-  libxml2: Fix :cve_nist:`2024-56171` and :cve_nist:`2025-24928`
+-  linux-yocto/6.6: Fix :cve_nist:`2024-36476`, :cve_nist:`2024-53179`, :cve_nist:`2024-56582`,
+   :cve_nist:`2024-56703`, :cve_nist:`2024-57801`, :cve_nist:`2024-57802`, :cve_nist:`2024-57841`,
+   :cve_nist:`2024-57882`, :cve_nist:`2024-57887`, :cve_nist:`2024-57890`, :cve_nist:`2024-57892`,
+   :cve_nist:`2024-57895`, :cve_nist:`2024-57896`, :cve_nist:`2024-57900`, :cve_nist:`2024-57901`,
+   :cve_nist:`2024-57902`, :cve_nist:`2024-57906`, :cve_nist:`2024-57907`, :cve_nist:`2024-57908`,
+   :cve_nist:`2024-57910`, :cve_nist:`2024-57911`, :cve_nist:`2024-57912`, :cve_nist:`2024-57913`,
+   :cve_nist:`2024-57916`, :cve_nist:`2024-57922`, :cve_nist:`2024-57925`, :cve_nist:`2024-57926`,
+   :cve_nist:`2024-57933`, :cve_nist:`2024-57938`, :cve_nist:`2024-57939`, :cve_nist:`2024-57940`,
+   :cve_nist:`2024-57949`, :cve_nist:`2024-57951`, :cve_nist:`2025-21631`, :cve_nist:`2025-21636`,
+   :cve_nist:`2025-21637`, :cve_nist:`2025-21638`, :cve_nist:`2025-21639`, :cve_nist:`2025-21640`,
+   :cve_nist:`2025-21642`, :cve_nist:`2025-21652`, :cve_nist:`2025-21658`, :cve_nist:`2025-21665`,
+   :cve_nist:`2025-21666`, :cve_nist:`2025-21667`, :cve_nist:`2025-21669`, :cve_nist:`2025-21670`,
+   :cve_nist:`2025-21671`, :cve_nist:`2025-21673`, :cve_nist:`2025-21674`, :cve_nist:`2025-21675`,
+   :cve_nist:`2025-21676`, :cve_nist:`2025-21680`, :cve_nist:`2025-21681`, :cve_nist:`2025-21683`,
+   :cve_nist:`2025-21684`, :cve_nist:`2025-21687`, :cve_nist:`2025-21689`, :cve_nist:`2025-21690`,
+   :cve_nist:`2025-21692`, :cve_nist:`2025-21694`, :cve_nist:`2025-21697` and :cve_nist:`2025-21699`
+-  openssh: Fix :cve_nist:`2025-26466`
+-  openssl: Fix :cve_nist:`2024-9143`, :cve_nist:`2024-12797` and :cve_nist:`2024-13176`
+-  pyhton3: Fix :cve_nist:`2024-12254` and :cve_nist:`2025-0938`
+-  subversion: Ignore :cve_nist:`2024-45720`
+-  u-boot: Fix :cve_nist:`2024-57254`, :cve_nist:`2024-57255`, :cve_nist:`2024-57256`,
+   :cve_nist:`2024-57257`, :cve_nist:`2024-57258` and :cve_nist:`2024-57259`
+-  vim: Fix :cve_nist:`2025-22134` and :cve_nist:`2025-24014`
+-  xwayland: Fix :cve_nist:`2024-9632`, :cve_nist:`2025-26594`, :cve_nist:`2025-26595`,
+   :cve_nist:`2025-26596`, :cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`,
+   :cve_nist:`2025-26600` and :cve_nist:`2025-26601`
+
+
+Fixes in Yocto-5.0.8
+~~~~~~~~~~~~~~~~~~~~
+
+-  base-files: Drop /bin/sh dependency
+-  bind: upgrade to 9.18.33
+-  binutils: File name too long causing failure to open temporary head file in dlltool
+-  binutils: stable 2.42 branch update
+-  bitbake: bblayers/query: Fix using "removeprefix" string method
+-  bitbake: bitbake-diffsigs: fix handling when finding only a single sigfile
+-  bitbake: data_smart.py: clear expand_cache in _setvar_update_overridevars
+-  bitbake: data_smart.py: remove unnecessary ? from __expand_var_regexp__
+-  bitbake: data_smart.py: simple clean up
+-  build-appliance-image: Update to scarthgap head revision
+-  ccache.conf: Add include_file_ctime to sloppiness
+-  cmake: apply parallel build settings to ptest tasks
+-  contributor-guide/submit-changes: add policy on AI generated code
+-  dev-manual/building: document the initramfs-framework recipe
+-  devtool: ide-sdk recommend :term:`DEBUG_BUILD`
+-  devtool: ide-sdk remove the plugin from eSDK installer
+-  devtool: ide-sdk sort cmake preset
+-  devtool: modify support debug-builds
+-  docs: Add favicon for the documentation html
+-  docs: Fix typo in standards.md
+-  docs: Remove all mention of core-image-lsb
+-  docs: vulnerabilities/classes: remove references to cve-check text format
+-  files: Amend overlayfs unit descriptions with path information
+-  files: overlayfs-create-dirs: Improve mount unit dependency
+-  glibc: stable 2.39 branch updates
+-  gnupg: upgrade to 2.4.5
+-  go: upgrade 1.22.12
+-  icu: remove host references in nativesdk to fix reproducibility
+-  libtasn1: upgrade to 4.20.0
+-  libxml2: upgrade to 2.12.10
+-  linux-yocto/6.6: upgrade to v6.6.75
+-  meta: Enable '-o pipefail' for the SDK installer
+-  migration-guides: add release notes for 4.0.24, 4.0.25 and 5.0.7
+-  oe-selftest: devtool ide-sdk use modify debug-build
+-  oeqa/sdk/context: fix for gtk3 test failure during do_testsdk
+-  oeqa/selftest/rust: skip on all MIPS platforms
+-  openssl: upgrade to 3.2.4
+-  pkg-config-native: pick additional search paths from $EXTRA_NATIVE_PKGCONFIG_PATH
+-  poky.conf: add ubuntu2404 to :term:`SANITY_TESTED_DISTROS`
+-  poky.conf: bump version for 5.0.8
+-  ppp: Revert lock path to /var/lock
+-  python3-setuptools-scm: respect GIT_CEILING_DIRECTORIES
+-  python3: upgrade to 3.12.9
+-  qemu: Do not define sched_attr with glibc >= 2.41
+-  ref-manual/faq: add q&a on systemd as default
+-  ref-manual: Add missing variable :term:`IMAGE_ROOTFS_MAXSIZE`
+-  ref-manual: don't refer to poky-lsb
+-  ref-manual: remove OE_IMPORTS
+-  rust-common.bbclass: soft assignment for RUSTLIB path
+-  rust: fix for rust multilib sdk configuration
+-  rust: remove redundant cargo config file
+-  scripts/install-buildtools: Update to 5.0.7
+-  sdk-manual: extensible.rst: devtool ide-sdk improve
+-  sdk-manual: extensible.rst: update devtool ide-sdk
+-  selftest/rust: correctly form the PATH environment variable
+-  systemd: add libpcre2 as :term:`RRECOMMENDS` if pcre2 is enabled
+-  systemd: upgrade to 255.17
+-  test-manual/ptest: link to common framework ptest classes
+-  tzcode-native: Fix compiler setting from 2023d version
+-  tzdata/tzcode-native: upgrade to 2025a
+-  u-boot: kernel-fitimage: Fix dependency loop if :term:`UBOOT_SIGN_ENABLE` and UBOOT_ENV enabled
+-  u-boot: kernel-fitimage: Restore FIT_SIGN_INDIVIDUAL="1" behavior
+-  uboot-config: fix devtool modify with kernel-fitimage
+-  vim: upgrade to 9.1.1043
+
+
+Known Issues in Yocto-5.0.8
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  N/A
+
+Contributors to Yocto-5.0.8
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Thanks to the following people who contributed to this release:
+
+-  Adrian Freihofer
+-  Aleksandar Nikolic
+-  Alessio Cascone
+-  Alexander Kanavin
+-  Alexis Cellier
+-  Antonin Godard
+-  Archana Polampalli
+-  Bruce Ashfield
+-  Chen Qi
+-  Deepesh Varatharajan
+-  Divya Chellam
+-  Enrico Jörns
+-  Esben Haabendal
+-  Etienne Cordonnier
+-  Fabio Berton
+-  Guðni Már Gilbert
+-  Harish Sadineni
+-  Hitendra Prajapati
+-  Hongxu Jia
+-  Jiaying Song
+-  Joerg Schmidt
+-  Johannes Schneider
+-  Khem Raj
+-  Lee Chee Yang
+-  Marek Vasut
+-  Marta Rybczynska
+-  Moritz Haase
+-  Oleksandr Hnatiuk
+-  Pedro Ferreira
+-  Peter Marko
+-  Poonam Jadhav
+-  Priyal Doshi
+-  Ross Burton
+-  Simon A. Eugster
+-  Steve Sakoman
+-  Vijay Anusuri
+-  Wang Mingyu
+-  Weisser, Pascal
+
+
+Repositories / Downloads for Yocto-5.0.8
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.8 </poky/log/?h=yocto-5.0.8>`
+-  Git Revision: :yocto_git:`dc4827b3660bc1a03a2bc3b0672615b50e9137ff </poky/commit/?id=dc4827b3660bc1a03a2bc3b0672615b50e9137ff>`
+-  Release Artefact: poky-dc4827b3660bc1a03a2bc3b0672615b50e9137ff
+-  sha: ace7264e16e18ed02ef0ad2935fa10b5fad2c4de38b2356f4192b38ef2184504
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.8/poky-dc4827b3660bc1a03a2bc3b0672615b50e9137ff.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.8/poky-dc4827b3660bc1a03a2bc3b0672615b50e9137ff.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
+-  Tag:  :oe_git:`yocto-5.0.8 </openembedded-core/log/?h=yocto-5.0.8>`
+-  Git Revision: :oe_git:`cd2b6080a4c0f2ed2c9939ec0b87763aef595048 </openembedded-core/commit/?id=cd2b6080a4c0f2ed2c9939ec0b87763aef595048>`
+-  Release Artefact: oecore-cd2b6080a4c0f2ed2c9939ec0b87763aef595048
+-  sha: 14c7cd5c62a96ceb9c2141164ea0f087fdbaed99ca3e9a722977a3f12d6381f6
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.8/oecore-cd2b6080a4c0f2ed2c9939ec0b87763aef595048.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.8/oecore-cd2b6080a4c0f2ed2c9939ec0b87763aef595048.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.8 </meta-mingw/log/?h=yocto-5.0.8>`
+-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
+-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
+-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.8/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.8/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
+-  Tag:  :oe_git:`yocto-5.0.8 </bitbake/log/?h=yocto-5.0.8>`
+-  Git Revision: :oe_git:`7375d32e8c1af20c51abec4eb3b072b4ca58b239 </bitbake/commit/?id=7375d32e8c1af20c51abec4eb3b072b4ca58b239>`
+-  Release Artefact: bitbake-7375d32e8c1af20c51abec4eb3b072b4ca58b239
+-  sha: 13dffbc162c5b6e2c95fa72936a430b9a542d52d81d502a5d0afc592fbf4a16b
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.8/bitbake-7375d32e8c1af20c51abec4eb3b072b4ca58b239.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.8/bitbake-7375d32e8c1af20c51abec4eb3b072b4ca58b239.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.8 </yocto-docs/log/?h=yocto-5.0.8>`
+-  Git Revision: :yocto_git:`7d3cce5b962ca9f73b29affceb7ebc6710627739 </yocto-docs/commit/?id=7d3cce5b962ca9f73b29affceb7ebc6710627739>`
+
--- a/documentation/migration-guides/release-notes-5.0.9.rst
+++ b/documentation/migration-guides/release-notes-5.0.9.rst
@@ -0,0 +1,206 @@
+.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
+
+Release notes for Yocto-5.0.9 (Scarthgap)
+-----------------------------------------
+
+Security Fixes in Yocto-5.0.9
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: Fix :cve_nist:`2024-57360`, :cve_nist:`2025-1176`, :cve_nist:`2025-1178` and
+   :cve_nist:`2025-1181`
+-  expat: Fix :cve_nist:`2024-8176`
+-  freetype: Fix :cve_nist:`2025-27363`
+-  ghostscript: Fix :cve_nist:`2025-27830`, :cve_nist:`2025-27831`, :cve_nist:`2025-27832`,
+   :cve_nist:`2025-27833`, :cve_nist:`2025-27833`, :cve_nist:`2025-27834`, :cve_nist:`2025-27835`
+   and :cve_nist:`2025-27836`
+-  go: fix :cve_nist:`2025-22870` and :cve_nist:`2025-22871`
+-  grub: Fix :cve_nist:`2024-45781`, :cve_nist:`2024-45774`, :cve_nist:`2024-45775`,
+   :cve_nist:`2024-45776`, :cve_nist:`2024-45777`, :cve_nist:`2024-45778`, :cve_nist:`2024-45779`,
+   :cve_nist:`2024-45780`, :cve_nist:`2024-45782`, :cve_nist:`2024-45783`, :cve_nist:`2024-56737`,
+   :cve_nist:`2025-0622`, :cve_nist:`2025-0624`, :cve_nist:`2025-0677`, :cve_nist:`2025-0678`,
+   :cve_nist:`2025-0684`, :cve_nist:`2025-0685`, :cve_nist:`2025-0686`, :cve_nist:`2025-0689`,
+   :cve_nist:`2025-0690`, :cve_nist:`2025-1118` and :cve_nist:`2025-1125`
+-  libarchive: Fix :cve_nist:`2024-20696`, :cve_nist:`2024-48957`, :cve_nist:`2024-48958`,
+   :cve_nist:`2025-1632` and :cve_nist:`2025-25724`
+-  libxslt: Fix :cve_nist:`2024-24855` and :cve_nist:`2024-55549`
+-  linux-yocto/6.6: Fix :cve_nist:`2024-54458`, :cve_nist:`2024-57834`, :cve_nist:`2024-57973`,
+   :cve_nist:`2024-57978`, :cve_nist:`2024-57979`, :cve_nist:`2024-57980`, :cve_nist:`2024-57981`,
+   :cve_nist:`2024-57984`, :cve_nist:`2024-57996`, :cve_nist:`2024-57997`, :cve_nist:`2024-58002`,
+   :cve_nist:`2024-58005`, :cve_nist:`2024-58007`, :cve_nist:`2024-58010`, :cve_nist:`2024-58011`,
+   :cve_nist:`2024-58013`, :cve_nist:`2024-58017`, :cve_nist:`2024-58020`, :cve_nist:`2024-58034`,
+   :cve_nist:`2024-58052`, :cve_nist:`2024-58055`, :cve_nist:`2024-58058`, :cve_nist:`2024-58063`,
+   :cve_nist:`2024-58068`, :cve_nist:`2024-58069`, :cve_nist:`2024-58070`, :cve_nist:`2024-58071`,
+   :cve_nist:`2024-58076`, :cve_nist:`2024-58080`, :cve_nist:`2024-58083`, :cve_nist:`2024-58088`,
+   :cve_nist:`2025-21700`, :cve_nist:`2025-21703`, :cve_nist:`2025-21707`, :cve_nist:`2025-21711`,
+   :cve_nist:`2025-21715`, :cve_nist:`2025-21716`, :cve_nist:`2025-21718`, :cve_nist:`2025-21726`,
+   :cve_nist:`2025-21727`, :cve_nist:`2025-21731`, :cve_nist:`2025-21735`, :cve_nist:`2025-21736`,
+   :cve_nist:`2025-21741`, :cve_nist:`2025-21742`, :cve_nist:`2025-21743`, :cve_nist:`2025-21744`,
+   :cve_nist:`2025-21745`, :cve_nist:`2025-21748`, :cve_nist:`2025-21749`, :cve_nist:`2025-21753`,
+   :cve_nist:`2025-21756`, :cve_nist:`2025-21759`, :cve_nist:`2025-21760`, :cve_nist:`2025-21761`,
+   :cve_nist:`2025-21762`, :cve_nist:`2025-21763`, :cve_nist:`2025-21764`, :cve_nist:`2025-21773`,
+   :cve_nist:`2025-21775`, :cve_nist:`2025-21776`, :cve_nist:`2025-21779`, :cve_nist:`2025-21780`,
+   :cve_nist:`2025-21782`, :cve_nist:`2025-21783`, :cve_nist:`2025-21785`, :cve_nist:`2025-21787`,
+   :cve_nist:`2025-21789`, :cve_nist:`2025-21790`, :cve_nist:`2025-21791`, :cve_nist:`2025-21792`,
+   :cve_nist:`2025-21793`, :cve_nist:`2025-21796`, :cve_nist:`2025-21811`, :cve_nist:`2025-21812`,
+   :cve_nist:`2025-21814`, :cve_nist:`2025-21820`, :cve_nist:`2025-21844`, :cve_nist:`2025-21846`,
+   :cve_nist:`2025-21847`, :cve_nist:`2025-21848`, :cve_nist:`2025-21853`, :cve_nist:`2025-21854`,
+   :cve_nist:`2025-21855`, :cve_nist:`2025-21856`, :cve_nist:`2025-21857`, :cve_nist:`2025-21858`,
+   :cve_nist:`2025-21859`, :cve_nist:`2025-21862`, :cve_nist:`2025-21863`, :cve_nist:`2025-21864`,
+   :cve_nist:`2025-21865`, :cve_nist:`2025-21866`, :cve_nist:`2025-21867`, :cve_nist:`2025-21887`,
+   :cve_nist:`2025-21891`, :cve_nist:`2025-21898`, :cve_nist:`2025-21904`, :cve_nist:`2025-21905`,
+   :cve_nist:`2025-21908`, :cve_nist:`2025-21912`, :cve_nist:`2025-21915`, :cve_nist:`2025-21917`,
+   :cve_nist:`2025-21918`, :cve_nist:`2025-21919`, :cve_nist:`2025-21920`, :cve_nist:`2025-21922`,
+   :cve_nist:`2025-21928`, :cve_nist:`2025-21934`, :cve_nist:`2025-21936`, :cve_nist:`2025-21937`,
+   :cve_nist:`2025-21941`, :cve_nist:`2025-21943`, :cve_nist:`2025-21945`, :cve_nist:`2025-21947`,
+   :cve_nist:`2025-21948`, :cve_nist:`2025-21951`, :cve_nist:`2025-21957`, :cve_nist:`2025-21959`,
+   :cve_nist:`2025-21962`, :cve_nist:`2025-21963`, :cve_nist:`2025-21964`, :cve_nist:`2025-21966`,
+   :cve_nist:`2025-21967`, :cve_nist:`2025-21968`, :cve_nist:`2025-21969`, :cve_nist:`2025-21979`,
+   :cve_nist:`2025-21980`, :cve_nist:`2025-21981`, :cve_nist:`2025-21991` and :cve_nist:`2025-21993`
+-  mpg123: Fix :cve_nist:`2024-10573`
+-  ofono: Fix :cve_nist:`2024-7537`
+-  openssh: Fix :cve_nist:`2025-26465`
+-  puzzles: Ignore :cve_nist:`2024-13769`, :cve_nist:`2024-13770` and :cve_nist:`2025-0837`
+-  qemu: Ignore :cve_nist:`2023-1386`
+-  ruby: Fix :cve_nist:`2025-27219` and :cve_nist:`2025-27220`
+-  rust-cross-canadian: Ignore :cve_nist:`2024-43402`
+-  vim: Fix :cve_nist:`2025-1215`, :cve_nist:`2025-26603`, :cve_nist:`2025-27423` and
+   :cve_nist:`2025-29768`
+-  xserver-xorg: Fix :cve_nist:`2025-26594`, :cve_nist:`2025-26595`, :cve_nist:`2025-26596`,
+   :cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`, :cve_nist:`2025-26600`
+   and :cve_nist:`2025-26601`
+-  xz: Fix :cve_nist:`2025-31115`
+
+
+Fixes in Yocto-5.0.9
+~~~~~~~~~~~~~~~~~~~~
+
+-  babeltrace2: extend to nativesdk
+-  babeltrace: extend to nativesdk
+-  bitbake: event/utils: Avoid deadlock from lock_timeout() and recursive events
+-  bitbake: utils: Add signal blocking for lock_timeout
+-  bitbake: utils: Print information about lock issue before exiting
+-  bitbake: utils: Tweak lock_timeout logic
+-  build-appliance-image: Update to scarthgap head revision
+-  cve-check.bbclass: Mitigate symlink related error
+-  cve-update-nvd2-native: add workaround for json5 style list
+-  cve-update-nvd2-native: handle missing vulnStatus
+-  gcc: remove paths to sysroot from configargs.h and checksum-options for gcc-cross-canadian
+-  gcc: unify cleanup of include-fixed, apply to cross-canadian
+-  ghostscript: upgrade to 10.05.0
+-  grub: backport strlcpy function
+-  grub: drop obsolete CVE statuses
+-  icu: Adjust ICU_DATA_DIR path on big endian targets
+-  kernel-arch: add macro-prefix-map in KERNEL_CC
+-  libarchive: upgrade to 3.7.9
+-  libxslt: upgrade to 1.1.43
+-  linux-yocto/6.6: update to v6.6.84
+-  mc: set ac_cv_path_ZIP to avoid buildpaths QA issues
+-  mpg123: upgrade to 1.32.10
+-  nativesdk-libtool: sanitize the script, remove buildpaths
+-  openssl: rewrite ptest installation
+-  overview-manual/concepts: remove :term:`PR` from the build dir list
+-  patch.py: set commituser and commitemail for addNote
+-  poky.conf: bump version for 5.0.9
+-  vim: Upgrade to 9.1.1198
+-  xserver-xf86-config: add a configuration fragment to disable screen blanking
+-  xserver-xf86-config: remove obsolete configuration files
+-  xserver-xorg: upgrade to 21.1.16
+-  xz: upgrade to 5.4.7
+-  yocto-uninative: Update to 4.7 for glibc 2.41
+
+
+Known Issues in Yocto-5.0.9
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+- N/A
+
+Contributors to Yocto-5.0.9
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Thanks to the following people who contributed to this release:
+
+-  Antonin Godard
+-  Archana Polampalli
+-  Ashish Sharma
+-  Bruce Ashfield
+-  Changqing Li
+-  Denys Dmytriyenko
+-  Divya Chellam
+-  Hitendra Prajapati
+-  Madhu Marri
+-  Makarios Christakis
+-  Martin Jansa
+-  Michael Halstead
+-  Niko Mauno
+-  Oleksandr Hnatiuk
+-  Peter Marko
+-  Richard Purdie
+-  Ross Burton
+-  Sana Kazi
+-  Stefan Mueller-Klieser
+-  Steve Sakoman
+-  Vijay Anusuri
+-  Virendra Thakur
+-  Vishwas Udupa
+-  Wang Mingyu
+-  Zhang Peng
+
+
+Repositories / Downloads for Yocto-5.0.9
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.9 </poky/log/?h=yocto-5.0.9>`
+-  Git Revision: :yocto_git:`bab0f9f62af9af580744948dd3240f648a99879a </poky/commit/?id=bab0f9f62af9af580744948dd3240f648a99879a>`
+-  Release Artefact: poky-bab0f9f62af9af580744948dd3240f648a99879a
+-  sha: ee6811d9fb6c4913e19d6e3569f1edc8ccd793779b237520596506446a6b4531
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/poky-bab0f9f62af9af580744948dd3240f648a99879a.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/poky-bab0f9f62af9af580744948dd3240f648a99879a.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
+-  Tag:  :oe_git:`yocto-5.0.9 </openembedded-core/log/?h=yocto-5.0.9>`
+-  Git Revision: :oe_git:`04038ecd1edd6592b826665a2b787387bb7074fa </openembedded-core/commit/?id=04038ecd1edd6592b826665a2b787387bb7074fa>`
+-  Release Artefact: oecore-04038ecd1edd6592b826665a2b787387bb7074fa
+-  sha: 6e201a4b486dfbdfcb7e96d83b962a205ec4764db6ad0e34bd623db18910eddb
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/oecore-04038ecd1edd6592b826665a2b787387bb7074fa.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/oecore-04038ecd1edd6592b826665a2b787387bb7074fa.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.9 </meta-mingw/log/?h=yocto-5.0.9>`
+-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
+-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
+-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
+
+bitbake
+
+-  Repository Location: :oe_git:`/bitbake`
+-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
+-  Tag:  :oe_git:`yocto-5.0.9 </bitbake/log/?h=yocto-5.0.9>`
+-  Git Revision: :oe_git:`696c2c1ef095f8b11c7d2eff36fae50f58c62e5e </bitbake/commit/?id=696c2c1ef095f8b11c7d2eff36fae50f58c62e5e>`
+-  Release Artefact: bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e
+-  sha: fc83f879cd6dd14b9b7eba0161fec23ecc191fed0fb00556ba729dceef6c145f
+-  Download Locations:
+   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
+   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.9 </yocto-docs/log/?h=yocto-5.0.9>`
+-  Git Revision: :yocto_git:`56db4fd81f6235428bef9e46a61c11ca0ba89733 </yocto-docs/commit/?id=56db4fd81f6235428bef9e46a61c11ca0ba89733>`
+
--- a/documentation/overview-manual/concepts.rst
+++ b/documentation/overview-manual/concepts.rst
@@ -98,7 +98,7 @@ files, and how to package the compiled output.

 The term "package" is sometimes used to refer to recipes. However, since
 the word "package" is used for the packaged output from the OpenEmbedded
-build system (i.e. ``.ipk`` or ``.deb`` files), this document avoids
+build system (i.e. ``.ipk``, ``.deb`` or ``.rpm`` files), this document avoids
 using the term "package" when referring to recipes.

 Classes
@@ -256,7 +256,7 @@ development environment.
 .. note::

   The
-   scripts/oe-setup-builddir
+   ``scripts/oe-setup-builddir``
   script uses the
   ``$TEMPLATECONF``
   variable to determine which sample configuration files to locate.
@@ -352,7 +352,7 @@ layers the build system uses to further control the build. These layers
 provide Metadata for the software, machine, and policies.

 In general, there are three types of layer input. You can see them below
-the "User Configuration" box in the `general workflow
+the "User Configuration" box in the :ref:`general workflow
 figure <overview-manual/concepts:openembedded build system concepts>`:

 -  *Metadata (.bb + Patches):* Software layers containing
@@ -420,14 +420,14 @@ build.
 Distro Layer
 ~~~~~~~~~~~~

-The distribution layer provides policy configurations for your
+A distribution layer provides policy configurations for your
 distribution. Best practices dictate that you isolate these types of
 configurations into their own layer. Settings you provide in
 ``conf/distro/distro.conf`` override similar settings that BitBake finds
 in your ``conf/local.conf`` file in the :term:`Build Directory`.

 The following list provides some explanation and references for what you
-typically find in the distribution layer:
+typically find in a distribution layer:

 -  *classes:* Class files (``.bbclass``) hold common functionality that
   can be shared among recipes in the distribution. When your recipes
@@ -454,7 +454,7 @@ typically find in the distribution layer:
 BSP Layer
 ~~~~~~~~~

-The BSP Layer provides machine configurations that target specific
+A BSP layer provides machine configurations that target specific
 hardware. Everything in this layer is specific to the machine for which
 you are building the image or the SDK. A common structure or form is
 defined for BSP layers. You can learn more about this structure in the
@@ -465,7 +465,7 @@ defined for BSP layers. You can learn more about this structure in the
   In order for a BSP layer to be considered compliant with the Yocto
   Project, it must meet some structural requirements.

-The BSP Layer's configuration directory contains configuration files for
+A BSP layer's configuration directory contains configuration files for
 the machine (``conf/machine/machine.conf``) and, of course, the layer
 (``conf/layer.conf``).

@@ -477,18 +477,18 @@ formfactors, graphics support systems, and so forth.
 .. note::

   While the figure shows several
-   recipes-\*
+   ``recipes-*``
   directories, not all these directories appear in all BSP layers.

 Software Layer
 ~~~~~~~~~~~~~~

-The software layer provides the Metadata for additional software
+A software layer provides the Metadata for additional software
 packages used during the build. This layer does not include Metadata
 that is specific to the distribution or the machine, which are found in
 their respective layers.

-This layer contains any recipes, append files, and patches, that your
+This layer contains any recipes, append files, and patches that your
 project needs.

 Sources
@@ -560,9 +560,8 @@ source tree used by the group).

 The canonical method through which to include a local project is to use the
 :ref:`ref-classes-externalsrc` class to include that local project. You use
-either the ``local.conf`` or a recipe's append file to override or set the
-recipe to point to the local directory on your disk to pull in the whole
-source tree.
+either ``local.conf`` or a recipe's append file to override or set the
+recipe to point to the local directory from which to fetch the source.

 Source Control Managers (Optional)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -953,7 +952,7 @@ package.

  For more information on the ``oe-pkgdata-util`` utility, see the section
  :ref:`dev-manual/debugging:Viewing Package Information with
-  \`\`oe-pkgdata-util\`\`` of the Yocto Project Development Tasks Manual.
+  ``oe-pkgdata-util``` of the Yocto Project Development Tasks Manual.

 To add a custom package variant of the ``${PN}`` recipe named
 ``${PN}-extra`` (name is arbitrary), one can add it to the
@@ -2201,7 +2200,7 @@ require root privileges, the fact that some earlier steps ran in a fake
 root environment does not cause problems.

 The capability to run tasks in a fake root environment is known as
-"`fakeroot <http://man.he.net/man1/fakeroot>`__", which is derived from
+":manpage:`fakeroot <fakeroot(1)>`", which is derived from
 the BitBake keyword/variable flag that requests a fake root environment
 for a task.

@@ -2395,8 +2394,8 @@ The contents of ``sayhello_0.1.bb`` are::
   S = "${WORKDIR}/git"

   do_install(){
-      install -d ${D}/usr/bin
-      install -m 0700 sayhello ${D}/usr/bin
+      install -d ${D}${bindir}
+      install -m 0700 sayhello ${D}${bindir}
   }

 After placing the recipes in a custom layer we can run ``bitbake sayhello``
--- a/documentation/overview-manual/yp-intro.rst
+++ b/documentation/overview-manual/yp-intro.rst
@@ -28,7 +28,7 @@ platforms as well as software stacks that can be maintained and scaled.

 For further introductory information on the Yocto Project, you might be
 interested in this
-`article <https://www.embedded.com/electronics-blogs/say-what-/4458600/Why-the-Yocto-Project-for-my-IoT-Project->`__
+`article <https://www.embedded.com/why-the-yocto-project-for-my-iot-project/>`__
 by Drew Moseley and in this short introductory
 `video <https://www.youtube.com/watch?v=utZpKM7i5Z4>`__.

@@ -400,7 +400,7 @@ Yocto Project:
   Autobuilder :doc:`here </test-manual/understand-autobuilder>`.

 -  *Pseudo:* Pseudo is the Yocto Project implementation of
-   `fakeroot <http://man.he.net/man1/fakeroot>`__, which is used to run
+   :manpage:`fakeroot <fakeroot(1)>`, which is used to run
   commands in an environment that seemingly has root privileges.

   During a build, it can be necessary to perform operations that
--- a/documentation/poky.yaml.in
+++ b/documentation/poky.yaml.in
@@ -2,13 +2,22 @@
 # Macros used in the documentation
 #

+# The DISTRO variable represents the current docs version. It should be used
+# when referring to the current docs version. See also DISTRO_LATEST_TAG.
 DISTRO : "5.0"
+# The DISTRO_LATEST_TAG represents the latest tag on the current branch. It
+# should be used in HTTP link referring to the current docs version. In these
+# cases, the DISTRO may point to A.B.999 which does not exist (just used to
+# represent the latest HEAD revision on the branch). DISTRO_LATEST_TAG should
+# always point to an existing tag.
+DISTRO_LATEST_TAG : "5.0"
 DISTRO_NAME_NO_CAP : "scarthgap"
 DISTRO_NAME : "Scarthgap"
 DISTRO_NAME_NO_CAP_MINUS_ONE : "nanbield"
 DISTRO_NAME_NO_CAP_LTS : "scarthgap"
 YOCTO_DOC_VERSION : "5.0"
-DISTRO_REL_TAG : "yocto-5.0"
+DISTRO_REL_TAG : "yocto-$DISTRO;"
+DISTRO_REL_LATEST_TAG : "yocto-&DISTRO_LATEST_TAG;"
 DOCCONF_VERSION : "dev"
 BITBAKE_SERIES : ""
 YOCTO_DL_URL : "https://downloads.yoctoproject.org"
--- a/documentation/ref-manual/classes.rst
+++ b/documentation/ref-manual/classes.rst
@@ -1993,7 +1993,8 @@ a couple different ways:
      Not using this naming convention can lead to subtle problems
      caused by existing code that depends on that naming convention.

-  Create or modify a target recipe that contains the following::
+-  Or, create a :ref:`ref-classes-native` variant of any target recipe (e.g.
+   ``myrecipe.bb``) by adding the following to the recipe::

      BBCLASSEXTEND = "native"

@@ -2024,7 +2025,18 @@ couple different ways:
   inherit statement in the recipe after all other inherit statements so
   that the :ref:`ref-classes-nativesdk` class is inherited last.

-  Create a :ref:`ref-classes-nativesdk` variant of any recipe by adding the following::
+   .. note::
+
+      When creating a recipe, you must follow this naming convention::
+
+              nativesdk-myrecipe.bb
+
+
+      Not doing so can lead to subtle problems because there is code that
+      depends on the naming convention.
+
+-  Or, create a :ref:`ref-classes-nativesdk` variant of any target recipe (e.g.
+   ``myrecipe.bb``) by adding the following to the recipe::

       BBCLASSEXTEND = "nativesdk"

@@ -2033,16 +2045,6 @@ couple different ways:
   specify any functionality specific to the respective SDK machine or
   target case.

-.. note::
-
-   When creating a recipe, you must follow this naming convention::
-
-           nativesdk-myrecipe.bb
-
-
-   Not doing so can lead to subtle problems because there is code that
-   depends on the naming convention.
-
 Although applied differently, the :ref:`ref-classes-nativesdk` class is used with both
 methods. The advantage of the second method is that you do not need to
 have two separate recipes (assuming you need both) for the SDK machine
@@ -3184,6 +3186,22 @@ class assuming :term:`PATCHRESOLVE` is set to "user", the
 :ref:`ref-classes-cml1` class, and the :ref:`ref-classes-devshell` class all
 use the :ref:`ref-classes-terminal` class.

+.. _ref-classes-testexport:
+
+``testexport``
+==============
+
+Based on the :ref:`ref-classes-testimage` class, the
+:ref:`ref-classes-testexport` class can be used to export the test environment
+outside of the :term:`OpenEmbedded Build System`. This will generate the
+directory structure to execute the runtime tests using the
+:oe_git:`runexported.py </openembedded-core/tree/meta/lib/oeqa/runexported.py>`
+Python script.
+
+For more details on how to use :ref:`ref-classes-testexport`, see
+the :ref:`test-manual/runtime-testing:Exporting Tests` section in the Yocto
+Project Test Environment Manual.
+
 .. _ref-classes-testimage:

 ``testimage``
@@ -3314,6 +3332,9 @@ The variables used by this class are:
 -  :term:`SPL_SIGN_ENABLE`: enable signing the FIT image.
 -  :term:`SPL_SIGN_KEYDIR`: directory containing the signing keys.
 -  :term:`SPL_SIGN_KEYNAME`: base filename of the signing keys.
+-  :term:`SPL_DTB_BINARY`: Name of the SPL device tree binary. Can be set to an
+   empty string to indicate that no SPL should be created and added to the FIT
+   image.
 -  :term:`UBOOT_FIT_ADDRESS_CELLS`: ``#address-cells`` value for the FIT image.
 -  :term:`UBOOT_FIT_DESC`: description string encoded into the FIT image.
 -  :term:`UBOOT_FIT_GENERATE_KEYS`: generate the keys if they don't exist yet.
--- a/documentation/ref-manual/devtool-reference.rst
+++ b/documentation/ref-manual/devtool-reference.rst
@@ -435,7 +435,7 @@ You can read more on the ``devtool upgrade`` workflow in the
 ":ref:`sdk-manual/extensible:use \`\`devtool upgrade\`\` to create a version of the recipe that supports a newer version of the software`"
 section in the Yocto Project Application Development and the Extensible
 Software Development Kit (eSDK) manual. You can also see an example of
-how to use ``devtool upgrade`` in the ":ref:`dev-manual/upgrading-recipes:using \`\`devtool upgrade\`\``"
+how to use ``devtool upgrade`` in the ":ref:`dev-manual/upgrading-recipes:using ``devtool upgrade```"
 section in the Yocto Project Development Tasks Manual.

 .. _devtool-resetting-a-recipe:
--- a/documentation/ref-manual/structure.rst
+++ b/documentation/ref-manual/structure.rst
@@ -344,6 +344,15 @@ This configuration file is generated by :doc:`bblock </dev-manual/bblock>` and
 contains the signatures locked by ``bblock``. By default, it does not exist
 and will be created upon the first invocation of ``bblock``.

+.. _structure-build-conf-auto.conf:
+
+``build/conf/auto.conf``
+------------------------
+
+This file contains configuration variables that are automatically modified by
+tools such as :oe_git:`bitbake-config-build </bitbake/tree/bin/bitbake-config-build>`.
+This file should not be modified manually.
+
 .. _structure-build-downloads:

 ``build/downloads/``
@@ -515,7 +524,7 @@ generated during the :ref:`ref-tasks-packagedata` task. The files stored in this
 directory contain information about each output package produced by the
 OpenEmbedded build system, and are used in different ways by the build system
 such as ":ref:`dev-manual/debugging:viewing package information with
-\`\`oe-pkgdata-util\`\``".
+``oe-pkgdata-util```".

 .. _structure-build-tmp-sstate-control:

--- a/documentation/ref-manual/svg/releases.svg
+++ b/documentation/ref-manual/svg/releases.svg
@@ -2,11 +2,11 @@
 <svg
   version="1.1"
   id="svg2"
-   width="1523.001"
-   height="504.30499"
-   viewBox="0 0 1523.001 504.30497"
+   width="1992.7236"
+   height="613.35602"
+   viewBox="0 0 1992.7236 613.35599"
   sodipodi:docname="releases.svg"
-   inkscape:version="1.3.2 (091e20ef0f, 2023-11-25, custom)"
+   inkscape:version="1.4.1 (93de688d07, 2025-03-30)"
   inkscape:export-filename="../../../../../../../../tmp/releases.png"
   inkscape:export-xdpi="96"
   inkscape:export-ydpi="96"
@@ -70,7 +70,7 @@
       scale_width="1"
       end_linecap_type="zerowidth"
       not_jump="false"
-       message="&lt;b&gt;Ctrl + click&lt;/b&gt; on existing node and move it" />
+       message="" />
    <marker
       style="overflow:visible"
       id="marker5783"
@@ -412,9 +412,9 @@
     inkscape:window-height="2069"
     id="namedview4"
     showgrid="true"
-     inkscape:zoom="2.1971372"
-     inkscape:cx="1068.2082"
-     inkscape:cy="287.87461"
+     inkscape:zoom="1.5536106"
+     inkscape:cx="1158.2696"
+     inkscape:cy="273.55632"
     inkscape:window-x="2256"
     inkscape:window-y="60"
     inkscape:window-maximized="1"
@@ -433,8 +433,8 @@
    <inkscape:grid
       type="xygrid"
       id="grid1257"
-       originx="-289.99936"
-       originy="369.99997"
+       originx="-289.06071"
+       originy="478.43017"
       spacingy="1"
       spacingx="1"
       units="px"
@@ -444,66 +444,90 @@
     inkscape:groupmode="layer"
     inkscape:label="Image"
     id="g10"
-     transform="translate(-289.99936,370.00003)">
+     transform="translate(-289.06072,478.43022)">
+    <rect
+       style="fill:#333333;fill-opacity:0;stroke:#000000;stroke-width:0.713896;stroke-linejoin:bevel;stroke-miterlimit:0;stroke-opacity:0"
+       id="rect1"
+       width="1992.0098"
+       height="612.64215"
+       x="289.41766"
+       y="-478.07327"
+       ry="24.97636" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 563.40434,64.000628 v -415.635938 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 563.40434,64.000628 v -524.414808 0 0"
       id="path207708" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 683.40434,64.000628 v -415.635938 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 683.40434,64.000628 v -524.414808 0 0"
       id="path207708-4" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 803.40434,64.000628 v -415.635938 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 803.40434,64.000628 v -524.414808 0 0"
       id="path207708-4-3" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 923.40434,64.000588 v -415.635898 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 923.40434,64.000577 v -524.414757 0 0"
       id="path207708-4-3-6" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1043.4043,64.000588 v -415.635898 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1043.4043,64.000577 v -524.414757 0 0"
       id="path207708-4-3-6-2" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1163.4043,64.000588 v -415.635898 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1163.4043,64.000577 v -524.414757 0 0"
       id="path207708-4-3-6-2-8" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1283.4043,64.000588 v -415.635898 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1283.4043,64.000577 v -524.414757 0 0"
       id="path207708-4-3-6-2-8-4" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1403.4043,64.000588 v -415.635898 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1403.4043,64.000577 v -524.414757 0 0"
       id="path207708-4-3-6-2-8-4-3" />
    <path
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.475347;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 1523.4043,64.000568 v -415.757648 0 0"
       id="path207708-4-3-6-2-8-4-3-8" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1523.4043,64.000588 v -415.635898 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1523.4043,64.000577 v -524.414757 0 0"
       id="path207708-4-3-6-2-8-4-3-8-0" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1643.3583,64.000578 v -415.635868 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1643.3583,64.000565 v -524.414715 0 0"
       id="path207708-4-3-6-2-8-4-3-8-4" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1763.4043,64.000578 v -415.635868 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1763.4043,64.000565 v -524.414715 0 0"
       id="path207708-4-3-6-2-8-4-3-8-4-0" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 443.40434,64.000628 v -415.635938 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1883.7877,64.878769 v -524.414709 0 0"
+       id="path207708-4-3-6-2-8-4-3-8-4-0-8" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2002.9599,64.984489 v -524.414709 0 0"
+       id="path207708-4-3-6-2-8-4-3-8-4-0-8-8" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2123.2232,62.984489 v -524.414709 0 0"
+       id="path207708-4-3-6-2-8-4-3-8-4-0-8-8-1" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2243.313,63.984489 v -524.414709 0 0"
+       id="path207708-4-3-6-2-8-4-3-8-4-0-8-8-1-9" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 443.40434,64.000628 v -524.414808 0 0"
       id="path207708-9" />
    <path
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 323.40434,64.000608 v -375.000008 0 0"
       id="path207708-9-6" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 323.40434,64.000618 v -415.635908 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 323.40434,64.000616 v -524.414766 0 0"
       id="path207708-9-6-2" />
    <text
       xml:space="preserve"
@@ -536,7 +560,7 @@
         x="-59.575905"
         y="580.05695" /></text>
    <rect
-       style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1;opacity:0.5"
+       style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4"
       width="160.00002"
       height="45.000004"
@@ -583,14 +607,6 @@
         y="-73.501534"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4">4.2</tspan></text>
-    <rect
-       style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
-       id="rect917-0-0-4-4-9-4-5-3-9-2-3"
-       width="140"
-       height="45.000004"
-       x="1043.132"
-       y="-328.2114"
-       ry="2.2558987" />
    <rect
       style="opacity:1;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-3-6"
@@ -615,22 +631,78 @@
         y="-238.332"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6">5.1</tspan></text>
+    <rect
+       style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
+       id="rect917-0-0-4-4-9-4-5-3-9-2-3-6-2"
+       width="140"
+       height="45.000004"
+       x="1043.4697"
+       y="-328.48172"
+       ry="2.2558987" />
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1094.2197"
-       y="-309.83084"
-       id="text1185-3-55-4-0-0-0-1-1-6-4-3"><tspan
+       x="1090.4542"
+       y="-309.61823"
+       id="text1185-3-55-4-0-0-0-1-1-6-4-7"><tspan
         sodipodi:role="line"
-         x="1094.2197"
-         y="-309.83084"
+         x="1090.4542"
+         y="-309.61823"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan957-2-8-6-3-9-7-4-2-0-5">Walnascar</tspan><tspan
+         id="tspan957-2-8-6-3-9-7-4-2-0-0">Walnascar</tspan><tspan
         sodipodi:role="line"
-         x="1094.2197"
-         y="-291.83417"
+         x="1090.4542"
+         y="-291.62155"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5-6-6">5.2</tspan></text>
+         id="tspan10317-2-9-1-4-6-5-6-9">5.2</tspan></text>
+    <rect
+       style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
+       id="rect917-0-0-4-4-9-4-5-3-9-2-3-67"
+       width="140"
+       height="45.000004"
+       x="1163.6425"
+       y="-382.27469"
+       ry="2.2558987" />
+    <text
+       xml:space="preserve"
+       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       x="1214.9716"
+       y="-363.89413"
+       id="text1185-3-55-4-0-0-0-1-1-6-4-3-53"><tspan
+         sodipodi:role="line"
+         x="1214.9716"
+         y="-363.89413"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
+         id="tspan957-2-8-6-3-9-7-4-2-0-5-5">Whinlatter</tspan><tspan
+         sodipodi:role="line"
+         x="1214.9716"
+         y="-345.89746"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
+         id="tspan10317-2-9-1-4-6-5-6-6-6">5.3</tspan></text>
+    <rect
+       style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:5.29752;stroke-opacity:1"
+       id="rect917-0-0-4-4-9-4-5-3-9-2-3-67-6"
+       width="982.23163"
+       height="45.000004"
+       x="1283.7023"
+       y="-436.77539"
+       ry="2.2558987" />
+    <text
+       xml:space="preserve"
+       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       x="1335.1118"
+       y="-418.39484"
+       id="text1185-3-55-4-0-0-0-1-1-6-4-3-53-0"><tspan
+         sodipodi:role="line"
+         x="1335.1118"
+         y="-418.39484"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
+         id="tspan957-2-8-6-3-9-7-4-2-0-5-5-6">Wrynose</tspan><tspan
+         sodipodi:role="line"
+         x="1335.1118"
+         y="-400.39816"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
+         id="tspan10317-2-9-1-4-6-5-6-6-6-2">6.0</tspan></text>
    <g
       id="g1591"
       transform="translate(-516.59566,64.000598)">
@@ -681,7 +753,7 @@
         id="tspan10317-2-9-0-1">5.0</tspan></text>
    <g
       id="g1125-0"
-       transform="matrix(0.42240595,0,0,0.41654472,330.77064,-441.11721)"
+       transform="matrix(0.42240595,0,0,0.41654472,330.77064,-497.11721)"
       style="stroke:none;stroke-width:2.38399">
      <rect
         style="opacity:1;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:4.76797;stroke-opacity:1"
@@ -923,8 +995,8 @@
         y="345.7359" /></text>
    <path
       id="path29430"
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.72671;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="M 307.54809,63.999718 H 1783.4043 Z" />
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.99503;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="M 307.54809,63.999718 H 2277.72 Z" />
    <path
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 323.40434,64.000618 v 9.99995 0"
@@ -1437,50 +1509,324 @@
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 1763.4043,64.000578 v 9.99999 0"
       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0" />
+    <text
+       xml:space="preserve"
+       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       x="1885.6029"
+       y="94.285194"
+       id="text1185-9-7-1-1-8-1-0-4-2-8-2"><tspan
+         sodipodi:role="line"
+         x="1885.6029"
+         y="94.285194"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan31345-4-0-4-81-5-2-8">Oct.</tspan><tspan
+         sodipodi:role="line"
+         x="1885.6029"
+         y="112.28188"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan49906-7-3-8-2-8-9-9">2028</tspan></text>
+    <g
+       id="g1267-4-5-2-7"
+       transform="translate(563.45518,-155.9782)">
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1200,220.00002 v 9.99999 0"
+         id="path29548-5-1-3-6-3-1-0-3-4-1-3" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1220,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1240,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1260,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1280,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1299.7216,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3"
+         inkscape:transform-center-x="-14.78205"
+         inkscape:transform-center-y="-0.085282837" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1883.4551,64.021829 v 9.99999 0"
+       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1" />
+    <text
+       xml:space="preserve"
+       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       x="2005.5908"
+       y="94.339828"
+       id="text1185-9-7-1-1-8-1-0-4-2-8-2-4"><tspan
+         sodipodi:role="line"
+         x="2005.5908"
+         y="94.339828"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan31345-4-0-4-81-5-2-8-7">Apr.</tspan><tspan
+         sodipodi:role="line"
+         x="2005.5908"
+         y="112.33651"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan49906-7-3-8-2-8-9-9-8">2029</tspan></text>
+    <g
+       id="g1267-4-5-2-7-4"
+       transform="translate(683.44312,-155.92356)">
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1200,220.00002 v 9.99999 0"
+         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1220,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1240,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1260,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1280,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1299.7216,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0"
+         inkscape:transform-center-x="-14.78205"
+         inkscape:transform-center-y="-0.085282837" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2003.443,64.076464 v 9.99999 0"
+       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6" />
+    <text
+       xml:space="preserve"
+       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       x="2125.6079"
+       y="94.692207"
+       id="text1185-9-7-1-1-8-1-0-4-2-8-2-4-2"><tspan
+         sodipodi:role="line"
+         x="2125.6079"
+         y="94.692207"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan31345-4-0-4-81-5-2-8-7-0">Oct.</tspan><tspan
+         sodipodi:role="line"
+         x="2125.6079"
+         y="112.68889"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan49906-7-3-8-2-8-9-9-8-6">2029</tspan></text>
+    <g
+       id="g1267-4-5-2-7-4-1"
+       transform="translate(803.46019,-155.57118)">
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1200,220.00002 v 9.99999 0"
+         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1220,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1240,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1260,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1280,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1299.7216,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5"
+         inkscape:transform-center-x="-14.78205"
+         inkscape:transform-center-y="-0.085282837" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2123.4601,64.428843 v 9.99999 0"
+       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-6" />
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2123.3825,64.223284 v 9.99999 0"
+       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-3" />
+    <text
+       xml:space="preserve"
+       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       x="2245.5474"
+       y="94.839027"
+       id="text1185-9-7-1-1-8-1-0-4-2-8-2-4-2-7"><tspan
+         sodipodi:role="line"
+         x="2245.5474"
+         y="94.839027"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan31345-4-0-4-81-5-2-8-7-0-4">Apr.</tspan><tspan
+         sodipodi:role="line"
+         x="2245.5474"
+         y="112.83571"
+         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
+         id="tspan49906-7-3-8-2-8-9-9-8-6-5">2030</tspan></text>
+    <g
+       id="g1267-4-5-2-7-4-1-2"
+       transform="translate(923.39972,-155.42436)">
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1200,220.00002 v 9.99999 0"
+         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5-5" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1220,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5-4"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1240,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4-7"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1260,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7-4"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1280,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6-4"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1299.7216,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5-3"
+         inkscape:transform-center-x="-14.78205"
+         inkscape:transform-center-y="-0.085282837" />
+    </g>
+    <g
+       id="g1267-4-5-2-7-4-1-2-0"
+       transform="translate(1043.3579,-155.33829)">
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1200,220.00002 v 9.99999 0"
+         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5-5-6" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1220,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5-4-8"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1240,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4-7-9"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1260,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7-4-2"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1280,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6-4-6"
+         inkscape:transform-center-x="14.782001"
+         inkscape:transform-center-y="-0.085282837" />
+      <path
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+         d="m 1299.7216,219.99997 v 5.00004 0"
+         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5-3-6"
+         inkscape:transform-center-x="-14.78205"
+         inkscape:transform-center-y="-0.085282837" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 2243.3996,64.575663 v 9.99999 0"
+       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-6-0" />
    <rect
       style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.751473;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-36"
       width="38.418175"
       height="23.151052"
-       x="1605.6135"
-       y="-41.172161"
+       x="2047.6135"
+       y="-45.172161"
       ry="1.1605872" />
    <rect
       style="opacity:1;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1.98878;stroke-dasharray:none;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-36-7"
       width="186.42949"
       height="110.40546"
-       x="1594.5294"
-       y="-73.753708"
+       x="2036.5294"
+       y="-77.753708"
       ry="5.5347452" />
    <rect
       style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-6"
       width="21.197233"
       height="19.28739"
-       x="1611.8163"
-       y="-41.883858"
+       x="2053.8164"
+       y="-45.883858"
       ry="0.96689767" />
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1690.4917"
-       y="-53.687912"
+       x="2132.4917"
+       y="-57.687912"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5"><tspan
         sodipodi:role="line"
-         x="1690.4917"
-         y="-53.687912"
+         x="2132.4917"
+         y="-57.687912"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6-6-5">Legend</tspan></text>
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1656.0988"
-       y="-27.899874"
+       x="2098.0986"
+       y="-31.899874"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2"><tspan
         sodipodi:role="line"
-         x="1656.0988"
-         y="-27.899874"
+         x="2098.0986"
+         y="-31.899874"
         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6-6-5-9">Future</tspan></text>
    <rect
@@ -1488,38 +1834,38 @@
       id="rect917-0-0-4-4-9-4-5-3-9-2-6-1"
       width="21.197233"
       height="19.28739"
-       x="1611.8671"
-       y="-17.756365"
+       x="2053.8672"
+       y="-21.756365"
       ry="0.96689767" />
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1686.7159"
-       y="-3.6722763"
+       x="2128.7158"
+       y="-7.6722765"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2-2"><tspan
         sodipodi:role="line"
-         x="1686.7159"
-         y="-3.6722763"
+         x="2128.7158"
+         y="-7.6722765"
         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5-6-6-5-9-7">Current (Oct. 24)</tspan></text>
+         id="tspan10317-2-9-1-4-6-5-6-6-5-9-7">Current (Apr. 25)</tspan></text>
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1667.363"
-       y="20.03771"
+       x="2109.363"
+       y="16.03771"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2-2-9"><tspan
         sodipodi:role="line"
-         x="1667.363"
-         y="20.03771"
+         x="2109.363"
+         y="16.03771"
         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6-6-5-9-7-3">End-of-life</tspan></text>
    <rect
-       style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1;opacity:0.5"
+       style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-6-1-0"
       width="21.197233"
       height="19.28739"
-       x="1612.0239"
-       y="5.9667883"
+       x="2054.0239"
+       y="1.9667883"
       ry="0.96689767" />
    <rect
       style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1.85786;stroke-opacity:1"
--- a/documentation/ref-manual/system-requirements.rst
+++ b/documentation/ref-manual/system-requirements.rst
@@ -58,36 +58,35 @@ Supported Linux Distributions
 Currently, the &DISTRO; release ("&DISTRO_NAME;") of the Yocto Project is
 supported on the following distributions:

-  Ubuntu 20.04 (LTS)
-
-  Ubuntu 22.04 (LTS)
-
-  Ubuntu 23.04
-
-  Fedora 38
-
-  Fedora 39
-
-  CentOS Stream 8
-
-  Debian GNU/Linux 11 (Bullseye)
-
-  Debian GNU/Linux 12 (Bookworm)
-
-  OpenSUSE Leap 15.4
+..
+   Can be generated with yocto-autobuilder-helper's scripts/yocto-supported-distros:
+   yocto-supported-distros --release scarthgap --config yocto-autobuilder2/config.py --output-format docs --poky-distros

 -  AlmaLinux 8
-
 -  AlmaLinux 9
-
-  Rocky 9
+-  Debian 11
+-  Debian 12
+-  Fedora 39
+-  Fedora 40
+-  Fedora 41
+-  Rocky Linux 8
+-  Rocky Linux 9
+-  Ubuntu 20.04 (LTS)
+-  Ubuntu 22.04 (LTS)
+-  Ubuntu 24.04 (LTS)
+-  Ubuntu 24.10

 The following distribution versions are still tested, even though the
 organizations publishing them no longer make updates publicly available:

-  Ubuntu 18.04 (LTS)
+..
+   This list contains EOL distros that are still tested on the Autobuilder
+   (meaning there are running workers).
+   See https://endoflife.date for information of EOL releases.

-  Ubuntu 23.04
+-  Fedora 39
+-  Fedora 40
+-  Ubuntu 20.04 (LTS)

 Note that the Yocto Project doesn't have access to private updates
 that some of these versions may have. Therefore, our testing has
@@ -96,7 +95,15 @@ limited value if you have access to such updates.
 Finally, here are the distribution versions which were previously
 tested on former revisions of "&DISTRO_NAME;", but no longer are:

-*This list is currently empty*
+..
+   Can be generated with yocto-autobuilder-helper's scripts/yocto-supported-distros.
+   yocto-supported-distros --release scarthgap --config yocto-autobuilder2/config.py --output-format docs --old-distros
+
+-  CentOS Stream 8
+-  Fedora 38
+-  OpenSUSE Leap 15.4
+-  Ubuntu 18.04
+-  Ubuntu 23.04

 .. note::

@@ -371,7 +378,7 @@ If you would prefer not to use the ``install-buildtools`` script, you can instea
 download and run a pre-built :term:`buildtools` installer yourself with the following
 steps:

-#. Go to :yocto_dl:`/releases/yocto/yocto-&DISTRO;/buildtools/`, locate and
+#. Go to :yocto_dl:`/releases/yocto/&DISTRO_REL_LATEST_TAG;/buildtools/`, locate and
   download the ``.sh`` file corresponding to your host architecture
   and to :term:`buildtools`, :term:`buildtools-extended` or :term:`buildtools-make`.

--- a/documentation/ref-manual/tasks.rst
+++ b/documentation/ref-manual/tasks.rst
@@ -727,7 +727,7 @@ tool, which you then use to modify the kernel configuration.
           $ bitbake linux-yocto -c menuconfig


-See the ":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
+See the ":ref:`kernel-dev/common:using ``menuconfig```"
 section in the Yocto Project Linux Kernel Development Manual for more
 information on this configuration tool.

@@ -751,7 +751,7 @@ which can then be applied by subsequent tasks such as

 Runs ``make menuconfig`` for the kernel. For information on
 ``menuconfig``, see the
-":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
+":ref:`kernel-dev/common:using ``menuconfig```"
 section in the Yocto Project Linux Kernel Development Manual.

 .. _ref-tasks-savedefconfig:
--- a/documentation/ref-manual/terms.rst
+++ b/documentation/ref-manual/terms.rst
@@ -63,7 +63,7 @@ universal, the list includes them just in case:
      This term refers to the area used by the OpenEmbedded build system for
      builds. The area is created when you ``source`` the setup environment
      script that is found in the Source Directory
-      (i.e. :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``). The
+      (i.e. :ref:`ref-manual/structure:``oe-init-build-env```). The
      :term:`TOPDIR` variable points to the :term:`Build Directory`.

      You have a lot of flexibility when creating the :term:`Build Directory`.
@@ -452,7 +452,7 @@ universal, the list includes them just in case:
     the Source Directory, if you do, the top-level directory name of the
     Source Directory is derived from the Yocto Project release tarball.
     For example, downloading and unpacking poky tarballs from
-     :yocto_dl:`/releases/yocto/&DISTRO_REL_TAG;/`
+     :yocto_dl:`/releases/yocto/&DISTRO_REL_LATEST_TAG;/`
     results in a Source Directory whose root folder is named poky.


--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -143,7 +143,7 @@ system and gives an overview of their function and contents.
      information on how this variable is used.

   :term:`AR`
-      The minimal command and arguments used to run ``ar``.
+      The minimal command and arguments used to run :manpage:`ar <ar(1)>`.

   :term:`ARCHIVER_MODE`
      When used with the :ref:`ref-classes-archiver` class,
@@ -165,7 +165,8 @@ system and gives an overview of their function and contents.
      ``meta/classes/archiver.bbclass`` file in the :term:`Source Directory`.

   :term:`AS`
-      Minimal command and arguments needed to run the assembler.
+      Minimal command and arguments needed to run the :manpage:`assembler
+      <as(1)>`.

   :term:`ASSUME_PROVIDED`
      Lists recipe names (:term:`PN` values) BitBake does not
@@ -224,6 +225,12 @@ system and gives an overview of their function and contents.
      must set this variable in your recipe. The
      :ref:`ref-classes-syslinux` class checks this variable.

+   :term:`AUTOTOOLS_SCRIPT_PATH`
+      When using the :ref:`ref-classes-autotools` class, the
+      :term:`AUTOTOOLS_SCRIPT_PATH` variable stores the location of the
+      different scripts used by the Autotools build system. The default
+      value for this variable is :term:`S`.
+
   :term:`AVAILTUNES`
      The list of defined CPU and Application Binary Interface (ABI)
      tunings (i.e. "tunes") available for use by the OpenEmbedded build
@@ -971,55 +978,165 @@ system and gives an overview of their function and contents.
      variable is a useful pointer in case a bug in the software being
      built needs to be manually reported.

+   :term:`BUILD_AR`
+      Specifies the architecture-specific :manpage:`archiver <ar(1)>` for the
+      build host, and its default definition is derived in part from
+      :term:`BUILD_PREFIX`::
+
+         BUILD_AR = "${BUILD_PREFIX}ar"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`AR` is set to the
+      value of this variable by default.
+
+      The :term:`BUILD_AR` variable should not be set manually, and is rarely
+      used in recipes as :term:`AR` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the :manpage:`archiver <ar(1)>` from the build
+      host at some point during the build.
+
   :term:`BUILD_ARCH`
      Specifies the architecture of the build host (e.g. ``i686``). The
      OpenEmbedded build system sets the value of :term:`BUILD_ARCH` from the
      machine name reported by the ``uname`` command.

+   :term:`BUILD_AS`
+      Specifies the architecture-specific :manpage:`assembler <as(1)>` for the
+      build host, and its default definition is derived in part from
+      :term:`BUILD_PREFIX`::
+
+         BUILD_AS = "${BUILD_PREFIX}as ${BUILD_AS_ARCH}"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`AS` is set to the
+      value of this variable by default.
+
+      The :term:`BUILD_AS` variable should not be set manually, and is rarely
+      used in recipes as :term:`AS` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the :manpage:`assembler <as(1)>` from the build
+      host at some point during the build.
+
   :term:`BUILD_AS_ARCH`
      Specifies the architecture-specific assembler flags for the build
      host. By default, the value of :term:`BUILD_AS_ARCH` is empty.

+   :term:`BUILD_CC`
+      Specifies the architecture-specific C compiler for the build host,
+      and its default definition is derived in part from :term:`BUILD_PREFIX`
+      and :term:`BUILD_CC_ARCH`::
+
+         BUILD_CC = "${CCACHE}${BUILD_PREFIX}gcc ${BUILD_CC_ARCH}"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`CC` is set to the
+      value of this variable by default.
+
+      The :term:`BUILD_CC` variable should not be set manually, and is rarely
+      used in recipes as :term:`CC` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the compiler from the build host at some point
+      during the build.
+
   :term:`BUILD_CC_ARCH`
      Specifies the architecture-specific C compiler flags for the build
      host. By default, the value of :term:`BUILD_CC_ARCH` is empty.

   :term:`BUILD_CCLD`
-      Specifies the linker command to be used for the build host when the C
-      compiler is being used as the linker. By default, :term:`BUILD_CCLD`
-      points to GCC and passes as arguments the value of
-      :term:`BUILD_CC_ARCH`, assuming
-      :term:`BUILD_CC_ARCH` is set.
+      Specifies the :manpage:`linker <ld(1)>` command to be used for the build
+      host when the C compiler is being used as the linker, and its default
+      definition is derived in part from :term:`BUILD_PREFIX` and
+      :term:`BUILD_CC_ARCH`::
+
+         BUILD_CCLD = "${BUILD_PREFIX}gcc ${BUILD_CC_ARCH}"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`CCLD` is set to
+      the value of this variable by default.
+
+      The :term:`BUILD_CCLD` variable should not be set manually, and is rarely
+      used in recipes as :term:`CCLD` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the :manpage:`linker <ld(1)>` from the build host
+      at some point during the build.

   :term:`BUILD_CFLAGS`
      Specifies the flags to pass to the C compiler when building for the
-      build host. When building in the ``-native`` context,
+      build host. When building a :ref:`ref-classes-native` recipe,
      :term:`CFLAGS` is set to the value of this variable by
      default.

+   :term:`BUILD_CPP`
+      Specifies the C preprocessor command (to both the C and the C++ compilers)
+      when building for the build host, and its default definition is derived in
+      part from :term:`BUILD_PREFIX` and :term:`BUILD_CC_ARCH`::
+
+         BUILD_CPP = "${BUILD_PREFIX}gcc ${BUILD_CC_ARCH} -E"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`CPP` is set to
+      the value of this variable by default.
+
+      The :term:`BUILD_CPP` variable should not be set manually, and is rarely
+      used in recipes as :term:`CPP` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the preprocessor from the build host at some
+      point during the build.
+
   :term:`BUILD_CPPFLAGS`
      Specifies the flags to pass to the C preprocessor (i.e. to both the C
      and the C++ compilers) when building for the build host. When
      building in the ``-native`` context, :term:`CPPFLAGS`
      is set to the value of this variable by default.

+   :term:`BUILD_CXX`
+      Specifies the architecture-specific C++ compiler for the build host,
+      and its default definition is derived in part from :term:`BUILD_PREFIX`
+      and :term:`BUILD_CC_ARCH`::
+
+         BUILD_CXX = "${CCACHE}${BUILD_PREFIX}g++ ${BUILD_CC_ARCH}"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`CXX` is set to
+      the value of this variable by default.
+
+      The :term:`BUILD_CXX` variable should not be set manually, and is rarely
+      used in recipes as :term:`CXX` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the C++ compiler from the build host at some
+      point during the build.
+
   :term:`BUILD_CXXFLAGS`
      Specifies the flags to pass to the C++ compiler when building for the
-      build host. When building in the ``-native`` context,
+      build host. When building a :ref:`ref-classes-native` recipe,
      :term:`CXXFLAGS` is set to the value of this variable
      by default.

   :term:`BUILD_FC`
-      Specifies the Fortran compiler command for the build host. By
-      default, :term:`BUILD_FC` points to Gfortran and passes as arguments the
-      value of :term:`BUILD_CC_ARCH`, assuming
-      :term:`BUILD_CC_ARCH` is set.
+      Specifies the Fortran compiler command for the build host, and its default
+      definition is derived in part from :term:`BUILD_PREFIX` and
+      :term:`BUILD_CC_ARCH`::
+
+         BUILD_FC = "${BUILD_PREFIX}gfortran ${BUILD_CC_ARCH}"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`FC` is set to the
+      value of this variable by default.
+
+      The :term:`BUILD_FC` variable should not be set manually, and is rarely
+      used in recipes as :term:`FC` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the Fortran compiler from the build host at some
+      point during the build.

   :term:`BUILD_LD`
-      Specifies the linker command for the build host. By default,
-      :term:`BUILD_LD` points to the GNU linker (ld) and passes as arguments
-      the value of :term:`BUILD_LD_ARCH`, assuming
-      :term:`BUILD_LD_ARCH` is set.
+      Specifies the linker command for the build host, and its default
+      definition is derived in part from :term:`BUILD_PREFIX` and
+      :term:`BUILD_LD_ARCH`::
+
+         BUILD_LD = "${BUILD_PREFIX}ld ${BUILD_LD_ARCH}"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`LD` is set to the
+      value of this variable by default.
+
+      The :term:`BUILD_LD` variable should not be set manually, and is rarely
+      used in recipes as :term:`LD` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the linker from the build host at some point
+      during the build.

   :term:`BUILD_LD_ARCH`
      Specifies architecture-specific linker flags for the build host. By
@@ -1027,10 +1144,58 @@ system and gives an overview of their function and contents.

   :term:`BUILD_LDFLAGS`
      Specifies the flags to pass to the linker when building for the build
-      host. When building in the ``-native`` context,
+      host. When building a :ref:`ref-classes-native` recipe,
      :term:`LDFLAGS` is set to the value of this variable
      by default.

+   :term:`BUILD_NM`
+      Specifies the architecture-specific utility to list symbols from object
+      files for the build host, and its default definition is derived in part
+      from :term:`BUILD_PREFIX`::
+
+         BUILD_NM = "${BUILD_PREFIX}nm"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`NM` is set to the
+      value of this variable by default.
+
+      The :term:`BUILD_NM` variable should not be set manually, and is rarely
+      used in recipes as :term:`NM` contains the appropriate value depending on
+      the context (native or target recipes). Exception be made for target
+      recipes that need to use the utility from the build host at some point
+      during the build.
+
+   :term:`BUILD_OBJCOPY`
+      Specifies the architecture-specific utility to copy object files for the
+      build host, and its default definition is derived in part from
+      :term:`BUILD_PREFIX`::
+
+         BUILD_OBJCOPY = "${BUILD_PREFIX}objcopy"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`OBJCOPY` is set
+      to the value of this variable by default.
+
+      The :term:`BUILD_OBJCOPY` variable should not be set manually, and is
+      rarely used in recipes as :term:`OBJCOPY` contains the appropriate value
+      depending on the context (native or target recipes). Exception be made for
+      target recipes that need to use the utility from the build host at some
+      point during the build.
+
+   :term:`BUILD_OBJDUMP`
+      Specifies the architecture-specific utility to display object files
+      information for the build host, and its default definition is derived in
+      part from :term:`BUILD_PREFIX`::
+
+         BUILD_OBJDUMP = "${BUILD_PREFIX}objdump"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`OBJDUMP` is set
+      to the value of this variable by default.
+
+      The :term:`BUILD_OBJDUMP` variable should not be set manually, and is
+      rarely used in recipes as :term:`OBJDUMP` contains the appropriate value
+      depending on the context (native or target recipes). Exception be made for
+      target recipes that need to use the utility from the build host at some
+      point during the build.
+
   :term:`BUILD_OPTIMIZATION`
      Specifies the optimization flags passed to the C compiler when
      building for the build host or the SDK. The flags are passed through
@@ -1051,11 +1216,53 @@ system and gives an overview of their function and contents.
      build system uses the :term:`BUILD_PREFIX` value to set the
      :term:`TARGET_PREFIX` when building for :ref:`ref-classes-native` recipes.

+   :term:`BUILD_RANLIB`
+      Specifies the architecture-specific utility to generate indexes for
+      archives for the build host, and its default definition is derived in part
+      from :term:`BUILD_PREFIX`::
+
+         BUILD_RANLIB = "${BUILD_PREFIX}ranlib -D"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`RANLIB` is set to
+      the value of this variable by default.
+
+      The :term:`BUILD_RANLIB` variable should not be set manually, and is
+      rarely used in recipes as :term:`RANLIB` contains the appropriate value
+      depending on the context (native or target recipes). Exception be made for
+      target recipes that need to use the utility from the build host at some
+      point during the build.
+
+   :term:`BUILD_READELF`
+      Specifies the architecture-specific utility to display information about
+      ELF files for the build host, and its default definition is derived in
+      part from :term:`BUILD_PREFIX`::
+
+         BUILD_READELF = "${BUILD_PREFIX}readelf"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`READELF` is set
+      to the value of this variable by default.
+
+      The :term:`BUILD_READELF` variable should not be set manually, and is
+      rarely used in recipes as :term:`READELF` contains the appropriate value
+      depending on the context (native or target recipes). Exception be made for
+      target recipes that need to use the utility from the build host at some
+      point during the build.
+
   :term:`BUILD_STRIP`
-      Specifies the command to be used to strip debugging symbols from
-      binaries produced for the build host. By default, :term:`BUILD_STRIP`
-      points to
-      ``${``\ :term:`BUILD_PREFIX`\ ``}strip``.
+      Specifies the command to be used to strip debugging symbols from binaries
+      produced for the build host, and its default definition is derived in part
+      from :term:`BUILD_PREFIX`::
+
+         BUILD_STRIP = "${BUILD_PREFIX}strip"
+
+      When building a :ref:`ref-classes-native` recipe, :term:`STRIP` is set to
+      the value of this variable by default.
+
+      The :term:`BUILD_STRIP` variable should not be set manually, and is
+      rarely used in recipes as :term:`STRIP` contains the appropriate value
+      depending on the context (native or target recipes). Exception be made for
+      target recipes that need to use the utility from the build host at some
+      point during the build.

   :term:`BUILD_SYS`
      Specifies the system, including the architecture and the operating
@@ -1251,6 +1458,10 @@ system and gives an overview of their function and contents.
   :term:`CC`
      The minimal command and arguments used to run the C compiler.

+   :term:`CCLD`
+      The minimal command and arguments used to run the linker when the C
+      compiler is being used as the linker.
+
   :term:`CFLAGS`
      Specifies the flags to pass to the C compiler. This variable is
      exported to an environment variable and thus made visible to the
@@ -1494,6 +1705,17 @@ system and gives an overview of their function and contents.
   :term:`CONFIGURE_FLAGS`
      The minimal arguments for GNU configure.

+   :term:`CONFIGURE_SCRIPT`
+      When using the :ref:`ref-classes-autotools` class, the
+      :term:`CONFIGURE_SCRIPT` variable stores the location of the ``configure``
+      script for the Autotools build system. The default definition for this
+      variable is::
+
+         CONFIGURE_SCRIPT ?= "${AUTOTOOLS_SCRIPT_PATH}/configure"
+
+      Where :term:`AUTOTOOLS_SCRIPT_PATH` is the location of the of the
+      Autotools build system scripts, which defaults to :term:`S`.
+
   :term:`CONFLICT_DISTRO_FEATURES`
      When inheriting the :ref:`ref-classes-features_check`
      class, this variable identifies distribution features that would be
@@ -1977,7 +2199,7 @@ system and gives an overview of their function and contents.
      resides within the :term:`Build Directory` as ``${TMPDIR}/deploy``.

      For more information on the structure of the Build Directory, see
-      ":ref:`ref-manual/structure:the build directory --- \`\`build/\`\``" section.
+      ":ref:`ref-manual/structure:the build directory --- ``build/```" section.
      For more detail on the contents of the ``deploy`` directory, see the
      ":ref:`overview-manual/concepts:images`",
      ":ref:`overview-manual/concepts:package feeds`", and
@@ -2019,7 +2241,7 @@ system and gives an overview of their function and contents.
      contents of :term:`IMGDEPLOYDIR` by the :ref:`ref-classes-image` class.

      For more information on the structure of the :term:`Build Directory`, see
-      ":ref:`ref-manual/structure:the build directory --- \`\`build/\`\``" section.
+      ":ref:`ref-manual/structure:the build directory --- ``build/```" section.
      For more detail on the contents of the ``deploy`` directory, see the
      ":ref:`overview-manual/concepts:images`" and
      ":ref:`overview-manual/concepts:application development sdk`" sections both in
@@ -2768,6 +2990,9 @@ system and gives an overview of their function and contents.
   :term:`FAKEROOTNOENV`
      See :term:`bitbake:FAKEROOTNOENV` in the BitBake manual.

+   :term:`FC`
+      The minimal command and arguments used to run the Fortran compiler.
+
   :term:`FEATURE_PACKAGES`
      Defines one or more packages to include in an image when a specific
      item is included in :term:`IMAGE_FEATURES`.
@@ -3045,6 +3270,10 @@ system and gives an overview of their function and contents.

      This variable is used in the :ref:`ref-classes-kernel-fitimage` class.

+   :term:`FIT_CONF_PREFIX`
+      When using the :ref:`ref-classes-kernel-fitimage`, this is the prefix
+      used for creating FIT configuration nodes. Its default value is "conf-".
+
   :term:`FIT_DESC`
      Specifies the description string encoded into a FIT image. The
      default value is set by the :ref:`ref-classes-kernel-fitimage` class as
@@ -3347,6 +3576,20 @@ system and gives an overview of their function and contents.
      - mips
      - mipsel

+   :term:`HOST_AS_ARCH`
+      Specifies architecture-specific assembler flags.
+
+      Default initialization for :term:`HOST_AS_ARCH` varies depending on what
+      is being built:
+
+      -  :term:`TARGET_AS_ARCH` when building for the
+         target
+
+      -  :term:`BUILD_AS_ARCH` when building for the build host (i.e.
+         ``-native``)
+
+      -  :term:`SDK_AS_ARCH` when building for an SDK (i.e. ``nativesdk-``)
+
   :term:`HOST_CC_ARCH`
      Specifies architecture-specific compiler flags that are passed to the
      C compiler.
@@ -3360,8 +3603,20 @@ system and gives an overview of their function and contents.
      -  :term:`BUILD_CC_ARCH` when building for the build host (i.e.
         ``-native``)

-      -  ``BUILDSDK_CC_ARCH`` when building for an SDK (i.e.
-         ``nativesdk-``)
+      -  :term:`SDK_CC_ARCH` when building for an SDK (i.e. ``nativesdk-``)
+
+   :term:`HOST_LD_ARCH`
+      Specifies architecture-specific linker flags.
+
+      Default initialization for :term:`HOST_LD_ARCH` varies depending on what
+      is being built:
+
+      -  :term:`TARGET_LD_ARCH` when building for the target
+
+      -  :term:`BUILD_LD_ARCH` when building for the build host (i.e.
+         ``-native``)
+
+      -  :term:`SDK_LD_ARCH` when building for an SDK (i.e. ``nativesdk-``)

   :term:`HOST_OS`
      Specifies the name of the target operating system, which is normally
@@ -3824,14 +4079,20 @@ system and gives an overview of their function and contents.
      added to the image by using the :term:`IMAGE_ROOTFS_EXTRA_SPACE`
      variable.

+      When using Wic tool, beware that a second overhead factor is also applied.
+      This overhead value is defined by the ``--overhead-factor`` option, which
+      defaults to "1.3" when omitted. See the
+      :ref:`ref-manual/kickstart:command: part or partition` chapter in
+      :doc:`/ref-manual/kickstart` for details.
+
   :term:`IMAGE_PKGTYPE`
-      Defines the package type (i.e. DEB, RPM, IPK, or TAR) used by the
+      Defines the package type (i.e. DEB, RPM or IPK) used by the
      OpenEmbedded build system. The variable is defined appropriately by
-      the :ref:`ref-classes-package_deb`, :ref:`ref-classes-package_rpm`,
-      or :ref:`ref-classes-package_ipk` class.
+      one of the :ref:`ref-classes-package_deb`, :ref:`ref-classes-package_rpm`,
+      or :ref:`ref-classes-package_ipk` classes.

      The :ref:`ref-classes-populate-sdk-*` and :ref:`ref-classes-image`
-      classes use the :term:`IMAGE_PKGTYPE` for packaging up images and SDKs.
+      classes use the :term:`IMAGE_PKGTYPE` for packaging images and SDKs.

      You should not set the :term:`IMAGE_PKGTYPE` manually. Rather, the
      variable is set indirectly through the appropriate
@@ -3840,12 +4101,6 @@ system and gives an overview of their function and contents.
      OpenEmbedded build system uses the first package type (e.g. DEB, RPM,
      or IPK) that appears with the variable

-      .. note::
-
-         Files using the ``.tar`` format are never used as a substitute
-         packaging format for DEB, RPM, and IPK formatted files for your image
-         or SDK.
-
   :term:`IMAGE_POSTPROCESS_COMMAND`
      Specifies a list of functions to call once the OpenEmbedded build
      system creates the final image output files. You can specify
@@ -3903,9 +4158,33 @@ system and gives an overview of their function and contents.
         IMAGE_ROOTFS_EXTRA_SPACE = "41943040"

   :term:`IMAGE_ROOTFS_MAXSIZE`
-      Defines the maximum size in Kbytes for the generated image. If the
-      generated image size is above that, the build will fail. It's a good
-      idea to set this variable for images that need to fit on a limited
+      Defines the maximum allowed size of the generated image in kilobytes.
+      The build will fail if the generated image size exceeds this value.
+
+      The generated image size undergoes several calculation steps before being
+      compared to :term:`IMAGE_ROOTFS_MAXSIZE`.
+      In the first step, the size of the directory pointed to by :term:`IMAGE_ROOTFS`
+      is calculated.
+      In the second step, the result from the first step is multiplied
+      by :term:`IMAGE_OVERHEAD_FACTOR`.
+      In the third step, the result from the second step is compared with
+      :term:`IMAGE_ROOTFS_SIZE`. The larger value of these is added to
+      :term:`IMAGE_ROOTFS_EXTRA_SPACE`.
+      In the fourth step, the result from the third step is checked for
+      a decimal part. If it has one, it is rounded up to the next integer.
+      If it does not, it is simply converted into an integer.
+      In the fifth step, the :term:`IMAGE_ROOTFS_ALIGNMENT` is added to the result
+      from the fourth step and "1" is subtracted.
+      In the sixth step, the remainder of the division between the result
+      from the fifth step and :term:`IMAGE_ROOTFS_ALIGNMENT` is subtracted from the
+      result of the fifth step. In this way, the result from the fourth step is
+      rounded up to the nearest multiple of :term:`IMAGE_ROOTFS_ALIGNMENT`.
+
+      Thus, if the :term:`IMAGE_ROOTFS_MAXSIZE` is set, is compared with the result
+      of the above calculations and is independent of the final image type.
+      No default value is set for :term:`IMAGE_ROOTFS_MAXSIZE`.
+
+      It's a good idea to set this variable for images that need to fit on a limited
      space (e.g. SD card, a fixed-size partition, ...).

   :term:`IMAGE_ROOTFS_SIZE`
@@ -4089,6 +4368,23 @@ system and gives an overview of their function and contents.
      Set the variable to "1" to prevent the default dependencies from
      being added.

+   :term:`INHIBIT_DEFAULT_RUST_DEPS`
+      Prevents the :ref:`ref-classes-rust` class from automatically adding
+      its default build-time dependencies.
+
+      When a recipe inherits the :ref:`ref-classes-rust` class, several
+      tools such as ``rust-native`` and ``${RUSTLIB_DEP}`` (only added when cross-compiling) are added
+      to :term:`DEPENDS` to support the ``rust`` build process.
+
+      To prevent the build system from adding these dependencies automatically,
+      set the :term:`INHIBIT_DEFAULT_RUST_DEPS` variable as follows::
+
+         INHIBIT_DEFAULT_RUST_DEPS = "1"
+
+      By default, the value of :term:`INHIBIT_DEFAULT_RUST_DEPS` is empty. Setting
+      it to "0" does not disable inhibition. Only the empty string will disable
+      inhibition.
+
   :term:`INHIBIT_PACKAGE_DEBUG_SPLIT`
      Prevents the OpenEmbedded build system from splitting out debug
      information during packaging. By default, the build system splits out
@@ -4135,6 +4431,25 @@ system and gives an overview of their function and contents.
         even if the toolchain's binaries are strippable, there are other files
         needed for the build that are not strippable.

+   :term:`INHIBIT_UPDATERCD_BBCLASS`
+      Prevents the :ref:`ref-classes-update-rc.d` class from automatically
+      installing and registering SysV init scripts for packages.
+
+      When a recipe inherits the :ref:`ref-classes-update-rc.d` class, init
+      scripts are typically installed and registered for the packages listed in
+      :term:`INITSCRIPT_PACKAGES`. This ensures that the relevant
+      services are started and stopped at the appropriate runlevels using the
+      traditional SysV init system.
+
+      To prevent the build system from adding these scripts and configurations
+      automatically, set the :term:`INHIBIT_UPDATERCD_BBCLASS` variable as follows::
+
+         INHIBIT_UPDATERCD_BBCLASS = "1"
+
+      By default, the value of :term:`INHIBIT_UPDATERCD_BBCLASS` is empty. Setting
+      it to "0" does not disable inhibition. Only the empty string will disable
+      inhibition.
+
   :term:`INIT_MANAGER`
      Specifies the system init manager to use. Available options are:

@@ -4301,6 +4616,20 @@ system and gives an overview of their function and contents.
      See the :term:`MACHINE` variable for additional
      information.

+   :term:`INITRAMFS_MAXSIZE`
+      Defines the maximum allowed size of the :term:`Initramfs` image in Kbytes.
+      The build will fail if the :term:`Initramfs` image size exceeds this value.
+
+      The :term:`Initramfs` image size undergoes several calculation steps before
+      being compared to :term:`INITRAMFS_MAXSIZE`.
+      These steps are the same as those used for :term:`IMAGE_ROOTFS_MAXSIZE`
+      and are described in detail in that entry.
+
+      Thus, :term:`INITRAMFS_MAXSIZE` is compared with the result of the calculations
+      and is independent of the final image type (e.g. compressed).
+      A default value for :term:`INITRAMFS_MAXSIZE` is set in
+      :oe_git:`meta/conf/bitbake.conf </openembedded-core/tree/meta/conf/bitbake.conf>`.
+
   :term:`INITRAMFS_MULTICONFIG`
      Defines the multiconfig to create a multiconfig dependency to be used by
      the :ref:`ref-classes-kernel` class.
@@ -4366,8 +4695,7 @@ system and gives an overview of their function and contents.

      The value in :term:`INITSCRIPT_PARAMS` is passed through to the
      ``update-rc.d`` command. For more information on valid parameters,
-      please see the ``update-rc.d`` manual page at
-      https://manpages.debian.org/buster/init-system-helpers/update-rc.d.8.en.html
+      please see the manual page: :manpage:`update-rc.d <update-rc.d(8)>`.

   :term:`INSANE_SKIP`
      Specifies the QA checks to skip for a specific package within a
@@ -4448,8 +4776,7 @@ system and gives an overview of their function and contents.
      would place patch files and configuration fragment files (i.e.
      "out-of-tree"). However, if you want to use a ``defconfig`` file that
      is part of the kernel tree (i.e. "in-tree"), you can use the
-      :term:`KBUILD_DEFCONFIG` variable and append the
-      :term:`KMACHINE` variable to point to the
+      :term:`KBUILD_DEFCONFIG` variable to point to the
      ``defconfig`` file.

      To use the variable, set it in the append file for your kernel recipe
@@ -4484,15 +4811,8 @@ system and gives an overview of their function and contents.
      options not explicitly specified will be disabled in the kernel
      config.

-      In case :term:`KCONFIG_MODE` is not set the behaviour will depend on where
-      the ``defconfig`` file is coming from. An "in-tree" ``defconfig`` file
-      will be handled in ``alldefconfig`` mode, a ``defconfig`` file placed
-      in ``${WORKDIR}`` through a meta-layer will be handled in
-      ``allnoconfig`` mode.
-
-      An "in-tree" ``defconfig`` file can be selected via the
-      :term:`KBUILD_DEFCONFIG` variable. :term:`KCONFIG_MODE` does not need to
-      be explicitly set.
+      In case :term:`KCONFIG_MODE` is not set the ``defconfig`` file
+      will be handled in ``allnoconfig`` mode.

      A ``defconfig`` file compatible with ``allnoconfig`` mode can be
      generated by copying the ``.config`` file from a working Linux kernel
@@ -4794,6 +5114,27 @@ system and gives an overview of their function and contents.
      the :term:`KERNEL_PATH` variable. Both variables are common variables
      used by external Makefiles to point to the kernel source directory.

+   :term:`KERNEL_SPLIT_MODULES`
+      When inheriting the :ref:`ref-classes-kernel-module-split` class, this
+      variable controls whether kernel modules are split into separate packages
+      or bundled into a single package.
+
+      For some use cases, a monolithic kernel module package
+      :term:`KERNEL_PACKAGE_NAME` that contains all modules built from the
+      kernel sources may be preferred to speed up the installation.
+
+      By default, this variable is set to ``1``, resulting in one package per
+      module. Setting it to any other value will generate a single monolithic
+      package containing all kernel modules.
+
+      .. note::
+
+         If :term:`KERNEL_SPLIT_MODULES` is set to 0, it is still possible to
+         install all kernel modules at once by adding ``kernel-modules`` (assuming
+         :term:`KERNEL_PACKAGE_NAME` is ``kernel-modules``) to :term:`IMAGE_INSTALL`.
+         The way it works is that a placeholder "kernel-modules" package will be
+         created and will depend on every other individual kernel module packages.
+
   :term:`KERNEL_SRC`
      The location of the kernel sources. This variable is set to the value
      of the :term:`STAGING_KERNEL_DIR` within the :ref:`ref-classes-module`
@@ -4936,7 +5277,8 @@ system and gives an overview of their function and contents.
      ``LAYERVERSION_mylayer``).

   :term:`LD`
-      The minimal command and arguments used to run the linker.
+      The minimal command and arguments used to run the :manpage:`linker
+      <ld(1)>`.

   :term:`LDFLAGS`
      Specifies the flags to pass to the linker. This variable is exported
@@ -5542,7 +5884,7 @@ system and gives an overview of their function and contents.
      variable is set.

   :term:`NM`
-      The minimal command and arguments to run ``nm``.
+      The minimal command and arguments to run :manpage:`nm <nm(1)>`.

   :term:`NO_GENERIC_LICENSE`
      Avoids QA errors when you use a non-common, non-CLOSED license in a
@@ -5616,10 +5958,10 @@ system and gives an overview of their function and contents.
         NON_MULTILIB_RECIPES = "grub grub-efi make-mod-scripts ovmf u-boot"

   :term:`OBJCOPY`
-      The minimal command and arguments to run ``objcopy``.
+      The minimal command and arguments to run :manpage:`objcopy <objcopy(1)>`.

   :term:`OBJDUMP`
-      The minimal command and arguments to run ``objdump``.
+      The minimal command and arguments to run :manpage:`objdump <objdump(1)>`.

   :term:`OE_BINCONFIG_EXTRA_MANGLE`
      When inheriting the :ref:`ref-classes-binconfig` class,
@@ -6479,7 +6821,7 @@ system and gives an overview of their function and contents.
      For examples of how this data is used, see the
      ":ref:`overview-manual/concepts:automatically added runtime dependencies`"
      section in the Yocto Project Overview and Concepts Manual and the
-      ":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
+      ":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
      section in the Yocto Project Development Tasks Manual. For more
      information on the shared, global-state directory, see
      :term:`STAGING_DIR_HOST`.
@@ -6520,6 +6862,23 @@ system and gives an overview of their function and contents.
      The version of the package(s) built by the recipe. By default,
      :term:`PKGV` is set to :term:`PV`.

+      If :term:`PV` contains the ``+`` sign, source control information will be
+      included in :term:`PKGV` later in the packaging phase. For more
+      information, see the :doc:`/dev-manual/external-scm` section of the Yocto
+      Project Development Tasks Manual.
+
+      .. warning::
+
+         Since source control information is included in a late stage by the
+         :ref:`ref-classes-package` class, it cannot be seen from the BitBake
+         environment with ``bitbake -e`` or ``bitbake-getvar``. Instead, after
+         the package is built, the version information can be retrieved with
+         ``oe-pkgdata-util package-info <package name>``. See the
+         :ref:`dev-manual/debugging:Viewing Package Information with
+         ``oe-pkgdata-util``` section of the Yocto Project Development Tasks
+         Manual for more information on ``oe-pkgdata-util``.
+
+
   :term:`PN`
      This variable can have two separate functions depending on the
      context: a recipe name or a resulting package name.
@@ -6883,7 +7242,7 @@ system and gives an overview of their function and contents.
         QA_EMPTY_DIRS_RECOMMENDATION:/dev = "but all devices must be created at runtime"

   :term:`RANLIB`
-      The minimal command and arguments to run ``ranlib``.
+      The minimal command and arguments to run :manpage:`ranlib <ranlib(1)>`.

   :term:`RCONFLICTS`
      The list of packages that conflict with packages. Note that packages
@@ -7020,6 +7379,9 @@ system and gives an overview of their function and contents.
      ":ref:`bitbake-user-manual/bitbake-user-manual-execution:dependencies`" sections in the
      BitBake User Manual for additional information on tasks and dependencies.

+   :term:`READELF`
+      The minimal command and arguments to run :manpage:`readelf <readelf(1)>`.
+
   :term:`RECIPE_MAINTAINER`
      This variable defines the name and e-mail address of the maintainer of a
      recipe. Such information can be used by human users submitted changes,
@@ -7114,17 +7476,12 @@ system and gives an overview of their function and contents.
         prefer to have a read-only root filesystem and prefer to keep
         writeable data in one place.

-      You can override the default by setting the variable in any layer or
-      in the ``local.conf`` file. Because the default is set using a "weak"
-      assignment (i.e. "??="), you can use either of the following forms to
-      define your override::
+      When setting ``INIT_MANAGER = systemd``, the default will be set to::

-         ROOT_HOME = "/root"
         ROOT_HOME ?= "/root"

-      These
-      override examples use ``/root``, which is probably the most commonly
-      used override.
+      You can also override the default by setting the variable in your distro
+      configuration or in the ``local.conf`` file.

   :term:`ROOTFS`
      Indicates a filesystem image to include as the root filesystem.
@@ -7369,11 +7726,21 @@ system and gives an overview of their function and contents.

      Only one archive type can be specified.

+   :term:`SDK_AS_ARCH`
+      Specifies architecture-specific assembler flags when building
+      :ref:`ref-classes-nativesdk` recipes. By default, the value of
+      :term:`SDK_AS_ARCH` equals the one of :term:`BUILD_AS_ARCH`.
+
   :term:`SDK_BUILDINFO_FILE`
      When using the :ref:`ref-classes-image-buildinfo` class,
      specifies the file in the SDK to write the build information into. The
      default value is "``/buildinfo``".

+   :term:`SDK_CC_ARCH`
+      Specifies the architecture-specific C compiler flags when building
+      :ref:`ref-classes-nativesdk` recipes. By default, the value of
+      :term:`SDK_CC_ARCH` equals the one of :term:`BUILD_CC_ARCH`.
+
   :term:`SDK_CUSTOM_TEMPLATECONF`
      When building the extensible SDK, if :term:`SDK_CUSTOM_TEMPLATECONF` is set to
      "1" and a ``conf/templateconf.cfg`` file exists in the :term:`Build Directory`
@@ -7455,6 +7822,11 @@ system and gives an overview of their function and contents.
      :term:`SDK_EXT_TYPE` is set to "minimal", and defaults to "1" if
      :term:`SDK_EXT_TYPE` is set to "full".

+   :term:`SDK_LD_ARCH`
+      Specifies architecture-specific linker flags when building
+      :ref:`ref-classes-nativesdk` recipes. By default, the value of
+      :term:`SDK_LD_ARCH` equals the one of :term:`BUILD_LD_ARCH`.
+
   :term:`SDK_NAME`
      The base name for SDK output files. The default value (as set in
      ``meta-poky/conf/distro/poky.conf``) is derived from the
@@ -8082,6 +8454,11 @@ system and gives an overview of their function and contents.
      section in the Yocto Project Board Support Package Developer's Guide
      for additional information.

+   :term:`SPL_DTB_BINARY`
+      When inheriting the :ref:`ref-classes-uboot-sign` class, the
+      :term:`SPL_DTB_BINARY` variable contains the name of the SPL binary to be
+      compiled.
+
   :term:`SPL_MKIMAGE_DTCOPTS`
      Options for the device tree compiler passed to ``mkimage -D`` feature
      while creating a FIT image with the :ref:`ref-classes-uboot-sign`
@@ -8102,7 +8479,7 @@ system and gives an overview of their function and contents.
      class.

   :term:`SPL_SIGN_KEYNAME`
-      The name of keys used by the :ref:`ref-classes-kernel-fitimage` class
+      The name of keys used by the :ref:`ref-classes-uboot-sign` class
      for signing U-Boot FIT image stored in the :term:`SPL_SIGN_KEYDIR`
      directory. If we have for example a ``dev.key`` key and a ``dev.crt``
      certificate stored in the :term:`SPL_SIGN_KEYDIR` directory, you will
@@ -8366,7 +8743,7 @@ system and gives an overview of their function and contents.
      The Yocto Project actually shares the cache data objects built by its
      autobuilder::

-         SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
+         SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"

      As such binary artifacts are built for the generic QEMU machines
      supported by the various Poky releases, they are less likely to be
@@ -8390,6 +8767,26 @@ system and gives an overview of their function and contents.

      For details on the process, see the :ref:`ref-classes-staging` class.

+   :term:`SSTATE_SKIP_CREATION`
+      The :term:`SSTATE_SKIP_CREATION` variable can be used to skip the
+      creation of :ref:`shared state <overview-manual/concepts:shared state cache>`
+      tarball files. It makes sense e.g. for image creation tasks as tarring images
+      and keeping them in sstate would consume a lot of disk space.
+
+      In general it is not recommended to use this variable as missing sstate
+      artefacts adversely impact the build, particularly for entries in the
+      middle of dependency chains. The case it can make sense is where the
+      size and time costs of the artefact are similar to just running the
+      tasks. This generally only applies to end artefact output like images.
+
+      The syntax to disable it for one task is::
+
+         SSTATE_SKIP_CREATION:task-image-complete = "1"
+
+      The syntax to disable it for the whole recipe is::
+
+         SSTATE_SKIP_CREATION = "1"
+
   :term:`STAGING_BASE_LIBDIR_NATIVE`
      Specifies the path to the ``/lib`` subdirectory of the sysroot
      directory for the build host.
@@ -8431,7 +8828,7 @@ system and gives an overview of their function and contents.
      directory for the build host.

   :term:`STAGING_DIR`
-      Helps construct the ``recipe-sysroots`` directory, which is used
+      Helps construct the ``recipe-sysroot*`` directories, which are used
      during packaging.

      For information on how staging for recipe-specific sysroots occurs,
@@ -8580,8 +8977,8 @@ system and gives an overview of their function and contents.
      places stamps. The default directory is ``${TMPDIR}/stamps``.

   :term:`STRIP`
-      The minimal command and arguments to run ``strip``, which is used to
-      strip symbols.
+      The minimal command and arguments to run :manpage:`strip <strip(1)>`,
+      which is used to strip symbols.

   :term:`SUMMARY`
      The short (72 characters or less) summary of the binary package for
@@ -10085,8 +10482,22 @@ system and gives an overview of their function and contents.
      ":ref:`ref-classes-insane`" section.

   :term:`WATCHDOG_TIMEOUT`
-      Specifies the timeout in seconds used by the ``watchdog`` recipe and
-      also by ``systemd`` during reboot. The default is 60 seconds.
+      Specifies the timeout in seconds used by the ``watchdog-config`` recipe
+      and also by ``systemd`` during reboot. The default is 60 seconds.
+
+   :term:`WIC_CREATE_EXTRA_ARGS`
+      If the :term:`IMAGE_FSTYPES` variable contains "wic", the build
+      will generate a
+      :ref:`Wic image <dev-manual/wic:creating partitioned images using wic>`
+      automatically when BitBake builds an image recipe. As part of
+      this process BitBake will invoke the "`wic create`" command. The
+      :term:`WIC_CREATE_EXTRA_ARGS` variable is placed at the end of this
+      command which allows the user to supply additional arguments.
+
+      One such useful purpose for this mechanism is to add the ``-D`` (or
+      ``--debug``) argument to the "`wic create`" command. This increases the
+      amount of debugging information written out to the Wic log during the
+      Wic creation process.

   :term:`WIRELESS_DAEMON`
      For ``connman`` and ``packagegroup-base``, specifies the wireless
--- a/documentation/sdk-manual/appendix-obtain.rst
+++ b/documentation/sdk-manual/appendix-obtain.rst
@@ -29,7 +29,7 @@ and then run the script to hand-install the toolchain.
 Follow these steps to locate and hand-install the toolchain:

 #. *Go to the Installers Directory:* Go to
-   :yocto_dl:`/releases/yocto/yocto-&DISTRO;/toolchain/`
+   :yocto_dl:`/releases/yocto/&DISTRO_REL_LATEST_TAG;/toolchain/`

 #. *Open the Folder for Your Build Host:* Open the folder that matches
   your :term:`Build Host` (i.e.
@@ -201,7 +201,7 @@ Follow these steps to extract the root filesystem:
   Image File:* You need to find and download the root filesystem image
   file that is appropriate for your target system. These files are kept
   in machine-specific folders in the
-   :yocto_dl:`Index of Releases </releases/yocto/yocto-&DISTRO;/machines/>`
+   :yocto_dl:`Index of Releases </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines/>`
   in the "machines" directory.

   The machine-specific folders of the "machines" directory contain
@@ -245,7 +245,7 @@ Follow these steps to extract the root filesystem:

   Here is an example command that extracts the root filesystem
   from a previously built root filesystem image that was downloaded
-   from the :yocto_dl:`Index of Releases </releases/yocto/yocto-&DISTRO;/machines/>`.
+   from the :yocto_dl:`Index of Releases </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines/>`.
   This command extracts the root filesystem into the ``core2-64-sato``
   directory::

--- a/documentation/sdk-manual/extensible.rst
+++ b/documentation/sdk-manual/extensible.rst
@@ -87,7 +87,7 @@ Host` by running the ``*.sh`` installation script.
 You can download a tarball installer, which includes the pre-built
 toolchain, the ``runqemu`` script, the internal build system,
 ``devtool``, and support files from the appropriate
-:yocto_dl:`toolchain </releases/yocto/yocto-&DISTRO;/toolchain/>` directory within the Index of
+:yocto_dl:`toolchain </releases/yocto/&DISTRO_REL_LATEST_TAG;/toolchain/>` directory within the Index of
 Releases. Toolchains are available for several 32-bit and 64-bit
 architectures with the ``x86_64`` directories, respectively. The
 toolchains the Yocto Project provides are based off the
@@ -669,7 +669,7 @@ SDK or eSDK:
   ``devtool build``.
   It also allows to benefit from the very good integration that IDEs like
   VSCode offer for tools like CMake or GDB.
-   
+
   However, supporting many programming languages and multiple
   IDEs is quite an elaborate and constantly evolving thing. Support for IDEs
   is therefore implemented as plugins. Plugins can also be provided by
@@ -802,7 +802,7 @@ the two modes:

      This instance of VSCode uses plugins that are useful for the development
      of the application. ``devtool ide-sdk`` generates the necessary
-      ``extensions.json``, ``settings.json``, ``tasks.json``and ``launch.json``
+      ``extensions.json``, ``settings.json``, ``tasks.json`` and ``launch.json``
      configuration files for all the involved plugins.

      When the source code folder present in the workspace folder is opened in
--- a/documentation/sdk-manual/intro.rst
+++ b/documentation/sdk-manual/intro.rst
@@ -173,7 +173,7 @@ You just need to follow these general steps:
   root filesystem images.

   If you are going to develop your application on hardware, go to the
-   :yocto_dl:`machines </releases/yocto/yocto-&DISTRO;/machines/>` download area and choose a
+   :yocto_dl:`machines </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines/>` download area and choose a
   target machine area from which to download the kernel image and root
   filesystem. This download area could have several files in it that
   support development using actual hardware. For example, the area
@@ -183,7 +183,7 @@ You just need to follow these general steps:

   If you are going to develop your application and then run and test it
   using the QEMU emulator, go to the
-   :yocto_dl:`machines/qemu </releases/yocto/yocto-&DISTRO;/machines/qemu>` download area. From this
+   :yocto_dl:`machines/qemu </releases/yocto/&DISTRO_REL_LATEST_TAG;/machines/qemu>` download area. From this
   area, go down into the directory for your target architecture (e.g.
   ``qemux86_64`` for an Intel-based 64-bit architecture). Download the
   kernel, root filesystem, and any other files you need for your
--- a/documentation/sdk-manual/using.rst
+++ b/documentation/sdk-manual/using.rst
@@ -43,7 +43,7 @@ Host` by running the ``*.sh`` installation script.

 You can download a tarball installer, which includes the pre-built
 toolchain, the ``runqemu`` script, and support files from the
-appropriate :yocto_dl:`toolchain </releases/yocto/yocto-&DISTRO;/toolchain/>` directory within
+appropriate :yocto_dl:`toolchain </releases/yocto/&DISTRO_REL_LATEST_TAG;/toolchain/>` directory within
 the Index of Releases. Toolchains are available for several 32-bit and
 64-bit architectures with the ``x86_64`` directories, respectively. The
 toolchains the Yocto Project provides are based off the
--- a/documentation/sdk-manual/working-projects.rst
+++ b/documentation/sdk-manual/working-projects.rst
@@ -56,9 +56,10 @@ project:

         #include <stdio.h>

-         main()
+         int main()
             {
                 printf("Hello World!\n");
+                 return 0;
             }

   -  ``configure.ac``::
--- a/documentation/set_versions.py
+++ b/documentation/set_versions.py
@@ -168,17 +168,29 @@ series = [k for k in release_series]
 previousseries = series[series.index(ourseries)+1:] or [""]
 lastlts = [k for k in previousseries if k in ltsseries] or "dunfell"

+latestreltag = subprocess.run(["git", "describe", "--abbrev=0", "--tags", "--match", "yocto-*"], capture_output=True, text=True).stdout
+latestreltag = latestreltag.strip()
+if latestreltag:
+    if latestreltag.startswith("yocto-"):
+        latesttag = latestreltag[6:]
+else:
+    # fallback on the calculated version
+    print("Did not find a tag with 'git describe', falling back to %s" % ourversion)
+    latestreltag = "yocto-" + ourversion
+    latesttag = ourversion
+
 print("Version calculated to be %s" % ourversion)
+print("Latest release tag found is %s" % latestreltag)
 print("Release series calculated to be %s" % ourseries)

 replacements = {
    "DISTRO" : ourversion,
+    "DISTRO_LATEST_TAG": latesttag,
    "DISTRO_NAME_NO_CAP" : ourseries,
    "DISTRO_NAME" : ourseries.capitalize(),
    "DISTRO_NAME_NO_CAP_MINUS_ONE" : previousseries[0],
    "DISTRO_NAME_NO_CAP_LTS" : lastlts[0],
    "YOCTO_DOC_VERSION" : ourversion,
-    "DISTRO_REL_TAG" : "yocto-" + ourversion,
    "DOCCONF_VERSION" : docconfver,
    "BITBAKE_SERIES" : bitbakeversion,
 }
@@ -316,3 +328,5 @@ with open('releases.rst', 'w') as f:
            if tag == release_series[series] or tag.startswith('%s.' % release_series[series]):
                f.write('- :yocto_docs:`%s Documentation </%s>`\n' % (tag, tag))
        f.write('\n')
+
+
--- a/documentation/test-manual/intro.rst
+++ b/documentation/test-manual/intro.rst
@@ -51,13 +51,11 @@ fashion. Basically, during the development of a Yocto Project release,
 the Autobuilder tests if things work. The Autobuilder builds all test
 targets and runs all the tests.

-The Yocto Project uses now uses standard upstream
-Buildbot (`version 3.8 <https://docs.buildbot.net/3.8.0/>`__) to
-drive its integration and testing. Buildbot has a plug-in interface
-that the Yocto Project customizes using code from the
-``yocto-autobuilder2`` repository, adding its own console UI plugin. The
-resulting UI plug-in allows you to visualize builds in a way suited to
-the project's needs.
+The Yocto Project uses standard upstream Buildbot to drive its integration and
+testing. Buildbot has a plug-in interface that the Yocto Project customizes
+using code from the :yocto_git:`yocto-autobuilder2 </yocto-autobuilder2>`
+repository, adding its own console UI plugin. The resulting UI plug-in allows
+you to visualize builds in a way suited to the project's needs.

 A ``helper`` layer provides configuration and job management through
 scripts found in the ``yocto-autobuilder-helper`` repository. The
--- a/documentation/test-manual/runtime-testing.rst
+++ b/documentation/test-manual/runtime-testing.rst
@@ -403,7 +403,7 @@ defined in :term:`TEST_SUITES`.
 If your image is already built, make sure the following are set in your
 ``local.conf`` file::

-   INHERIT += "testexport"
+   IMAGE_CLASSES += "testexport"
   TEST_TARGET_IP = "IP-address-for-the-test-target"
   TEST_SERVER_IP = "IP-address-for-the-test-server"

@@ -413,18 +413,23 @@ following BitBake command form::
   $ bitbake image -c testexport

 Exporting the tests places them in the :term:`Build Directory` in
-``tmp/testexport/``\ image, which is controlled by the :term:`TEST_EXPORT_DIR`
+``tmp/testimage/``\ image, which is controlled by the :term:`TEST_EXPORT_DIR`
 variable.

 You can now run the tests outside of the build environment::

-   $ cd tmp/testexport/image
-   $ ./runexported.py testdata.json
+   $ cd tmp/testimage/image
+   $ ./oe-test runtime
+
+.. note::
+
+   You might need to run the image under QEMU or deploy it to your
+   hardware before you can run the tests.

 Here is a complete example that shows IP addresses and uses the
 ``core-image-sato`` image::

-   INHERIT += "testexport"
+   IMAGE_CLASSES += "testexport"
   TEST_TARGET_IP = "192.168.7.2"
   TEST_SERVER_IP = "192.168.7.1"

@@ -435,8 +440,8 @@ Use BitBake to export the tests::
 Run the tests outside of
 the build environment using the following::

-   $ cd tmp/testexport/core-image-sato
-   $ ./runexported.py testdata.json
+   $ cd tmp/testimage/core-image-sato
+   $ ./oe-test runtime

 Writing New Tests
 =================
--- a/documentation/test-manual/yocto-project-compatible.rst
+++ b/documentation/test-manual/yocto-project-compatible.rst
@@ -38,7 +38,7 @@ Benefits
 and flexible: it gives users the ultimate power to change pretty much any
 aspect of the system but as with most things, power comes with responsibility.
 The Yocto Project would like to see people able to mix and match BSPs with
-distro configs or software stacks and be able to merge succesfully.
+distro configs or software stacks and be able to merge successfully.
 Over time, the project identified characteristics in layers that allow them
 to operate well together. "anti-patterns" were also found, preventing layers
 from working well together.
--- a/documentation/toaster-manual/reference.rst
+++ b/documentation/toaster-manual/reference.rst
@@ -546,7 +546,7 @@ database.

 You need to run the ``buildslist`` command first to identify existing
 builds in the database before using the
-:ref:`toaster-manual/reference:\`\`builddelete\`\`` command. Here is an
+:ref:`toaster-manual/reference:``builddelete``` command. Here is an
 example that assumes default repository and :term:`Build Directory` names:

 .. code-block:: shell
@@ -555,7 +555,7 @@ example that assumes default repository and :term:`Build Directory` names:
   $ python ../bitbake/lib/toaster/manage.py buildslist

 If your Toaster database had only one build, the above
-:ref:`toaster-manual/reference:\`\`buildslist\`\``
+:ref:`toaster-manual/reference:``buildslist```
 command would return something like the following::

   1: qemux86 poky core-image-minimal
@@ -576,7 +576,7 @@ the database.

 Prior to running the ``builddelete`` command, you need to get the ID
 associated with builds by using the
-:ref:`toaster-manual/reference:\`\`buildslist\`\`` command.
+:ref:`toaster-manual/reference:``buildslist``` command.

 ``perf``
 --------
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -1,6 +1,6 @@
 DISTRO = "poky"
 DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
-DISTRO_VERSION = "5.0.9"
+DISTRO_VERSION = "5.0.13"
 DISTRO_CODENAME = "scarthgap"
 SDK_VENDOR = "-pokysdk"
 SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}"
--- a/meta-poky/conf/templates/default/local.conf.sample
+++ b/meta-poky/conf/templates/default/local.conf.sample
@@ -239,10 +239,7 @@ BB_DISKMON_DIRS ??= "\
 # Using the CDN rather than the yoctoproject.org address is suggested/preferred.
 #
 #BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws'
-#SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
-#
-###SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
-
+#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"

 #
 # Qemu configuration
--- a/meta-selftest/files/static-group
+++ b/meta-selftest/files/static-group
@@ -27,3 +27,4 @@ render:x:527:
 sgx:x:528:
 ptest:x:529:
 xuser:x:530:
+audio:x:531:
--- a/meta/classes-recipe/module.bbclass
+++ b/meta/classes-recipe/module.bbclass
@@ -65,6 +65,7 @@ module_do_install() {
 	           CC="${KERNEL_CC}" LD="${KERNEL_LD}" OBJCOPY="${KERNEL_OBJCOPY}" \
 	           STRIP="${KERNEL_STRIP}" \
 	           O=${STAGING_KERNEL_BUILDDIR} \
+		   KBUILD_EXTRA_SYMBOLS="${KBUILD_EXTRA_SYMBOLS}" \
 	           ${MODULES_INSTALL_TARGET}

 	if [ ! -e "${B}/${MODULES_MODULE_SYMVERS_LOCATION}/Module.symvers" ] ; then
--- a/meta/classes-recipe/testimage.bbclass
+++ b/meta/classes-recipe/testimage.bbclass
@@ -25,7 +25,9 @@ TESTIMAGE_AUTO ??= "0"
 TESTIMAGE_FAILED_QA_ARTIFACTS = "\
    ${localstatedir}/log \
    ${sysconfdir}/version \
-    ${sysconfdir}/os-release"
+    ${sysconfdir}/os-release \
+    ${nonarch_libdir}/os-release \
+"

 # If some ptests are run and fail, retrieve corresponding directories
 TESTIMAGE_FAILED_QA_ARTIFACTS += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${libdir}/${MCNAME}/ptest', '', d)}"
--- a/meta/classes-recipe/uboot-config.bbclass
+++ b/meta/classes-recipe/uboot-config.bbclass
@@ -22,12 +22,17 @@ def removesuffix(s, suffix):
 UBOOT_ENTRYPOINT ?= "20008000"
 UBOOT_LOADADDRESS ?= "${UBOOT_ENTRYPOINT}"

+# When naming the files we install/deploy, the package version and revision
+# are part of the filename.  Create a single variable to represent this and
+# allow it to be customized if desired.
+UBOOT_VERSION ?= "${PV}-${PR}"
+
 # Some versions of u-boot use .bin and others use .img.  By default use .bin
 # but enable individual recipes to change this value.
 UBOOT_SUFFIX ??= "bin"
 UBOOT_BINARY ?= "u-boot.${UBOOT_SUFFIX}"
 UBOOT_BINARYNAME ?= "${@os.path.splitext(d.getVar("UBOOT_BINARY"))[0]}"
-UBOOT_IMAGE ?= "${UBOOT_BINARYNAME}-${MACHINE}-${PV}-${PR}.${UBOOT_SUFFIX}"
+UBOOT_IMAGE ?= "${UBOOT_BINARYNAME}-${MACHINE}-${UBOOT_VERSION}.${UBOOT_SUFFIX}"
 UBOOT_SYMLINK ?= "${UBOOT_BINARYNAME}-${MACHINE}.${UBOOT_SUFFIX}"
 UBOOT_MAKE_TARGET ?= "all"

@@ -36,7 +41,7 @@ UBOOT_MAKE_TARGET ?= "all"
 # purposes.
 UBOOT_ELF ?= ""
 UBOOT_ELF_SUFFIX ?= "elf"
-UBOOT_ELF_IMAGE ?= "u-boot-${MACHINE}-${PV}-${PR}.${UBOOT_ELF_SUFFIX}"
+UBOOT_ELF_IMAGE ?= "u-boot-${MACHINE}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX}"
 UBOOT_ELF_BINARY ?= "u-boot.${UBOOT_ELF_SUFFIX}"
 UBOOT_ELF_SYMLINK ?= "u-boot-${MACHINE}.${UBOOT_ELF_SUFFIX}"

@@ -49,7 +54,7 @@ SPL_BINARY ?= ""
 SPL_DELIMITER  ?= "${@'.' if d.getVar("SPL_SUFFIX") else ''}"
 SPL_BINARYFILE ?= "${@os.path.basename(d.getVar("SPL_BINARY"))}"
 SPL_BINARYNAME ?= "${@removesuffix(d.getVar("SPL_BINARYFILE"), "." + d.getVar("SPL_SUFFIX"))}"
-SPL_IMAGE ?= "${SPL_BINARYNAME}-${MACHINE}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX}"
+SPL_IMAGE ?= "${SPL_BINARYNAME}-${MACHINE}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX}"
 SPL_SYMLINK ?= "${SPL_BINARYNAME}-${MACHINE}${SPL_DELIMITER}${SPL_SUFFIX}"

 # Additional environment variables or a script can be installed alongside
@@ -62,14 +67,14 @@ UBOOT_ENV ?= ""
 UBOOT_ENV_SRC_SUFFIX ?= "cmd"
 UBOOT_ENV_SRC ?= "${UBOOT_ENV}.${UBOOT_ENV_SRC_SUFFIX}"
 UBOOT_ENV_BINARY ?= "${UBOOT_ENV}.${UBOOT_ENV_SUFFIX}"
-UBOOT_ENV_IMAGE ?= "${UBOOT_ENV}-${MACHINE}-${PV}-${PR}.${UBOOT_ENV_SUFFIX}"
+UBOOT_ENV_IMAGE ?= "${UBOOT_ENV}-${MACHINE}-${UBOOT_VERSION}.${UBOOT_ENV_SUFFIX}"
 UBOOT_ENV_SYMLINK ?= "${UBOOT_ENV}-${MACHINE}.${UBOOT_ENV_SUFFIX}"

 # U-Boot EXTLINUX variables. U-Boot searches for /boot/extlinux/extlinux.conf
 # to find EXTLINUX conf file.
 UBOOT_EXTLINUX_INSTALL_DIR ?= "/boot/extlinux"
 UBOOT_EXTLINUX_CONF_NAME ?= "extlinux.conf"
-UBOOT_EXTLINUX_SYMLINK ?= "${UBOOT_EXTLINUX_CONF_NAME}-${MACHINE}-${PR}"
+UBOOT_EXTLINUX_SYMLINK ?= "${UBOOT_EXTLINUX_CONF_NAME}-${MACHINE}-${UBOOT_VERSION}"

 # Options for the device tree compiler passed to mkimage '-D' feature:
 UBOOT_MKIMAGE_DTCOPTS ??= ""
--- a/meta/classes-recipe/uboot-sign.bbclass
+++ b/meta/classes-recipe/uboot-sign.bbclass
@@ -94,6 +94,8 @@ python() {
    sign = d.getVar('UBOOT_SIGN_ENABLE') == '1'
    if d.getVar('UBOOT_FITIMAGE_ENABLE') == '1' or sign:
        d.appendVar('DEPENDS', " u-boot-tools-native dtc-native")
+    if d.getVar('FIT_GENERATE_KEYS') == '1' and sign:
+        d.appendVarFlag('do_uboot_assemble_fitimage', 'depends', ' virtual/kernel:do_kernel_generate_rsa_keys')
 }

 concat_dtb() {
--- a/meta/classes/create-spdx-2.2.bbclass
+++ b/meta/classes/create-spdx-2.2.bbclass
@@ -100,6 +100,9 @@ python() {
        # Transform the license array to a dictionary
        data["licenses"] = {l["licenseId"]: l for l in data["licenses"]}
        d.setVar("SPDX_LICENSE_DATA", data)
+
+    if d.getVar("SPDX_INCLUDE_COMPILED_SOURCES") == "1":
+        d.setVar("SPDX_INCLUDE_SOURCES", "1")
 }

 def convert_license_to_spdx(lic, document, d, existing={}):
@@ -215,6 +218,11 @@ def add_package_files(d, doc, spdx_pkg, topdir, get_spdxid, get_types, *, archiv
    spdx_files = []

    file_counter = 1
+
+    check_compiled_sources = d.getVar("SPDX_INCLUDE_COMPILED_SOURCES") == "1"
+    if check_compiled_sources:
+        compiled_sources, types = oe.spdx.get_compiled_sources(d)
+        bb.debug(1, f"Total compiled files: {len(compiled_sources)}")
    for subdir, dirs, files in os.walk(topdir):
        dirs[:] = [d for d in dirs if d not in ignore_dirs]
        if subdir == str(topdir):
@@ -225,6 +233,10 @@ def add_package_files(d, doc, spdx_pkg, topdir, get_spdxid, get_types, *, archiv
            filename = str(filepath.relative_to(topdir))

            if not filepath.is_symlink() and filepath.is_file():
+                # Check if file is compiled
+                if check_compiled_sources:
+                     if not oe.spdx.is_compiled_source(filename, compiled_sources, types):
+                          continue
                spdx_file = oe.spdx.SPDXFile()
                spdx_file.SPDXID = get_spdxid(file_counter)
                for t in get_types(filepath):
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -196,6 +196,7 @@ python do_cve_check () {
        else:
            bb.note("No CVE database found, skipping CVE check")

+    oe.qa.exit_if_errors(d)
 }

 addtask cve_check before do_build
@@ -270,13 +271,14 @@ python cve_check_write_rootfs_manifest () {
    d.setVar("PN", save_pn)

    if enable_text:
-        link_path = os.path.join(deploy_dir, "%s.cve" % link_name)
        manifest_name = d.getVar("CVE_CHECK_MANIFEST")

        with open(manifest_name, "w") as f:
            f.write(text_data)

-        update_symlinks(manifest_name, link_path)
+        if link_name:
+            link_path = os.path.join(deploy_dir, "%s.cve" % link_name)
+            update_symlinks(manifest_name, link_path)
        bb.plain("Image CVE report stored in: %s" % manifest_name)

    if enable_json:
--- a/meta/conf/bitbake.conf
+++ b/meta/conf/bitbake.conf
@@ -703,7 +703,7 @@ DEBIAN_MIRROR = "http://ftp.debian.org/debian/pool"
 GENTOO_MIRROR = "http://distfiles.gentoo.org/distfiles"
 GNOME_GIT = "git://gitlab.gnome.org/GNOME"
 GNOME_MIRROR = "https://download.gnome.org/sources/"
-GNU_MIRROR = "https://ftp.gnu.org/gnu"
+GNU_MIRROR = "https://ftpmirror.gnu.org/gnu"
 GNUPG_MIRROR = "https://www.gnupg.org/ftp/gcrypt"
 GPE_MIRROR = "http://gpe.linuxtogo.org/download/source"
 KERNELORG_MIRROR = "https://cdn.kernel.org/pub"
@@ -989,5 +989,7 @@ oe.sstatesig.find_sstate_manifest[vardepsexclude] = "BBEXTENDCURR BBEXTENDVARIAN
 oe.utils.get_multilib_datastore[vardepsexclude] = "DEFAULTTUNE_MULTILIB_ORIGINAL OVERRIDES"
 oe.path.format_display[vardepsexclude] = "TOPDIR"
 oe.utils.get_bb_number_threads[vardepsexclude] = "BB_NUMBER_THREADS"
+oe.package.save_debugsources_info[vardepsexclude] = "BB_NUMBER_THREADS"
+oe.package.read_debugsources_info[vardepsexclude] = "BB_NUMBER_THREADS"
 oe.packagedata.emit_pkgdata[vardepsexclude] = "BB_NUMBER_THREADS"
 oe.packagedata.read_subpkgdata_extended[vardepsexclude] = "BB_NUMBER_THREADS"
--- a/meta/conf/distro/include/default-distrovars.inc
+++ b/meta/conf/distro/include/default-distrovars.inc
@@ -61,4 +61,4 @@ KERNEL_IMAGETYPES ??= "${KERNEL_IMAGETYPE}"
 # fetch from the network (and warn you if not). To disable the test set
 # the variable to be empty.
 # Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master;branch=master
-CONNECTIVITY_CHECK_URIS ?= "https://yoctoproject.org/connectivity.html"
+CONNECTIVITY_CHECK_URIS ?= "https://www.yoctoproject.org/connectivity.html"
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -190,7 +190,7 @@ RECIPE_MAINTAINER:pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r
 RECIPE_MAINTAINER:pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>"
-RECIPE_MAINTAINER:pn-gcc-source-13.3.0 = "Khem Raj <raj.khem@gmail.com>"
+RECIPE_MAINTAINER:pn-gcc-source-13.4.0 = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gconf = "Ross Burton <ross.burton@arm.com>"
 RECIPE_MAINTAINER:pn-gcr = "Alexander Kanavin <alex.kanavin@gmail.com>"
 RECIPE_MAINTAINER:pn-gdb = "Khem Raj <raj.khem@gmail.com>"
@@ -210,7 +210,6 @@ RECIPE_MAINTAINER:pn-glibc = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glibc-locale = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glibc-mtrace = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glibc-scripts = "Khem Raj <raj.khem@gmail.com>"
-RECIPE_MAINTAINER:pn-glibc-y2038-tests = "Lukasz Majewski <lukma@denx.de>"
 RECIPE_MAINTAINER:pn-glibc-testsuite = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gmp = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glslang = "Jose Quaresma <quaresma.jose@gmail.com>"
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -81,8 +81,6 @@ PTESTS_FAST = "\
    zlib \
    libexif \
 "
-PTESTS_FAST:append:libc-glibc = " glibc-y2038-tests"
-PTESTS_PROBLEMS:remove:libc-glibc = "glibc-y2038-tests"
 PTESTS_FAST:remove:mips64 = "qemu"
 PTESTS_PROBLEMS:append:mips64 = " qemu"
 PTESTS_FAST:remove:riscv32 = "qemu"
@@ -104,6 +102,7 @@ PTESTS_SLOW = "\
    libevent \
    libgcrypt \
    libmodule-build-perl \
+    libpng \
    lttng-tools \
    openssh \
    openssl \
--- a/meta/conf/distro/include/time64.inc
+++ b/meta/conf/distro/include/time64.inc
@@ -19,7 +19,6 @@ TARGET_CC_ARCH:append:powerpc = "${@bb.utils.contains('TUNE_FEATURES', 'm32', '$
 TARGET_CC_ARCH:append:x86 = "${@bb.utils.contains('TUNE_FEATURES', 'm32', '${GLIBC_64BIT_TIME_FLAGS}', '', d)}"

 GLIBC_64BIT_TIME_FLAGS:pn-glibc = ""
-GLIBC_64BIT_TIME_FLAGS:pn-glibc-y2038-tests = ""
 GLIBC_64BIT_TIME_FLAGS:pn-glibc-testsuite = ""
 # pipewire-v4l2 explicitly sets _FILE_OFFSET_BITS=32 to get access to
 # both 32 and 64 bit file APIs.  But it does not handle the time side?
@@ -36,7 +35,6 @@ GLIBC_64BIT_TIME_FLAGS:pn-gcc-sanitizers = ""
 # Caused by the flags exceptions above
 INSANE_SKIP:append:pn-gcc-sanitizers = " 32bit-time"
 INSANE_SKIP:append:pn-glibc = " 32bit-time"
-INSANE_SKIP:append:pn-glibc-y2038-tests = " 32bit-time"
 INSANE_SKIP:append:pn-pulseaudio = " 32bit-time"

 # Strace has tests that call 32 bit API directly, which is fair enough, e.g.
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,10 +6,10 @@
 # to the distro running on the build machine.
 #

-UNINATIVE_MAXGLIBCVERSION = "2.41"
-UNINATIVE_VERSION = "4.7"
+UNINATIVE_MAXGLIBCVERSION = "2.42"
+UNINATIVE_VERSION = "4.9"

 UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
-UNINATIVE_CHECKSUM[aarch64] ?= "ac440e4fc80665c79f9718c665c6e28d771e51609c088c3c97ba3ad5cfed197a"
-UNINATIVE_CHECKSUM[i686] ?= "c5efa31450f3bbd63ea961d4e7c747ae41317937d429f65e1d5cf2050338e27a"
-UNINATIVE_CHECKSUM[x86_64] ?= "5800d4e9a129d1be09cf548918d25f74e91a7c1193ae5239d5b0c9246c486d2c"
+UNINATIVE_CHECKSUM[aarch64] ?= "812045d826b7fda88944055e8526b95a5a9440bfef608d5b53fd52faab49bf85"
+UNINATIVE_CHECKSUM[i686] ?= "5cc28efd0c15a75de4bcb147c6cce65f1c1c9d442173a220f08427f40a3ffa09"
+UNINATIVE_CHECKSUM[x86_64] ?= "4c03d1ed2b7b4e823aca4a1a23d8f2e322f1770fc10e859adcede5777aff4f3a"
--- a/meta/conf/machine/include/arm/armv8r/tune-cortexr52.inc
+++ b/meta/conf/machine/include/arm/armv8r/tune-cortexr52.inc
@@ -10,11 +10,10 @@ require conf/machine/include/arm/arch-armv8r.inc

 AVAILTUNES                             += "cortexr52"
 ARMPKGARCH:tune-cortexr52               = "cortexr52"
-# We do not want -march since -mcpu is added above to cover for it
-TUNE_FEATURES:tune-cortexr52            = "aarch64 crc simd cortexr52"
+TUNE_FEATURES:tune-cortexr52            = "${TUNE_FEATURES:tune-armv8r-crc-simd} cortexr52"
 PACKAGE_EXTRA_ARCHS:tune-cortexr52      = "${PACKAGE_EXTRA_ARCHS:tune-armv8r-crc-simd} cortexr52"

 AVAILTUNES                             += "cortexr52hf"
-ARMPKGARCH:tune-cortexr52hf             = "cortexr52"
+ARMPKGARCH:tune-cortexr52hf             = "cortexr52hf"
 TUNE_FEATURES:tune-cortexr52hf          = "${TUNE_FEATURES:tune-cortexr52} callconvention-hard"
 PACKAGE_EXTRA_ARCHS:tune-cortexr52hf    = "cortexr52hf"
--- a/meta/conf/sanity.conf
+++ b/meta/conf/sanity.conf
@@ -3,7 +3,7 @@
 # See sanity.bbclass
 #
 # Expert users can confirm their sanity with "touch conf/sanity.conf"
-BB_MIN_VERSION = "2.7.3"
+BB_MIN_VERSION = "2.8.1"

 SANITY_ABIFILE = "${TMPDIR}/abi_version"

--- a/meta/lib/oe/license.py
+++ b/meta/lib/oe/license.py
@@ -172,8 +172,8 @@ class ManifestVisitor(LicenseVisitor):
        LicenseVisitor.__init__(self)

    def visit(self, node):
-        if isinstance(node, ast.Str):
-            lic = node.s
+        if isinstance(node, ast.Constant):
+            lic = node.value

            if license_ok(self._canonical_license(self._d, lic),
                    self._dont_want_licenses) == True:
--- a/meta/lib/oe/package.py
+++ b/meta/lib/oe/package.py
@@ -1038,6 +1038,49 @@ def copydebugsources(debugsrcdir, sources, d):
            if os.path.exists(p) and not os.listdir(p):
                os.rmdir(p)

+def save_debugsources_info(debugsrcdir, sources_raw, d):
+    import json
+    import bb.compress.zstd
+    if debugsrcdir and sources_raw:
+        debugsources_file = d.expand("${PKGDESTWORK}/debugsources/${PN}-debugsources.json.zstd")
+        debugsources_dir = os.path.dirname(debugsources_file)
+        if not os.path.isdir(debugsources_dir):
+            bb.utils.mkdirhier(debugsources_dir)
+        bb.utils.remove(debugsources_file)
+
+        workdir = d.getVar("WORKDIR")
+        pn = d.getVar('PN')
+
+        # Kernel sources are in a different directory and are special case
+        # we format the sources as expected by spdx by replacing /usr/src/kernel/
+        # into BP/
+        kernel_src = d.getVar('KERNEL_SRC_PATH')
+        pf = d.getVar('PF')
+        sources_dict = {}
+        for file, src_files in sources_raw:
+            file_clean = file.replace(f"{workdir}/package/","")
+            sources_clean = [
+                src.replace(f"{debugsrcdir}/{pn}/", "")
+                if not kernel_src else src.replace(f"{kernel_src}/", f"{pf}/")
+                for src in src_files
+                if not any(keyword in src for keyword in ("<internal>", "<built-in>")) and not src.endswith("/")
+            ]
+            sources_dict[file_clean] = sorted(sources_clean)
+        num_threads = int(d.getVar("BB_NUMBER_THREADS"))
+        with bb.compress.zstd.open(debugsources_file, "wt", encoding="utf-8", num_threads=num_threads) as f:
+            json.dump(sources_dict, f, sort_keys=True)
+
+def read_debugsources_info(d):
+    import json
+    import bb.compress.zstd
+    try:
+        fn = d.expand("${PKGDESTWORK}/debugsources/${PN}-debugsources.json.zstd")
+        num_threads = int(d.getVar("BB_NUMBER_THREADS"))
+        with bb.compress.zstd.open(fn, "rt", encoding="utf-8", num_threads=num_threads) as f:
+            return json.load(f)
+    except FileNotFoundError:
+        bb.debug(1, f"File not found: {fn}")
+        return None

 def process_split_and_strip_files(d):
    cpath = oe.cachedpath.CachedPath()
@@ -1269,6 +1312,9 @@ def process_split_and_strip_files(d):
        # Process the dv["srcdir"] if requested...
        # This copies and places the referenced sources for later debugging...
        copydebugsources(dv["srcdir"], sources, d)
+
+        # Save source info to be accessible to other tasks
+        save_debugsources_info(dv["srcdir"], results, d)
    #
    # End of debug splitting
    #
--- a/meta/lib/oe/spdx.py
+++ b/meta/lib/oe/spdx.py
@@ -355,3 +355,45 @@ class SPDXDocument(SPDXObject):
            if r.spdxDocument == namespace:
                return r
        return None
+
+def is_compiled_source (filename, compiled_sources, types):
+    """
+    Check if the file is a compiled file
+    """
+    import os
+    # If we don't have compiled source, we assume all are compiled.
+    if not compiled_sources:
+        return True
+
+    # We return always true if the file type is not in the list of compiled files.
+    # Some files in the source directory are not compiled, for example, Makefiles,
+    # but also python .py file. We need to include them in the SPDX.
+    basename = os.path.basename(filename)
+    ext = basename.partition(".")[2]
+    if ext not in types:
+        return True
+    # Check that the file is in the list
+    return filename in compiled_sources
+
+def get_compiled_sources(d):
+    """
+    Get list of compiled sources from debug information and normalize the paths
+    """
+    import itertools
+    import oe.package
+    source_info = oe.package.read_debugsources_info(d)
+    if not source_info:
+        bb.debug(1, "Do not have debugsources.list. Skipping")
+        return [], []
+
+    # Sources are not split now in SPDX, so we aggregate them
+    sources = set(itertools.chain.from_iterable(source_info.values()))
+    # Check extensions of files
+    types = set()
+    for src in sources:
+        basename = os.path.basename(src)
+        ext = basename.partition(".")[2]
+        if ext not in types and ext:
+            types.add(ext)
+    bb.debug(1, f"Num of sources: {len(sources)} and types: {len(types)} {str(types)}")
+    return sources, types
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -5,10 +5,11 @@
 #

 import subprocess
-import multiprocessing
 import traceback
 import errno

+from bb import multiprocessing
+
 def read_file(filename):
    try:
        f = open( filename, "r" )
--- a/meta/lib/oeqa/sdk/buildtools-cases/https.py
+++ b/meta/lib/oeqa/sdk/buildtools-cases/https.py
@@ -15,8 +15,8 @@ class HTTPTests(OESDKTestCase):
    """

    def test_wget(self):
-        self._run('env -i wget --debug --output-document /dev/null https://yoctoproject.org/connectivity.html')
+        self._run('env -i wget --debug --output-document /dev/null https://www.yoctoproject.org/connectivity.html')

    def test_python(self):
        # urlopen() returns a file-like object on success and throws an exception otherwise
-        self._run('python3 -c \'import urllib.request; urllib.request.urlopen("https://yoctoproject.org/connectivity.html")\'')
+        self._run('python3 -c \'import urllib.request; urllib.request.urlopen("https://www.yoctoproject.org/connectivity.html")\'')
--- a/meta/lib/oeqa/sdk/cases/buildcpio.py
+++ b/meta/lib/oeqa/sdk/cases/buildcpio.py
@@ -24,7 +24,7 @@ class BuildCpioTest(OESDKTestCase):

    def test_cpio(self):
        with tempfile.TemporaryDirectory(prefix="cpio-", dir=self.tc.sdk_dir) as testdir:
-            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://ftp.gnu.org/gnu/cpio/cpio-2.15.tar.gz")
+            tarball = self.fetch(testdir, self.td["DL_DIR"], "https://ftpmirror.gnu.org/gnu/cpio/cpio-2.15.tar.gz")

            dirs = {}
            dirs["source"] = os.path.join(testdir, "cpio-2.15")
--- a/meta/lib/oeqa/selftest/cases/meta_ide.py
+++ b/meta/lib/oeqa/selftest/cases/meta_ide.py
@@ -44,7 +44,7 @@ class MetaIDE(OESelftestTestCase):
    def test_meta_ide_can_build_cpio_project(self):
        dl_dir = self.td.get('DL_DIR', None)
        self.project = SDKBuildProject(self.tmpdir_metaideQA + "/cpio/", self.environment_script_path,
-                        "https://ftp.gnu.org/gnu/cpio/cpio-2.15.tar.gz",
+                        "https://ftpmirror.gnu.org/gnu/cpio/cpio-2.15.tar.gz",
                        self.tmpdir_metaideQA, self.td['DATETIME'], dl_dir=dl_dir)
        self.project.download_archive()
        self.assertEqual(self.project.run_configure('$CONFIGURE_FLAGS'), 0,
--- a/meta/lib/oeqa/selftest/cases/sstatetests.py
+++ b/meta/lib/oeqa/selftest/cases/sstatetests.py
@@ -977,7 +977,7 @@ class SStateMirrors(SStateBase):
            self.append_config("""
 MACHINE = "{}"
 BB_HASHSERVE_UPSTREAM = "hashserv.yocto.io:8687"
-SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
+SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
 """.format(machine))
        else:
            self.append_config("""
--- a/meta/recipes-bsp/grub/files/CVE-2024-56738.patch
+++ b/meta/recipes-bsp/grub/files/CVE-2024-56738.patch
@@ -0,0 +1,75 @@
+From 4cef2fc7308b2132317ad166939994f098b41561 Mon Sep 17 00:00:00 2001
+From: Ross Burton <ross.burton@arm.com>
+Date: Tue, 9 Sep 2025 14:23:14 +0100
+Subject: [PATCH] CVE-2024-56738
+
+Backport an algorithmic change to grub_crypto_memcmp() so that it completes in
+constant time and thus isn't susceptible to side-channel attacks.
+
+This is a partial backport of grub 0739d24cd
+("libgcrypt: Adjust import script, definitions and API users for libgcrypt 1.11")
+
+CVE: CVE-2024-56738
+Upstream-Status: Backport [0739d24cd]
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+---
+ grub-core/lib/crypto.c | 23 ++++++++++++++++-------
+ include/grub/crypto.h  |  2 +-
+ 2 files changed, 17 insertions(+), 8 deletions(-)
+
+diff --git a/grub-core/lib/crypto.c b/grub-core/lib/crypto.c
+index 396f76410..19db7870a 100644
+--- a/grub-core/lib/crypto.c
+++ b/grub-core/lib/crypto.c
+@@ -433,19 +433,28 @@ grub_crypto_gcry_error (gcry_err_code_t in)
+   return GRUB_ACCESS_DENIED;
+ }
+ 
+/*
+ * Compare byte arrays of length LEN, return 1 if it's not same,
+ * 0, otherwise.
+ */
+ int
+-grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
+grub_crypto_memcmp (const void *b1, const void *b2, grub_size_t len)
+ {
+-  register grub_size_t counter = 0;
+-  const grub_uint8_t *pa, *pb;
+  const grub_uint8_t *a = b1;
+  const grub_uint8_t *b = b2;
+  int ab, ba;
+  grub_size_t i;
+ 
+-  for (pa = a, pb = b; n; pa++, pb++, n--)
+  /* Constant-time compare. */
+  for (i = 0, ab = 0, ba = 0; i < len; i++)
+     {
+-      if (*pa != *pb)
+-	counter++;
+      /* If a[i] != b[i], either ab or ba will be negative. */
+      ab |= a[i] - b[i];
+      ba |= b[i] - a[i];
+     }
+ 
+-  return !!counter;
+  /* 'ab | ba' is negative when buffers are not equal, extract sign bit.  */
+  return ((unsigned int)(ab | ba) >> (sizeof(unsigned int) * 8 - 1)) & 1;
+ }
+ 
+ #ifndef GRUB_UTIL
+diff --git a/include/grub/crypto.h b/include/grub/crypto.h
+index 31c87c302..20ad4c5f7 100644
+--- a/include/grub/crypto.h
+++ b/include/grub/crypto.h
+@@ -393,7 +393,7 @@ grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
+ 		    grub_uint8_t *DK, grub_size_t dkLen);
+ 
+ int
+-grub_crypto_memcmp (const void *a, const void *b, grub_size_t n);
+grub_crypto_memcmp (const void *b1, const void *b2, grub_size_t len);
+ 
+ int
+ grub_password_get (char buf[], unsigned buf_size);
+-- 
+2.43.0
+
--- a/meta/recipes-bsp/grub/grub2.inc
+++ b/meta/recipes-bsp/grub/grub2.inc
@@ -37,6 +37,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \
           file://CVE-2024-45778_CVE-2024-45779.patch \
           file://CVE-2025-0677_CVE-2025-0684_CVE-2025-0685_CVE-2025-0686_CVE-2025-0689.patch \
           file://CVE-2025-0678_CVE-2025-1125.patch \
+           file://CVE-2024-56738.patch \
 "

 SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154cb9c91"
@@ -44,6 +45,7 @@ SRC_URI[sha256sum] = "b30919fa5be280417c17ac561bb1650f60cfb80cc6237fa1e2b6f56154
 CVE_STATUS[CVE-2019-14865] = "not-applicable-platform: applies only to RHEL"
 CVE_STATUS[CVE-2023-4001]  = "not-applicable-platform: Applies only to RHEL/Fedora"
 CVE_STATUS[CVE-2024-1048]  = "not-applicable-platform: Applies only to RHEL/Fedora"
+CVE_STATUS[CVE-2024-2312]  = "not-applicable-platform: Applies only to Ubuntu"

 DEPENDS = "flex-native bison-native gettext-native"

--- a/meta/recipes-bsp/u-boot/u-boot.inc
+++ b/meta/recipes-bsp/u-boot/u-boot.inc
@@ -199,16 +199,16 @@ uboot_install_config () {
    config=$1
    type=$2

-    install -D -m 644 ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX}
-    ln -sf ${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type}
-    ln -sf ${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}
+    install -D -m 644 ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX}
+    ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type}
+    ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${D}/boot/${UBOOT_BINARY}

    # Install the uboot-initial-env
    if [ -n "${UBOOT_INITIAL_ENV}" ]; then
-        install -D -m 644 ${B}/${config}/u-boot-initial-env-${type} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${type}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}
+        install -D -m 644 ${B}/${config}/u-boot-initial-env-${type} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${type}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}
    fi
 }

@@ -218,9 +218,9 @@ uboot_install () {

    # Install the uboot-initial-env
    if [ -n "${UBOOT_INITIAL_ENV}" ]; then
-        install -D -m 644 ${B}/u-boot-initial-env ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${PV}-${PR}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${PV}-${PR} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${PV}-${PR} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}
+        install -D -m 644 ${B}/u-boot-initial-env ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}-${MACHINE}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${D}/${sysconfdir}/${UBOOT_INITIAL_ENV}
    fi
 }

@@ -228,9 +228,9 @@ uboot_install_elf_config () {
    config=$1
    type=$2

-    install -m 644 ${B}/${config}/${UBOOT_ELF} ${D}/boot/u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX}
-    ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type}
-    ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}
+    install -m 644 ${B}/${config}/${UBOOT_ELF} ${D}/boot/u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX}
+    ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}-${type}
+    ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${D}/boot/${UBOOT_BINARY}
 }

 uboot_install_elf () {
@@ -242,9 +242,9 @@ uboot_install_spl_config () {
    config=$1
    type=$2

-    install -m 644 ${B}/${config}/${SPL_BINARY} ${D}/boot/${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX}
-    ln -sf ${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX} ${D}/boot/${SPL_BINARYFILE}-${type}
-    ln -sf ${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX} ${D}/boot/${SPL_BINARYFILE}
+    install -m 644 ${B}/${config}/${SPL_BINARY} ${D}/boot/${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX}
+    ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${D}/boot/${SPL_BINARYFILE}-${type}
+    ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${D}/boot/${SPL_BINARYFILE}
 }

 uboot_install_spl () {
@@ -288,10 +288,10 @@ do_deploy () {
    fi

    if [ -e ${WORKDIR}/fw_env.config ] ; then
-        install -D -m 644 ${WORKDIR}/fw_env.config ${DEPLOYDIR}/fw_env.config-${MACHINE}-${PV}-${PR}
+        install -D -m 644 ${WORKDIR}/fw_env.config ${DEPLOYDIR}/fw_env.config-${MACHINE}-${UBOOT_VERSION}
        cd ${DEPLOYDIR}
-        ln -sf fw_env.config-${MACHINE}-${PV}-${PR} fw_env.config-${MACHINE}
-        ln -sf fw_env.config-${MACHINE}-${PV}-${PR} fw_env.config
+        ln -sf fw_env.config-${MACHINE}-${UBOOT_VERSION} fw_env.config-${MACHINE}
+        ln -sf fw_env.config-${MACHINE}-${UBOOT_VERSION} fw_env.config
    fi

    if [ -n "${UBOOT_ELF}" ]
@@ -361,19 +361,19 @@ uboot_deploy_config () {
    config=$1
    type=$2

-    install -D -m 644 ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} ${DEPLOYDIR}/${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX}
+    install -D -m 644 ${B}/${config}/${UBOOT_BINARYNAME}-${type}.${UBOOT_SUFFIX} ${DEPLOYDIR}/${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX}
    cd ${DEPLOYDIR}
-    ln -sf ${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}-${type}
-    ln -sf ${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}
-    ln -sf ${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_BINARY}-${type}
-    ln -sf ${UBOOT_BINARYNAME}-${type}-${PV}-${PR}.${UBOOT_SUFFIX} ${UBOOT_BINARY}
+    ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}-${type}
+    ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_SYMLINK}
+    ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_BINARY}-${type}
+    ln -sf ${UBOOT_BINARYNAME}-${type}-${UBOOT_VERSION}.${UBOOT_SUFFIX} ${UBOOT_BINARY}

    # Deploy the uboot-initial-env
    if [ -n "${UBOOT_INITIAL_ENV}" ]; then
-        install -D -m 644 ${B}/${config}/u-boot-initial-env-${type} ${DEPLOYDIR}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR}
+        install -D -m 644 ${B}/${config}/u-boot-initial-env-${type} ${DEPLOYDIR}/${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION}
        cd ${DEPLOYDIR}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR} ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${PV}-${PR} ${UBOOT_INITIAL_ENV}-${type}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${type}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}-${type}
    fi
 }

@@ -387,10 +387,10 @@ uboot_deploy () {

    # Deploy the uboot-initial-env
    if [ -n "${UBOOT_INITIAL_ENV}" ]; then
-        install -D -m 644 ${B}/u-boot-initial-env ${DEPLOYDIR}/${UBOOT_INITIAL_ENV}-${MACHINE}-${PV}-${PR}
+        install -D -m 644 ${B}/u-boot-initial-env ${DEPLOYDIR}/${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION}
        cd ${DEPLOYDIR}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${PV}-${PR} ${UBOOT_INITIAL_ENV}-${MACHINE}
-        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${PV}-${PR} ${UBOOT_INITIAL_ENV}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}-${MACHINE}
+        ln -sf ${UBOOT_INITIAL_ENV}-${MACHINE}-${UBOOT_VERSION} ${UBOOT_INITIAL_ENV}
    fi
 }

@@ -398,11 +398,11 @@ uboot_deploy_elf_config () {
    config=$1
    type=$2

-    install -m 644 ${B}/${config}/${UBOOT_ELF} ${DEPLOYDIR}/u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX}
-    ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}-${type}
-    ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}
-    ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}-${type}
-    ln -sf u-boot-${type}-${PV}-${PR}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}
+    install -m 644 ${B}/${config}/${UBOOT_ELF} ${DEPLOYDIR}/u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX}
+    ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}-${type}
+    ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_BINARY}
+    ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}-${type}
+    ln -sf u-boot-${type}-${UBOOT_VERSION}.${UBOOT_ELF_SUFFIX} ${DEPLOYDIR}/${UBOOT_ELF_SYMLINK}
 }

 uboot_deploy_elf () {
@@ -415,12 +415,12 @@ uboot_deploy_spl_config () {
    config=$1
    type=$2

-    install -m 644 ${B}/${config}/${SPL_BINARY} ${DEPLOYDIR}/${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX}
+    install -m 644 ${B}/${config}/${SPL_BINARY} ${DEPLOYDIR}/${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX}
    rm -f ${DEPLOYDIR}/${SPL_BINARYFILE} ${DEPLOYDIR}/${SPL_SYMLINK}
-    ln -sf ${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_BINARYFILE}-${type}
-    ln -sf ${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_BINARYFILE}
-    ln -sf ${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_SYMLINK}-${type}
-    ln -sf ${SPL_BINARYNAME}-${type}-${PV}-${PR}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_SYMLINK}
+    ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_BINARYFILE}-${type}
+    ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_BINARYFILE}
+    ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_SYMLINK}-${type}
+    ln -sf ${SPL_BINARYNAME}-${type}-${UBOOT_VERSION}${SPL_DELIMITER}${SPL_SUFFIX} ${DEPLOYDIR}/${SPL_SYMLINK}
 }

 uboot_deploy_spl () {
--- a/meta/recipes-connectivity/avahi/avahi_0.8.bb
+++ b/meta/recipes-connectivity/avahi/avahi_0.8.bb
@@ -36,6 +36,7 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
           file://CVE-2023-38472.patch \
           file://CVE-2023-38473.patch \
           file://CVE-2024-52616.patch \
+           file://CVE-2024-52615.patch \
           "

 GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
--- a/meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch
+++ b/meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch
@@ -0,0 +1,228 @@
+From 4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942 Mon Sep 17 00:00:00 2001
+From: Michal Sekletar <msekleta@redhat.com>
+Date: Wed, 27 Nov 2024 18:07:32 +0100
+Subject: [PATCH] core/wide-area: fix for CVE-2024-52615
+
+CVE: CVE-2024-52615
+Upstream-Status: Backport [https://github.com/avahi/avahi/commit/4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942]
+
+Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
+---
+ avahi-core/wide-area.c | 128 ++++++++++++++++++++++-------------------
+ 1 file changed, 69 insertions(+), 59 deletions(-)
+
+diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
+index 00a15056e..06df7afc6 100644
+--- a/avahi-core/wide-area.c
+++ b/avahi-core/wide-area.c
+@@ -81,6 +81,10 @@ struct AvahiWideAreaLookup {
+ 
+     AvahiAddress dns_server_used;
+ 
+    int fd;
+    AvahiWatch *watch;
+    AvahiProtocol proto;
+
+     AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, lookups);
+     AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, by_key);
+ };
+@@ -88,9 +92,6 @@ struct AvahiWideAreaLookup {
+ struct AvahiWideAreaLookupEngine {
+     AvahiServer *server;
+ 
+-    int fd_ipv4, fd_ipv6;
+-    AvahiWatch *watch_ipv4, *watch_ipv6;
+-
+     /* Cache */
+     AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
+     AvahiHashmap *cache_by_key;
+@@ -125,35 +126,67 @@ static AvahiWideAreaLookup* find_lookup(AvahiWideAreaLookupEngine *e, uint16_t i
+     return l;
+ }
+ 
+static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata);
+
+ static int send_to_dns_server(AvahiWideAreaLookup *l, AvahiDnsPacket *p) {
+    AvahiWideAreaLookupEngine *e;
+     AvahiAddress *a;
+    AvahiServer *s;
+    AvahiWatch *w;
+    int r;
+ 
+     assert(l);
+     assert(p);
+ 
+-    if (l->engine->n_dns_servers <= 0)
+    e = l->engine;
+    assert(e);
+
+    s = e->server;
+    assert(s);
+
+    if (e->n_dns_servers <= 0)
+         return -1;
+ 
+-    assert(l->engine->current_dns_server < l->engine->n_dns_servers);
+    assert(e->current_dns_server < e->n_dns_servers);
+ 
+-    a = &l->engine->dns_servers[l->engine->current_dns_server];
+    a = &e->dns_servers[e->current_dns_server];
+     l->dns_server_used = *a;
+ 
+-    if (a->proto == AVAHI_PROTO_INET) {
+    if (l->fd >= 0) {
+        /* We are reusing lookup object and sending packet to another server so let's cleanup before we establish connection to new server. */
+        s->poll_api->watch_free(l->watch);
+        l->watch = NULL;
+ 
+-        if (l->engine->fd_ipv4 < 0)
+-            return -1;
+        close(l->fd);
+        l->fd = -EBADF;
+    }
+ 
+-        return avahi_send_dns_packet_ipv4(l->engine->fd_ipv4, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT);
+    assert(a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6);
+ 
+-    } else {
+-        assert(a->proto == AVAHI_PROTO_INET6);
+    if (a->proto == AVAHI_PROTO_INET)
+        r = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
+    else
+        r = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
+ 
+-        if (l->engine->fd_ipv6 < 0)
+-            return -1;
+    if (r < 0) {
+        avahi_log_error(__FILE__ ": Failed to create socket for wide area lookup");
+        return -1;
+    }
+ 
+-        return avahi_send_dns_packet_ipv6(l->engine->fd_ipv6, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
+    w = s->poll_api->watch_new(s->poll_api, r, AVAHI_WATCH_IN, socket_event, l);
+    if (!w) {
+        close(r);
+        avahi_log_error(__FILE__ ": Failed to create socket watch for wide area lookup");
+        return -1;
+     }
+
+    l->fd = r;
+    l->watch = w;
+    l->proto = a->proto;
+
+    return a->proto == AVAHI_PROTO_INET ?
+                avahi_send_dns_packet_ipv4(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT):
+                avahi_send_dns_packet_ipv6(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
+ }
+ 
+ static void next_dns_server(AvahiWideAreaLookupEngine *e) {
+@@ -246,6 +279,9 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
+     l->dead = 0;
+     l->key = avahi_key_ref(key);
+     l->cname_key = avahi_key_new_cname(l->key);
+    l->fd = -EBADF;
+    l->watch = NULL;
+    l->proto = AVAHI_PROTO_UNSPEC;
+     l->callback = callback;
+     l->userdata = userdata;
+ 
+@@ -314,6 +350,12 @@ static void lookup_destroy(AvahiWideAreaLookup *l) {
+     if (l->cname_key)
+         avahi_key_unref(l->cname_key);
+ 
+    if (l->watch)
+            l->engine->server->poll_api->watch_free(l->watch);
+
+    if (l->fd >= 0)
+        close(l->fd);
+
+     avahi_free(l);
+ }
+ 
+@@ -572,14 +614,20 @@ static void handle_packet(AvahiWideAreaLookupEngine *e, AvahiDnsPacket *p) {
+ }
+ 
+ static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata) {
+-    AvahiWideAreaLookupEngine *e = userdata;
+    AvahiWideAreaLookup *l = userdata;
+    AvahiWideAreaLookupEngine *e = l->engine;
+     AvahiDnsPacket *p = NULL;
+ 
+-    if (fd == e->fd_ipv4)
+-        p = avahi_recv_dns_packet_ipv4(e->fd_ipv4, NULL, NULL, NULL, NULL, NULL);
+    assert(l);
+    assert(e);
+    assert(l->fd == fd);
+
+    if (l->proto == AVAHI_PROTO_INET)
+        p = avahi_recv_dns_packet_ipv4(l->fd, NULL, NULL, NULL, NULL, NULL);
+     else {
+-        assert(fd == e->fd_ipv6);
+-        p = avahi_recv_dns_packet_ipv6(e->fd_ipv6, NULL, NULL, NULL, NULL, NULL);
+        assert(l->proto == AVAHI_PROTO_INET6);
+
+        p = avahi_recv_dns_packet_ipv6(l->fd, NULL, NULL, NULL, NULL, NULL);
+     }
+ 
+     if (p) {
+@@ -598,32 +646,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
+     e->server = s;
+     e->cleanup_dead = 0;
+ 
+-    /* Create sockets */
+-    e->fd_ipv4 = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
+-    e->fd_ipv6 = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
+-
+-    if (e->fd_ipv4 < 0 && e->fd_ipv6 < 0) {
+-        avahi_log_error(__FILE__": Failed to create wide area sockets: %s", strerror(errno));
+-
+-        if (e->fd_ipv6 >= 0)
+-            close(e->fd_ipv6);
+-
+-        if (e->fd_ipv4 >= 0)
+-            close(e->fd_ipv4);
+-
+-        avahi_free(e);
+-        return NULL;
+-    }
+-
+-    /* Create watches */
+-
+-    e->watch_ipv4 = e->watch_ipv6 = NULL;
+-
+-    if (e->fd_ipv4 >= 0)
+-        e->watch_ipv4 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv4, AVAHI_WATCH_IN, socket_event, e);
+-    if (e->fd_ipv6 >= 0)
+-        e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
+-
+     e->n_dns_servers = e->current_dns_server = 0;
+ 
+     /* Initialize cache */
+@@ -651,18 +673,6 @@ void avahi_wide_area_engine_free(AvahiWideAreaLookupEngine *e) {
+     avahi_hashmap_free(e->lookups_by_id);
+     avahi_hashmap_free(e->lookups_by_key);
+ 
+-    if (e->watch_ipv4)
+-        e->server->poll_api->watch_free(e->watch_ipv4);
+-
+-    if (e->watch_ipv6)
+-        e->server->poll_api->watch_free(e->watch_ipv6);
+-
+-    if (e->fd_ipv6 >= 0)
+-        close(e->fd_ipv6);
+-
+-    if (e->fd_ipv4 >= 0)
+-        close(e->fd_ipv4);
+-
+     avahi_free(e);
+ }
+ 
+@@ -680,7 +690,7 @@ void avahi_wide_area_set_servers(AvahiWideAreaLookupEngine *e, const AvahiAddres
+ 
+     if (a) {
+         for (e->n_dns_servers = 0; n > 0 && e->n_dns_servers < AVAHI_WIDE_AREA_SERVERS_MAX; a++, n--)
+-            if ((a->proto == AVAHI_PROTO_INET && e->fd_ipv4 >= 0) || (a->proto == AVAHI_PROTO_INET6 && e->fd_ipv6 >= 0))
+            if (a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6)
+                 e->dns_servers[e->n_dns_servers++] = *a;
+     } else {
+         assert(n == 0);
--- a/meta/recipes-connectivity/bluez5/bluez5.inc
+++ b/meta/recipes-connectivity/bluez5/bluez5.inc
@@ -18,6 +18,7 @@ PACKAGECONFIG ??= "obex-profiles \
    ${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)} \
    a2dp-profiles \
    avrcp-profiles \
+    mcp-profiles \
    network-profiles \
    hid-profiles \
    hog-profiles \
@@ -35,6 +36,7 @@ PACKAGECONFIG[nfc] = "--enable-nfc,--disable-nfc"
 PACKAGECONFIG[sap-profiles] = "--enable-sap,--disable-sap"
 PACKAGECONFIG[a2dp-profiles] = "--enable-a2dp,--disable-a2dp"
 PACKAGECONFIG[avrcp-profiles] = "--enable-avrcp,--disable-avrcp"
+PACKAGECONFIG[mcp-profiles] = "--enable-mcp,--disable-mcp"
 PACKAGECONFIG[network-profiles] = "--enable-network,--disable-network"
 PACKAGECONFIG[hid-profiles] = "--enable-hid,--disable-hid"
 PACKAGECONFIG[hog-profiles] = "--enable-hog,--disable-hog"
@@ -55,6 +57,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/bluetooth/bluez-${PV}.tar.xz \
           file://0001-tests-add-a-target-for-building-tests-without-runnin.patch \
           file://0001-test-gatt-Fix-hung-issue.patch \
           file://0001-adapter-Fix-up-address-type-when-loading-keys.patch \
+           file://toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch \
           "
 S = "${WORKDIR}/bluez-${PV}"

--- a/meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch
+++ b/meta/recipes-connectivity/bluez5/bluez5/toolsbtmgmt-fix-index-option-for-non-interactive-mode.patch
@@ -0,0 +1,29 @@
+From f00d5546c9e989dd68ce0de0190cd0e043b0f1f5 Mon Sep 17 00:00:00 2001
+From: Arjan Opmeer <arjan.opmeer@gmail.com>
+Date: Tue, 9 Jul 2024 13:55:41 +0200
+Subject: [PATCH] tools/btmgmt: Fix --index option for non-interactive mode
+
+In non-interactive mode the --index option does not work because the
+call to mgmt_set_index() is made after bt_shell_attach().
+
+Fixes: https://github.com/bluez/bluez/issues/893
+
+Upstream-Status: Backport [https://github.com/bluez/bluez/commit/f00d5546c9e989dd68ce0de0190cd0e043b0f1f5]
+---
+ tools/btmgmt.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/btmgmt.c b/tools/btmgmt.c
+index 9b7f851bd8..436c2bb21f 100644
+--- a/tools/btmgmt.c
+++ b/tools/btmgmt.c
+@@ -51,8 +51,8 @@ int main(int argc, char *argv[])
+ 		return EXIT_FAILURE;
+ 	}
+ 
+-	bt_shell_attach(fileno(stdin));
+ 	mgmt_set_index(index_option);
+	bt_shell_attach(fileno(stdin));
+ 	status = bt_shell_run();
+ 
+ 	mgmt_remove_submenu();
--- a/meta/recipes-connectivity/bluez5/bluez5_5.72.bb
+++ b/meta/recipes-connectivity/bluez5/bluez5_5.72.bb
@@ -32,6 +32,9 @@ NOINST_TOOLS_TESTING ?= " \
    tools/rfcomm-tester \
    tools/bnep-tester \
    tools/userchan-tester \
+    tools/iso-tester \
+    tools/mesh-tester \
+    tools/ioctl-tester \
 "

 # noinst programs in Makefile.tools that are conditional on TOOLS
@@ -46,6 +49,7 @@ NOINST_TOOLS_BT ?= " \
    tools/hcieventmask \
    tools/hcisecfilter \
    tools/btinfo \
+    tools/btconfig \
    tools/btsnoop \
    tools/btproxy \
    tools/btiotest \
@@ -56,6 +60,8 @@ NOINST_TOOLS_BT ?= " \
    tools/advtest \
    tools/seq2bseq \
    tools/nokfw \
+    tools/rtlfw \
+    tools/bcmfw \
    tools/create-image \
    tools/eddystone \
    tools/ibeacon \
@@ -65,5 +71,5 @@ NOINST_TOOLS_BT ?= " \
    tools/check-selftest \
    tools/gatt-service \
    profiles/iap/iapd \
-    ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \
+    ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient tools/btpclientctl', '', d)} \
 "
--- a/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
+++ b/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
@@ -0,0 +1,41 @@
+From 8d3be0285f1d4667bfe85dba555c663eb3d704b4 Mon Sep 17 00:00:00 2001
+From: Yoonje Shin <ioerts@kookmin.ac.kr>
+Date: Mon, 12 May 2025 10:48:18 +0200
+Subject: [PATCH] dnsproxy: Address CVE-2025-32366 vulnerability
+
+In Connman parse_rr in dnsproxy.c has a memcpy length
+that depends on an RR RDLENGTH value (i.e., *rdlen=ntohs(rr->rdlen)
+and memcpy(response+offset,*end,*rdlen)). Here, rdlen may be larger
+than the amount of remaining packet data in the current state of
+parsing. As a result, values of stack memory locations may be sent
+over the network in a response.
+
+This patch adds a check to ensure that (*end + *rdlen) does not exceed
+the valid range. If the condition is violated, the function returns
+-EINVAL.
+
+CVE: CVE-2025-32366
+
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ src/dnsproxy.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/dnsproxy.c b/src/dnsproxy.c
+index 1a5a4f3..50b2d55 100644
+--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
+@@ -985,6 +985,9 @@ static int parse_rr(const unsigned char *buf, const unsigned char *start,
+	if ((offset + *rdlen) > *response_size)
+		return -ENOBUFS;
+
+	if ((*end + *rdlen) > max)
+		return -EINVAL;
+
+	memcpy(response + offset, *end, *rdlen);
+
+	*end += *rdlen;
+--
+2.40.0
--- a/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
+++ b/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
@@ -0,0 +1,48 @@
+From d90b911f6760959bdf1393c39fe8d1118315490f Mon Sep 17 00:00:00 2001
+From: Praveen Kumar <praveen.kumar@windriver.com>
+Date: Thu, 24 Apr 2025 11:39:29 +0000
+Subject: [PATCH] dnsproxy: Fix NULL/empty lookup causing potential crash
+
+In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
+can be NULL or an empty string when the TC (Truncated) bit is set in
+a DNS response. This allows attackers to cause a denial of service
+(application crash) or possibly execute arbitrary code, because those
+lookup values lead to incorrect length calculations and incorrect
+memcpy operations.
+
+This patch includes a check to make sure loookup value is valid before
+using it. This helps avoid unexpected value when the input is empty or
+incorrect.
+
+Fixes: CVE-2025-32743
+
+CVE: CVE-2025-32743
+
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ src/dnsproxy.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/dnsproxy.c b/src/dnsproxy.c
+index 7ebffbc..1a5a4f3 100644
+--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
+@@ -1669,8 +1669,13 @@ static int ns_resolv(struct server_data *server, struct request_data *req,
+				gpointer request, gpointer name)
+ {
+	int sk = -1;
+	int err;
+	const char *lookup = (const char *)name;
+-	int err = ns_try_resolv_from_cache(req, request, lookup);
+
+	if (!lookup || strlen(lookup) == 0)
+		return -EINVAL;
+
+	err = ns_try_resolv_from_cache(req, request, lookup);
+
+	if (err > 0)
+		/* cache hit */
+--
+2.40.0
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1,2 @@`
				`do_build[mcdepends] = "mc::mc-1:h1:do_invalid"`