linux/cve-exclusion: Execute the script after changing to the new data source

Execute new script generate-cve-exclusions.py ./generate-cve-exclusions.py ~/cvelistV5/ 6.12.19 > cve-exclusion_6.12.inc After using the database from CVEproject, some old CVEs did not have correct metadata, therefore moving missing ones from old cve-exclusions_6.12.inc into cve-exclusion.inc Comparing output from cve_check before and after, two CVEs are removed: CVE-2023-52904 and CVE-2024-38381 (From OE-Core rev: 02a8d5d255397e85d32879b178dd6dd559a34a05) Signed-off-by: Daniel Turull <daniel.turull@ericsson.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
linux/generate-cve-exclusions: use data from CVEProject
2026-03-17 04:39:40 +01:00 · 2025-04-23 19:50:57 +01:00 · 2025-04-23 19:50:57 +01:00
233 changed files with 5910 additions and 11183 deletions
--- a/bitbake/lib/toaster/tests/builds/buildtest.py
+++ b/bitbake/lib/toaster/tests/builds/buildtest.py
@@ -128,7 +128,7 @@ class BuildTest(unittest.TestCase):
        if os.environ.get("TOASTER_TEST_USE_SSTATE_MIRROR"):
            ProjectVariable.objects.get_or_create(
                name="SSTATE_MIRRORS",
-                value="file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH",
+                value="file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH",
                project=project)

        ProjectTarget.objects.create(project=project,
--- a/documentation/README
+++ b/documentation/README
@@ -406,22 +406,5 @@ both the Yocto Project and BitBake manuals:
 Submitting documentation changes
 ================================

-Please refer to our contributor guide here: https://docs.yoctoproject.org/contributor-guide/
-for full details on how to submit changes.
-
-As a quick guide, patches should be sent to docs@lists.yoctoproject.org
-The git command to do that would be:
-
-     git send-email -M -1 --to docs@lists.yoctoproject.org
-
-The 'To' header can be set as default for this repository:
-
-     git config sendemail.to docs@lists.yoctoproject.org
-
-Now you can just do 'git send-email origin/master..' to send all local patches.
-
-Read the other sections in this document and documentation/standards.md for
-rules to follow when contributing to the documentation.
-
-Git repository: https://git.yoctoproject.org/yocto-docs
-Mailing list: docs@lists.yoctoproject.org
+Please see the top level README file in this repository for details of where
+to send patches.
--- a/documentation/brief-yoctoprojectqs/index.rst
+++ b/documentation/brief-yoctoprojectqs/index.rst
@@ -57,7 +57,7 @@ following requirements:
   :ref:`dev-manual/start:preparing the build host`
   section in the Yocto Project Development Tasks Manual.

-  Ensure that the following utilities have these minimum version numbers:
+-

   -  Git &MIN_GIT_VERSION; or greater
   -  tar &MIN_TAR_VERSION; or greater
@@ -65,7 +65,7 @@ following requirements:
   -  gcc &MIN_GCC_VERSION; or greater.
   -  GNU make &MIN_MAKE_VERSION; or greater

-If your build host does not satisfy all of the above version
+If your build host does not meet any of these three listed version
 requirements, you can take steps to prepare the system so that you
 can still use the Yocto Project. See the
 :ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions`
@@ -76,10 +76,9 @@ Build Host Packages

 You must install essential host packages on your build host. The
 following command installs the host packages based on an Ubuntu
-distribution:
+distribution::

-.. literalinclude:: ../tools/host_packages_scripts/ubuntu_essential.sh
-   :language: shell
+   $ sudo apt install &UBUNTU_DEBIAN_HOST_PACKAGES_ESSENTIAL;

 .. note::

@@ -183,7 +182,7 @@ an entire Linux distribution, including the toolchain, from source.
      page of the Yocto Project Wiki.

 #. **Initialize the Build Environment:** From within the ``poky``
-   directory, run the :ref:`ref-manual/structure:``oe-init-build-env```
+   directory, run the :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``
   environment
   setup script to define Yocto Project's build environment on your
   build host.
@@ -253,7 +252,7 @@ an entire Linux distribution, including the toolchain, from source.
      file in the :term:`Build Directory`::

         BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws"
-         SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
+         SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
         BB_HASHSERVE = "auto"
         BB_SIGNATURE_HANDLER = "OEEquivHash"

--- a/documentation/bsp-guide/bsp.rst
+++ b/documentation/bsp-guide/bsp.rst
@@ -81,7 +81,7 @@ directory of that Layer. This directory is what you add to the
 ``conf/bblayers.conf`` file found in your
 :term:`Build Directory`, which is
 established after you run the OpenEmbedded build environment setup
-script (i.e. :ref:`ref-manual/structure:``oe-init-build-env```).
+script (i.e. :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``).
 Adding the root directory allows the :term:`OpenEmbedded Build System`
 to recognize the BSP
 layer and from it build an image. Here is an example::
@@ -229,7 +229,7 @@ section.

 #. *Initialize the Build Environment:* While in the root directory of
   the Source Directory (i.e. ``poky``), run the
-   :ref:`ref-manual/structure:``oe-init-build-env``` environment
+   :ref:`ref-manual/structure:\`\`oe-init-build-env\`\`` environment
   setup script to define the OpenEmbedded build environment on your
   build host. ::

@@ -674,21 +674,21 @@ to the kernel recipe by using a similarly named append file, which is
 located in the BSP Layer for your target device (e.g. the
 ``meta-bsp_root_name/recipes-kernel/linux`` directory).

-Suppose you are using the ``linux-yocto_6.12.bb`` recipe to build the
+Suppose you are using the ``linux-yocto_4.4.bb`` recipe to build the
 kernel. In other words, you have selected the kernel in your
 ``"bsp_root_name".conf`` file by adding
 :term:`PREFERRED_PROVIDER` and :term:`PREFERRED_VERSION`
 statements as follows::

   PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-   PREFERRED_VERSION_linux-yocto ?= "6.12%"
+   PREFERRED_VERSION_linux-yocto ?= "4.4%"

 .. note::

   When the preferred provider is assumed by default, the :term:`PREFERRED_PROVIDER`
   statement does not appear in the ``"bsp_root_name".conf`` file.

-You would use the ``linux-yocto_6.12.bbappend`` file to append specific
+You would use the ``linux-yocto_4.4.bbappend`` file to append specific
 BSP settings to the kernel, thus configuring the kernel for your
 particular BSP.

@@ -698,19 +698,14 @@ in the Yocto Project Linux Kernel Development Manual.

 An alternate scenario is when you create your own kernel recipe for the
 BSP. A good example of this is the Raspberry Pi BSP. If you examine the
-``recipes-kernel/linux`` directory in that layer you see the following
-Raspberry Pi-specific recipes and associated files::
+``recipes-kernel/linux`` directory you see the following::

-   files/
-   linux-raspberrypi_6.12.bb
-   linux-raspberrypi_6.1.bb
-   linux-raspberrypi_6.6.bb
   linux-raspberrypi-dev.bb
   linux-raspberrypi.inc
-   linux-raspberrypi-v7_6.12.bb
-   linux-raspberrypi-v7_6.1.bb
-   linux-raspberrypi-v7_6.6.bb
-   linux-raspberrypi-v7.inc
+   linux-raspberrypi_4.14.bb
+   linux-raspberrypi_4.9.bb
+
+The directory contains three kernel recipes and a common include file.

 Developing a Board Support Package (BSP)
 ========================================
@@ -1182,7 +1177,7 @@ Use these steps to create a BSP layer:

 -  *Create a Kernel Recipe:* Create a kernel recipe in
   ``recipes-kernel/linux`` by either using a kernel append file or a
-   new custom kernel recipe file (e.g. ``linux-yocto_6.12.bb``). The BSP
+   new custom kernel recipe file (e.g. ``linux-yocto_4.12.bb``). The BSP
   layers mentioned in the previous step also contain different kernel
   examples. See the ":ref:`kernel-dev/common:modifying an existing recipe`"
   section in the Yocto Project Linux Kernel Development Manual for
@@ -1247,7 +1242,7 @@ located in :yocto_git:`poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf

   PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg"

-   MACHINE_EXTRA_RRECOMMENDS = "kernel-modules"
+   MACHINE_EXTRA_RRECOMMENDS = "kernel-modules kernel-devicetree"

   EXTRA_IMAGEDEPENDS += "virtual/bootloader"

@@ -1263,21 +1258,23 @@ located in :yocto_git:`poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
   SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyO0 115200;ttyAMA0"

   PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-   PREFERRED_VERSION_linux-yocto ?= "6.12%"
+   PREFERRED_VERSION_linux-yocto ?= "6.1%"

   KERNEL_IMAGETYPE = "zImage"
-   DTB_FILES = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
-   KERNEL_DEVICETREE = '${@' '.join('ti/omap/%s' % d for d in '${DTB_FILES}'.split())}'
+   KERNEL_DEVICETREE = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
+   KERNEL_EXTRA_ARGS += "LOADADDR=${UBOOT_ENTRYPOINT}"

   PREFERRED_PROVIDER_virtual/bootloader ?= "u-boot"

   SPL_BINARY = "MLO"
   UBOOT_SUFFIX = "img"
   UBOOT_MACHINE = "am335x_evm_defconfig"
+   UBOOT_ENTRYPOINT = "0x80008000"
+   UBOOT_LOADADDRESS = "0x80008000"

   MACHINE_FEATURES = "usbgadget usbhost vfat alsa"

-   IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${DTB_FILES}"
+   IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${KERNEL_DEVICETREE}"

   # support runqemu
   EXTRA_IMAGEDEPENDS += "qemu-native qemu-helper-native"
@@ -1331,12 +1328,12 @@ Project Reference Manual.
   needed in the root filesystem. In this case, the U-Boot recipe must
   be built for the image.

-   At the end of the file, we also use this setting to implement
+   At the end of the file, we also use this setings to implement
   ``runqemu`` support on the host machine.

 -  :term:`DEFAULTTUNE`: Machines
   use tunings to optimize machine, CPU, and application performance.
-   These features --- collectively known as "tuning features" ---
+   These features, which are collectively known as "tuning features",
   are set in the :term:`OpenEmbedded-Core (OE-Core)` layer. In this
   example, the default tuning file is :oe_git:`tune-cortexa8
   </openembedded-core/tree/meta/conf/machine/include/arm/armv7a/tune-cortexa8.inc>`.
@@ -1366,7 +1363,8 @@ Project Reference Manual.
   to create the sysroot when building a Wic image.

 -  :term:`SERIAL_CONSOLES`:
-   Defines one or more serial consoles (TTYs) to enable using getty.
+   Defines a serial console (TTY) to enable using getty. In this case,
+   the baud rate is "115200" and the device name is "ttyO0".

 -  :term:`PREFERRED_PROVIDER_virtual/kernel <PREFERRED_PROVIDER>`:
   Specifies the recipe that provides "virtual/kernel" when more than
@@ -1376,7 +1374,7 @@ Project Reference Manual.

 -  :term:`PREFERRED_VERSION_linux-yocto <PREFERRED_VERSION>`:
   Defines the version of the recipe used to build the kernel, which is
-   "6.12" in this case.
+   "6.1" in this case.

 -  :term:`KERNEL_IMAGETYPE`:
   The type of kernel to build for the device. In this case, the
@@ -1418,6 +1416,12 @@ Project Reference Manual.
      Specifies the value passed on the make command line when building
      a U-Boot image.

+   -  :term:`UBOOT_ENTRYPOINT`:
+      Specifies the entry point for the U-Boot image.
+
+   -  :term:`UBOOT_LOADADDRESS`:
+      Specifies the load address for the U-Boot image.
+
 -  :term:`MACHINE_FEATURES`:
   Specifies the list of hardware features the BeagleBone device is
   capable of supporting. In this case, the device supports "usbgadget
--- a/documentation/conf.py
+++ b/documentation/conf.py
@@ -13,7 +13,6 @@
 # documentation root, use os.path.abspath to make it absolute, like shown here.
 #
 import os
-import re
 import sys
 import datetime
 try:
@@ -174,24 +173,6 @@ latex_elements = {
    'preamble': '\\usepackage[UTF8]{ctex}\n\\setcounter{tocdepth}{2}',
 }

-
-from sphinx.search import SearchEnglish
-from sphinx.search import languages
-class DashFriendlySearchEnglish(SearchEnglish):
-
-    # Accept words that can include hyphens
-    _word_re = re.compile(r'[\w\-]+')
-
-    js_splitter_code = r"""
-function splitQuery(query) {
-    return query
-        .split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}-]+/gu)
-        .filter(term => term.length > 0);
-}
-"""
-
-languages['en'] = DashFriendlySearchEnglish
-
 # Make the EPUB builder prefer PNG to SVG because of issues rendering Inkscape SVG
 from sphinx.builders.epub3 import Epub3Builder
 Epub3Builder.supported_image_types = ['image/png', 'image/gif', 'image/jpeg']
--- a/documentation/contributor-guide/submit-changes.rst
+++ b/documentation/contributor-guide/submit-changes.rst
@@ -776,38 +776,6 @@ argument to ``git format-patch`` with a version number::

   git format-patch -v2 <ref-branch>

-
-After generating updated patches (v2, v3, and so on) via ``git
-format-patch``, ideally developers will add a patch version changelog
-to each patch that describes what has changed between each revision of
-the patch. Add patch version changelogs after the ``---`` marker in the
-patch, indicating that this information is part of this patch, but is not
-suitable for inclusion in the commit message (i.e. the git history) itself.
-Providing a patch version changelog makes it easier for maintainers and
-reviewers to succinctly understand what changed in all versions of the
-patch, without having to consult alternate sources of information, such as
-searching through messages on a mailing list. For example::
-
-   <patch title>
-
-   <commit message>
-
-   <Signed-off-by/other trailers>
-   ---
-   changes in v4:
-   - provide a clearer commit message
-   - fix spelling mistakes
-
-   changes in v3:
-   - replace func() to use other_func() instead
-
-   changes in v2:
-   - this patch was added in v2
-   ---
-   <diffstat output>
-
-   <unified diff>
-
 Lastly please ensure that you also test your revised changes. In particular
 please don't just edit the patch file written out by ``git format-patch`` and
 resend it.
--- a/documentation/dev-manual/debugging.rst
+++ b/documentation/dev-manual/debugging.rst
@@ -36,7 +36,7 @@ section:
   use the BitBake ``-e`` option to examine variable values after a
   recipe has been parsed.

-  ":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
+-  ":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
   describes how to use the ``oe-pkgdata-util`` utility to query
   :term:`PKGDATA_DIR` and
   display package-related information for built packages.
--- a/documentation/dev-manual/devtool.rst
+++ b/documentation/dev-manual/devtool.rst
@@ -552,7 +552,7 @@ the two modes:

      This instance of VSCode uses plugins that are useful for the development
      of the application. ``devtool ide-sdk`` generates the necessary
-      ``extensions.json``, ``settings.json``, ``tasks.json`` and ``launch.json``
+      ``extensions.json``, ``settings.json``, ``tasks.json``and ``launch.json``
      configuration files for all the involved plugins.

      When the source code folder present in the workspace folder is opened in
--- a/documentation/dev-manual/new-recipe.rst
+++ b/documentation/dev-manual/new-recipe.rst
@@ -56,7 +56,7 @@ necessary when adding a recipe to build a new piece of software to be
 included in a build.

 You can find a complete description of the ``devtool add`` command in
-the ":ref:`dev-manual/devtool:a closer look at ``devtool add```" section
+the ":ref:`dev-manual/devtool:a closer look at \`\`devtool add\`\``" section
 in the Yocto Project Application Development and the Extensible Software
 Development Kit (eSDK) manual.

--- a/documentation/dev-manual/sbom.rst
+++ b/documentation/dev-manual/sbom.rst
@@ -24,20 +24,12 @@ users can read in standardized format.
 :term:`SBOM` information is also critical to performing vulnerability exposure
 assessments, as all the components used in the Software Supply Chain are listed.

-The OpenEmbedded build system doesn't generate such information by default,
-though the :term:`Poky` reference distribution has it enabled out of the box.
-
-To enable it, inherit the :ref:`ref-classes-create-spdx` class from a
-configuration file::
+The OpenEmbedded build system doesn't generate such information by default.
+To make this happen, you must inherit the
+:ref:`ref-classes-create-spdx` class from a configuration file::

   INHERIT += "create-spdx"

-In the :term:`Poky` reference distribution, :term:`SPDX` generation does
-consume some build time resources and thus if needed it can be disabled from a
-:term:`configuration file`::
-
-   INHERIT:remove = "create-spdx"
-
 Upon building an image, you will then get:

 -  :term:`SPDX` output in JSON format as an ``IMAGE-MACHINE.spdx.json`` file in
--- a/documentation/dev-manual/start.rst
+++ b/documentation/dev-manual/start.rst
@@ -858,9 +858,9 @@ Initializing the Build Environment
 ==================================

 Before you can use Yocto you need to setup the build environment.
-From within the ``poky`` directory, source the :ref:`ref-manual/structure:``oe-init-build-env``` environment
+From within the ``poky`` directory, source the :ref:`ref-manual/structure:\`\`oe-init-build-env\`\`` environment
 setup script to define Yocto Project's build environment on your build host::
-
-    $ source oe-init-build-env
+    
+    $ source oe-init-build-env 

 Note, that this step will have to be repeated every time you open a new shell.
--- a/documentation/dev-manual/upgrading-recipes.rst
+++ b/documentation/dev-manual/upgrading-recipes.rst
@@ -333,7 +333,7 @@ Manually Upgrading a Recipe

 If for some reason you choose not to upgrade recipes using
 :ref:`dev-manual/upgrading-recipes:Using the Auto Upgrade Helper (AUH)` or
-by :ref:`dev-manual/upgrading-recipes:Using ``devtool upgrade```,
+by :ref:`dev-manual/upgrading-recipes:Using \`\`devtool upgrade\`\``,
 you can manually edit the recipe files to upgrade the versions.

 .. note::
--- a/documentation/kernel-dev/common.rst
+++ b/documentation/kernel-dev/common.rst
@@ -672,7 +672,7 @@ The steps in this procedure show you how you can patch the kernel using

   Before attempting this procedure, be sure you have performed the
   steps to get ready for updating the kernel as described in the
-   ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
+   ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
   section.

 Patching the kernel involves changing or adding configurations to an
@@ -685,7 +685,7 @@ output at boot time through ``printk`` statements in the kernel's
 ``calibrate.c`` source code file. Applying the patch and booting the
 modified image causes the added messages to appear on the emulator's
 console. The example is a continuation of the setup procedure found in
-the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Section.
+the ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``" Section.

 #. *Check Out the Kernel Source Files:* First you must use ``devtool``
   to checkout the kernel source code in its workspace.
@@ -693,7 +693,7 @@ the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Sectio
   .. note::

      See this step in the
-      ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
+      ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
      section for more information.

   Use the following ``devtool`` command to check out the code::
@@ -804,7 +804,7 @@ the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Sectio
   .. note::

      See Step 3 of the
-      ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
+      ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
      section for information on setting up this layer.

   Once the command
@@ -1190,7 +1190,7 @@ appear in the ``.config`` file, which is in the :term:`Build Directory`.

   For more information about where the ``.config`` file is located, see the
   example in the
-   ":ref:`kernel-dev/common:using ``menuconfig```"
+   ":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
   section.

 It is simple to create a configuration fragment. One method is to use
@@ -1286,7 +1286,7 @@ when you override a policy configuration in a hardware configuration
 fragment.

 In order to run this task, you must have an existing ``.config`` file.
-See the ":ref:`kernel-dev/common:using ``menuconfig```" section for
+See the ":ref:`kernel-dev/common:using \`\`menuconfig\`\``" section for
 information on how to create a configuration file.

 Here is sample output from the :ref:`ref-tasks-kernel_configcheck` task:
@@ -1359,7 +1359,7 @@ and
 tasks until they produce no warnings.

 For more information on how to use the ``menuconfig`` tool, see the
-:ref:`kernel-dev/common:using ``menuconfig``` section.
+:ref:`kernel-dev/common:using \`\`menuconfig\`\`` section.

 Fine-Tuning the Kernel Configuration File
 -----------------------------------------
--- a/documentation/kernel-dev/intro.rst
+++ b/documentation/kernel-dev/intro.rst
@@ -122,7 +122,7 @@ general information and references for further information.
   Using ``devtool`` requires that you have a clean build
   of the image. For
   more information, see the
-   ":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
+   ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
   section.

   Using traditional kernel development requires that you have the
--- a/documentation/migration-guides/migration-5.2.rst
+++ b/documentation/migration-guides/migration-5.2.rst
@@ -83,7 +83,7 @@ systemd changes
   files by starting them via
   `Also <https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html#Also=>`__,
   the other service files were automatically added to the :term:`FILES` variable of
-   the same package. Example:
+   the same package. Example: 

   a.service contains::

--- a/documentation/migration-guides/release-4.0.rst
+++ b/documentation/migration-guides/release-4.0.rst
@@ -32,5 +32,3 @@ Release 4.0 (kirkstone)
   release-notes-4.0.23
   release-notes-4.0.24
   release-notes-4.0.25
-   release-notes-4.0.26
-   release-notes-4.0.27
--- a/documentation/migration-guides/release-5.0.rst
+++ b/documentation/migration-guides/release-5.0.rst
@@ -15,5 +15,3 @@ Release 5.0 (scarthgap)
   release-notes-5.0.6
   release-notes-5.0.7
   release-notes-5.0.8
-   release-notes-5.0.9
-   release-notes-5.0.10
--- a/documentation/migration-guides/release-5.2.rst
+++ b/documentation/migration-guides/release-5.2.rst
@@ -7,4 +7,3 @@ Release 5.2 (walnascar)

   migration-5.2
   release-notes-5.2
-   release-notes-5.2.1
--- a/documentation/migration-guides/release-notes-4.0.26.rst
+++ b/documentation/migration-guides/release-notes-4.0.26.rst
@@ -1,263 +0,0 @@
-Release notes for Yocto-4.0.26 (Kirkstone)
------------------------------------------
-
-Security Fixes in Yocto-4.0.26
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-
-  bind: Fix :cve_nist:`2024-11187` and :cve_nist:`2024-12705`
-  binutils: Fix :cve_nist:`2025-0840`
-  elfutils: Fix :cve_nist:`2025-1352` and :cve_nist:`2025-1372`
-  ffmpeg: Fix CVE-2024-28661, :cve_nist:`2024-35369`, :cve_nist:`2024-36613`, :cve_nist:`2024-36616`,
-   :cve_nist:`2024-36617`, :cve_nist:`2024-36618`, :cve_nist:`2025-0518` and :cve_nist:`2025-25473`
-  ffmpeg: Ignore :cve_nist:`2023-46407`, :cve_nist:`2023-47470`, :cve_nist:`2024-7272`,
-   :cve_nist:`2024-22860`, :cve_nist:`2024-22861` and :cve_nist:`2024-22862`
-  freetype: Fix :cve_nist:`2025-27363`
-  gnutls: Fix :cve_nist:`2024-12243`
-  grub: Fix :cve_nist:`2024-45774`, :cve_nist:`2024-45775`, :cve_nist:`2024-45776`,
-   :cve_nist:`2024-45777`, :cve_nist:`2024-45778`, :cve_nist:`2024-45779`, :cve_nist:`2024-45780`,
-   :cve_nist:`2024-45781`, :cve_nist:`2024-45782`, :cve_nist:`2024-45783`, :cve_nist:`2024-56737`,
-   :cve_nist:`2025-0622`, :cve_nist:`2025-0624`, :cve_nist:`2025-0677`, :cve_nist:`2025-0684`,
-   :cve_nist:`2025-0685`, :cve_nist:`2025-0686`, :cve_nist:`2025-0689`, :cve_nist:`2025-0678`,
-   :cve_nist:`2025-0690`, :cve_nist:`2025-1118` and :cve_nist:`2025-1125`
-  gstreamer1.0-rtsp-server: fix :cve_nist:`2024-44331`
-  libarchive: Fix :cve_nist:`2025-25724`
-  libarchive: Ignore :cve_nist:`2025-1632`
-  libcap: Fix :cve_nist:`2025-1390`
-  linux-yocto/5.10: Fix :cve_nist:`2024-36476`, :cve_nist:`2024-43098`, :cve_nist:`2024-47143`,
-   :cve_nist:`2024-48881`, :cve_nist:`2024-50051`, :cve_nist:`2024-50074`, :cve_nist:`2024-50082`,
-   :cve_nist:`2024-50083`, :cve_nist:`2024-50099`, :cve_nist:`2024-50115`, :cve_nist:`2024-50116`,
-   :cve_nist:`2024-50117`, :cve_nist:`2024-50142`, :cve_nist:`2024-50148`, :cve_nist:`2024-50150`,
-   :cve_nist:`2024-50151`, :cve_nist:`2024-50167`, :cve_nist:`2024-50168`, :cve_nist:`2024-50171`,
-   :cve_nist:`2024-50185`, :cve_nist:`2024-50192`, :cve_nist:`2024-50193`, :cve_nist:`2024-50194`,
-   :cve_nist:`2024-50195`, :cve_nist:`2024-50198`, :cve_nist:`2024-50201`, :cve_nist:`2024-50202`,
-   :cve_nist:`2024-50205`, :cve_nist:`2024-50208`, :cve_nist:`2024-50209`, :cve_nist:`2024-50229`,
-   :cve_nist:`2024-50230`, :cve_nist:`2024-50233`, :cve_nist:`2024-50234`, :cve_nist:`2024-50236`,
-   :cve_nist:`2024-50237`, :cve_nist:`2024-50251`, :cve_nist:`2024-50262`, :cve_nist:`2024-50264`,
-   :cve_nist:`2024-50265`, :cve_nist:`2024-50267`, :cve_nist:`2024-50268`, :cve_nist:`2024-50269`,
-   :cve_nist:`2024-50273`, :cve_nist:`2024-50278`, :cve_nist:`2024-50279`, :cve_nist:`2024-50282`,
-   :cve_nist:`2024-50287`, :cve_nist:`2024-50292`, :cve_nist:`2024-50296`, :cve_nist:`2024-50299`,
-   :cve_nist:`2024-50301`, :cve_nist:`2024-50302`, :cve_nist:`2024-53042`, :cve_nist:`2024-53052`,
-   :cve_nist:`2024-53057`, :cve_nist:`2024-53059`, :cve_nist:`2024-53060`, :cve_nist:`2024-53061`,
-   :cve_nist:`2024-53063`, :cve_nist:`2024-53066`, :cve_nist:`2024-53096`, :cve_nist:`2024-53097`,
-   :cve_nist:`2024-53101`, :cve_nist:`2024-53103`, :cve_nist:`2024-53104`, :cve_nist:`2024-53145`,
-   :cve_nist:`2024-53146`, :cve_nist:`2024-53150`, :cve_nist:`2024-53155`, :cve_nist:`2024-53156`,
-   :cve_nist:`2024-53157`, :cve_nist:`2024-53161`, :cve_nist:`2024-53165`, :cve_nist:`2024-53171`,
-   :cve_nist:`2024-53173`, :cve_nist:`2024-53174`, :cve_nist:`2024-53194`, :cve_nist:`2024-53197`,
-   :cve_nist:`2024-53217`, :cve_nist:`2024-53226`, :cve_nist:`2024-53227`, :cve_nist:`2024-53237`,
-   :cve_nist:`2024-53239`, :cve_nist:`2024-55916`, :cve_nist:`2024-56548`, :cve_nist:`2024-56558`,
-   :cve_nist:`2024-56567`, :cve_nist:`2024-56568`, :cve_nist:`2024-56569`, :cve_nist:`2024-56572`,
-   :cve_nist:`2024-56574`, :cve_nist:`2024-56581`, :cve_nist:`2024-56587`, :cve_nist:`2024-56593`,
-   :cve_nist:`2024-56595`, :cve_nist:`2024-56596`, :cve_nist:`2024-56598`, :cve_nist:`2024-56600`,
-   :cve_nist:`2024-56601`, :cve_nist:`2024-56602`, :cve_nist:`2024-56603`, :cve_nist:`2024-56605`,
-   :cve_nist:`2024-56606`, :cve_nist:`2024-56615`, :cve_nist:`2024-56619`, :cve_nist:`2024-56623`,
-   :cve_nist:`2024-56629`, :cve_nist:`2024-56634`, :cve_nist:`2024-56642`, :cve_nist:`2024-56643`,
-   :cve_nist:`2024-56648`, :cve_nist:`2024-56650`, :cve_nist:`2024-56659`, :cve_nist:`2024-56662`,
-   :cve_nist:`2024-56670`, :cve_nist:`2024-56688`, :cve_nist:`2024-56698`, :cve_nist:`2024-56704`,
-   :cve_nist:`2024-56716`, :cve_nist:`2024-56720`, :cve_nist:`2024-56723`, :cve_nist:`2024-56724`,
-   :cve_nist:`2024-56728`, :cve_nist:`2024-56739`, :cve_nist:`2024-56746`, :cve_nist:`2024-56747`,
-   :cve_nist:`2024-56748`, :cve_nist:`2024-56754`, :cve_nist:`2024-56756`, :cve_nist:`2024-56770`,
-   :cve_nist:`2024-56779`, :cve_nist:`2024-56780`, :cve_nist:`2024-56781`, :cve_nist:`2024-56785`,
-   :cve_nist:`2024-57802`, :cve_nist:`2024-57807`, :cve_nist:`2024-57850`, :cve_nist:`2024-57874`,
-   :cve_nist:`2024-57890`, :cve_nist:`2024-57896`, :cve_nist:`2024-57900`, :cve_nist:`2024-57901`,
-   :cve_nist:`2024-57902`, :cve_nist:`2024-57910`, :cve_nist:`2024-57911`, :cve_nist:`2024-57913`,
-   :cve_nist:`2024-57922`, :cve_nist:`2024-57938`, :cve_nist:`2024-57939`, :cve_nist:`2024-57946`,
-   :cve_nist:`2024-57951`, :cve_nist:`2025-21638`, :cve_nist:`2025-21687`, :cve_nist:`2025-21689`,
-   :cve_nist:`2025-21692`, :cve_nist:`2025-21694`, :cve_nist:`2025-21697` and :cve_nist:`2025-21699`
-  linux-yocto/5.15: Fix :cve_nist:`2024-57979`, :cve_nist:`2024-58034`, :cve_nist:`2024-58052`,
-   :cve_nist:`2024-58055`, :cve_nist:`2024-58058`, :cve_nist:`2024-58063`, :cve_nist:`2024-58069`,
-   :cve_nist:`2024-58071`, :cve_nist:`2024-58076`, :cve_nist:`2024-58083`, :cve_nist:`2025-21700`,
-   :cve_nist:`2025-21703`, :cve_nist:`2025-21715`, :cve_nist:`2025-21722`, :cve_nist:`2025-21727`,
-   :cve_nist:`2025-21731`, :cve_nist:`2025-21753`, :cve_nist:`2025-21756`, :cve_nist:`2025-21760`,
-   :cve_nist:`2025-21761`, :cve_nist:`2025-21762`, :cve_nist:`2025-21763`, :cve_nist:`2025-21764`,
-   :cve_nist:`2025-21796`, :cve_nist:`2025-21811`, :cve_nist:`2025-21887`, :cve_nist:`2025-21898`,
-   :cve_nist:`2025-21904`, :cve_nist:`2025-21905`, :cve_nist:`2025-21912`, :cve_nist:`2025-21917`,
-   :cve_nist:`2025-21919`, :cve_nist:`2025-21920`, :cve_nist:`2025-21922`, :cve_nist:`2025-21934`,
-   :cve_nist:`2025-21943`, :cve_nist:`2025-21948` and :cve_nist:`2025-21951`
-  libpcre2: Ignore :cve_nist:`2022-1586`
-  libtasn1: Fix :cve_nist:`2024-12133`
-  libxml2: Fix :cve_nist:`2022-49043`, :cve_nist:`2024-56171`, :cve_nist:`2025-24928` and
-   :cve_nist:`2025-27113`
-  libxslt: Fix :cve_nist:`2024-55549` and :cve_nist:`2025-24855`
-  llvm: Fix :cve_nist:`2024-0151`
-  mpg123: Fix :cve_nist:`2024-10573`
-  openssh: Fix :cve_nist:`2025-26465`
-  ovmf: Revert Fix for CVE-2023-45236 :cve_nist:`2023-45237`
-  perl: Ignore :cve_nist:`2023-47038`
-  puzzles: Ignore :cve_nist:`2024-13769`, :cve_nist:`2024-13770` and :cve_nist:`2025-0837`
-  python3: Fix :cve_nist:`2025-0938`
-  ruby: Fix :cve_nist:`2024-41946`, :cve_nist:`2025-27219` and :cve_nist:`2025-27220`
-  subversion: Ignore :cve_nist:`2024-45720`
-  systemd: Fix :cve_nist:`2022-3821`, :cve_nist:`2022-4415`, :cve_nist:`2022-45873` and
-   :cve_nist:`2023-7008`
-  tiff: mark :cve_nist:`2023-30774` as patched with existing patch
-  u-boot: Fix :cve_nist:`2022-2347`, :cve_nist:`2022-30767`, :cve_nist:`2022-30790`,
-   :cve_nist:`2024-57254`, :cve_nist:`2024-57255`, :cve_nist:`2024-57256`, :cve_nist:`2024-57257`,
-   :cve_nist:`2024-57258` and :cve_nist:`2024-57259`
-  vim: Fix :cve_nist:`2025-1215`, :cve_nist:`2025-22134`, :cve_nist:`2025-24014`,
-   :cve_nist:`2025-26603`, :cve_nist:`2025-27423` and :cve_nist:`2025-29768`
-  xserver-xorg: Fix :cve_nist:`2022-49737`, :cve_nist:`2025-26594`, :cve_nist:`2025-26595`,
-   :cve_nist:`2025-26596`, :cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`,
-   :cve_nist:`2025-26600` and :cve_nist:`2025-26601`
-  xwayland: Fix :cve_nist:`2022-49737`, :cve_nist:`2024-9632`, :cve_nist:`2024-21885`,
-   :cve_nist:`2024-21886`, :cve_nist:`2024-31080`, :cve_nist:`2024-31081`, :cve_nist:`2024-31083`,
-   :cve_nist:`2025-26594`, :cve_nist:`2025-26595`, :cve_nist:`2025-26596`, :cve_nist:`2025-26597`,
-   :cve_nist:`2025-26598`, :cve_nist:`2025-26599`, :cve_nist:`2025-26600` and :cve_nist:`2025-26601`
-  zlib: Fix :cve_nist:`2014-9485`
-
-
-
-Fixes in Yocto-4.0.26
-~~~~~~~~~~~~~~~~~~~~~
-
-  bind: Upgrade to 9.18.33
-  bitbake: cache: bump cache version
-  bitbake: siggen.py: Improve taskhash reproducibility
-  boost: fix do_fetch error
-  build-appliance-image: Update to kirkstone head revision
-  contributor-guide/submit-changes: add policy on AI generated code
-  cve-update-nvd2-native: handle missing vulnStatus
-  docs: Add favicon for the documentation html
-  docs: Remove all mention of core-image-lsb
-  libtasn1: upgrade to 4.20.0
-  libxcrypt-compat: Remove libcrypt.so to fix conflict with libcrypt
-  libxml2: fix compilation of explicit child axis in pattern
-  linux-yocto/5.10: update to v5.10.234
-  linux-yocto/5.15: update to v5.15.179
-  mesa: Fix missing GLES3 headers in SDK sysroot
-  mesa: Update :term:`SRC_URI`
-  meta: Enable '-o pipefail' for the SDK installer
-  migration-guides: add release notes for 4.0.25
-  poky.conf: add ubuntu2404 to :term:`SANITY_TESTED_DISTROS`
-  poky.conf: bump version for 4.0.26
-  procps: replaced one use of fputs(3) with a write(2) call
-  ref-manual: don't refer to poky-lsb
-  scripts/install-buildtools: Update to 4.0.24
-  scritps/runqemu: Ensure we only have two serial ports
-  systemd: upgrade to 250.14
-  tzcode-native: Fix compiler setting from 2023d version
-  tzcode: Update :term:`SRC_URI`
-  tzdata/tzcode-native: upgrade 2025a
-  vim: Upgrade to 9.1.1198
-  virglrenderer: fix do_fetch error
-  vulnerabilities/classes: remove references to cve-check text format
-  xz: Update :term:`SRC_URI`
-  yocto-uninative: Update to 4.7 for glibc 2.41
-
-
-Known Issues in Yocto-4.0.26
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
- N/A
-
-
-Contributors to Yocto-4.0.26
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Thanks to the following people who contributed to this release:
-
-  Aleksandar Nikolic
-  Alessio Cascone
-  Antonin Godard
-  Archana Polampalli
-  Ashish Sharma
-  Bruce Ashfield
-  Carlos Dominguez
-  Deepesh Varatharajan
-  Divya Chellam
-  Guocai He
-  Hitendra Prajapati
-  Hongxu Jia
-  Jiaying Song
-  Johannes Kauffmann
-  Kai Kang
-  Lee Chee Yang
-  Libo Chen
-  Marta Rybczynska
-  Michael Halstead
-  Mingli Yu
-  Moritz Haase
-  Narpat Mali
-  Paulo Neves
-  Peter Marko
-  Priyal Doshi
-  Richard Purdie
-  Robert Yang
-  Ross Burton
-  Sakib Sajal
-  Steve Sakoman
-  Vijay Anusuri
-  Yogita Urade
-  Zhang Peng
-
-
-Repositories / Downloads for Yocto-4.0.26
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-poky
-
-  Repository Location: :yocto_git:`/poky`
-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
-  Tag:  :yocto_git:`yocto-4.0.26 </poky/log/?h=yocto-4.0.26>`
-  Git Revision: :yocto_git:`d70d287a77d5026b698ac237ab865b2dafd36bb8 </poky/commit/?id=d70d287a77d5026b698ac237ab865b2dafd36bb8>`
-  Release Artefact: poky-d70d287a77d5026b698ac237ab865b2dafd36bb8
-  sha: 3ebfadb8bff4c1ca12b3cf3e4ef6e3ac2ce52b73570266daa98436c9959249f2
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/poky-d70d287a77d5026b698ac237ab865b2dafd36bb8.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/poky-d70d287a77d5026b698ac237ab865b2dafd36bb8.tar.bz2
-
-openembedded-core
-
-  Repository Location: :oe_git:`/openembedded-core`
-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
-  Tag:  :oe_git:`yocto-4.0.26 </openembedded-core/log/?h=yocto-4.0.26>`
-  Git Revision: :oe_git:`1efbe1004bc82e7c14c1e8bd4ce644f5015c3346 </openembedded-core/commit/?id=1efbe1004bc82e7c14c1e8bd4ce644f5015c3346>`
-  Release Artefact: oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346
-  sha: d3805e034dabd0865dbf55488b2c16d4ea0351d37aa826f0054a6bfdde5a8be9
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346.tar.bz2
-
-meta-mingw
-
-  Repository Location: :yocto_git:`/meta-mingw`
-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
-  Tag:  :yocto_git:`yocto-4.0.26 </meta-mingw/log/?h=yocto-4.0.26>`
-  Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
-  Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
-  sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
-
-meta-gplv2
-
-  Repository Location: :yocto_git:`/meta-gplv2`
-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
-  Tag:  :yocto_git:`yocto-4.0.26 </meta-gplv2/log/?h=yocto-4.0.26>`
-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
-
-bitbake
-
-  Repository Location: :oe_git:`/bitbake`
-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
-  Tag:  :oe_git:`yocto-4.0.26 </bitbake/log/?h=yocto-4.0.26>`
-  Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
-  Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
-  sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
-
-yocto-docs
-
-  Repository Location: :yocto_git:`/yocto-docs`
-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
-  Tag: :yocto_git:`yocto-4.0.26 </yocto-docs/log/?h=yocto-4.0.26>`
-  Git Revision: :yocto_git:`9b4c36f7b02dd4bedfec90206744a1e90e37733c </yocto-docs/commit/?id=9b4c36f7b02dd4bedfec90206744a1e90e37733c>`
-
--- a/documentation/migration-guides/release-notes-4.0.27.rst
+++ b/documentation/migration-guides/release-notes-4.0.27.rst
@@ -1,153 +0,0 @@
-Release notes for Yocto-4.0.27 (Kirkstone)
------------------------------------------
-
-Security Fixes in Yocto-4.0.27
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  binutils: Fix :cve_nist:`2025-1178`
-  busybox: fix :cve_nist:`2023-39810`
-  connman :fix :cve_nist:`2025-32743`
-  curl: Ignore :cve_nist:`2025-0725`
-  ghostscript: Fix :cve_nist:`2025-27830`, :cve_nist:`2025-27831`, :cve_nist:`2025-27832`,
-   :cve_nist:`2025-27834`, :cve_nist:`2025-27835` and :cve_nist:`2025-27836`
-  ghostscript: Ignore :cve_nist:`2024-29507`, :cve_nist:`2025-27833` and :cve_nist:`2025-27837`
-  glib-2.0: Fix :cve_nist:`2025-3360`
-  go: Fix :cve_nist:`2025-22871`
-  libarchive: Ignore :cve_nist:`2024-48615`
-  libpam: Fix :cve_nist:`2024-10041`
-  libsoup-2.4: Fix :cve_nist:`2024-52532`, :cve_nist:`2025-32906` and :cve_nist:`2025-32909`
-  libsoup: Fix :cve_nist:`2024-52532`, :cve_nist:`2025-32906`, :cve_nist:`2025-32909`,
-   :cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`
-   and :cve_nist:`2025-32914`
-  libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
-  ofono: Fix :cve_nist:`2024-7537`
-  perl: Fix :cve_nist:`2024-56406`
-  ppp: Fix :cve_nist:`2024-58250`
-  python3-setuptools: Fix :cve_nist:`2024-6345`
-  qemu: Ignore :cve_nist:`2023-1386`
-  ruby: Fix :cve_nist:`2024-43398`
-  sqlite3: Fix :cve_nist:`2025-29088`
-  systemd: Ignore :cve_nist:`2022-3821`, :cve_nist:`2022-4415` and :cve_nist:`2022-45873`
-
-
-Fixes in Yocto-4.0.27
-~~~~~~~~~~~~~~~~~~~~~
-
-  Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
-  build-appliance-image: Update to kirkstone head revision
-  cve-update-nvd2-native: add workaround for json5 style list
-  docs: Fix dead links that use the :term:`DISTRO` macro
-  docs: manuals: remove repeated word
-  docs: poky.yaml: introduce DISTRO_LATEST_TAG
-  glibc: Add single-threaded fast path to rand()
-  glibc: stable 2.35 branch updates
-  module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
-  perl: enable _GNU_SOURCE define via d_gnulibc
-  poky.conf: bump version for 4.0.27
-  ref-manual/variables.rst: document autotools class related variables
-  scripts/install-buildtools: Update to 4.0.26
-  systemd: backport patch to fix journal issue
-  systemd: systemd-journald fails to setup LogNamespace
-  tzdata/tzcode-native: upgrade to 2025b
-
-
-Known Issues in Yocto-4.0.27
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
- N/A
-
-
-Contributors to Yocto-4.0.27
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  Aleksandar Nikolic
-  Alexander Kanavin
-  Alon Bar-Lev
-  Andrew Kreimer
-  Antonin Godard
-  Chen Qi
-  Deepesh Varatharajan
-  Divya Chellam
-  Haitao Liu
-  Haixiao Yan
-  Hitendra Prajapati
-  Peter Marko
-  Praveen Kumar
-  Priyal Doshi
-  Shubham Kulkarni
-  Soumya Sambu
-  Steve Sakoman
-  Vijay Anusuri
-  Yogita Urade
-
-
-Repositories / Downloads for Yocto-4.0.27
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-poky
-
-  Repository Location: :yocto_git:`/poky`
-  Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
-  Tag:  :yocto_git:`yocto-4.0.27 </poky/log/?h=yocto-4.0.27>`
-  Git Revision: :yocto_git:`ab9a994a8cd8e06b519a693db444030999d273b7 </poky/commit/?id=ab9a994a8cd8e06b519a693db444030999d273b7>`
-  Release Artefact: poky-ab9a994a8cd8e06b519a693db444030999d273b7
-  sha: 77a366c17cf29eef15c6ff3f44e73f81c07288c723fd4a6dbd8c7ee9b79933f3
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/poky-ab9a994a8cd8e06b519a693db444030999d273b7.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/poky-ab9a994a8cd8e06b519a693db444030999d273b7.tar.bz2
-
-openembedded-core
-
-  Repository Location: :oe_git:`/openembedded-core`
-  Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
-  Tag:  :oe_git:`yocto-4.0.27 </openembedded-core/log/?h=yocto-4.0.27>`
-  Git Revision: :oe_git:`e8be08a624b2d024715a5c8b0c37f2345a02336b </openembedded-core/commit/?id=e8be08a624b2d024715a5c8b0c37f2345a02336b>`
-  Release Artefact: oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b
-  sha: cc5b0fadab021c6dc61f37fc4ff01a1cf657e7c219488ce264bede42f7f6212f
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b.tar.bz2
-
-meta-mingw
-
-  Repository Location: :yocto_git:`/meta-mingw`
-  Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
-  Tag:  :yocto_git:`yocto-4.0.27 </meta-mingw/log/?h=yocto-4.0.27>`
-  Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
-  Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
-  sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
-
-meta-gplv2
-
-  Repository Location: :yocto_git:`/meta-gplv2`
-  Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
-  Tag:  :yocto_git:`yocto-4.0.27 </meta-gplv2/log/?h=yocto-4.0.27>`
-  Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
-  Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
-  sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
-
-bitbake
-
-  Repository Location: :oe_git:`/bitbake`
-  Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
-  Tag:  :oe_git:`yocto-4.0.27 </bitbake/log/?h=yocto-4.0.27>`
-  Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
-  Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
-  sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
-
-yocto-docs
-
-  Repository Location: :yocto_git:`/yocto-docs`
-  Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
-  Tag: :yocto_git:`yocto-4.0.27 </yocto-docs/log/?h=yocto-4.0.27>`
-  Git Revision: :yocto_git:`0d51e553d5f83eea6634e03ddc9c7740bf72fcea </yocto-docs/commit/?id=0d51e553d5f83eea6634e03ddc9c7740bf72fcea>`
-
--- a/documentation/migration-guides/release-notes-4.3.rst
+++ b/documentation/migration-guides/release-notes-4.3.rst
@@ -295,7 +295,7 @@ New Features / Enhancements in 4.3
   -  Generation of :term:`SPDX` manifests is now enabled by default.

   -  Git based recipes in OE-Core which used the ``git``  protocol have been
-      changed to use ``https`` where possible, as it is typically faster and
+      changed to use `https`` where possible, as it is typically faster and
      more reliable.

   -  The ``os-release`` recipe added a ``CPE_NAME`` to the fields provided, with the
--- a/documentation/migration-guides/release-notes-5.0.10.rst
+++ b/documentation/migration-guides/release-notes-5.0.10.rst
@@ -1,208 +0,0 @@
-.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
-
-Release notes for Yocto-5.0.10 (Scarthgap)
------------------------------------------
-
-Security Fixes in Yocto-5.0.10
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  binutils: Fix :cve_nist:`2025-1153`, :cve_nist:`2025-1179`, :cve_nist:`2025-1180` and
-   :cve_nist:`2025-1182`
-  connman: Fix :cve_nist:`2025-32366` and :cve_nist:`2025-32743`
-  curl: Fix :cve_nist:`2024-11053` and :cve_nist:`2025-0167`
-  elfutils: Fix :cve_nist:`2025-1371`
-  ffmpeg: Fix :cve_nist:`2024-7055`, :cve_nist:`2024-32230`, :cve_nist:`2024-35366`,
-   :cve_nist:`2024-36613`, :cve_nist:`2024-36616`, :cve_nist:`2024-36617` and :cve_nist:`2024-36619`
-  git: Fix :cve_nist:`2024-50349` and :cve_nist:`2024-52006`
-  glib-2.0: fix :cve_nist:`2025-3360` and :cve_nist:`2025-4373`
-  iputils: Fix :cve_nist:`2025-47268`
-  libpam: Fix :cve_nist:`2024-10041`
-  libsoup-2.4: Fix :cve_nist:`2024-52530`, :cve_nist:`2024-52531`, :cve_nist:`2024-52532`,
-   :cve_nist:`2025-32906`, :cve_nist:`2025-32909`, :cve_nist:`2025-32910`, :cve_nist:`2025-32911`,
-   :cve_nist:`2025-32912`, :cve_nist:`2025-32913`, :cve_nist:`2025-32914` and :cve_nist:`2025-46420`
-  libsoup: Fix :cve_nist:`2025-4476`, :cve_nist:`2025-32906`, :cve_nist:`2025-32909`,
-   :cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`,
-   :cve_nist:`2025-32914` and :cve_nist:`2025-46420`
-  libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
-  openssh: Fix :cve_nist:`2025-32728`
-  perl: Fix :cve_nist:`2024-56406`
-  ppp: Fix :cve_nist:`2024-58250`
-  python3-jinja2: Fix :cve_nist:`2024-56201`, :cve_nist:`2024-56326` and :cve_nist:`2025-27516`
-  ruby: Fix :cve_nist:`2025-27221`
-  sqlite3: Fix :cve_nist:`2025-3277`, :cve_nist:`2025-29087` and :cve_nist:`2025-29088`
-
-
-Fixes in Yocto-5.0.10
-~~~~~~~~~~~~~~~~~~~~~
-
-  binutils: stable 2.42 branch updates
-  bluez5: add missing tools to noinst-tools package
-  bluez5: backport a patch to fix btmgmt -i
-  bluez5: make media control a :term:`PACKAGECONFIG` option
-  build-appliance-image: Update to scarthgap head revision
-  buildtools-tarball: Make buildtools respects host CA certificates
-  buildtools-tarball: add envvars into :term:`BB_ENV_PASSTHROUGH_ADDITIONS`
-  buildtools-tarball: move setting of envvars to respective envfile
-  contributor-guide/submit-changes: encourage patch version changelogs
-  cve-check.bbclass: Fix symlink handling also for text files
-  cve-update-nvd2-native: Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
-  dev-manual/sbom.rst: fix wrong build outputs
-  docs: Fix dead links that use the :term:`DISTRO` macro
-  docs: conf.py: tweak SearchEnglish to be hyphen-friendly
-  docs:conf.py: define a manpage url
-  ffmpeg: upgrade to 6.1.2
-  git: upgrade to 2.44.3
-  glibc-y2038-tests: remove glibc-y2038-tests_2.39.bb recipe
-  glibc: Add single-threaded fast path to rand()
-  glibc: stable 2.39 branch updates
-  initscripts: add function log_success_msg/log_failure_msg/log_warning_msg
-  libatomic-ops: Update :term:`GITHUB_BASE_URI`
-  manuals: remove repeated word
-  migration-guides: add release notes for 4.0.26, 5.0.8, 5.0.9
-  module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
-  perl: upgrade to 5.38.4
-  perlcross: upgrade to 1.6.2
-  poky.conf: bump version for 5.0.10
-  poky.yaml: introduce DISTRO_LATEST_TAG
-  python3-jinja2: upgrade to 3.1.6
-  ref-manual/release-process: update releases.svg
-  ref-manual/variables.rst: HOST_CC_ARCH: fix wrong SDK reference
-  ref-manual/variables.rst: WATCHDOG_TIMEOUT: fix recipe name
-  ref-manual/variables.rst: add manpage links for toolchain variables
-  ref-manual/variables.rst: add missing documentation for BUILD_* variables
-  ref-manual/variables.rst: document HOST_*_ARCH variables
-  ref-manual/variables.rst: document :term:`INHIBIT_DEFAULT_RUST_DEPS`
-  ref-manual/variables.rst: document :term:`INHIBIT_UPDATERCD_BBCLASS`
-  ref-manual/variables.rst: document :term:`SSTATE_SKIP_CREATION`
-  ref-manual/variables.rst: document :term:`WIC_CREATE_EXTRA_ARGS`
-  ref-manual/variables.rst: document autotools class related variables
-  ref-manual/variables.rst: document missing SDK_*_ARCH variables
-  ref-manual/variables.rst: document the :term:`IMAGE_ROOTFS_MAXSIZE` variable
-  ref-manual/variables.rst: document the :term:`INITRAMFS_MAXSIZE` variable
-  ref-manual/variables.rst: improve the :term:`PKGV` documentation
-  ref-manual/variables.rst: update :term:`ROOT_HOME` documentation
-  ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
-  scripts/install-buildtools: Update to 5.0.9
-  sphinx-lint: missing space after literal
-  sphinx-lint: trailing whitespace
-  sphinx-lint: unbalanced inline literal markup
-  systemd: Password agents shouldn't be optional
-  systemd: upgrade to 255.18
-  test-manual/intro: remove Buildbot version used
-  tzdata/tzcode-native: upgrade 2025a -> 2025b
-  u-boot: ensure keys are generated before assembling U-Boot FIT image
-  util-linux: Add fix to isolate test fstab entries using CUSTOM_FSTAB
-  wic: bootimg-efi: Support + symbol in filenames
-
-
-Known Issues in Yocto-5.0.10
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  There is an issue where the target libsoup-2.4 build may fail if apachectl is present on the build
-   host. The issue only affects test binaries which aren't actually used. The issue can be fixed by
-   disabling the tests or updating to more recent changes on the scarthgap branch which fix this.
-
-
-Contributors to Yocto-5.0.10
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Thanks to the following people who contributed to this release:
-
-  Adrian Freihofer
-  Aleksandar Nikolic
-  Alexander Kanavin
-  Alon Bar-Lev
-  Alper Ak
-  Andrew Kreimer
-  Antonin Godard
-  Archana Polampalli
-  Ashish Sharma
-  Changqing Li
-  Christos Gavros
-  Deepesh Varatharajan
-  Divya Chellam
-  Divyanshu Rathore
-  Enrico Jörns
-  Etienne Cordonnier
-  Guðni Már Gilbert
-  Haixiao Yan
-  Harish Sadineni
-  Igor Opaniuk
-  Jeroen Hofstee
-  Lee Chee Yang
-  Nguyen Dat Tho
-  Niko Mauno
-  Peter Marko
-  Praveen Kumar
-  Priyal Doshi
-  Rogerio Guerra Borin
-  Shubham Kulkarni
-  Soumya Sambu
-  Steve Sakoman
-  Sunil Dora
-  Trevor Woerner
-  Vijay Anusuri
-  Virendra Thakur
-  Vyacheslav Yurkov
-  Yi Zhao
-  Yogita Urade
-  rajmohan r
-
-Repositories / Downloads for Yocto-5.0.10
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-poky
-
-  Repository Location: :yocto_git:`/poky`
-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
-  Tag:  :yocto_git:`yocto-5.0.10 </poky/log/?h=yocto-5.0.10>`
-  Git Revision: :yocto_git:`ac257900c33754957b2696529682029d997a8f28 </poky/commit/?id=ac257900c33754957b2696529682029d997a8f28>`
-  Release Artefact: poky-ac257900c33754957b2696529682029d997a8f28
-  sha: ddca7e54b331e78214bea65b346320d4fbcddf4b51103bfbbd9fc3960f32cdc7
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/poky-ac257900c33754957b2696529682029d997a8f28.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/poky-ac257900c33754957b2696529682029d997a8f28.tar.bz2
-
-openembedded-core
-
-  Repository Location: :oe_git:`/openembedded-core`
-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
-  Tag:  :oe_git:`yocto-5.0.10 </openembedded-core/log/?h=yocto-5.0.10>`
-  Git Revision: :oe_git:`d5342ffc570d47a723b18297d75bd2f63c2088db </openembedded-core/commit/?id=d5342ffc570d47a723b18297d75bd2f63c2088db>`
-  Release Artefact: oecore-d5342ffc570d47a723b18297d75bd2f63c2088db
-  sha: daa62094f2327f4b3fbcc485e8964d1b86a4722f58fb37e0d8e8e9885094a262
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/oecore-d5342ffc570d47a723b18297d75bd2f63c2088db.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/oecore-d5342ffc570d47a723b18297d75bd2f63c2088db.tar.bz2
-
-meta-mingw
-
-  Repository Location: :yocto_git:`/meta-mingw`
-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
-  Tag:  :yocto_git:`yocto-5.0.10 </meta-mingw/log/?h=yocto-5.0.10>`
-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
-
-bitbake
-
-  Repository Location: :oe_git:`/bitbake`
-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
-  Tag:  :oe_git:`yocto-5.0.10 </bitbake/log/?h=yocto-5.0.10>`
-  Git Revision: :oe_git:`696c2c1ef095f8b11c7d2eff36fae50f58c62e5e </bitbake/commit/?id=696c2c1ef095f8b11c7d2eff36fae50f58c62e5e>`
-  Release Artefact: bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e
-  sha: fc83f879cd6dd14b9b7eba0161fec23ecc191fed0fb00556ba729dceef6c145f
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
-
-yocto-docs
-
-  Repository Location: :yocto_git:`/yocto-docs`
-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
-  Tag: :yocto_git:`yocto-5.0.10 </yocto-docs/log/?h=yocto-5.0.10>`
-  Git Revision: :yocto_git:`3996388e337377bedc113d072a51fe9d68dd40c6 </yocto-docs/commit/?id=3996388e337377bedc113d072a51fe9d68dd40c6>`
-
--- a/documentation/migration-guides/release-notes-5.0.9.rst
+++ b/documentation/migration-guides/release-notes-5.0.9.rst
@@ -1,206 +0,0 @@
-.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
-
-Release notes for Yocto-5.0.9 (Scarthgap)
-----------------------------------------
-
-Security Fixes in Yocto-5.0.9
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  binutils: Fix :cve_nist:`2024-57360`, :cve_nist:`2025-1176`, :cve_nist:`2025-1178` and
-   :cve_nist:`2025-1181`
-  expat: Fix :cve_nist:`2024-8176`
-  freetype: Fix :cve_nist:`2025-27363`
-  ghostscript: Fix :cve_nist:`2025-27830`, :cve_nist:`2025-27831`, :cve_nist:`2025-27832`,
-   :cve_nist:`2025-27833`, :cve_nist:`2025-27833`, :cve_nist:`2025-27834`, :cve_nist:`2025-27835`
-   and :cve_nist:`2025-27836`
-  go: fix :cve_nist:`2025-22870` and :cve_nist:`2025-22871`
-  grub: Fix :cve_nist:`2024-45781`, :cve_nist:`2024-45774`, :cve_nist:`2024-45775`,
-   :cve_nist:`2024-45776`, :cve_nist:`2024-45777`, :cve_nist:`2024-45778`, :cve_nist:`2024-45779`,
-   :cve_nist:`2024-45780`, :cve_nist:`2024-45782`, :cve_nist:`2024-45783`, :cve_nist:`2024-56737`,
-   :cve_nist:`2025-0622`, :cve_nist:`2025-0624`, :cve_nist:`2025-0677`, :cve_nist:`2025-0678`,
-   :cve_nist:`2025-0684`, :cve_nist:`2025-0685`, :cve_nist:`2025-0686`, :cve_nist:`2025-0689`,
-   :cve_nist:`2025-0690`, :cve_nist:`2025-1118` and :cve_nist:`2025-1125`
-  libarchive: Fix :cve_nist:`2024-20696`, :cve_nist:`2024-48957`, :cve_nist:`2024-48958`,
-   :cve_nist:`2025-1632` and :cve_nist:`2025-25724`
-  libxslt: Fix :cve_nist:`2024-24855` and :cve_nist:`2024-55549`
-  linux-yocto/6.6: Fix :cve_nist:`2024-54458`, :cve_nist:`2024-57834`, :cve_nist:`2024-57973`,
-   :cve_nist:`2024-57978`, :cve_nist:`2024-57979`, :cve_nist:`2024-57980`, :cve_nist:`2024-57981`,
-   :cve_nist:`2024-57984`, :cve_nist:`2024-57996`, :cve_nist:`2024-57997`, :cve_nist:`2024-58002`,
-   :cve_nist:`2024-58005`, :cve_nist:`2024-58007`, :cve_nist:`2024-58010`, :cve_nist:`2024-58011`,
-   :cve_nist:`2024-58013`, :cve_nist:`2024-58017`, :cve_nist:`2024-58020`, :cve_nist:`2024-58034`,
-   :cve_nist:`2024-58052`, :cve_nist:`2024-58055`, :cve_nist:`2024-58058`, :cve_nist:`2024-58063`,
-   :cve_nist:`2024-58068`, :cve_nist:`2024-58069`, :cve_nist:`2024-58070`, :cve_nist:`2024-58071`,
-   :cve_nist:`2024-58076`, :cve_nist:`2024-58080`, :cve_nist:`2024-58083`, :cve_nist:`2024-58088`,
-   :cve_nist:`2025-21700`, :cve_nist:`2025-21703`, :cve_nist:`2025-21707`, :cve_nist:`2025-21711`,
-   :cve_nist:`2025-21715`, :cve_nist:`2025-21716`, :cve_nist:`2025-21718`, :cve_nist:`2025-21726`,
-   :cve_nist:`2025-21727`, :cve_nist:`2025-21731`, :cve_nist:`2025-21735`, :cve_nist:`2025-21736`,
-   :cve_nist:`2025-21741`, :cve_nist:`2025-21742`, :cve_nist:`2025-21743`, :cve_nist:`2025-21744`,
-   :cve_nist:`2025-21745`, :cve_nist:`2025-21748`, :cve_nist:`2025-21749`, :cve_nist:`2025-21753`,
-   :cve_nist:`2025-21756`, :cve_nist:`2025-21759`, :cve_nist:`2025-21760`, :cve_nist:`2025-21761`,
-   :cve_nist:`2025-21762`, :cve_nist:`2025-21763`, :cve_nist:`2025-21764`, :cve_nist:`2025-21773`,
-   :cve_nist:`2025-21775`, :cve_nist:`2025-21776`, :cve_nist:`2025-21779`, :cve_nist:`2025-21780`,
-   :cve_nist:`2025-21782`, :cve_nist:`2025-21783`, :cve_nist:`2025-21785`, :cve_nist:`2025-21787`,
-   :cve_nist:`2025-21789`, :cve_nist:`2025-21790`, :cve_nist:`2025-21791`, :cve_nist:`2025-21792`,
-   :cve_nist:`2025-21793`, :cve_nist:`2025-21796`, :cve_nist:`2025-21811`, :cve_nist:`2025-21812`,
-   :cve_nist:`2025-21814`, :cve_nist:`2025-21820`, :cve_nist:`2025-21844`, :cve_nist:`2025-21846`,
-   :cve_nist:`2025-21847`, :cve_nist:`2025-21848`, :cve_nist:`2025-21853`, :cve_nist:`2025-21854`,
-   :cve_nist:`2025-21855`, :cve_nist:`2025-21856`, :cve_nist:`2025-21857`, :cve_nist:`2025-21858`,
-   :cve_nist:`2025-21859`, :cve_nist:`2025-21862`, :cve_nist:`2025-21863`, :cve_nist:`2025-21864`,
-   :cve_nist:`2025-21865`, :cve_nist:`2025-21866`, :cve_nist:`2025-21867`, :cve_nist:`2025-21887`,
-   :cve_nist:`2025-21891`, :cve_nist:`2025-21898`, :cve_nist:`2025-21904`, :cve_nist:`2025-21905`,
-   :cve_nist:`2025-21908`, :cve_nist:`2025-21912`, :cve_nist:`2025-21915`, :cve_nist:`2025-21917`,
-   :cve_nist:`2025-21918`, :cve_nist:`2025-21919`, :cve_nist:`2025-21920`, :cve_nist:`2025-21922`,
-   :cve_nist:`2025-21928`, :cve_nist:`2025-21934`, :cve_nist:`2025-21936`, :cve_nist:`2025-21937`,
-   :cve_nist:`2025-21941`, :cve_nist:`2025-21943`, :cve_nist:`2025-21945`, :cve_nist:`2025-21947`,
-   :cve_nist:`2025-21948`, :cve_nist:`2025-21951`, :cve_nist:`2025-21957`, :cve_nist:`2025-21959`,
-   :cve_nist:`2025-21962`, :cve_nist:`2025-21963`, :cve_nist:`2025-21964`, :cve_nist:`2025-21966`,
-   :cve_nist:`2025-21967`, :cve_nist:`2025-21968`, :cve_nist:`2025-21969`, :cve_nist:`2025-21979`,
-   :cve_nist:`2025-21980`, :cve_nist:`2025-21981`, :cve_nist:`2025-21991` and :cve_nist:`2025-21993`
-  mpg123: Fix :cve_nist:`2024-10573`
-  ofono: Fix :cve_nist:`2024-7537`
-  openssh: Fix :cve_nist:`2025-26465`
-  puzzles: Ignore :cve_nist:`2024-13769`, :cve_nist:`2024-13770` and :cve_nist:`2025-0837`
-  qemu: Ignore :cve_nist:`2023-1386`
-  ruby: Fix :cve_nist:`2025-27219` and :cve_nist:`2025-27220`
-  rust-cross-canadian: Ignore :cve_nist:`2024-43402`
-  vim: Fix :cve_nist:`2025-1215`, :cve_nist:`2025-26603`, :cve_nist:`2025-27423` and
-   :cve_nist:`2025-29768`
-  xserver-xorg: Fix :cve_nist:`2025-26594`, :cve_nist:`2025-26595`, :cve_nist:`2025-26596`,
-   :cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`, :cve_nist:`2025-26600`
-   and :cve_nist:`2025-26601`
-  xz: Fix :cve_nist:`2025-31115`
-
-
-Fixes in Yocto-5.0.9
-~~~~~~~~~~~~~~~~~~~~
-
-  babeltrace2: extend to nativesdk
-  babeltrace: extend to nativesdk
-  bitbake: event/utils: Avoid deadlock from lock_timeout() and recursive events
-  bitbake: utils: Add signal blocking for lock_timeout
-  bitbake: utils: Print information about lock issue before exiting
-  bitbake: utils: Tweak lock_timeout logic
-  build-appliance-image: Update to scarthgap head revision
-  cve-check.bbclass: Mitigate symlink related error
-  cve-update-nvd2-native: add workaround for json5 style list
-  cve-update-nvd2-native: handle missing vulnStatus
-  gcc: remove paths to sysroot from configargs.h and checksum-options for gcc-cross-canadian
-  gcc: unify cleanup of include-fixed, apply to cross-canadian
-  ghostscript: upgrade to 10.05.0
-  grub: backport strlcpy function
-  grub: drop obsolete CVE statuses
-  icu: Adjust ICU_DATA_DIR path on big endian targets
-  kernel-arch: add macro-prefix-map in KERNEL_CC
-  libarchive: upgrade to 3.7.9
-  libxslt: upgrade to 1.1.43
-  linux-yocto/6.6: update to v6.6.84
-  mc: set ac_cv_path_ZIP to avoid buildpaths QA issues
-  mpg123: upgrade to 1.32.10
-  nativesdk-libtool: sanitize the script, remove buildpaths
-  openssl: rewrite ptest installation
-  overview-manual/concepts: remove :term:`PR` from the build dir list
-  patch.py: set commituser and commitemail for addNote
-  poky.conf: bump version for 5.0.9
-  vim: Upgrade to 9.1.1198
-  xserver-xf86-config: add a configuration fragment to disable screen blanking
-  xserver-xf86-config: remove obsolete configuration files
-  xserver-xorg: upgrade to 21.1.16
-  xz: upgrade to 5.4.7
-  yocto-uninative: Update to 4.7 for glibc 2.41
-
-
-Known Issues in Yocto-5.0.9
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
- N/A
-
-Contributors to Yocto-5.0.9
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-Thanks to the following people who contributed to this release:
-
-  Antonin Godard
-  Archana Polampalli
-  Ashish Sharma
-  Bruce Ashfield
-  Changqing Li
-  Denys Dmytriyenko
-  Divya Chellam
-  Hitendra Prajapati
-  Madhu Marri
-  Makarios Christakis
-  Martin Jansa
-  Michael Halstead
-  Niko Mauno
-  Oleksandr Hnatiuk
-  Peter Marko
-  Richard Purdie
-  Ross Burton
-  Sana Kazi
-  Stefan Mueller-Klieser
-  Steve Sakoman
-  Vijay Anusuri
-  Virendra Thakur
-  Vishwas Udupa
-  Wang Mingyu
-  Zhang Peng
-
-
-Repositories / Downloads for Yocto-5.0.9
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-poky
-
-  Repository Location: :yocto_git:`/poky`
-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
-  Tag:  :yocto_git:`yocto-5.0.9 </poky/log/?h=yocto-5.0.9>`
-  Git Revision: :yocto_git:`bab0f9f62af9af580744948dd3240f648a99879a </poky/commit/?id=bab0f9f62af9af580744948dd3240f648a99879a>`
-  Release Artefact: poky-bab0f9f62af9af580744948dd3240f648a99879a
-  sha: ee6811d9fb6c4913e19d6e3569f1edc8ccd793779b237520596506446a6b4531
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/poky-bab0f9f62af9af580744948dd3240f648a99879a.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/poky-bab0f9f62af9af580744948dd3240f648a99879a.tar.bz2
-
-openembedded-core
-
-  Repository Location: :oe_git:`/openembedded-core`
-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
-  Tag:  :oe_git:`yocto-5.0.9 </openembedded-core/log/?h=yocto-5.0.9>`
-  Git Revision: :oe_git:`04038ecd1edd6592b826665a2b787387bb7074fa </openembedded-core/commit/?id=04038ecd1edd6592b826665a2b787387bb7074fa>`
-  Release Artefact: oecore-04038ecd1edd6592b826665a2b787387bb7074fa
-  sha: 6e201a4b486dfbdfcb7e96d83b962a205ec4764db6ad0e34bd623db18910eddb
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/oecore-04038ecd1edd6592b826665a2b787387bb7074fa.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/oecore-04038ecd1edd6592b826665a2b787387bb7074fa.tar.bz2
-
-meta-mingw
-
-  Repository Location: :yocto_git:`/meta-mingw`
-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
-  Tag:  :yocto_git:`yocto-5.0.9 </meta-mingw/log/?h=yocto-5.0.9>`
-  Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
-  Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
-  sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
-
-bitbake
-
-  Repository Location: :oe_git:`/bitbake`
-  Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
-  Tag:  :oe_git:`yocto-5.0.9 </bitbake/log/?h=yocto-5.0.9>`
-  Git Revision: :oe_git:`696c2c1ef095f8b11c7d2eff36fae50f58c62e5e </bitbake/commit/?id=696c2c1ef095f8b11c7d2eff36fae50f58c62e5e>`
-  Release Artefact: bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e
-  sha: fc83f879cd6dd14b9b7eba0161fec23ecc191fed0fb00556ba729dceef6c145f
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
-
-yocto-docs
-
-  Repository Location: :yocto_git:`/yocto-docs`
-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
-  Tag: :yocto_git:`yocto-5.0.9 </yocto-docs/log/?h=yocto-5.0.9>`
-  Git Revision: :yocto_git:`56db4fd81f6235428bef9e46a61c11ca0ba89733 </yocto-docs/commit/?id=56db4fd81f6235428bef9e46a61c11ca0ba89733>`
-
--- a/documentation/migration-guides/release-notes-5.2.1.rst
+++ b/documentation/migration-guides/release-notes-5.2.1.rst
@@ -1,161 +0,0 @@
-Release notes for Yocto-5.2.1 (Walnascar)
-----------------------------------------
-
-Security Fixes in Yocto-5.2.1
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  connman :Fix :cve_nist:`2025-32366` and :cve_nist:`2025-32743`
-  ffmpeg: Fix :cve_nist:`2025-22921`
-  go: Fix :cve_nist:`2025-22871` and CVE-2025-22873
-  iputils: Fix :cve_nist:`2025-47268`
-  libsoup-2.4: Fix :cve_nist:`2024-52532` and :cve_nist:`2025-32911`
-  libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
-  openssh: Fix :cve_nist:`2025-32728`
-  perl: Fix :cve_nist:`2024-56406`
-  qemu: Ignore :cve_nist:`2023-1386`
-  ruby: Fix :cve_nist:`2025-27219`, :cve_nist:`2025-27220` and :cve_nist:`2025-27221`
-  webkitgtk: Fix :cve_nist:`2024-54551`, :cve_nist:`2025-24208`, :cve_nist:`2025-24209`,
-   :cve_nist:`2025-24213`, :cve_nist:`2025-24216`, :cve_nist:`2025-24264` and :cve_nist:`2025-30427`
-
-
-Fixes in Yocto-5.2.1
-~~~~~~~~~~~~~~~~~~~~
-
-  binutils: stable 2.44 branch updates
-  bluez5: add missing tools to noinst-tools package
-  build-appliance-image: Update to walnascar head revision
-  buildtools-tarball: Make buildtools respects host CA certificates
-  buildtools-tarball: add envvars into :term:`BB_ENV_PASSTHROUGH_ADDITIONS`
-  buildtools-tarball: move setting of envvars to respective envfile
-  cdrtools-native: fix booting EFI ISO live failed
-  contributor-guide/submit-changes: encourage patch version changelogs
-  gcc: Fix LDRD register overlap in register-indexed mode
-  glibc-y2038-tests: remove glibc-y2038-tests_2.41.bb recipe
-  glibc: Add single-threaded fast path to rand()
-  glibc: stable 2.41 branch update
-  go: upgrade to 1.24.3
-  gobject-introspection: Fix wrong :term:`PN` used in MULTILIB_SCRIPTS
-  icu: set ac_cv_path_install to ensure install tool reproducibility
-  initscripts: add function log_success_msg/log_failure_msg/log_warning_msg
-  insane.bbclass: Move test for invalid PACKAGECONFIGs to do_recipe_qa
-  insane.bbclass: Report all invalid PACKAGECONFIGs for a recipe at once
-  libxml2: upgrade to 2.13.8
-  makedumpfile: upgrade to 1.7.7
-  migration-guides: add release notes for 4.0.26 and 5.0.9
-  module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
-  patch.py: set commituser and commitemail for addNote
-  perl: upgrade to 5.40.2
-  perlcross: upgrade to 1.6.2
-  poky.conf: bump version for 5.2.1
-  ref-manual/release-process: update releases.svg
-  ref-manual/variables.rst: document :term:`WIC_CREATE_EXTRA_ARGS`
-  ref-manual/variables.rst: update :term:`ROOT_HOME` documentation
-  ref-manual: classes: uki: Fix git links
-  ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
-  ruby: upgrade to 3.4.3
-  sbom.rst: how to disable :term:`SPDX` generation
-  scripts/install-buildtools: Update to 5.2
-  sphinx-lint: various fixes
-  syslinux: improve isohybrid to process extra sector count for ISO 9660 image
-  test-manual/intro: remove Buildbot version used
-  tzdata/tzcode-native: upgrade to 2025b
-  webkitgtk: Use WTF_CPU_UNKNOWN when building for riscv64
-  webkitgtk: upgrade to 2.48.1
-
-
-Known Issues in Yocto-5.2.1
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
- N/A
-
-
-Contributors to Yocto-5.2.1
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-  Adrian Freihofer
-  Aleksandar Nikolic
-  Alon Bar-Lev
-  Antonin Godard
-  Archana Polampalli
-  Changqing Li
-  Deepesh Varatharajan
-  Divya Chellam
-  Enrico Jörns
-  Guðni Már Gilbert
-  Haixiao Yan
-  Hongxu Jia
-  Jiaying Song
-  Khem Raj
-  Lee Chee Yang
-  Leonard Anderweit
-  Madhu Marri
-  Mikko Rapeli
-  Peter Kjellerstedt
-  Peter Marko
-  Praveen Kumar
-  Priyal Doshi
-  Steve Sakoman
-  Trevor Woerner
-  Yi Zhao
-  Yogita Urade
-  rajmohan r
-
-
-Repositories / Downloads for Yocto-5.2.1
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-poky
-
-  Repository Location: :yocto_git:`/poky`
-  Branch: :yocto_git:`walnascar </poky/log/?h=walnascar>`
-  Tag:  :yocto_git:`yocto-5.2.1 </poky/log/?h=yocto-5.2.1>`
-  Git Revision: :yocto_git:`fd9b605507a20d850a9991316cd190c1d20dc4a6 </poky/commit/?id=fd9b605507a20d850a9991316cd190c1d20dc4a6>`
-  Release Artefact: poky-fd9b605507a20d850a9991316cd190c1d20dc4a6
-  sha: 0234a96fc28e60e0acaae2a03118ecde76810c47e8bb259f4950492bd75fc050
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/poky-fd9b605507a20d850a9991316cd190c1d20dc4a6.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/poky-fd9b605507a20d850a9991316cd190c1d20dc4a6.tar.bz2
-
-openembedded-core
-
-  Repository Location: :oe_git:`/openembedded-core`
-  Branch: :oe_git:`walnascar </openembedded-core/log/?h=walnascar>`
-  Tag:  :oe_git:`yocto-5.2.1 </openembedded-core/log/?h=yocto-5.2.1>`
-  Git Revision: :oe_git:`17affdaa600896282e07fb4d64cb23195673baa1 </openembedded-core/commit/?id=17affdaa600896282e07fb4d64cb23195673baa1>`
-  Release Artefact: oecore-17affdaa600896282e07fb4d64cb23195673baa1
-  sha: b6c3c15004fcd1efbaa26c9695202806402730dde8e41552a70140cff67c97c9
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/oecore-17affdaa600896282e07fb4d64cb23195673baa1.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/oecore-17affdaa600896282e07fb4d64cb23195673baa1.tar.bz2
-
-meta-mingw
-
-  Repository Location: :yocto_git:`/meta-mingw`
-  Branch: :yocto_git:`walnascar </meta-mingw/log/?h=walnascar>`
-  Tag:  :yocto_git:`yocto-5.2.1 </meta-mingw/log/?h=yocto-5.2.1>`
-  Git Revision: :yocto_git:`edce693e1b8fabd84651aa6c0888aafbcf238577 </meta-mingw/commit/?id=edce693e1b8fabd84651aa6c0888aafbcf238577>`
-  Release Artefact: meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577
-  sha: 6cfed41b54f83da91a6cf201ec1c2cd4ac284f642b1268c8fa89d2335ea2bce1
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
-
-bitbake
-
-  Repository Location: :oe_git:`/bitbake`
-  Branch: :oe_git:`2.12 </bitbake/log/?h=2.12>`
-  Tag:  :oe_git:`yocto-5.2.1 </bitbake/log/?h=yocto-5.2.1>`
-  Git Revision: :oe_git:`5b4e20377eea8d428edf1aeb2187c18f82ca6757 </bitbake/commit/?id=5b4e20377eea8d428edf1aeb2187c18f82ca6757>`
-  Release Artefact: bitbake-5b4e20377eea8d428edf1aeb2187c18f82ca6757
-  sha: 48cff22c1e61f47adce474b636ca865e7e0b62293fc5c8829d09e7f1ac5252af
-  Download Locations:
-   https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/bitbake-5b4e20377eea8d428edf1aeb2187c18f82ca6757.tar.bz2
-   https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/bitbake-5b4e20377eea8d428edf1aeb2187c18f82ca6757.tar.bz2
-
-yocto-docs
-
-  Repository Location: :yocto_git:`/yocto-docs`
-  Branch: :yocto_git:`walnascar </yocto-docs/log/?h=walnascar>`
-  Tag: :yocto_git:`yocto-5.2.1 </yocto-docs/log/?h=yocto-5.2.1>`
-  Git Revision: :yocto_git:`6b7019c13054bf11fb16657a3fac85831352cea9 </yocto-docs/commit/?id=6b7019c13054bf11fb16657a3fac85831352cea9>`
-
--- a/documentation/migration-guides/release-notes-5.2.rst
+++ b/documentation/migration-guides/release-notes-5.2.rst
@@ -25,7 +25,7 @@ New Features / Enhancements in |yocto-ver|
      :ref:`Shared State <overview-manual/concepts:Shared State>` for the
      dependencies. See :doc:`/test-manual/reproducible-builds`.

-   -  ``systemd``: Add :term:`WATCHDOG_RUNTIME_SEC`: for controlling the
+   -  ``systemd``: Add term:`WATCHDOG_RUNTIME_SEC`: for controlling the
      ``RuntimeWatchdogSec`` option in ``/etc/systemd/system.conf``.

   -  :term:`FIT_UBOOT_ENV` to allow including a u-boot script as a text in a
@@ -671,7 +671,7 @@ New Features / Enhancements in |yocto-ver|
   -  New ``bbverbnote`` log utility which can be used to print on the console
      (equivalent to the ``bb.verbnote`` Python implementation).

-   -  :ref:`ref-classes-grub-efi`: Add :term:`GRUB_TITLE` variable to set
+   -  :ref:``ref-classes-grub-efi``: Add :term:`GRUB_TITLE` variable to set
      custom GRUB titles.

   -  ``gawk``: Enable high precision arithmetic support by default (``mpfr``
--- a/documentation/overview-manual/concepts.rst
+++ b/documentation/overview-manual/concepts.rst
@@ -98,7 +98,7 @@ files, and how to package the compiled output.

 The term "package" is sometimes used to refer to recipes. However, since
 the word "package" is used for the packaged output from the OpenEmbedded
-build system (i.e. ``.ipk``, ``.deb`` or ``.rpm`` files), this document avoids
+build system (i.e. ``.ipk`` or ``.deb`` files), this document avoids
 using the term "package" when referring to recipes.

 Classes
@@ -256,7 +256,7 @@ development environment.
 .. note::

   The
-   ``scripts/oe-setup-builddir``
+   scripts/oe-setup-builddir
   script uses the
   ``$TEMPLATECONF``
   variable to determine which sample configuration files to locate.
@@ -352,7 +352,7 @@ layers the build system uses to further control the build. These layers
 provide Metadata for the software, machine, and policies.

 In general, there are three types of layer input. You can see them below
-the "User Configuration" box in the :ref:`general workflow
+the "User Configuration" box in the `general workflow
 figure <overview-manual/concepts:openembedded build system concepts>`:

 -  *Metadata (.bb + Patches):* Software layers containing
@@ -420,14 +420,14 @@ build.
 Distro Layer
 ~~~~~~~~~~~~

-A distribution layer provides policy configurations for your
+The distribution layer provides policy configurations for your
 distribution. Best practices dictate that you isolate these types of
 configurations into their own layer. Settings you provide in
 ``conf/distro/distro.conf`` override similar settings that BitBake finds
 in your ``conf/local.conf`` file in the :term:`Build Directory`.

 The following list provides some explanation and references for what you
-typically find in a distribution layer:
+typically find in the distribution layer:

 -  *classes:* Class files (``.bbclass``) hold common functionality that
   can be shared among recipes in the distribution. When your recipes
@@ -454,7 +454,7 @@ typically find in a distribution layer:
 BSP Layer
 ~~~~~~~~~

-A BSP layer provides machine configurations that target specific
+The BSP Layer provides machine configurations that target specific
 hardware. Everything in this layer is specific to the machine for which
 you are building the image or the SDK. A common structure or form is
 defined for BSP layers. You can learn more about this structure in the
@@ -465,7 +465,7 @@ defined for BSP layers. You can learn more about this structure in the
   In order for a BSP layer to be considered compliant with the Yocto
   Project, it must meet some structural requirements.

-A BSP layer's configuration directory contains configuration files for
+The BSP Layer's configuration directory contains configuration files for
 the machine (``conf/machine/machine.conf``) and, of course, the layer
 (``conf/layer.conf``).

@@ -477,18 +477,18 @@ formfactors, graphics support systems, and so forth.
 .. note::

   While the figure shows several
-   ``recipes-*``
+   recipes-\*
   directories, not all these directories appear in all BSP layers.

 Software Layer
 ~~~~~~~~~~~~~~

-A software layer provides the Metadata for additional software
+The software layer provides the Metadata for additional software
 packages used during the build. This layer does not include Metadata
 that is specific to the distribution or the machine, which are found in
 their respective layers.

-This layer contains any recipes, append files, and patches that your
+This layer contains any recipes, append files, and patches, that your
 project needs.

 Sources
@@ -560,8 +560,9 @@ source tree used by the group).

 The canonical method through which to include a local project is to use the
 :ref:`ref-classes-externalsrc` class to include that local project. You use
-either ``local.conf`` or a recipe's append file to override or set the
-recipe to point to the local directory from which to fetch the source.
+either the ``local.conf`` or a recipe's append file to override or set the
+recipe to point to the local directory on your disk to pull in the whole
+source tree.

 Source Control Managers (Optional)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -955,7 +956,7 @@ package.

  For more information on the ``oe-pkgdata-util`` utility, see the section
  :ref:`dev-manual/debugging:Viewing Package Information with
-  ``oe-pkgdata-util``` of the Yocto Project Development Tasks Manual.
+  \`\`oe-pkgdata-util\`\`` of the Yocto Project Development Tasks Manual.

 To add a custom package variant of the ``${PN}`` recipe named
 ``${PN}-extra`` (name is arbitrary), one can add it to the
--- a/documentation/ref-manual/classes.rst
+++ b/documentation/ref-manual/classes.rst
@@ -2050,8 +2050,7 @@ a couple different ways:
      Not using this naming convention can lead to subtle problems
      caused by existing code that depends on that naming convention.

-  Or, create a :ref:`ref-classes-native` variant of any target recipe (e.g.
-   ``myrecipe.bb``) by adding the following to the recipe::
+-  Create or modify a target recipe that contains the following::

      BBCLASSEXTEND = "native"

@@ -2082,18 +2081,7 @@ couple different ways:
   inherit statement in the recipe after all other inherit statements so
   that the :ref:`ref-classes-nativesdk` class is inherited last.

-   .. note::
-
-      When creating a recipe, you must follow this naming convention::
-
-              nativesdk-myrecipe.bb
-
-
-      Not doing so can lead to subtle problems because there is code that
-      depends on the naming convention.
-
-  Or, create a :ref:`ref-classes-nativesdk` variant of any target recipe (e.g.
-   ``myrecipe.bb``) by adding the following to the recipe::
+-  Create a :ref:`ref-classes-nativesdk` variant of any recipe by adding the following::

       BBCLASSEXTEND = "nativesdk"

@@ -2102,6 +2090,16 @@ couple different ways:
   specify any functionality specific to the respective SDK machine or
   target case.

+.. note::
+
+   When creating a recipe, you must follow this naming convention::
+
+           nativesdk-myrecipe.bb
+
+
+   Not doing so can lead to subtle problems because there is code that
+   depends on the naming convention.
+
 Although applied differently, the :ref:`ref-classes-nativesdk` class is used with both
 methods. The advantage of the second method is that you do not need to
 have two separate recipes (assuming you need both) for the SDK machine
@@ -3454,7 +3452,7 @@ on target hardware. Using ``systemd`` as init is recommended. Image builds
 should create an ESP partition for UEFI firmware and copy ``systemd-boot`` and
 UKI files there. Sample configuration for Wic images is provided in
 :oe_git:`scripts/lib/wic/canned-wks/efi-uki-bootdisk.wks.in
-</openembedded-core/tree/scripts/lib/wic/canned-wks/efi-uki-bootdisk.wks.in>`.
+<openembedded-core/tree/scripts/lib/wic/canned-wks/efi-uki-bootdisk.wks.in>`.
 UKIs are generated using ``systemd`` reference implementation `ukify
 <https://www.freedesktop.org/software/systemd/man/latest/ukify.html>`__.
 This class uses a number of variables but tries to find sensible defaults for
@@ -3464,7 +3462,7 @@ The variables used by this class are:

 -  :term:`EFI_ARCH`: architecture name within EFI standard, set in
   :oe_git:`meta/conf/image-uefi.conf
-   </openembedded-core/tree/meta/conf/image-uefi.conf>`
+   <openembedded-core/tree/meta/conf/image-uefi.conf>`
 -  :term:`IMAGE_EFI_BOOT_FILES`: files to install to EFI boot partition
   created by the ``bootimg-efi`` Wic plugin
 -  :term:`INITRAMFS_IMAGE`: initramfs recipe name
@@ -3483,9 +3481,9 @@ The variables used by this class are:

 For examples on how to use this class see oeqa selftest
 :oe_git:`meta/lib/oeqa/selftest/cases/uki.py
-</openembedded-core/tree/meta/lib/oeqa/selftest/cases/uki.py>`.
+<openembedded-core/tree/meta/lib/oeqa/selftest/cases/uki.py>`.
 Also an oeqa runtime test :oe_git:`meta/lib/oeqa/runtime/cases/uki.py
-</openembedded-core/tree/meta/lib/oeqa/runtime/cases/uki.py>` is provided which
+<openembedded-core/tree/meta/lib/oeqa/runtime/cases/uki.py>` is provided which
 verifies that the target system booted the same UKI binary as was set at
 buildtime via :term:`UKI_FILENAME`.

--- a/documentation/ref-manual/devtool-reference.rst
+++ b/documentation/ref-manual/devtool-reference.rst
@@ -435,7 +435,7 @@ You can read more on the ``devtool upgrade`` workflow in the
 ":ref:`dev-manual/devtool:use \`\`devtool upgrade\`\` to create a version of the recipe that supports a newer version of the software`"
 section in the Yocto Project Application Development and the Extensible
 Software Development Kit (eSDK) manual. You can also see an example of
-how to use ``devtool upgrade`` in the ":ref:`dev-manual/upgrading-recipes:using ``devtool upgrade```"
+how to use ``devtool upgrade`` in the ":ref:`dev-manual/upgrading-recipes:using \`\`devtool upgrade\`\``"
 section in the Yocto Project Development Tasks Manual.

 .. _devtool-resetting-a-recipe:
--- a/documentation/ref-manual/structure.rst
+++ b/documentation/ref-manual/structure.rst
@@ -515,7 +515,7 @@ generated during the :ref:`ref-tasks-packagedata` task. The files stored in this
 directory contain information about each output package produced by the
 OpenEmbedded build system, and are used in different ways by the build system
 such as ":ref:`dev-manual/debugging:viewing package information with
-``oe-pkgdata-util```".
+\`\`oe-pkgdata-util\`\``".

 .. _structure-build-tmp-sstate-control:

--- a/documentation/ref-manual/svg/releases.svg
+++ b/documentation/ref-manual/svg/releases.svg
@@ -2,11 +2,11 @@
 <svg
   version="1.1"
   id="svg2"
-   width="1992.7236"
-   height="613.35602"
-   viewBox="0 0 1992.7236 613.35599"
+   width="1523.001"
+   height="504.30499"
+   viewBox="0 0 1523.001 504.30497"
   sodipodi:docname="releases.svg"
-   inkscape:version="1.4.1 (93de688d07, 2025-03-30)"
+   inkscape:version="1.3.2 (091e20ef0f, 2023-11-25, custom)"
   inkscape:export-filename="../../../../../../../../tmp/releases.png"
   inkscape:export-xdpi="96"
   inkscape:export-ydpi="96"
@@ -70,7 +70,7 @@
       scale_width="1"
       end_linecap_type="zerowidth"
       not_jump="false"
-       message="" />
+       message="&lt;b&gt;Ctrl + click&lt;/b&gt; on existing node and move it" />
    <marker
       style="overflow:visible"
       id="marker5783"
@@ -412,9 +412,9 @@
     inkscape:window-height="2069"
     id="namedview4"
     showgrid="true"
-     inkscape:zoom="1.5536106"
-     inkscape:cx="1158.2696"
-     inkscape:cy="273.55632"
+     inkscape:zoom="2.1971372"
+     inkscape:cx="1068.2082"
+     inkscape:cy="287.87461"
     inkscape:window-x="2256"
     inkscape:window-y="60"
     inkscape:window-maximized="1"
@@ -433,8 +433,8 @@
    <inkscape:grid
       type="xygrid"
       id="grid1257"
-       originx="-289.06071"
-       originy="478.43017"
+       originx="-289.99936"
+       originy="369.99997"
       spacingy="1"
       spacingx="1"
       units="px"
@@ -444,90 +444,66 @@
     inkscape:groupmode="layer"
     inkscape:label="Image"
     id="g10"
-     transform="translate(-289.06072,478.43022)">
-    <rect
-       style="fill:#333333;fill-opacity:0;stroke:#000000;stroke-width:0.713896;stroke-linejoin:bevel;stroke-miterlimit:0;stroke-opacity:0"
-       id="rect1"
-       width="1992.0098"
-       height="612.64215"
-       x="289.41766"
-       y="-478.07327"
-       ry="24.97636" />
+     transform="translate(-289.99936,370.00003)">
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 563.40434,64.000628 v -524.414808 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 563.40434,64.000628 v -415.635938 0 0"
       id="path207708" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 683.40434,64.000628 v -524.414808 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 683.40434,64.000628 v -415.635938 0 0"
       id="path207708-4" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 803.40434,64.000628 v -524.414808 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 803.40434,64.000628 v -415.635938 0 0"
       id="path207708-4-3" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 923.40434,64.000577 v -524.414757 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 923.40434,64.000588 v -415.635898 0 0"
       id="path207708-4-3-6" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1043.4043,64.000577 v -524.414757 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1043.4043,64.000588 v -415.635898 0 0"
       id="path207708-4-3-6-2" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1163.4043,64.000577 v -524.414757 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1163.4043,64.000588 v -415.635898 0 0"
       id="path207708-4-3-6-2-8" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1283.4043,64.000577 v -524.414757 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1283.4043,64.000588 v -415.635898 0 0"
       id="path207708-4-3-6-2-8-4" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1403.4043,64.000577 v -524.414757 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1403.4043,64.000588 v -415.635898 0 0"
       id="path207708-4-3-6-2-8-4-3" />
    <path
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.475347;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 1523.4043,64.000568 v -415.757648 0 0"
       id="path207708-4-3-6-2-8-4-3-8" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1523.4043,64.000577 v -524.414757 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1523.4043,64.000588 v -415.635898 0 0"
       id="path207708-4-3-6-2-8-4-3-8-0" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1643.3583,64.000565 v -524.414715 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1643.3583,64.000578 v -415.635868 0 0"
       id="path207708-4-3-6-2-8-4-3-8-4" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1763.4043,64.000565 v -524.414715 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 1763.4043,64.000578 v -415.635868 0 0"
       id="path207708-4-3-6-2-8-4-3-8-4-0" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1883.7877,64.878769 v -524.414709 0 0"
-       id="path207708-4-3-6-2-8-4-3-8-4-0-8" />
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2002.9599,64.984489 v -524.414709 0 0"
-       id="path207708-4-3-6-2-8-4-3-8-4-0-8-8" />
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2123.2232,62.984489 v -524.414709 0 0"
-       id="path207708-4-3-6-2-8-4-3-8-4-0-8-8-1" />
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2243.313,63.984489 v -524.414709 0 0"
-       id="path207708-4-3-6-2-8-4-3-8-4-0-8-8-1-9" />
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 443.40434,64.000628 v -524.414808 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 443.40434,64.000628 v -415.635938 0 0"
       id="path207708-9" />
    <path
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 323.40434,64.000608 v -375.000008 0 0"
       id="path207708-9-6" />
    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 323.40434,64.000616 v -524.414766 0 0"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="m 323.40434,64.000618 v -415.635908 0 0"
       id="path207708-9-6-2" />
    <text
       xml:space="preserve"
@@ -560,7 +536,7 @@
         x="-59.575905"
         y="580.05695" /></text>
    <rect
-       style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
+       style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1;opacity:0.5"
       id="rect917-0-0-4-4-9-4"
       width="160.00002"
       height="45.000004"
@@ -607,6 +583,14 @@
         y="-73.501534"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4">4.2</tspan></text>
+    <rect
+       style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
+       id="rect917-0-0-4-4-9-4-5-3-9-2-3"
+       width="140"
+       height="45.000004"
+       x="1043.132"
+       y="-328.2114"
+       ry="2.2558987" />
    <rect
       style="opacity:1;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-3-6"
@@ -631,78 +615,22 @@
         y="-238.332"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6">5.1</tspan></text>
-    <rect
-       style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
-       id="rect917-0-0-4-4-9-4-5-3-9-2-3-6-2"
-       width="140"
-       height="45.000004"
-       x="1043.4697"
-       y="-328.48172"
-       ry="2.2558987" />
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1090.4542"
-       y="-309.61823"
-       id="text1185-3-55-4-0-0-0-1-1-6-4-7"><tspan
+       x="1094.2197"
+       y="-309.83084"
+       id="text1185-3-55-4-0-0-0-1-1-6-4-3"><tspan
         sodipodi:role="line"
-         x="1090.4542"
-         y="-309.61823"
+         x="1094.2197"
+         y="-309.83084"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan957-2-8-6-3-9-7-4-2-0-0">Walnascar</tspan><tspan
+         id="tspan957-2-8-6-3-9-7-4-2-0-5">Walnascar</tspan><tspan
         sodipodi:role="line"
-         x="1090.4542"
-         y="-291.62155"
+         x="1094.2197"
+         y="-291.83417"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5-6-9">5.2</tspan></text>
-    <rect
-       style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
-       id="rect917-0-0-4-4-9-4-5-3-9-2-3-67"
-       width="140"
-       height="45.000004"
-       x="1163.6425"
-       y="-382.27469"
-       ry="2.2558987" />
-    <text
-       xml:space="preserve"
-       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1214.9716"
-       y="-363.89413"
-       id="text1185-3-55-4-0-0-0-1-1-6-4-3-53"><tspan
-         sodipodi:role="line"
-         x="1214.9716"
-         y="-363.89413"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan957-2-8-6-3-9-7-4-2-0-5-5">Whinlatter</tspan><tspan
-         sodipodi:role="line"
-         x="1214.9716"
-         y="-345.89746"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5-6-6-6">5.3</tspan></text>
-    <rect
-       style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:5.29752;stroke-opacity:1"
-       id="rect917-0-0-4-4-9-4-5-3-9-2-3-67-6"
-       width="982.23163"
-       height="45.000004"
-       x="1283.7023"
-       y="-436.77539"
-       ry="2.2558987" />
-    <text
-       xml:space="preserve"
-       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1335.1118"
-       y="-418.39484"
-       id="text1185-3-55-4-0-0-0-1-1-6-4-3-53-0"><tspan
-         sodipodi:role="line"
-         x="1335.1118"
-         y="-418.39484"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan957-2-8-6-3-9-7-4-2-0-5-5-6">Wrynose</tspan><tspan
-         sodipodi:role="line"
-         x="1335.1118"
-         y="-400.39816"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5-6-6-6-2">6.0</tspan></text>
+         id="tspan10317-2-9-1-4-6-5-6-6">5.2</tspan></text>
    <g
       id="g1591"
       transform="translate(-516.59566,64.000598)">
@@ -753,7 +681,7 @@
         id="tspan10317-2-9-0-1">5.0</tspan></text>
    <g
       id="g1125-0"
-       transform="matrix(0.42240595,0,0,0.41654472,330.77064,-497.11721)"
+       transform="matrix(0.42240595,0,0,0.41654472,330.77064,-441.11721)"
       style="stroke:none;stroke-width:2.38399">
      <rect
         style="opacity:1;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:4.76797;stroke-opacity:1"
@@ -995,8 +923,8 @@
         y="345.7359" /></text>
    <path
       id="path29430"
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.99503;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="M 307.54809,63.999718 H 2277.72 Z" />
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.72671;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
+       d="M 307.54809,63.999718 H 1783.4043 Z" />
    <path
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 323.40434,64.000618 v 9.99995 0"
@@ -1509,324 +1437,50 @@
       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
       d="m 1763.4043,64.000578 v 9.99999 0"
       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0" />
-    <text
-       xml:space="preserve"
-       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="1885.6029"
-       y="94.285194"
-       id="text1185-9-7-1-1-8-1-0-4-2-8-2"><tspan
-         sodipodi:role="line"
-         x="1885.6029"
-         y="94.285194"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan31345-4-0-4-81-5-2-8">Oct.</tspan><tspan
-         sodipodi:role="line"
-         x="1885.6029"
-         y="112.28188"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan49906-7-3-8-2-8-9-9">2028</tspan></text>
-    <g
-       id="g1267-4-5-2-7"
-       transform="translate(563.45518,-155.9782)">
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1200,220.00002 v 9.99999 0"
-         id="path29548-5-1-3-6-3-1-0-3-4-1-3" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1220,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1240,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1260,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1280,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1299.7216,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3"
-         inkscape:transform-center-x="-14.78205"
-         inkscape:transform-center-y="-0.085282837" />
-    </g>
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 1883.4551,64.021829 v 9.99999 0"
-       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1" />
-    <text
-       xml:space="preserve"
-       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2005.5908"
-       y="94.339828"
-       id="text1185-9-7-1-1-8-1-0-4-2-8-2-4"><tspan
-         sodipodi:role="line"
-         x="2005.5908"
-         y="94.339828"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan31345-4-0-4-81-5-2-8-7">Apr.</tspan><tspan
-         sodipodi:role="line"
-         x="2005.5908"
-         y="112.33651"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan49906-7-3-8-2-8-9-9-8">2029</tspan></text>
-    <g
-       id="g1267-4-5-2-7-4"
-       transform="translate(683.44312,-155.92356)">
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1200,220.00002 v 9.99999 0"
-         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1220,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1240,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1260,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1280,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1299.7216,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0"
-         inkscape:transform-center-x="-14.78205"
-         inkscape:transform-center-y="-0.085282837" />
-    </g>
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2003.443,64.076464 v 9.99999 0"
-       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6" />
-    <text
-       xml:space="preserve"
-       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2125.6079"
-       y="94.692207"
-       id="text1185-9-7-1-1-8-1-0-4-2-8-2-4-2"><tspan
-         sodipodi:role="line"
-         x="2125.6079"
-         y="94.692207"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan31345-4-0-4-81-5-2-8-7-0">Oct.</tspan><tspan
-         sodipodi:role="line"
-         x="2125.6079"
-         y="112.68889"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan49906-7-3-8-2-8-9-9-8-6">2029</tspan></text>
-    <g
-       id="g1267-4-5-2-7-4-1"
-       transform="translate(803.46019,-155.57118)">
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1200,220.00002 v 9.99999 0"
-         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1220,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1240,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1260,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1280,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1299.7216,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5"
-         inkscape:transform-center-x="-14.78205"
-         inkscape:transform-center-y="-0.085282837" />
-    </g>
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2123.4601,64.428843 v 9.99999 0"
-       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-6" />
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2123.3825,64.223284 v 9.99999 0"
-       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-3" />
-    <text
-       xml:space="preserve"
-       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2245.5474"
-       y="94.839027"
-       id="text1185-9-7-1-1-8-1-0-4-2-8-2-4-2-7"><tspan
-         sodipodi:role="line"
-         x="2245.5474"
-         y="94.839027"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan31345-4-0-4-81-5-2-8-7-0-4">Apr.</tspan><tspan
-         sodipodi:role="line"
-         x="2245.5474"
-         y="112.83571"
-         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
-         id="tspan49906-7-3-8-2-8-9-9-8-6-5">2030</tspan></text>
-    <g
-       id="g1267-4-5-2-7-4-1-2"
-       transform="translate(923.39972,-155.42436)">
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1200,220.00002 v 9.99999 0"
-         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5-5" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1220,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5-4"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1240,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4-7"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1260,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7-4"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1280,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6-4"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1299.7216,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5-3"
-         inkscape:transform-center-x="-14.78205"
-         inkscape:transform-center-y="-0.085282837" />
-    </g>
-    <g
-       id="g1267-4-5-2-7-4-1-2-0"
-       transform="translate(1043.3579,-155.33829)">
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1200,220.00002 v 9.99999 0"
-         id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5-5-6" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1220,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5-4-8"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1240,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4-7-9"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1260,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7-4-2"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1280,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6-4-6"
-         inkscape:transform-center-x="14.782001"
-         inkscape:transform-center-y="-0.085282837" />
-      <path
-         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-         d="m 1299.7216,219.99997 v 5.00004 0"
-         id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5-3-6"
-         inkscape:transform-center-x="-14.78205"
-         inkscape:transform-center-y="-0.085282837" />
-    </g>
-    <path
-       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
-       d="m 2243.3996,64.575663 v 9.99999 0"
-       id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-6-0" />
    <rect
       style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.751473;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-36"
       width="38.418175"
       height="23.151052"
-       x="2047.6135"
-       y="-45.172161"
+       x="1605.6135"
+       y="-41.172161"
       ry="1.1605872" />
    <rect
       style="opacity:1;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1.98878;stroke-dasharray:none;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-36-7"
       width="186.42949"
       height="110.40546"
-       x="2036.5294"
-       y="-77.753708"
+       x="1594.5294"
+       y="-73.753708"
       ry="5.5347452" />
    <rect
       style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1"
       id="rect917-0-0-4-4-9-4-5-3-9-2-6"
       width="21.197233"
       height="19.28739"
-       x="2053.8164"
-       y="-45.883858"
+       x="1611.8163"
+       y="-41.883858"
       ry="0.96689767" />
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2132.4917"
-       y="-57.687912"
+       x="1690.4917"
+       y="-53.687912"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5"><tspan
         sodipodi:role="line"
-         x="2132.4917"
-         y="-57.687912"
+         x="1690.4917"
+         y="-53.687912"
         style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6-6-5">Legend</tspan></text>
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2098.0986"
-       y="-31.899874"
+       x="1656.0988"
+       y="-27.899874"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2"><tspan
         sodipodi:role="line"
-         x="2098.0986"
-         y="-31.899874"
+         x="1656.0988"
+         y="-27.899874"
         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6-6-5-9">Future</tspan></text>
    <rect
@@ -1834,38 +1488,38 @@
       id="rect917-0-0-4-4-9-4-5-3-9-2-6-1"
       width="21.197233"
       height="19.28739"
-       x="2053.8672"
-       y="-21.756365"
+       x="1611.8671"
+       y="-17.756365"
       ry="0.96689767" />
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2128.7158"
-       y="-7.6722765"
+       x="1686.7159"
+       y="-3.6722763"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2-2"><tspan
         sodipodi:role="line"
-         x="2128.7158"
-         y="-7.6722765"
+         x="1686.7159"
+         y="-3.6722763"
         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
-         id="tspan10317-2-9-1-4-6-5-6-6-5-9-7">Current (Apr. 25)</tspan></text>
+         id="tspan10317-2-9-1-4-6-5-6-6-5-9-7">Current (Oct. 24)</tspan></text>
    <text
       xml:space="preserve"
       style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
-       x="2109.363"
-       y="16.03771"
+       x="1667.363"
+       y="20.03771"
       id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2-2-9"><tspan
         sodipodi:role="line"
-         x="2109.363"
-         y="16.03771"
+         x="1667.363"
+         y="20.03771"
         style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
         id="tspan10317-2-9-1-4-6-5-6-6-5-9-7-3">End-of-life</tspan></text>
    <rect
-       style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1"
+       style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1;opacity:0.5"
       id="rect917-0-0-4-4-9-4-5-3-9-2-6-1-0"
       width="21.197233"
       height="19.28739"
-       x="2054.0239"
-       y="1.9667883"
+       x="1612.0239"
+       y="5.9667883"
       ry="0.96689767" />
    <rect
       style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1.85786;stroke-opacity:1"
--- a/documentation/ref-manual/tasks.rst
+++ b/documentation/ref-manual/tasks.rst
@@ -726,7 +726,7 @@ tool, which you then use to modify the kernel configuration.
           $ bitbake linux-yocto -c menuconfig


-See the ":ref:`kernel-dev/common:using ``menuconfig```"
+See the ":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
 section in the Yocto Project Linux Kernel Development Manual for more
 information on this configuration tool.

@@ -750,7 +750,7 @@ which can then be applied by subsequent tasks such as

 Runs ``make menuconfig`` for the kernel. For information on
 ``menuconfig``, see the
-":ref:`kernel-dev/common:using ``menuconfig```"
+":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
 section in the Yocto Project Linux Kernel Development Manual.

 .. _ref-tasks-savedefconfig:
--- a/documentation/ref-manual/terms.rst
+++ b/documentation/ref-manual/terms.rst
@@ -63,7 +63,7 @@ universal, the list includes them just in case:
      This term refers to the area used by the OpenEmbedded build system for
      builds. The area is created when you ``source`` the setup environment
      script that is found in the Source Directory
-      (i.e. :ref:`ref-manual/structure:``oe-init-build-env```). The
+      (i.e. :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``). The
      :term:`TOPDIR` variable points to the :term:`Build Directory`.

      You have a lot of flexibility when creating the :term:`Build Directory`.
--- a/documentation/ref-manual/variables.rst
+++ b/documentation/ref-manual/variables.rst
@@ -2243,7 +2243,7 @@ system and gives an overview of their function and contents.
      resides within the :term:`Build Directory` as ``${TMPDIR}/deploy``.

      For more information on the structure of the Build Directory, see
-      ":ref:`ref-manual/structure:the build directory --- ``build/```" section.
+      ":ref:`ref-manual/structure:the build directory --- \`\`build/\`\``" section.
      For more detail on the contents of the ``deploy`` directory, see the
      ":ref:`overview-manual/concepts:images`",
      ":ref:`overview-manual/concepts:package feeds`", and
@@ -2285,7 +2285,7 @@ system and gives an overview of their function and contents.
      contents of :term:`IMGDEPLOYDIR` by the :ref:`ref-classes-image` class.

      For more information on the structure of the :term:`Build Directory`, see
-      ":ref:`ref-manual/structure:the build directory --- ``build/```" section.
+      ":ref:`ref-manual/structure:the build directory --- \`\`build/\`\``" section.
      For more detail on the contents of the ``deploy`` directory, see the
      ":ref:`overview-manual/concepts:images`" and
      ":ref:`overview-manual/concepts:application development sdk`" sections both in
@@ -4299,33 +4299,9 @@ system and gives an overview of their function and contents.
         IMAGE_ROOTFS_EXTRA_SPACE = "41943040"

   :term:`IMAGE_ROOTFS_MAXSIZE`
-      Defines the maximum allowed size of the generated image in kilobytes.
-      The build will fail if the generated image size exceeds this value.
-
-      The generated image size undergoes several calculation steps before being
-      compared to :term:`IMAGE_ROOTFS_MAXSIZE`.
-      In the first step, the size of the directory pointed to by :term:`IMAGE_ROOTFS`
-      is calculated.
-      In the second step, the result from the first step is multiplied
-      by :term:`IMAGE_OVERHEAD_FACTOR`.
-      In the third step, the result from the second step is compared with
-      :term:`IMAGE_ROOTFS_SIZE`. The larger value of these is added to
-      :term:`IMAGE_ROOTFS_EXTRA_SPACE`.
-      In the fourth step, the result from the third step is checked for
-      a decimal part. If it has one, it is rounded up to the next integer.
-      If it does not, it is simply converted into an integer.
-      In the fifth step, the :term:`IMAGE_ROOTFS_ALIGNMENT` is added to the result
-      from the fourth step and "1" is subtracted.
-      In the sixth step, the remainder of the division between the result
-      from the fifth step and :term:`IMAGE_ROOTFS_ALIGNMENT` is subtracted from the
-      result of the fifth step. In this way, the result from the fourth step is
-      rounded up to the nearest multiple of :term:`IMAGE_ROOTFS_ALIGNMENT`.
-
-      Thus, if the :term:`IMAGE_ROOTFS_MAXSIZE` is set, is compared with the result
-      of the above calculations and is independent of the final image type.
-      No default value is set for :term:`IMAGE_ROOTFS_MAXSIZE`.
-
-      It's a good idea to set this variable for images that need to fit on a limited
+      Defines the maximum size in Kbytes for the generated image. If the
+      generated image size is above that, the build will fail. It's a good
+      idea to set this variable for images that need to fit on a limited
      space (e.g. SD card, a fixed-size partition, ...).

   :term:`IMAGE_ROOTFS_SIZE`
@@ -4520,23 +4496,6 @@ system and gives an overview of their function and contents.
      Set the variable to "1" to prevent the default dependencies from
      being added.

-   :term:`INHIBIT_DEFAULT_RUST_DEPS`
-      Prevents the :ref:`ref-classes-rust` class from automatically adding
-      its default build-time dependencies.
-
-      When a recipe inherits the :ref:`ref-classes-rust` class, several
-      tools such as ``rust-native`` and ``${RUSTLIB_DEP}`` (only added when cross-compiling) are added
-      to :term:`DEPENDS` to support the ``rust`` build process.
-
-      To prevent the build system from adding these dependencies automatically,
-      set the :term:`INHIBIT_DEFAULT_RUST_DEPS` variable as follows::
-
-         INHIBIT_DEFAULT_RUST_DEPS = "1"
-
-      By default, the value of :term:`INHIBIT_DEFAULT_RUST_DEPS` is empty. Setting
-      it to "0" does not disable inhibition. Only the empty string will disable
-      inhibition.
-
   :term:`INHIBIT_PACKAGE_DEBUG_SPLIT`
      Prevents the OpenEmbedded build system from splitting out debug
      information during packaging. By default, the build system splits out
@@ -4583,25 +4542,6 @@ system and gives an overview of their function and contents.
         even if the toolchain's binaries are strippable, there are other files
         needed for the build that are not strippable.

-   :term:`INHIBIT_UPDATERCD_BBCLASS`
-      Prevents the :ref:`ref-classes-update-rc.d` class from automatically
-      installing and registering SysV init scripts for packages.
-
-      When a recipe inherits the :ref:`ref-classes-update-rc.d` class, init
-      scripts are typically installed and registered for the packages listed in
-      :term:`INITSCRIPT_PACKAGES`. This ensures that the relevant
-      services are started and stopped at the appropriate runlevels using the
-      traditional SysV init system.
-
-      To prevent the build system from adding these scripts and configurations
-      automatically, set the :term:`INHIBIT_UPDATERCD_BBCLASS` variable as follows::
-
-         INHIBIT_UPDATERCD_BBCLASS = "1"
-
-      By default, the value of :term:`INHIBIT_UPDATERCD_BBCLASS` is empty. Setting
-      it to "0" does not disable inhibition. Only the empty string will disable
-      inhibition.
-
   :term:`INIT_MANAGER`
      Specifies the system init manager to use. Available options are:

@@ -4768,20 +4708,6 @@ system and gives an overview of their function and contents.
      See the :term:`MACHINE` variable for additional
      information.

-   :term:`INITRAMFS_MAXSIZE`
-      Defines the maximum allowed size of the :term:`Initramfs` image in Kbytes.
-      The build will fail if the :term:`Initramfs` image size exceeds this value.
-
-      The :term:`Initramfs` image size undergoes several calculation steps before
-      being compared to :term:`INITRAMFS_MAXSIZE`.
-      These steps are the same as those used for :term:`IMAGE_ROOTFS_MAXSIZE`
-      and are described in detail in that entry.
-
-      Thus, :term:`INITRAMFS_MAXSIZE` is compared with the result of the calculations
-      and is independent of the final image type (e.g. compressed).
-      A default value for :term:`INITRAMFS_MAXSIZE` is set in
-      :oe_git:`meta/conf/bitbake.conf </openembedded-core/tree/meta/conf/bitbake.conf>`.
-
   :term:`INITRAMFS_MULTICONFIG`
      Defines the multiconfig to create a multiconfig dependency to be used by
      the :ref:`ref-classes-kernel` class.
@@ -5018,8 +4944,15 @@ system and gives an overview of their function and contents.
      options not explicitly specified will be disabled in the kernel
      config.

-      In case :term:`KCONFIG_MODE` is not set the ``defconfig`` file
-      will be handled in ``allnoconfig`` mode.
+      In case :term:`KCONFIG_MODE` is not set the behaviour will depend on where
+      the ``defconfig`` file is coming from. An "in-tree" ``defconfig`` file
+      will be handled in ``alldefconfig`` mode, a ``defconfig`` file placed
+      in ``${WORKDIR}`` through a meta-layer will be handled in
+      ``allnoconfig`` mode.
+
+      An "in-tree" ``defconfig`` file can be selected via the
+      :term:`KBUILD_DEFCONFIG` variable. :term:`KCONFIG_MODE` does not need to
+      be explicitly set.

      A ``defconfig`` file compatible with ``allnoconfig`` mode can be
      generated by copying the ``.config`` file from a working Linux kernel
@@ -5334,27 +5267,6 @@ system and gives an overview of their function and contents.
      the :term:`KERNEL_PATH` variable. Both variables are common variables
      used by external Makefiles to point to the kernel source directory.

-   :term:`KERNEL_SPLIT_MODULES`
-      When inheriting the :ref:`ref-classes-kernel-module-split` class, this
-      variable controls whether kernel modules are split into separate packages
-      or bundled into a single package.
-
-      For some use cases, a monolithic kernel module package
-      :term:`KERNEL_PACKAGE_NAME` that contains all modules built from the
-      kernel sources may be preferred to speed up the installation.
-
-      By default, this variable is set to ``1``, resulting in one package per
-      module. Setting it to any other value will generate a single monolithic
-      package containing all kernel modules.
-
-      .. note::
-
-         If :term:`KERNEL_SPLIT_MODULES` is set to 0, it is still possible to
-         install all kernel modules at once by adding ``kernel-modules`` (assuming
-         :term:`KERNEL_PACKAGE_NAME` is ``kernel-modules``) to :term:`IMAGE_INSTALL`.
-         The way it works is that a placeholder "kernel-modules" package will be
-         created and will depend on every other individual kernel module packages.
-
   :term:`KERNEL_SRC`
      The location of the kernel sources. This variable is set to the value
      of the :term:`STAGING_KERNEL_DIR` within the :ref:`ref-classes-module`
@@ -6219,7 +6131,7 @@ system and gives an overview of their function and contents.
      By default, no API key is used, which results in larger delays between API
      requests and limits the number of queries to the public rate limits posted
      at the `NVD developer's page <https://nvd.nist.gov/developers/start-here>`__.
-
+      
      NVD API keys can be requested through the
      `Request an API Key <https://nvd.nist.gov/developers/request-an-api-key>`__
      page. You can set this variable to the NVD API key in your ``local.conf`` file.
@@ -7098,7 +7010,7 @@ system and gives an overview of their function and contents.
      For examples of how this data is used, see the
      ":ref:`overview-manual/concepts:automatically added runtime dependencies`"
      section in the Yocto Project Overview and Concepts Manual and the
-      ":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
+      ":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
      section in the Yocto Project Development Tasks Manual. For more
      information on the shared, global-state directory, see
      :term:`STAGING_DIR_HOST`.
@@ -7152,7 +7064,7 @@ system and gives an overview of their function and contents.
         the package is built, the version information can be retrieved with
         ``oe-pkgdata-util package-info <package name>``. See the
         :ref:`dev-manual/debugging:Viewing Package Information with
-         ``oe-pkgdata-util``` section of the Yocto Project Development Tasks
+         \`\`oe-pkgdata-util\`\`` section of the Yocto Project Development Tasks
         Manual for more information on ``oe-pkgdata-util``.


@@ -7849,12 +7761,17 @@ system and gives an overview of their function and contents.
         prefer to have a read-only root filesystem and prefer to keep
         writeable data in one place.

-      When setting ``INIT_MANAGER = systemd``, the default will be set to::
+      You can override the default by setting the variable in any layer or
+      in the ``local.conf`` file. Because the default is set using a "weak"
+      assignment (i.e. "??="), you can use either of the following forms to
+      define your override::

+         ROOT_HOME = "/root"
         ROOT_HOME ?= "/root"

-      You can also override the default by setting the variable in your distro
-      configuration or in the ``local.conf`` file.
+      These
+      override examples use ``/root``, which is probably the most commonly
+      used override.

   :term:`ROOTFS`
      Indicates a filesystem image to include as the root filesystem.
@@ -8849,7 +8766,7 @@ system and gives an overview of their function and contents.
      class.

   :term:`SPL_SIGN_KEYNAME`
-      The name of keys used by the :ref:`ref-classes-uboot-sign` class
+      The name of keys used by the :ref:`ref-classes-kernel-fitimage` class
      for signing U-Boot FIT image stored in the :term:`SPL_SIGN_KEYDIR`
      directory. If we have for example a ``dev.key`` key and a ``dev.crt``
      certificate stored in the :term:`SPL_SIGN_KEYDIR` directory, you will
@@ -9113,7 +9030,7 @@ system and gives an overview of their function and contents.
      The Yocto Project actually shares the cache data objects built by its
      autobuilder::

-         SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
+         SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"

      As such binary artifacts are built for the generic QEMU machines
      supported by the various Poky releases, they are less likely to be
@@ -9137,26 +9054,6 @@ system and gives an overview of their function and contents.

      For details on the process, see the :ref:`ref-classes-staging` class.

-   :term:`SSTATE_SKIP_CREATION`
-      The :term:`SSTATE_SKIP_CREATION` variable can be used to skip the
-      creation of :ref:`shared state <overview-manual/concepts:shared state cache>`
-      tarball files. It makes sense e.g. for image creation tasks as tarring images
-      and keeping them in sstate would consume a lot of disk space.
-
-      In general it is not recommended to use this variable as missing sstate
-      artefacts adversely impact the build, particularly for entries in the
-      middle of dependency chains. The case it can make sense is where the
-      size and time costs of the artefact are similar to just running the
-      tasks. This generally only applies to end artefact output like images.
-
-      The syntax to disable it for one task is::
-
-         SSTATE_SKIP_CREATION:task-image-complete = "1"
-
-      The syntax to disable it for the whole recipe is::
-
-         SSTATE_SKIP_CREATION = "1"
-
   :term:`STAGING_BASE_LIBDIR_NATIVE`
      Specifies the path to the ``/lib`` subdirectory of the sysroot
      directory for the build host.
@@ -10507,7 +10404,7 @@ system and gives an overview of their function and contents.

         UBOOT_FIT_TEE_IMAGE ?= "tee-raw.bin"

-      If a relative path is provided, the file is expected to be relative to
+      If a relative path is provided, the file is expected to be relative to 
      U-Boot's :term:`B` directory. An absolute path can be provided too,
      e.g.::

@@ -11045,20 +10942,6 @@ system and gives an overview of their function and contents.
      Specifies the timeout in seconds used by the ``watchdog-config`` recipe
      and also by ``systemd`` during reboot. The default is 60 seconds.

-   :term:`WIC_CREATE_EXTRA_ARGS`
-      If the :term:`IMAGE_FSTYPES` variable contains "wic", the build
-      will generate a
-      :ref:`Wic image <dev-manual/wic:creating partitioned images using wic>`
-      automatically when BitBake builds an image recipe. As part of
-      this process BitBake will invoke the "`wic create`" command. The
-      :term:`WIC_CREATE_EXTRA_ARGS` variable is placed at the end of this
-      command which allows the user to supply additional arguments.
-
-      One such useful purpose for this mechanism is to add the ``-D`` (or
-      ``--debug``) argument to the "`wic create`" command. This increases the
-      amount of debugging information written out to the Wic log during the
-      Wic creation process.
-
   :term:`WIC_SECTOR_SIZE`
      The variable :term:`WIC_SECTOR_SIZE` controls the sector size of Wic
      images. In the background, this controls the value of the
--- a/documentation/test-manual/intro.rst
+++ b/documentation/test-manual/intro.rst
@@ -51,11 +51,13 @@ fashion. Basically, during the development of a Yocto Project release,
 the Autobuilder tests if things work. The Autobuilder builds all test
 targets and runs all the tests.

-The Yocto Project uses standard upstream Buildbot to drive its integration and
-testing. Buildbot has a plug-in interface that the Yocto Project customizes
-using code from the :yocto_git:`yocto-autobuilder2 </yocto-autobuilder2>`
-repository, adding its own console UI plugin. The resulting UI plug-in allows
-you to visualize builds in a way suited to the project's needs.
+The Yocto Project uses now uses standard upstream
+Buildbot (`version 3.8 <https://docs.buildbot.net/3.8.0/>`__) to
+drive its integration and testing. Buildbot has a plug-in interface
+that the Yocto Project customizes using code from the
+``yocto-autobuilder2`` repository, adding its own console UI plugin. The
+resulting UI plug-in allows you to visualize builds in a way suited to
+the project's needs.

 A ``helper`` layer provides configuration and job management through
 scripts found in the ``yocto-autobuilder-helper`` repository. The
--- a/documentation/toaster-manual/reference.rst
+++ b/documentation/toaster-manual/reference.rst
@@ -546,7 +546,7 @@ database.

 You need to run the ``buildslist`` command first to identify existing
 builds in the database before using the
-:ref:`toaster-manual/reference:``builddelete``` command. Here is an
+:ref:`toaster-manual/reference:\`\`builddelete\`\`` command. Here is an
 example that assumes default repository and :term:`Build Directory` names:

 .. code-block:: shell
@@ -555,7 +555,7 @@ example that assumes default repository and :term:`Build Directory` names:
   $ python ../bitbake/lib/toaster/manage.py buildslist

 If your Toaster database had only one build, the above
-:ref:`toaster-manual/reference:``buildslist```
+:ref:`toaster-manual/reference:\`\`buildslist\`\``
 command would return something like the following::

   1: qemux86 poky core-image-minimal
@@ -576,7 +576,7 @@ the database.

 Prior to running the ``builddelete`` command, you need to get the ID
 associated with builds by using the
-:ref:`toaster-manual/reference:``buildslist``` command.
+:ref:`toaster-manual/reference:\`\`buildslist\`\`` command.

 ``perf``
 --------
--- a/meta-poky/conf/distro/poky.conf
+++ b/meta-poky/conf/distro/poky.conf
@@ -1,6 +1,6 @@
 DISTRO = "poky"
 DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
-DISTRO_VERSION = "5.2.2"
+DISTRO_VERSION = "5.2"
 DISTRO_CODENAME = "walnascar"
 SDK_VENDOR = "-pokysdk"
 SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}"
--- a/meta-poky/conf/templates/default/local.conf.sample
+++ b/meta-poky/conf/templates/default/local.conf.sample
@@ -240,7 +240,10 @@ BB_DISKMON_DIRS ??= "\
 # Using the CDN rather than the yoctoproject.org address is suggested/preferred.
 #
 #BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws'
-#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
+#SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
+#
+###SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
+

 #
 # Qemu configuration
--- a/meta-yocto-bsp/conf/machine/genericarm64.conf
+++ b/meta-yocto-bsp/conf/machine/genericarm64.conf
@@ -17,8 +17,6 @@ PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
 MACHINE_EXTRA_RRECOMMENDS += "kernel-modules"
 # Install selected pieces of firmware
 MACHINE_EXTRA_RRECOMMENDS += "linux-firmware-wl12xx linux-firmware-wl18xx linux-firmware-rtl-nic"
-# increase default size since we install a lot of kernel drivers and firmware by default
-INITRAMFS_MAXSIZE = "200000"

 # Use an initramfs and populate it with the kernel modules and key firmware
 INITRAMFS_IMAGE ?= "core-image-initramfs-boot"
--- a/meta/classes-global/insane.bbclass
+++ b/meta/classes-global/insane.bbclass
@@ -1418,6 +1418,16 @@ Rerun configure task after fixing this."""
        except subprocess.CalledProcessError:
            pass

+    # Check invalid PACKAGECONFIG
+    pkgconfig = (d.getVar("PACKAGECONFIG") or "").split()
+    if pkgconfig:
+        pkgconfigflags = d.getVarFlags("PACKAGECONFIG") or {}
+        for pconfig in pkgconfig:
+            if pconfig not in pkgconfigflags:
+                pn = d.getVar('PN')
+                error_msg = "%s: invalid PACKAGECONFIG: %s" % (pn, pconfig)
+                oe.qa.handle_error("invalid-packageconfig", error_msg, d)
+
    oe.qa.exit_if_errors(d)
 }

@@ -1465,20 +1475,10 @@ python do_recipe_qa() {
            if re.search(r"git(hu|la)b\.com/.+/.+/archive/.+", url) or "//codeload.github.com/" in url:
                oe.qa.handle_error("src-uri-bad", "%s: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol" % pn, d)

-    def test_packageconfig(pn, d):
-        pkgconfigs = (d.getVar("PACKAGECONFIG") or "").split()
-        if pkgconfigs:
-            pkgconfigflags = d.getVarFlags("PACKAGECONFIG") or {}
-            invalid_pkgconfigs = set(pkgconfigs) - set(pkgconfigflags)
-            if invalid_pkgconfigs:
-                error_msg = "%s: invalid PACKAGECONFIG(s): %s" % (pn, " ".join(sorted(invalid_pkgconfigs)))
-                oe.qa.handle_error("invalid-packageconfig", error_msg, d)
-
    pn = d.getVar('PN')
    test_missing_metadata(pn, d)
    test_missing_maintainer(pn, d)
    test_srcuri(pn, d)
-    test_packageconfig(pn, d)
    oe.qa.exit_if_errors(d)
 }

--- a/meta/classes-global/package_rpm.bbclass
+++ b/meta/classes-global/package_rpm.bbclass
@@ -728,7 +728,6 @@ python do_package_rpm () {

    # rpm 4 creates various empty directories in _topdir, let's clean them up
    cleanupcmd = "rm -rf %s/BUILDROOT %s/SOURCES %s/SPECS %s/SRPMS" % (workdir, workdir, workdir, workdir)
-    cleanupcmd += " %s/%s-build" % (d.getVar('B'), d.getVar('P'))

    # Build the rpm package!
    d.setVar('BUILDSPEC', cmd + "\n" + cleanupcmd + "\n")
--- a/meta/classes-global/sstate.bbclass
+++ b/meta/classes-global/sstate.bbclass
@@ -726,6 +726,7 @@ def pstaging_fetch(sstatefetch, d):
    localdata = bb.data.createCopy(d)

    dldir = localdata.expand("${SSTATE_DIR}")
+    bb.utils.mkdirhier(dldir)

    localdata.delVar('MIRRORS')
    localdata.setVar('FILESPATH', dldir)
@@ -745,19 +746,16 @@ def pstaging_fetch(sstatefetch, d):
    if bb.utils.to_boolean(d.getVar("SSTATE_VERIFY_SIG"), False):
        uris += ['file://{0}.sig;downloadfilename={0}.sig'.format(sstatefetch)]

-    with bb.utils.umask(0o002):
-        bb.utils.mkdirhier(dldir)
+    for srcuri in uris:
+        localdata.delVar('SRC_URI')
+        localdata.setVar('SRC_URI', srcuri)
+        try:
+            fetcher = bb.fetch2.Fetch([srcuri], localdata, cache=False)
+            fetcher.checkstatus()
+            fetcher.download()

-        for srcuri in uris:
-            localdata.delVar('SRC_URI')
-            localdata.setVar('SRC_URI', srcuri)
-            try:
-                fetcher = bb.fetch2.Fetch([srcuri], localdata, cache=False)
-                fetcher.checkstatus()
-                fetcher.download()
-
-            except bb.fetch2.BBFetchException:
-                pass
+        except bb.fetch2.BBFetchException:
+            pass

 def sstate_setscene(d):
    shared_state = sstate_state_fromvars(d)
--- a/meta/classes-recipe/module.bbclass
+++ b/meta/classes-recipe/module.bbclass
@@ -65,7 +65,6 @@ module_do_install() {
 	           CC="${KERNEL_CC}" LD="${KERNEL_LD}" OBJCOPY="${KERNEL_OBJCOPY}" \
 	           STRIP="${KERNEL_STRIP}" \
 	           O=${STAGING_KERNEL_BUILDDIR} \
-		   KBUILD_EXTRA_SYMBOLS="${KBUILD_EXTRA_SYMBOLS}" \
 	           ${MODULES_INSTALL_TARGET}

 	if [ ! -e "${B}/${MODULES_MODULE_SYMVERS_LOCATION}/Module.symvers" ] ; then
--- a/meta/classes-recipe/systemd.bbclass
+++ b/meta/classes-recipe/systemd.bbclass
@@ -224,8 +224,6 @@ python systemd_populate_packages() {
                        service, pkg_systemd, "Also looked for service unit '{0}'.".format(base) if base is not None else ""))

    def systemd_create_presets(pkg, action, user):
-        import re
-
        # Check there is at least one service of given type (system/user), don't
        # create empty files.
        needs_preset = False
@@ -241,17 +239,10 @@ python systemd_populate_packages() {
        presetf = oe.path.join(d.getVar("PKGD"), d.getVar("systemd_unitdir"), "%s-preset/98-%s.preset" % (prefix, pkg))
        bb.utils.mkdirhier(os.path.dirname(presetf))
        with open(presetf, 'a') as fd:
-            template_services = {}
            for service in d.getVar('SYSTEMD_SERVICE:%s' % pkg).split():
                if not systemd_service_exists(service, user, d):
                    continue
-                if '@' in service and '@.' not in service:
-                    (servicename, instance, service_type) = re.split('[@.]', service)
-                    template_services.setdefault(servicename + '@.' + service_type, []).append(instance)
-                else:
-                    fd.write("%s %s\n" % (action,service))
-            for template, instances in template_services.items():
-                fd.write("%s %s %s\n" % (action, template, ' '.join(instances)))
+                fd.write("%s %s\n" % (action,service))
        d.appendVar("FILES:%s" % pkg, ' ' + oe.path.join(d.getVar("systemd_unitdir"), "%s-preset/98-%s.preset" % (prefix, pkg)))

    # Run all modifications once when creating package
--- a/meta/classes-recipe/testimage.bbclass
+++ b/meta/classes-recipe/testimage.bbclass
@@ -26,9 +26,7 @@ TESTIMAGE_FAILED_QA_ARTIFACTS = "\
    ${localstatedir}/log \
    ${localstatedir}/volatile/log \
    ${sysconfdir}/version \
-    ${sysconfdir}/os-release \
-    ${nonarch_libdir}/os-release \
-"
+    ${sysconfdir}/os-release"

 # If some ptests are run and fail, retrieve corresponding directories
 TESTIMAGE_FAILED_QA_ARTIFACTS += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${libdir}/*/ptest', '', d)}"
--- a/meta/conf/distro/include/maintainers.inc
+++ b/meta/conf/distro/include/maintainers.inc
@@ -194,7 +194,7 @@ RECIPE_MAINTAINER:pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r
 RECIPE_MAINTAINER:pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>"
-RECIPE_MAINTAINER:pn-gcc-source-14.3.0 = "Khem Raj <raj.khem@gmail.com>"
+RECIPE_MAINTAINER:pn-gcc-source-14.2.0 = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gconf = "Ross Burton <ross.burton@arm.com>"
 RECIPE_MAINTAINER:pn-gcr = "Unassigned <unassigned@yoctoproject.org>"
 RECIPE_MAINTAINER:pn-gdb = "Khem Raj <raj.khem@gmail.com>"
@@ -215,6 +215,7 @@ RECIPE_MAINTAINER:pn-glibc = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glibc-locale = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glibc-mtrace = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glibc-scripts = "Khem Raj <raj.khem@gmail.com>"
+RECIPE_MAINTAINER:pn-glibc-y2038-tests = "Lukasz Majewski <lukma@denx.de>"
 RECIPE_MAINTAINER:pn-glibc-testsuite = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-gmp = "Khem Raj <raj.khem@gmail.com>"
 RECIPE_MAINTAINER:pn-glslang = "Jose Quaresma <quaresma.jose@gmail.com>"
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -86,6 +86,8 @@ PTESTS_FAST = "\
    xz \
    zlib \
 "
+PTESTS_FAST:append:libc-glibc = " glibc-y2038-tests"
+PTESTS_PROBLEMS:remove:libc-glibc = "glibc-y2038-tests"
 PTESTS_FAST:remove:mips64 = "qemu"
 PTESTS_PROBLEMS:append:mips64 = " qemu"
 PTESTS_FAST:remove:riscv32 = "qemu"
--- a/meta/conf/distro/include/time64.inc
+++ b/meta/conf/distro/include/time64.inc
@@ -20,6 +20,7 @@ TARGET_CC_ARCH:append:powerpc = "${@bb.utils.contains('TUNE_FEATURES', 'm32', '$
 TARGET_CC_ARCH:append:x86 = "${@bb.utils.contains('TUNE_FEATURES', 'm32', '${GLIBC_64BIT_TIME_FLAGS}', '', d)}"

 GLIBC_64BIT_TIME_FLAGS:pn-glibc = ""
+GLIBC_64BIT_TIME_FLAGS:pn-glibc-y2038-tests = ""
 GLIBC_64BIT_TIME_FLAGS:pn-glibc-testsuite = ""
 # pipewire-v4l2 explicitly sets _FILE_OFFSET_BITS=32 to get access to
 # both 32 and 64 bit file APIs.  But it does not handle the time side?
@@ -32,6 +33,7 @@ GLIBC_64BIT_TIME_FLAGS:pn-gcc-sanitizers = ""
 # Caused by the flags exceptions above
 INSANE_SKIP:append:pn-gcc-sanitizers = " 32bit-time"
 INSANE_SKIP:append:pn-glibc = " 32bit-time"
+INSANE_SKIP:append:pn-glibc-y2038-tests = " 32bit-time"

 # Strace has tests that call 32 bit API directly, which is fair enough, e.g.
 # /usr/lib/strace/ptest/tests/ioctl_termios uses 32-bit api 'ioctl'
--- a/meta/conf/machine/include/arm/armv8r/tune-cortexr52.inc
+++ b/meta/conf/machine/include/arm/armv8r/tune-cortexr52.inc
@@ -10,10 +10,11 @@ require conf/machine/include/arm/arch-armv8r.inc

 AVAILTUNES                             += "cortexr52"
 ARMPKGARCH:tune-cortexr52               = "cortexr52"
-TUNE_FEATURES:tune-cortexr52            = "${TUNE_FEATURES:tune-armv8r-crc-simd} cortexr52"
+# We do not want -march since -mcpu is added above to cover for it
+TUNE_FEATURES:tune-cortexr52            = "aarch64 crc simd cortexr52"
 PACKAGE_EXTRA_ARCHS:tune-cortexr52      = "${PACKAGE_EXTRA_ARCHS:tune-armv8r-crc-simd} cortexr52"

 AVAILTUNES                             += "cortexr52hf"
-ARMPKGARCH:tune-cortexr52hf             = "cortexr52hf"
+ARMPKGARCH:tune-cortexr52hf             = "cortexr52"
 TUNE_FEATURES:tune-cortexr52hf          = "${TUNE_FEATURES:tune-cortexr52} callconvention-hard"
 PACKAGE_EXTRA_ARCHS:tune-cortexr52hf    = "cortexr52hf"
--- a/meta/lib/oe/patch.py
+++ b/meta/lib/oe/patch.py
@@ -462,23 +462,21 @@ class GitApplyTree(PatchTree):
        return (tmpfile, cmd)

    @staticmethod
-    def addNote(repo, ref, key, value=None, commituser=None, commitemail=None):
+    def addNote(repo, ref, key, value=None):
        note = key + (": %s" % value if value else "")
        notes_ref = GitApplyTree.notes_ref
        runcmd(["git", "config", "notes.rewriteMode", "ignore"], repo)
        runcmd(["git", "config", "notes.displayRef", notes_ref, notes_ref], repo)
        runcmd(["git", "config", "notes.rewriteRef", notes_ref, notes_ref], repo)
-        cmd = ["git"]
-        GitApplyTree.gitCommandUserOptions(cmd, commituser, commitemail)
-        runcmd(cmd + ["notes", "--ref", notes_ref, "append", "-m", note, ref], repo)
+        runcmd(["git", "notes", "--ref", notes_ref, "append", "-m", note, ref], repo)

    @staticmethod
-    def removeNote(repo, ref, key, commituser=None, commitemail=None):
+    def removeNote(repo, ref, key):
        notes = GitApplyTree.getNotes(repo, ref)
        notes = {k: v for k, v in notes.items() if k != key and not k.startswith(key + ":")}
        runcmd(["git", "notes", "--ref", GitApplyTree.notes_ref, "remove", "--ignore-missing", ref], repo)
        for note, value in notes.items():
-            GitApplyTree.addNote(repo, ref, note, value, commituser, commitemail)
+            GitApplyTree.addNote(repo, ref, note, value)

    @staticmethod
    def getNotes(repo, ref):
@@ -509,7 +507,7 @@ class GitApplyTree(PatchTree):
        GitApplyTree.gitCommandUserOptions(cmd, d=d)
        cmd += ["commit", "-m", subject, "--no-verify"]
        runcmd(cmd, dir)
-        GitApplyTree.addNote(dir, "HEAD", GitApplyTree.ignore_commit, d.getVar('PATCH_GIT_USER_NAME'), d.getVar('PATCH_GIT_USER_EMAIL'))
+        GitApplyTree.addNote(dir, "HEAD", GitApplyTree.ignore_commit)

    @staticmethod
    def extractPatches(tree, startcommits, outdir, paths=None):
@@ -656,7 +654,7 @@ class GitApplyTree(PatchTree):
            raise
        finally:
            if patch_applied:
-                GitApplyTree.addNote(self.dir, "HEAD", GitApplyTree.original_patch, os.path.basename(patch['file']), self.commituser, self.commitemail)
+                GitApplyTree.addNote(self.dir, "HEAD", GitApplyTree.original_patch, os.path.basename(patch['file']))


 class QuiltTree(PatchSet):
--- a/meta/lib/oeqa/selftest/cases/sstatetests.py
+++ b/meta/lib/oeqa/selftest/cases/sstatetests.py
@@ -27,15 +27,17 @@ class SStateBase(OESelftestTestCase):
    def setUpLocal(self):
        super(SStateBase, self).setUpLocal()
        self.temp_sstate_location = None
-        needed_vars = ['SSTATE_DIR', 'TCLIBC', 'TUNE_ARCH',
+        needed_vars = ['SSTATE_DIR', 'NATIVELSBSTRING', 'TCLIBC', 'TUNE_ARCH',
                       'TOPDIR', 'TARGET_VENDOR', 'TARGET_OS']
        bb_vars = get_bb_vars(needed_vars)
        self.sstate_path = bb_vars['SSTATE_DIR']
+        self.hostdistro = bb_vars['NATIVELSBSTRING']
        self.tclibc = bb_vars['TCLIBC']
        self.tune_arch = bb_vars['TUNE_ARCH']
        self.topdir = bb_vars['TOPDIR']
        self.target_vendor = bb_vars['TARGET_VENDOR']
        self.target_os = bb_vars['TARGET_OS']
+        self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)

    def track_for_cleanup(self, path):
        if not keep_temp_files:
@@ -50,7 +52,10 @@ class SStateBase(OESelftestTestCase):
            config_temp_sstate = "SSTATE_DIR = \"%s\"" % temp_sstate_path
            self.append_config(config_temp_sstate)
            self.track_for_cleanup(temp_sstate_path)
-        self.sstate_path = get_bb_var('SSTATE_DIR')
+        bb_vars = get_bb_vars(['SSTATE_DIR', 'NATIVELSBSTRING'])
+        self.sstate_path = bb_vars['SSTATE_DIR']
+        self.hostdistro = bb_vars['NATIVELSBSTRING']
+        self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)

        if add_local_mirrors:
            config_set_sstate_if_not_set = 'SSTATE_MIRRORS ?= ""'
@@ -60,16 +65,8 @@ class SStateBase(OESelftestTestCase):
                config_sstate_mirror = "SSTATE_MIRRORS += \"file://.* file:///%s/PATH\"" % local_mirror
                self.append_config(config_sstate_mirror)

-    def set_hostdistro(self):
-        # This needs to be read after a BuildStarted event in case it gets changed by event
-        # handling in uninative.bbclass
-        self.hostdistro = get_bb_var('NATIVELSBSTRING')
-        self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
-
    # Returns a list containing sstate files
    def search_sstate(self, filename_regex, distro_specific=True, distro_nonspecific=True):
-        self.set_hostdistro()
-
        result = []
        for root, dirs, files in os.walk(self.sstate_path):
            if distro_specific and re.search(r"%s/%s/[a-z0-9]{2}/[a-z0-9]{2}$" % (self.sstate_path, self.hostdistro), root):
@@ -83,43 +80,55 @@ class SStateBase(OESelftestTestCase):
        return result

    # Test sstate files creation and their location and directory perms
-    def run_test_sstate_creation(self, targets, hostdistro_specific):
-        self.config_sstate(True, [self.sstate_path])
+    def run_test_sstate_creation(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True, should_pass=True):
+        self.config_sstate(temp_sstate_location, [self.sstate_path])

-        bitbake(['-cclean'] + targets)
-
-        # Set it to a umask we know will be 'wrong'
-        with bb.utils.umask(0o022):
-            bitbake(targets)
-
-        # Distro specific files
-        distro_specific_files = self.search_sstate('|'.join(map(str, targets)), True, False)
-
-        # Distro non-specific
-        distro_non_specific_files = []
-        results = self.search_sstate('|'.join(map(str, targets)), False, True)
-        for r in results:
-            if r.endswith(("_populate_lic.tar.zst", "_populate_lic.tar.zst.siginfo", "_fetch.tar.zst.siginfo", "_unpack.tar.zst.siginfo", "_patch.tar.zst.siginfo")):
-                continue
-            distro_non_specific_files.append(r)
-
-        if hostdistro_specific:
-            self.assertTrue(distro_specific_files , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
-            self.assertFalse(distro_non_specific_files, msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(distro_non_specific_files)))
+        if  self.temp_sstate_location:
+            bitbake(['-cclean'] + targets)
        else:
-            self.assertTrue(distro_non_specific_files , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
-            self.assertFalse(distro_specific_files, msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(distro_specific_files)))
+            bitbake(['-ccleansstate'] + targets)
+
+        # We need to test that the env umask have does not effect sstate directory creation
+        # So, first, we'll get the current umask and set it to something we know incorrect
+        # See: sstate_task_postfunc for correct umask of os.umask(0o002)
+        import os
+        def current_umask():
+            current_umask = os.umask(0)
+            os.umask(current_umask)
+            return current_umask
+
+        orig_umask = current_umask()
+        # Set it to a umask we know will be 'wrong'
+        os.umask(0o022)
+
+        bitbake(targets)
+        file_tracker = []
+        results = self.search_sstate('|'.join(map(str, targets)), distro_specific, distro_nonspecific)
+        if distro_nonspecific:
+            for r in results:
+                if r.endswith(("_populate_lic.tar.zst", "_populate_lic.tar.zst.siginfo", "_fetch.tar.zst.siginfo", "_unpack.tar.zst.siginfo", "_patch.tar.zst.siginfo")):
+                    continue
+                file_tracker.append(r)
+        else:
+            file_tracker = results
+
+        if should_pass:
+            self.assertTrue(file_tracker , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
+        else:
+            self.assertTrue(not file_tracker , msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(file_tracker)))

        # Now we'll walk the tree to check the mode and see if things are incorrect.
        badperms = []
        for root, dirs, files in os.walk(self.sstate_path):
            for directory in dirs:
-                mode = os.stat(os.path.join(root, directory)).st_mode & 0o777
-                if mode != 0o775:
-                    badperms.append("%s: %s vs %s" % (os.path.join(root, directory), mode, 0o775))
+                if (os.stat(os.path.join(root, directory)).st_mode & 0o777) != 0o775:
+                    badperms.append(os.path.join(root, directory))

-        # Check badperms is empty
-        self.assertFalse(badperms , msg="Found sstate directories with the wrong permissions: %s (found %s)" % (', '.join(map(str, targets)), str(badperms)))
+        # Return to original umask
+        os.umask(orig_umask)
+
+        if should_pass:
+            self.assertTrue(badperms , msg="Found sstate directories with the wrong permissions: %s (found %s)" % (', '.join(map(str, targets)), str(badperms)))

    # Test the sstate files deletion part of the do_cleansstate task
    def run_test_cleansstate_task(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True):
@@ -144,8 +153,6 @@ class SStateBase(OESelftestTestCase):

        bitbake(['-ccleansstate'] + targets)

-        self.set_hostdistro()
-
        bitbake(targets)
        results = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific=False, distro_nonspecific=True)
        filtered_results = []
@@ -244,11 +251,17 @@ class SStateTests(SStateBase):
        bitbake("dbus-wait-test -c unpack")

 class SStateCreation(SStateBase):
-    def test_sstate_creation_distro_specific(self):
-        self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], hostdistro_specific=True)
+    def test_sstate_creation_distro_specific_pass(self):
+        self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], distro_specific=True, distro_nonspecific=False, temp_sstate_location=True)

-    def test_sstate_creation_distro_nonspecific(self):
-        self.run_test_sstate_creation(['linux-libc-headers'], hostdistro_specific=False)
+    def test_sstate_creation_distro_specific_fail(self):
+        self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], distro_specific=False, distro_nonspecific=True, temp_sstate_location=True, should_pass=False)
+
+    def test_sstate_creation_distro_nonspecific_pass(self):
+        self.run_test_sstate_creation(['linux-libc-headers'], distro_specific=False, distro_nonspecific=True, temp_sstate_location=True)
+
+    def test_sstate_creation_distro_nonspecific_fail(self):
+        self.run_test_sstate_creation(['linux-libc-headers'], distro_specific=True, distro_nonspecific=False, temp_sstate_location=True, should_pass=False)

 class SStateCleanup(SStateBase):
    def test_cleansstate_task_distro_specific_nonspecific(self):
@@ -959,7 +972,7 @@ class SStateMirrors(SStateCheckObjectPresence):
            self.append_config("""
 MACHINE = "{}"
 BB_HASHSERVE_UPSTREAM = "hashserv.yoctoproject.org:8686"
-SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
+SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
 """.format(machine))
        else:
            self.append_config("""
--- a/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch
+++ b/meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch
@@ -1,4 +1,4 @@
-From c70f74164bea8a8c54c03becffb2f21103dd1f31 Mon Sep 17 00:00:00 2001
+From 0a45935f9d1207535f83df62ed52f358ed546bbe Mon Sep 17 00:00:00 2001
 From: Chen Qi <Qi.Chen@windriver.com>
 Date: Mon, 15 Oct 2018 16:55:09 +0800
 Subject: [PATCH] avoid start failure with bind user
--- a/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch
+++ b/meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch
@@ -1,4 +1,4 @@
-From 0dd67d85705cbcfa9a2759c46f3cdf3d0d6375de Mon Sep 17 00:00:00 2001
+From dd484b0bd58832fc241afdc8ea05693228348353 Mon Sep 17 00:00:00 2001
 From: Hongxu Jia <hongxu.jia@windriver.com>
 Date: Mon, 27 Aug 2018 21:24:20 +0800
 Subject: [PATCH] `named/lwresd -V' and start log hide build options
@@ -20,7 +20,7 @@ Signed-off-by: Armin Kuster <akuster@mvista.com>
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/configure.ac b/configure.ac
-index f9cf4a4..0ce3d26 100644
+index 13f9d7f..6516d0d 100644
 --- a/configure.ac
 +++ b/configure.ac
@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par
--- a/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch
+++ b/meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch
@@ -1,4 +1,4 @@
-From 8c9c817933eef20328f10237bbd964580db0a3ad Mon Sep 17 00:00:00 2001
+From 9a06dbf831f012c6019237527d2bf1aa7a3a543a Mon Sep 17 00:00:00 2001
 From: Paul Gortmaker <paul.gortmaker@windriver.com>
 Date: Tue, 9 Jun 2015 11:22:00 -0400
 Subject: [PATCH] bind: ensure searching for json headers searches sysroot
@@ -32,7 +32,7 @@ Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
 1 file changed, 1 insertion(+), 1 deletion(-)

 diff --git a/configure.ac b/configure.ac
-index 334b551..f9cf4a4 100644
+index 168a77a..13f9d7f 100644
 --- a/configure.ac
 +++ b/configure.ac
@@ -863,7 +863,7 @@ AS_CASE([$with_lmdb],
--- a/meta/recipes-connectivity/bind/bind/conf.patch
+++ b/meta/recipes-connectivity/bind/bind/conf.patch
@@ -1,4 +1,4 @@
-From 83a892af19bf1455ce7132350332ed6d7f1e2b94 Mon Sep 17 00:00:00 2001
+From 27d1113a4c378583e0fcff91d70256bdcd78de0b Mon Sep 17 00:00:00 2001
 From: Qing He <qing.he@intel.com>
 Date: Tue, 30 Nov 2010 13:35:42 +0800
 Subject: [PATCH] bind: add new recipe
--- a/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch
+++ b/meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch
@@ -1,4 +1,4 @@
-From 1393cbf6b0084128fdfc9b5afb3bcc307265d094 Mon Sep 17 00:00:00 2001
+From 1fa4d0eb9631771bd751f04ce898433580996e5e Mon Sep 17 00:00:00 2001
 From: Chen Qi <Qi.Chen@windriver.com>
 Date: Thu, 27 Mar 2014 02:34:41 +0000
 Subject: [PATCH] init.d: add support for read-only rootfs
--- a/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
+++ b/meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
@@ -1,4 +1,4 @@
-From ce06506bb3fe661e03161af3a603bd228590a254 Mon Sep 17 00:00:00 2001
+From 2ea2e4e502e5840d52e76461e071882cc65f1766 Mon Sep 17 00:00:00 2001
 From: Roy Li <rongqing.li@windriver.com>
 Date: Thu, 15 Nov 2012 02:27:54 +0000
 Subject: [PATCH] bind: make "/etc/init.d/bind stop" work
--- a/meta/recipes-connectivity/bind/bind_9.20.6.bb
+++ b/meta/recipes-connectivity/bind/bind_9.20.6.bb
@@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
           file://0001-avoid-start-failure-with-bind-user.patch \
           "

-SRC_URI[sha256sum] = "3d26900ed9c9a859073ffea9b97e292c1248dad18279b17b05fcb23c3091f86d"
+SRC_URI[sha256sum] = "ed7f54b44f84a7201a2fa7a949f3021ea568529bfad90fca664fd55c05104134"

 UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
 # follow the ESV versions divisible by 2
--- a/meta/recipes-connectivity/bluez5/bluez5_5.79.bb
+++ b/meta/recipes-connectivity/bluez5/bluez5_5.79.bb
@@ -32,9 +32,6 @@ NOINST_TOOLS_TESTING ?= " \
    tools/rfcomm-tester \
    tools/bnep-tester \
    tools/userchan-tester \
-    tools/iso-tester \
-    tools/mesh-tester \
-    tools/ioctl-tester \
 "

 # noinst programs in Makefile.tools that are conditional on TOOLS
@@ -49,7 +46,6 @@ NOINST_TOOLS_BT ?= " \
    tools/hcieventmask \
    tools/hcisecfilter \
    tools/btinfo \
-    tools/btconfig \
    tools/btsnoop \
    tools/btproxy \
    tools/btiotest \
@@ -60,8 +56,6 @@ NOINST_TOOLS_BT ?= " \
    tools/advtest \
    tools/seq2bseq \
    tools/nokfw \
-    tools/rtlfw \
-    tools/bcmfw \
    tools/create-image \
    tools/eddystone \
    tools/ibeacon \
@@ -71,5 +65,5 @@ NOINST_TOOLS_BT ?= " \
    tools/check-selftest \
    tools/gatt-service \
    profiles/iap/iapd \
-    ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient tools/btpclientctl', '', d)} \
+    ${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \
 "
--- a/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
+++ b/meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
@@ -1,41 +0,0 @@
-From 8d3be0285f1d4667bfe85dba555c663eb3d704b4 Mon Sep 17 00:00:00 2001
-From: Yoonje Shin <ioerts@kookmin.ac.kr>
-Date: Mon, 12 May 2025 10:48:18 +0200
-Subject: [PATCH] dnsproxy: Address CVE-2025-32366 vulnerability
-
-In Connman parse_rr in dnsproxy.c has a memcpy length
-that depends on an RR RDLENGTH value (i.e., *rdlen=ntohs(rr->rdlen)
-and memcpy(response+offset,*end,*rdlen)). Here, rdlen may be larger
-than the amount of remaining packet data in the current state of
-parsing. As a result, values of stack memory locations may be sent
-over the network in a response.
-
-This patch adds a check to ensure that (*end + *rdlen) does not exceed
-the valid range. If the condition is violated, the function returns
-EINVAL.
-
-CVE: CVE-2025-32366
-
-Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4]
-
-Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
- src/dnsproxy.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/dnsproxy.c b/src/dnsproxy.c
-index 7ee26d9..1dd2f7f 100644
--- a/src/dnsproxy.c
-+++ b/src/dnsproxy.c
-@@ -998,6 +998,9 @@ static int parse_rr(const unsigned char *buf, const unsigned char *start,
-	if ((offset + *rdlen) > *response_size)
-		return -ENOBUFS;
-
-+	if ((*end + *rdlen) > max)
-+		return -EINVAL;
-+
-	memcpy(response + offset, *end, *rdlen);
-
-	*end += *rdlen;
--
-2.40.0
--- a/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
+++ b/meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
@@ -1,48 +0,0 @@
-From d90b911f6760959bdf1393c39fe8d1118315490f Mon Sep 17 00:00:00 2001
-From: Praveen Kumar <praveen.kumar@windriver.com>
-Date: Thu, 24 Apr 2025 11:39:29 +0000
-Subject: [PATCH] dnsproxy: Fix NULL/empty lookup causing potential crash
-
-In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
-can be NULL or an empty string when the TC (Truncated) bit is set in
-a DNS response. This allows attackers to cause a denial of service
-(application crash) or possibly execute arbitrary code, because those
-lookup values lead to incorrect length calculations and incorrect
-memcpy operations.
-
-This patch includes a check to make sure loookup value is valid before
-using it. This helps avoid unexpected value when the input is empty or
-incorrect.
-
-Fixes: CVE-2025-32743
-
-CVE: CVE-2025-32743
-
-Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f]
-
-Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
- src/dnsproxy.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/src/dnsproxy.c b/src/dnsproxy.c
-index f28a5d7..7ee26d9 100644
--- a/src/dnsproxy.c
-+++ b/src/dnsproxy.c
-@@ -1685,8 +1685,13 @@ static int ns_resolv(struct server_data *server, struct request_data *req,
-				gpointer request, gpointer name)
- {
-	int sk = -1;
-+	int err;
-	const char *lookup = (const char *)name;
-	int err = ns_try_resolv_from_cache(req, request, lookup);
-+
-+	if (!lookup || strlen(lookup) == 0)
-+		return -EINVAL;
-+
-+	err = ns_try_resolv_from_cache(req, request, lookup);
-
-	if (err > 0)
-		/* cache hit */
--
-2.40.0
--- a/meta/recipes-connectivity/connman/connman_1.43.bb
+++ b/meta/recipes-connectivity/connman/connman_1.43.bb
@@ -6,8 +6,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
           file://connman \
           file://no-version-scripts.patch \
           file://0002-resolve-musl-does-not-implement-res_ninit.patch \
-           file://CVE-2025-32743.patch \
-           file://CVE-2025-32366.patch \
           "


--- a/meta/recipes-connectivity/kea/files/0001-Avoid-assert-on-empty-packet.patch
+++ b/meta/recipes-connectivity/kea/files/0001-Avoid-assert-on-empty-packet.patch
@@ -0,0 +1,148 @@
+From 9cf3b6e8d705957927c2fbc9928318f4eda265c8 Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Tue, 11 Feb 2025 18:52:41 +0000
+Subject: [PATCH 1/2] Avoid assert on empty packet
+
+/src/lib/dhcp/pkt_filter_lpf.cc
+    PktFilterLPF::receive() - throw if packet has no data
+
+/src/lib/util/buffer.h
+    InputBuffer::readVecotr() - avoid peek if read request length is 0
+
+/src/lib/util/tests/buffer_unittest.cc
+    Updated test
+
+Upstream-Status: Backport
+[https://gitlab.isc.org/isc-projects/kea/-/commit/0b98eae16d9b6ecdf57005624712b9b26fa05bc0]
+[https://gitlab.isc.org/isc-projects/kea/-/commit/16306026e37b32a2ce4b16fb5b78561ae153d570]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ src/lib/dhcp/pkt_filter_lpf.cc        | 10 +++++++---
+ src/lib/util/buffer.h                 |  9 ++++++---
+ src/lib/util/tests/buffer_unittest.cc |  8 +++++++-
+ 3 files changed, 20 insertions(+), 7 deletions(-)
+
+diff --git a/src/lib/dhcp/pkt_filter_lpf.cc b/src/lib/dhcp/pkt_filter_lpf.cc
+index 69bdecc0e1..b0c8f108d3 100644
+--- a/src/lib/dhcp/pkt_filter_lpf.cc
+++ b/src/lib/dhcp/pkt_filter_lpf.cc
+@@ -318,9 +318,14 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
+     decodeEthernetHeader(buf, dummy_pkt);
+     decodeIpUdpHeader(buf, dummy_pkt);
+ 
+    auto v4_len = buf.getLength() - buf.getPosition();
+    if (v4_len <= 0) {
+        isc_throw(SocketReadError, "Pkt4FilterLpf:: packet has no DHCPv4 data");
+    }
+
+     // Read the DHCP data.
+     std::vector<uint8_t> dhcp_buf;
+-    buf.readVector(dhcp_buf, buf.getLength() - buf.getPosition());
+    buf.readVector(dhcp_buf, v4_len);
+ 
+     // Decode DHCP data into the Pkt4 object.
+     Pkt4Ptr pkt = Pkt4Ptr(new Pkt4(&dhcp_buf[0], dhcp_buf.size()));
+@@ -344,8 +349,7 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
+ 
+             struct timeval cmsg_time;
+             memcpy(&cmsg_time, CMSG_DATA(cmsg), sizeof(cmsg_time));
+-            pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time);
+-            break;
+            pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time); break;
+         }
+ 
+         cmsg = CMSG_NXTHDR(&m, cmsg);
+diff --git a/src/lib/util/buffer.h b/src/lib/util/buffer.h
+index 41ecdf3375..c426a14495 100644
+--- a/src/lib/util/buffer.h
+++ b/src/lib/util/buffer.h
+@@ -1,4 +1,4 @@
+-// Copyright (C) 2009-2024 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2009-2025 Internet Systems Consortium, Inc. ("ISC")
+ //
+ // This Source Code Form is subject to the terms of the Mozilla Public
+ // License, v. 2.0. If a copy of the MPL was not distributed with this
+@@ -233,7 +233,8 @@ public:
+     /// @details If specified buffer is too short, it will be expanded using
+     /// vector::resize() method. If the remaining length of the buffer
+     /// is smaller than the specified length, an exception of class
+-    /// @c isc::OutOfRange will be thrown.
+    /// @c isc::OutOfRange will be thrown.  Read length zero results
+    /// in an empty vector.
+     ///
+     /// @param data Reference to a buffer (data will be stored there).
+     /// @param len Size specified number of bytes to read in a vector.
+@@ -244,7 +245,9 @@ public:
+         }
+ 
+         data.resize(len);
+-        peekData(&data[0], len);
+        if (len) {
+            peekData(&data[0], len);
+        }
+     }
+ 
+     /// @brief Read specified number of bytes as a vector.
+diff --git a/src/lib/util/tests/buffer_unittest.cc b/src/lib/util/tests/buffer_unittest.cc
+index 66c43e8f21..bae051dd16 100644
+--- a/src/lib/util/tests/buffer_unittest.cc
+++ b/src/lib/util/tests/buffer_unittest.cc
+@@ -1,4 +1,4 @@
+-// Copyright (C) 2009-2024 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2009-2025 Internet Systems Consortium, Inc. ("ISC")
+ //
+ // This Source Code Form is subject to the terms of the Mozilla Public
+ // License, v. 2.0. If a copy of the MPL was not distributed with this
+@@ -197,6 +197,12 @@ TEST_F(BufferTest, inputBufferRead) {
+     ASSERT_EQ(sizeof(vdata), datav.size());
+     ASSERT_EQ(0, memcmp(&vdata[0], testdata, sizeof(testdata)));
+     ASSERT_EQ(sizeof(vdata), ibuffer.getPosition());
+
+    // Verify that read len of zero results in an empty
+    // vector without throwing.
+    datav.resize(8);
+    ASSERT_NO_THROW(ibuffer.readVector(datav, 0));
+    ASSERT_EQ(datav.size(), 0);
+ }
+ 
+ TEST_F(BufferTest, outputBufferReadAt) {
+-- 
+2.25.1
+
+From 614a6c136fc20ee428b1c880889ef61253657499 Mon Sep 17 00:00:00 2001
+From: Thomas Markwalder <tmark@isc.org>
+Date: Tue, 18 Feb 2025 15:03:12 +0000
+Subject: [PATCH 2/2] Addressed review comments
+
+Couple of typos fixed.
+---
+ src/lib/dhcp/pkt_filter_lpf.cc | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/dhcp/pkt_filter_lpf.cc b/src/lib/dhcp/pkt_filter_lpf.cc
+index b0c8f108d3..3642915cc1 100644
+--- a/src/lib/dhcp/pkt_filter_lpf.cc
+++ b/src/lib/dhcp/pkt_filter_lpf.cc
+@@ -320,7 +320,7 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
+ 
+     auto v4_len = buf.getLength() - buf.getPosition();
+     if (v4_len <= 0) {
+-        isc_throw(SocketReadError, "Pkt4FilterLpf:: packet has no DHCPv4 data");
+        isc_throw(SocketReadError, "Pkt4FilterLpf packet has no DHCPv4 data");
+     }
+ 
+     // Read the DHCP data.
+@@ -349,7 +349,8 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
+ 
+             struct timeval cmsg_time;
+             memcpy(&cmsg_time, CMSG_DATA(cmsg), sizeof(cmsg_time));
+-            pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time); break;
+            pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time);
+            break;
+         }
+ 
+         cmsg = CMSG_NXTHDR(&m, cmsg);
+-- 
+2.25.1
+
--- a/meta/recipes-connectivity/kea/files/0001-Replace-Name-NameString-with-vector-of-uint8_t.patch
+++ b/meta/recipes-connectivity/kea/files/0001-Replace-Name-NameString-with-vector-of-uint8_t.patch
@@ -0,0 +1,90 @@
+From 6b9fb56e3573aa65923df9a08201dd5321a1b1f1 Mon Sep 17 00:00:00 2001
+From: Dimitry Andric <dimitry@andric.com>
+Date: Sat, 3 Aug 2024 14:37:52 +0200
+Subject: [PATCH 1/2] Replace Name::NameString with vector of uint8_t
+
+As noted in the libc++ 19 release notes, it now only provides
+std::char_traits<> for types char, char8_t, char16_t, char32_t and
+wchar_t, and any instantiation for other types will fail.
+
+Name::NameString is defined as a std::basic_string<uint8_t>, so that
+will no longer work. Redefine it as a std::vector<uint8_t> instead.
+
+Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2410]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/lib/dns/name.cc | 12 ++++++------
+ src/lib/dns/name.h  |  2 +-
+ 2 files changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/src/lib/dns/name.cc b/src/lib/dns/name.cc
+index ac48205..085229b 100644
+--- a/src/lib/dns/name.cc
+++ b/src/lib/dns/name.cc
+@@ -303,7 +303,7 @@ Name::Name(const std::string &namestring, bool downcase) {
+     // And get the output
+     labelcount_ = offsets.size();
+     isc_throw_assert(labelcount_ > 0 && labelcount_ <= Name::MAX_LABELS);
+-    ndata_.assign(ndata.data(), ndata.size());
+    ndata_.assign(ndata.data(), ndata.data() + ndata.size());
+     length_ = ndata_.size();
+     offsets_.assign(offsets.begin(), offsets.end());
+ }
+@@ -336,7 +336,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin,
+     // Get the output
+     labelcount_ = offsets.size();
+     isc_throw_assert(labelcount_ > 0 && labelcount_ <= Name::MAX_LABELS);
+-    ndata_.assign(ndata.data(), ndata.size());
+    ndata_.assign(ndata.data(), ndata.data() + ndata.size());
+     length_ = ndata_.size();
+     offsets_.assign(offsets.begin(), offsets.end());
+ 
+@@ -347,7 +347,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin,
+         // Drop the last character of the data (the \0) and append a copy of
+         // the origin's data
+         ndata_.erase(ndata_.end() - 1);
+-        ndata_.append(origin->ndata_);
+        ndata_.insert(ndata.end(), origin->ndata_.begin(), origin->ndata_.end());
+ 
+         // Do a similar thing with offsets. However, we need to move them
+         // so they point after the prefix we parsed before.
+@@ -582,7 +582,7 @@ Name::concatenate(const Name& suffix) const {
+ 
+     Name retname;
+     retname.ndata_.reserve(length);
+-    retname.ndata_.assign(ndata_, 0, length_ - 1);
+    retname.ndata_.assign(ndata_.data(), ndata_.data() + length_ - 1);
+     retname.ndata_.insert(retname.ndata_.end(),
+                           suffix.ndata_.begin(), suffix.ndata_.end());
+     isc_throw_assert(retname.ndata_.size() == length);
+@@ -622,7 +622,7 @@ Name::reverse() const {
+     NameString::const_iterator n0 = ndata_.begin();
+     retname.offsets_.push_back(0);
+     while (rit1 != offsets_.rend()) {
+-        retname.ndata_.append(n0 + *rit1, n0 + *rit0);
+        retname.ndata_.insert(retname.ndata_.end(), n0 + *rit1, n0 + *rit0);
+         retname.offsets_.push_back(retname.ndata_.size());
+         ++rit0;
+         ++rit1;
+@@ -662,7 +662,7 @@ Name::split(const unsigned int first, const unsigned int n) const {
+     // original name, and append the trailing dot explicitly.
+     //
+     retname.ndata_.reserve(retname.offsets_.back() + 1);
+-    retname.ndata_.assign(ndata_, offsets_[first], retname.offsets_.back());
+    retname.ndata_.assign(ndata_.data() + offsets_[first], ndata_.data() + retname.offsets_.back());
+     retname.ndata_.push_back(0);
+ 
+     retname.length_ = retname.ndata_.size();
+diff --git a/src/lib/dns/name.h b/src/lib/dns/name.h
+index 37723e8..fac0036 100644
+--- a/src/lib/dns/name.h
+++ b/src/lib/dns/name.h
+@@ -228,7 +228,7 @@ class Name {
+     //@{
+ private:
+     /// \brief Name data string
+-    typedef std::basic_string<uint8_t> NameString;
+    typedef std::vector<uint8_t> NameString;
+     /// \brief Name offsets type
+     typedef std::vector<uint8_t> NameOffsets;
+ 
--- a/meta/recipes-connectivity/kea/files/0001-Update-asiolink-for-boost-1.87.patch
+++ b/meta/recipes-connectivity/kea/files/0001-Update-asiolink-for-boost-1.87.patch
@@ -0,0 +1,190 @@
+From dab0f3daafb760ace0d4091f74ff90edb225ca02 Mon Sep 17 00:00:00 2001
+From: q66 <q66@chimera-linux.org>
+Date: Sun, 15 Dec 2024 03:04:53 +0100
+Subject: [PATCH] Update asiolink for boost 1.87
+
+Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2523]
+Signed-off-by: Alexander Kanavin <alex@linutronix.de>
+---
+ src/lib/asiolink/io_address.cc         |  4 ++--
+ src/lib/asiolink/io_service.cc         |  8 ++++----
+ src/lib/asiolink/tcp_endpoint.h        |  2 +-
+ src/lib/asiolink/udp_endpoint.h        |  2 +-
+ src/lib/asiolink/unix_domain_socket.cc | 16 ++++++++--------
+ src/lib/dhcp/iface_mgr.cc              |  2 +-
+ 6 files changed, 17 insertions(+), 17 deletions(-)
+
+diff --git a/src/lib/asiolink/io_address.cc b/src/lib/asiolink/io_address.cc
+index 43459bf..06b7d3d 100644
+--- a/src/lib/asiolink/io_address.cc
+++ b/src/lib/asiolink/io_address.cc
+@@ -37,7 +37,7 @@ IOAddress::Hash::operator()(const IOAddress &io_address) const {
+ // because we'd like to throw our own exception on failure.
+ IOAddress::IOAddress(const std::string& address_str) {
+     boost::system::error_code err;
+-    asio_address_ = ip::address::from_string(address_str, err);
+    asio_address_ = ip::make_address(address_str, err);
+     if (err) {
+         isc_throw(IOError, "Failed to convert string to address '"
+                   << address_str << "': " << err.message());
+@@ -116,7 +116,7 @@ IOAddress::isV6Multicast() const {
+ uint32_t
+ IOAddress::toUint32() const {
+     if (asio_address_.is_v4()) {
+-        return (asio_address_.to_v4().to_ulong());
+        return (asio_address_.to_v4().to_uint());
+     } else {
+         isc_throw(BadValue, "Can't convert " << toText()
+                   << " address to IPv4.");
+diff --git a/src/lib/asiolink/io_service.cc b/src/lib/asiolink/io_service.cc
+index 411de64..cc28d24 100644
+--- a/src/lib/asiolink/io_service.cc
+++ b/src/lib/asiolink/io_service.cc
+@@ -30,7 +30,7 @@ public:
+     /// @brief The constructor.
+     IOServiceImpl() :
+         io_service_(),
+-        work_(new boost::asio::io_service::work(io_service_)) {
+        work_(boost::asio::make_work_guard(io_service_)) {
+     };
+ 
+     /// @brief The destructor.
+@@ -92,7 +92,7 @@ public:
+ 
+     /// @brief Restarts the IOService in preparation for a subsequent @ref run() invocation.
+     void restart() {
+-        io_service_.reset();
+        io_service_.restart();
+     }
+ 
+     /// @brief Removes IO service work object to let it finish running
+@@ -115,12 +115,12 @@ public:
+     ///
+     /// @param callback The callback to be run on the IO service.
+     void post(const std::function<void ()>& callback) {
+-        io_service_.post(callback);
+        boost::asio::post(io_service_, callback);
+     }
+ 
+ private:
+     boost::asio::io_service io_service_;
+-    boost::shared_ptr<boost::asio::io_service::work> work_;
+    boost::asio::executor_work_guard<boost::asio::io_service::executor_type> work_;
+ };
+ 
+ IOService::IOService() : io_impl_(new IOServiceImpl()) {
+diff --git a/src/lib/asiolink/tcp_endpoint.h b/src/lib/asiolink/tcp_endpoint.h
+index 8ebd575..7c8cb35 100644
+--- a/src/lib/asiolink/tcp_endpoint.h
+++ b/src/lib/asiolink/tcp_endpoint.h
+@@ -42,7 +42,7 @@ public:
+     /// \param port The TCP port number of the endpoint.
+     TCPEndpoint(const IOAddress& address, const unsigned short port) :
+         asio_endpoint_placeholder_(
+-            new boost::asio::ip::tcp::endpoint(boost::asio::ip::address::from_string(address.toText()),
+            new boost::asio::ip::tcp::endpoint(boost::asio::ip::make_address(address.toText()),
+                               port)),
+         asio_endpoint_(*asio_endpoint_placeholder_)
+     {}
+diff --git a/src/lib/asiolink/udp_endpoint.h b/src/lib/asiolink/udp_endpoint.h
+index f960bf3..2a3da9f 100644
+--- a/src/lib/asiolink/udp_endpoint.h
+++ b/src/lib/asiolink/udp_endpoint.h
+@@ -42,7 +42,7 @@ public:
+     /// \param port The UDP port number of the endpoint.
+     UDPEndpoint(const IOAddress& address, const unsigned short port) :
+         asio_endpoint_placeholder_(
+-            new boost::asio::ip::udp::endpoint(boost::asio::ip::address::from_string(address.toText()),
+            new boost::asio::ip::udp::endpoint(boost::asio::ip::make_address(address.toText()),
+                               port)),
+         asio_endpoint_(*asio_endpoint_placeholder_)
+     {}
+diff --git a/src/lib/asiolink/unix_domain_socket.cc b/src/lib/asiolink/unix_domain_socket.cc
+index f43e1c9..43ff3c8 100644
+--- a/src/lib/asiolink/unix_domain_socket.cc
+++ b/src/lib/asiolink/unix_domain_socket.cc
+@@ -83,7 +83,7 @@ public:
+     /// @param buffer Buffers holding the data to be sent.
+     /// @param handler User supplied callback to be invoked when data have
+     /// been sent or sending error is signalled.
+-    void doSend(const boost::asio::const_buffers_1& buffer,
+    void doSend(const boost::asio::const_buffer& buffer,
+                 const UnixDomainSocket::Handler& handler);
+ 
+ 
+@@ -103,7 +103,7 @@ public:
+     /// @param ec Error code returned as a result of sending the data.
+     /// @param length Length of the data sent.
+     void sendHandler(const UnixDomainSocket::Handler& remote_handler,
+-                     const boost::asio::const_buffers_1& buffer,
+                     const boost::asio::const_buffer& buffer,
+                      const boost::system::error_code& ec,
+                      size_t length);
+ 
+@@ -127,7 +127,7 @@ public:
+     /// @param buffer A buffer into which the data should be received.
+     /// @param handler User supplied callback invoked when data have been
+     /// received on an error is signalled.
+-    void doReceive(const boost::asio::mutable_buffers_1& buffer,
+    void doReceive(const boost::asio::mutable_buffer& buffer,
+                    const UnixDomainSocket::Handler& handler);
+ 
+     /// @brief Local handler invoked as a result of asynchronous receive.
+@@ -146,7 +146,7 @@ public:
+     /// @param ec Error code returned as a result of asynchronous receive.
+     /// @param length Size of the received data.
+     void receiveHandler(const UnixDomainSocket::Handler& remote_handler,
+-                        const boost::asio::mutable_buffers_1& buffer,
+                        const boost::asio::mutable_buffer& buffer,
+                         const boost::system::error_code& ec,
+                         size_t length);
+ 
+@@ -197,7 +197,7 @@ UnixDomainSocketImpl::asyncSend(const void* data, const size_t length,
+ }
+ 
+ void
+-UnixDomainSocketImpl::doSend(const boost::asio::const_buffers_1& buffer,
+UnixDomainSocketImpl::doSend(const boost::asio::const_buffer& buffer,
+                              const UnixDomainSocket::Handler& handler) {
+     auto local_handler = std::bind(&UnixDomainSocketImpl::sendHandler,
+                                    shared_from_this(),
+@@ -207,7 +207,7 @@ UnixDomainSocketImpl::doSend(const boost::asio::const_buffers_1& buffer,
+ 
+ void
+ UnixDomainSocketImpl::sendHandler(const UnixDomainSocket::Handler& remote_handler,
+-                                  const boost::asio::const_buffers_1& buffer,
+                                  const boost::asio::const_buffer& buffer,
+                                   const boost::system::error_code& ec,
+                                   size_t length) {
+     // The asynchronous send may return EWOULDBLOCK or EAGAIN on some
+@@ -230,7 +230,7 @@ UnixDomainSocketImpl::asyncReceive(void* data, const size_t length,
+ }
+ 
+ void
+-UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffers_1& buffer,
+UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffer& buffer,
+                                 const UnixDomainSocket::Handler& handler) {
+     auto local_handler = std::bind(&UnixDomainSocketImpl::receiveHandler,
+                                    shared_from_this(),
+@@ -240,7 +240,7 @@ UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffers_1& buffer,
+ 
+ void
+ UnixDomainSocketImpl::receiveHandler(const UnixDomainSocket::Handler& remote_handler,
+-                                     const boost::asio::mutable_buffers_1& buffer,
+                                     const boost::asio::mutable_buffer& buffer,
+                                      const boost::system::error_code& ec,
+                                      size_t length) {
+     // The asynchronous receive may return EWOULDBLOCK or EAGAIN on some
+diff --git a/src/lib/dhcp/iface_mgr.cc b/src/lib/dhcp/iface_mgr.cc
+index 01a1d63..419268b 100644
+--- a/src/lib/dhcp/iface_mgr.cc
+++ b/src/lib/dhcp/iface_mgr.cc
+@@ -1034,7 +1034,7 @@ IfaceMgr::getLocalAddress(const IOAddress& remote_addr, const uint16_t port) {
+     }
+ 
+     // Create socket that will be used to connect to remote endpoint.
+-    boost::asio::io_service io_service;
+    boost::asio::io_context io_service;
+     boost::asio::ip::udp::socket sock(io_service);
+ 
+     boost::system::error_code err_code;
--- a/meta/recipes-connectivity/kea/files/0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch
+++ b/meta/recipes-connectivity/kea/files/0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch
@@ -0,0 +1,36 @@
+From b5f6cc6b3a2b2c35c9b9bb856861c502771079cc Mon Sep 17 00:00:00 2001
+From: Dimitry Andric <dimitry@unified-streaming.com>
+Date: Wed, 28 Aug 2024 22:32:44 +0200
+Subject: [PATCH 2/2] Fix unittests: * Typo in `Name::Name`: append to
+ `ndata_`, not `ndata` * In `Name::split`, use the correct iterators for
+ assigning
+
+Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2410]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/lib/dns/name.cc | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/src/lib/dns/name.cc b/src/lib/dns/name.cc
+index 085229b..47d9b8f 100644
+--- a/src/lib/dns/name.cc
+++ b/src/lib/dns/name.cc
+@@ -347,7 +347,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin,
+         // Drop the last character of the data (the \0) and append a copy of
+         // the origin's data
+         ndata_.erase(ndata_.end() - 1);
+-        ndata_.insert(ndata.end(), origin->ndata_.begin(), origin->ndata_.end());
+        ndata_.insert(ndata_.end(), origin->ndata_.begin(), origin->ndata_.end());
+ 
+         // Do a similar thing with offsets. However, we need to move them
+         // so they point after the prefix we parsed before.
+@@ -662,7 +662,8 @@ Name::split(const unsigned int first, const unsigned int n) const {
+     // original name, and append the trailing dot explicitly.
+     //
+     retname.ndata_.reserve(retname.offsets_.back() + 1);
+-    retname.ndata_.assign(ndata_.data() + offsets_[first], ndata_.data() + retname.offsets_.back());
+    auto it = ndata_.data() + offsets_[first];
+    retname.ndata_.assign(it, it + retname.offsets_.back());
+     retname.ndata_.push_back(0);
+ 
+     retname.length_ = retname.ndata_.size();
--- a/meta/recipes-connectivity/kea/kea_2.6.1.bb
+++ b/meta/recipes-connectivity/kea/kea_2.6.1.bb
@@ -3,7 +3,7 @@ DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It
 HOMEPAGE = "http://kea.isc.org"
 SECTION = "connectivity"
 LICENSE = "MPL-2.0"
-LIC_FILES_CHKSUM = "file://COPYING;md5=ee16e7280a6cf2a1487717faf33190dc"
+LIC_FILES_CHKSUM = "file://COPYING;md5=618093ea9de92c70a115268c1d53421f"

 DEPENDS = "boost log4cplus openssl"

@@ -17,9 +17,13 @@ SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \
           file://fix-multilib-conflict.patch \
           file://fix_pid_keactrl.patch \
           file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \
+           file://0001-Replace-Name-NameString-with-vector-of-uint8_t.patch \
+           file://0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch \
+           file://0001-Update-asiolink-for-boost-1.87.patch \
           file://0001-make-kea-environment-available-to-lfc.patch \
+           file://0001-Avoid-assert-on-empty-packet.patch \
           "
-SRC_URI[sha256sum] = "00241a5955ffd3d215a2c098c4527f9d7f4b203188b276f9a36250dd3d9dd612"
+SRC_URI[sha256sum] = "d2ce14a91c2e248ad2876e29152d647bcc5e433bc68dafad0ee96ec166fcfad1"

 inherit autotools systemd update-rc.d upstream-version-is-even

--- a/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver
+++ b/meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver
@@ -89,14 +89,34 @@ start_nfsd(){
 	start-stop-daemon --start --exec "$NFS_NFSD" -- "$@"
 	echo done
 }
+delay_nfsd(){
+	for delay in 0 1 2 3 4 5 6 7 8 9 
+	do
+		if pidof nfsd >/dev/null
+		then
+			echo -n .
+			sleep 1
+		else
+			return 0
+		fi
+	done
+	return 1
+}
 stop_nfsd(){
+	# WARNING: this kills any process with the executable
+	# name 'nfsd'.
 	echo -n 'stopping nfsd: '
-	$NFS_NFSD 0
-	if pidof nfsd
-	then
+	start-stop-daemon --stop --quiet --signal 1 --name nfsd
+	if delay_nfsd || {
 		echo failed
-	else
+		echo ' using signal 9: '
+		start-stop-daemon --stop --quiet --signal 9 --name nfsd
+		delay_nfsd
+	}
+	then
 		echo done
+	else
+		echo failed
 	fi
 }

--- a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch
+++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch
@@ -1,59 +0,0 @@
-From e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb Mon Sep 17 00:00:00 2001
-From: Ivaylo Dimitrov <ivo.g.dimitrov.75@gmail.com>
-Date: Sun, 16 Mar 2025 12:26:42 +0200
-Subject: [PATCH] qmi: sms: Fix possible out-of-bounds read
-
-Fixes: CVE-2024-7537
-
-CVE: CVE-2024-7537
-Upstream-Status: Backport [https://web.git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
- drivers/qmimodem/sms.c | 13 ++++++++++---
- 1 file changed, 10 insertions(+), 3 deletions(-)
-
-diff --git a/drivers/qmimodem/sms.c b/drivers/qmimodem/sms.c
-index 3e2bef6e..75863480 100644
--- a/drivers/qmimodem/sms.c
-+++ b/drivers/qmimodem/sms.c
-@@ -442,6 +442,8 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
- 	const struct qmi_wms_result_msg_list *list;
- 	uint32_t cnt = 0;
- 	uint16_t tmp;
-+	uint16_t length;
-+	size_t msg_size;
- 
- 	DBG("");
- 
-@@ -451,7 +453,7 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
- 		goto done;
- 	}
- 
-	list = qmi_result_get(result, QMI_WMS_RESULT_MSG_LIST, NULL);
-+	list = qmi_result_get(result, QMI_WMS_RESULT_MSG_LIST, &length);
- 	if (list == NULL) {
- 		DBG("Err: get msg list empty");
- 		goto done;
-@@ -460,6 +462,13 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
- 	cnt = L_LE32_TO_CPU(list->cnt);
- 	DBG("msgs found %d", cnt);
- 
-+	msg_size = cnt * sizeof(list->msg[0]);
-+
-+	if (length != sizeof(list->cnt) + msg_size) {
-+		DBG("Err: invalid msg list count");
-+		goto done;
-+	}
-+
- 	for (tmp = 0; tmp < cnt; tmp++) {
- 		DBG("unread type %d ndx %d", list->msg[tmp].type,
- 			L_LE32_TO_CPU(list->msg[tmp].ndx));
-@@ -473,8 +482,6 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
- 
- 	/* save list and get 1st msg */
- 	if (cnt) {
-		int msg_size = cnt * sizeof(list->msg[0]);
-
- 		data->msg_list = l_malloc(sizeof(list->cnt) + msg_size);
- 		data->msg_list->cnt = cnt;
- 		memcpy(data->msg_list->msg, list->msg, msg_size);
--- a/meta/recipes-connectivity/ofono/ofono_2.15.bb
+++ b/meta/recipes-connectivity/ofono/ofono_2.15.bb
@@ -9,7 +9,6 @@ DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell"

 SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
           file://ofono \
-           file://CVE-2024-7537.patch \
           "
 SRC_URI[sha256sum] = "1af93ab72a70502452fe3d0297a6eaea13750cacae1fff3b643dd2245a6408ca"

--- a/meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch
+++ b/meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch
@@ -1,43 +0,0 @@
-From fc86875e6acb36401dfc1dfb6b628a9d1460f367 Mon Sep 17 00:00:00 2001
-From: "djm@openbsd.org" <djm@openbsd.org>
-Date: Wed, 9 Apr 2025 07:00:03 +0000
-Subject: [PATCH] upstream: Fix logic error in DisableForwarding option. This
- option
-
-was documented as disabling X11 and agent forwarding but it failed to do so.
-Spotted by Tim Rice.
-
-OpenBSD-Commit-ID: fffc89195968f7eedd2fc57f0b1f1ef3193f5ed1
-
-Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367]
-CVE: CVE-2025-32728
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
- session.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/session.c b/session.c
-index aa342e8..eb932b8 100644
--- a/session.c
-+++ b/session.c
-@@ -2191,7 +2191,8 @@ session_auth_agent_req(struct ssh *ssh, Session *s)
-	if ((r = sshpkt_get_end(ssh)) != 0)
-		sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
-	if (!auth_opts->permit_agent_forwarding_flag ||
-	    !options.allow_agent_forwarding) {
-+	    !options.allow_agent_forwarding ||
-+	    options.disable_forwarding) {
-		debug_f("agent forwarding disabled");
-		return 0;
-	}
-@@ -2586,7 +2587,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
-		ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options.");
-		return 0;
-	}
-	if (!options.x11_forwarding) {
-+	if (!options.x11_forwarding || options.disable_forwarding) {
-		debug("X11 forwarding disabled in server configuration file.");
-		return 0;
-	}
--
-2.25.1
--- a/meta/recipes-connectivity/openssh/openssh_9.9p2.bb
+++ b/meta/recipes-connectivity/openssh/openssh_9.9p2.bb
@@ -25,7 +25,6 @@ SRC_URI = "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.ta
           file://sshd_check_keys \
           file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \
           file://0001-regress-test-exec-use-the-absolute-path-in-the-SSH-e.patch \
-           file://CVE-2025-32728.patch \
           "
 SRC_URI[sha256sum] = "91aadb603e08cc285eddf965e1199d02585fa94d994d6cae5b41e1721e215673"

--- a/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh
+++ b/meta/recipes-connectivity/openssl/files/environment.d-openssl.sh
@@ -1,24 +1,6 @@
 export OPENSSL_CONF="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/openssl.cnf"
+export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs"
+export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs/ca-certificates.crt"
 export OPENSSL_MODULES="$OECORE_NATIVE_SYSROOT/usr/lib/ossl-modules/"
 export OPENSSL_ENGINES="$OECORE_NATIVE_SYSROOT/usr/lib/engines-3"
-export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES"
-
-# Respect host env SSL_CERT_FILE/SSL_CERT_DIR first, then auto-detected host cert, then cert in buildtools
-# CAFILE/CAPATH is auto-deteced when source buildtools
-if [ -z "$SSL_CERT_FILE" ]; then
-	if [ -n "$CAFILE" ];then
-		export SSL_CERT_FILE="$CAFILE"
-	elif [ -e "${OECORE_NATIVE_SYSROOT}/etc/ssl/certs/ca-certificates.crt" ];then
-		export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs/ca-certificates.crt"
-	fi
-fi
-
-if [ -z "$SSL_CERT_DIR" ]; then
-	if [ -n "$CAPATH" ];then
-		export SSL_CERT_DIR="$CAPATH"
-	elif [ -e "${OECORE_NATIVE_SYSROOT}/etc/ssl/certs/ca-certificates.crt" ];then
-		export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs"
-	fi
-fi
-
-export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} SSL_CERT_DIR SSL_CERT_FILE"
+export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} SSL_CERT_DIR SSL_CERT_FILE OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES"
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.41/master"
 PV = "2.41+git"
-SRCREV_glibc ?= "0c76c951620f9e12df2a89b2c684878b55bb6795"
+SRCREV_glibc ?= "0a7c7a3e283a55d1bfaa48fdef063a32a4689a2b"
 SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc"

 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
--- a/meta/recipes-core/glibc/glibc-y2038-tests_2.41.bb
+++ b/meta/recipes-core/glibc/glibc-y2038-tests_2.41.bb
@@ -0,0 +1,107 @@
+require glibc_${PV}.bb
+require glibc-tests.inc
+
+inherit ptest features_check
+REQUIRED_DISTRO_FEATURES = "ptest"
+
+SRC_URI += "\
+	file://run-ptest \
+"
+
+SUMMARY = "glibc tests using time32/time64 interfaces to be run with ptest for the purpose of checking y2038 compatiblity"
+
+# Erase some variables already set by glibc_${PV}
+python __anonymous() {
+       # Remove packages provided by glibc build, we only need a subset of them
+       d.setVar("PACKAGES", "${PN} ${PN}-dbg ${PN}-ptest")
+
+       d.setVar("PROVIDES", "${PN} ${PN}-ptest")
+
+       bbclassextend = d.getVar("BBCLASSEXTEND").replace("nativesdk", "").strip()
+       d.setVar("BBCLASSEXTEND", bbclassextend)
+       d.setVar("RRECOMMENDS", "")
+       d.setVar("SYSTEMD_SERVICE:nscd", "")
+       d.setVar("SYSTEMD_PACKAGES", "")
+}
+
+# Remove any leftovers from original glibc recipe
+RPROVIDES:${PN} = "${PN}"
+RRECOMMENDS:${PN} = ""
+RDEPENDS:${PN} = "glibc libgcc sed bash"
+RDEPENDS:${PN}-ptest = "${PN}"
+DEPENDS += "sed"
+
+export oe_srcdir = "${exec_prefix}/src/debug/glibc/${PV}/"
+
+# Just build tests for target - do not run them
+do_check:append () {
+	oe_runmake -i check run-built-tests=no
+}
+addtask do_check after do_compile before do_install_ptest_base
+
+glibc_strip_build_directory () {
+	# Delete all non executable files from build directory
+	find ${B} ! -executable -type f -delete
+
+	# Remove build dynamic libraries and links to them as
+	# those are already installed in the target device
+	find ${B} -type f -name "*.so" -delete
+	find ${B} -type l -name "*.so*" -delete
+
+	# Remove headers (installed with glibc)
+	find ${B} -type f -name "*.h" -delete
+
+	find ${B} -type f -name "isomac" -delete
+	find ${B} -type f -name "annexc" -delete
+}
+
+do_install_ptest_base () {
+	glibc_strip_build_directory
+
+	ls -r ${B}/*/*-time64 > ${B}/tst_time64
+
+	# Remove '-time64' suffix - those tests are also time related
+	sed -e "s/-time64$//" ${B}/tst_time64 > ${B}/tst_time_tmp
+	tst_time=$(cat ${B}/tst_time_tmp ${B}/tst_time64)
+
+	rm ${B}/tst_time_tmp ${B}/tst_time64
+	echo "${tst_time}"
+
+	# Install build test programs to the image
+	install -d ${D}${PTEST_PATH}/tests/glibc-ptest/
+
+	for f in "${tst_time}"
+	do
+	    cp -r ${f} ${D}${PTEST_PATH}/tests/glibc-ptest/
+	done
+
+	install -d ${D}${PTEST_PATH}
+	cp ${UNPACKDIR}/run-ptest ${D}${PTEST_PATH}/
+
+}
+
+# The datadir directory is required to allow core (and reused)
+# glibc cleanup function to finish correctly, as this directory
+# is not created for ptests
+stash_locale_package_cleanup:prepend () {
+	mkdir -p ${PKGD}${datadir}
+}
+
+stash_locale_sysroot_cleanup:prepend () {
+	mkdir -p ${SYSROOT_DESTDIR}${datadir}
+}
+
+# Prevent the do_package() task to set 'libc6' prefix
+# for glibc tests related packages
+python populate_packages:prepend () {
+    if d.getVar('DEBIAN_NAMES'):
+        d.setVar('DEBIAN_NAMES', '')
+}
+
+FILES:${PN} = "${PTEST_PATH}/* /usr/src/debug/${PN}/*"
+
+EXCLUDE_FROM_SHLIBS = "1"
+
+deltask do_stash_locale
+do_install[noexec] = "1"
+do_populate_sysroot[noexec] = "1"
--- a/meta/recipes-core/glibc/glibc/0001-stdlib-Add-single-threaded-fast-path-to-rand.patch
+++ b/meta/recipes-core/glibc/glibc/0001-stdlib-Add-single-threaded-fast-path-to-rand.patch
@@ -1,47 +0,0 @@
-From 4f54b0dfc16dbe0df86afccb90e447df5f7f571e Mon Sep 17 00:00:00 2001
-From: Wilco Dijkstra <wilco.dijkstra@arm.com>
-Date: Mon, 18 Mar 2024 15:18:20 +0000
-Subject: [PATCH] stdlib: Add single-threaded fast path to rand()
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Improve performance of rand() and __random() by adding a single-threaded
-fast path.  Bench-random-lock shows about 5x speedup on Neoverse V1.
-
-Upstream-Status: Backport [be0cfd848d9ad7378800d6302bc11467cf2b514f]
-
-Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
-Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
---
- stdlib/random.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/stdlib/random.c b/stdlib/random.c
-index 17cc61ba8f55..5d482a857065 100644
--- a/stdlib/random.c
-+++ b/stdlib/random.c
-@@ -51,6 +51,7 @@
-    SUCH DAMAGE.*/
- 
- #include <libc-lock.h>
-+#include <sys/single_threaded.h>
- #include <limits.h>
- #include <stddef.h>
- #include <stdlib.h>
-@@ -288,6 +289,12 @@ __random (void)
- {
-   int32_t retval;
- 
-+  if (SINGLE_THREAD_P)
-+    {
-+      (void) __random_r (&unsafe_state, &retval);
-+      return retval;
-+    }
-+
-   __libc_lock_lock (lock);
- 
-   (void) __random_r (&unsafe_state, &retval);
-- 
-2.34.1
-
--- a/meta/recipes-core/glibc/glibc/0023-tests-Skip-2-qemu-tests-that-can-hang-in-oe-selftest.patch
+++ b/meta/recipes-core/glibc/glibc/0023-tests-Skip-2-qemu-tests-that-can-hang-in-oe-selftest.patch
@@ -40,7 +40,7 @@ index 8a755293b3..22dafcaad1 100644
   # tests
 
 # process_madvise requires CAP_SYS_ADMIN.
-@@ -282,9 +283,10 @@ tests-time64 += \
+@@ -277,9 +278,10 @@ tests-time64 += \
   tst-ntp_gettimex-time64 \
   tst-ppoll-time64 \
   tst-prctl-time64 \
--- a/meta/recipes-core/glibc/glibc/run-ptest
+++ b/meta/recipes-core/glibc/glibc/run-ptest
@@ -0,0 +1,37 @@
+#!/bin/bash
+# ptest script for glibc - to run time related tests to
+# facilitate Y2038 validation
+# Run with 'ptest-runner glibc-tests'
+
+output() {
+  retcode=$?
+  if [ $retcode -eq 0 ]
+    then echo "PASS: $i"
+  elif [ $retcode -eq 77 ]
+    then echo "SKIP: $i"
+  else echo "FAIL: $i"
+  fi
+}
+
+# Allow altering time on the target
+export GLIBC_TEST_ALLOW_TIME_SETTING="1"
+
+tst_time64=$(ls -r ${PWD}/tests/glibc-ptest/*-time64)
+
+# Remove '-time64' suffix - those tests are also time
+# related
+tst_time_tmp=$(sed -e "s/-time64$//" <<< ${tst_time64})
+
+# Do not run tests supporting only 32 bit time
+#for i in ${tst_time_tmp}
+#do
+#	$i >/dev/null 2>&1
+#	output
+#done
+
+# Run tests supporting only 64 bit time
+for i in ${tst_time64}
+do
+	$i >/dev/null 2>&1
+	output
+done
--- a/meta/recipes-core/glibc/glibc_2.41.bb
+++ b/meta/recipes-core/glibc/glibc_2.41.bb
@@ -17,7 +17,7 @@ Allows for ASLR bypass so can bypass some hardening, not an exploit in itself, m
 easier access for another. 'ASLR bypass itself is not a vulnerability.'"

 CVE_STATUS_GROUPS += "CVE_STATUS_STABLE_BACKPORTS"
-CVE_STATUS_STABLE_BACKPORTS = "CVE-2025-4802 CVE-2025-5702 CVE-2025-5745"
+CVE_STATUS_STABLE_BACKPORTS = ""
 CVE_STATUS_STABLE_BACKPORTS[status] = "cpe-stable-backport: fix available in used git hash"

 DEPENDS += "gperf-native bison-native"
@@ -53,7 +53,6 @@ SRC_URI =  "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
           file://0021-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \
           file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \
           file://0023-tests-Skip-2-qemu-tests-that-can-hang-in-oe-selftest.patch \
-           file://0001-stdlib-Add-single-threaded-fast-path-to-rand.patch \
 "
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/build-${TARGET_SYS}"
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -26,8 +26,8 @@ inherit core-image setuptools3 features_check

 REQUIRED_DISTRO_FEATURES += "xattr"

-SRCREV ?= "c4ff8237aa90707b794d47cc7d4f1bd60974312f"
-SRC_URI = "git://git.yoctoproject.org/poky;branch=walnascar \
+SRCREV ?= "52b5f6a95de7228a12a9156a4aaa932daf54456f"
+SRC_URI = "git://git.yoctoproject.org/poky;branch=master \
           file://Yocto_Build_Appliance.vmx \
           file://Yocto_Build_Appliance.vmxf \
           file://README_VirtualBox_Guest_Additions.txt \
--- a/meta/recipes-core/initscripts/initscripts-1.0/functions
+++ b/meta/recipes-core/initscripts/initscripts-1.0/functions
@@ -92,24 +92,3 @@ passed() {
    echo -n -e "${BRACKET}[${SUCCESS} PASS ${BRACKET}]${NORMAL}"
    return $rc
 }
-
-log_success_msg()
-{
-    echo -n $@
-    success
-    echo
-}
-
-log_failure_msg()
-{
-    echo -n $@
-    failure
-    echo
-}
-
-log_warning_msg()
-{
-    echo -n $@
-    warning
-    echo
-}
--- a/meta/recipes-core/initscripts/initscripts_1.0.bb
+++ b/meta/recipes-core/initscripts/initscripts_1.0.bb
@@ -54,6 +54,7 @@ RDEPENDS:${PN} = "initd-functions \
 # Recommend pn-functions so that it will be a preferred default provider for initd-functions
 RRECOMMENDS:${PN} = "${PN}-functions"
 RPROVIDES:${PN}-functions = "initd-functions"
+RCONFLICTS:${PN}-functions = "lsbinitscripts"
 FILES:${PN}-functions = "${sysconfdir}/init.d/functions*"
 FILES:${PN}-sushell = "${base_sbindir}/sushell"

--- a/meta/recipes-core/libxml/libxml2_2.13.6.bb
+++ b/meta/recipes-core/libxml/libxml2_2.13.6.bb
@@ -19,7 +19,7 @@ SRC_URI += "http://www.w3.org/XML/Test/xmlts20130923.tar;subdir=${BP};name=testt
           file://install-tests.patch \
           "

-SRC_URI[archive.sha256sum] = "277294cb33119ab71b2bc81f2f445e9bc9435b893ad15bb2cd2b0e859a0ee84a"
+SRC_URI[archive.sha256sum] = "f453480307524968f7a04ec65e64f2a83a825973bcd260a2e7691be82ae70c96"
 SRC_URI[testtar.sha256sum] = "c6b2d42ee50b8b236e711a97d68e6c4b5c8d83e69a2be4722379f08702ea7273"

 # Disputed as a security issue, but fixed in d39f780
--- a/meta/recipes-core/meta/buildtools-tarball.bb
+++ b/meta/recipes-core/meta/buildtools-tarball.bb
@@ -73,6 +73,12 @@ create_sdk_files:append () {
 	touch $script
 	echo 'export PATH="${SDKPATHNATIVE}${bindir_nativesdk}:${SDKPATHNATIVE}${sbindir_nativesdk}:${SDKPATHNATIVE}${base_bindir_nativesdk}:${SDKPATHNATIVE}${base_sbindir_nativesdk}:$PATH"' >> $script
 	echo 'export OECORE_NATIVE_SYSROOT="${SDKPATHNATIVE}"' >> $script
+	if [ -e "${SDK_OUTPUT}${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt" ]; then
+		echo 'export GIT_SSL_CAINFO="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+		echo 'export SSL_CERT_FILE="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+		echo 'export REQUESTS_CA_BUNDLE="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+		echo 'export CURL_CA_BUNDLE="${SDKPATHNATIVE}${sysconfdir}/ssl/certs/ca-certificates.crt"' >>$script
+	fi
 	echo 'HOST_PKG_PATH=$(command -p pkg-config --variable=pc_path pkg-config 2>/dev/null)' >>$script
 	echo 'export PKG_CONFIG_LIBDIR=${SDKPATHNATIVE}/${libdir}/pkgconfig:${SDKPATHNATIVE}/${datadir}/pkgconfig:${HOST_PKG_PATH:-/usr/lib/pkgconfig:/usr/share/pkgconfig}' >>$script
 	echo 'unset HOST_PKG_PATH'
@@ -80,35 +86,14 @@ create_sdk_files:append () {
 	toolchain_create_sdk_version ${SDK_OUTPUT}/${SDKPATH}/version-${SDK_SYS}

 	cat >> $script <<EOF
-# Detect host ca file/path, export for envfile to use
-# /etc/ssl/certs/ca-certificates.crt Debian systems
-# /etc/pki/tls/certs/ca-bundle.crt Fedora systems
-# /etc/ssl/ca-bundle.pem Suse systems
-export CAFILE
-export CAPATH
-for a in /etc/ssl/certs/ca-certificates.crt \
-    /etc/pki/tls/certs/ca-bundle.crt \
-    /etc/ssl/ca-bundle.pem ; do
-    if test -f "\$a"; then
-        CAFILE="\$a"
-        break
-    fi
-done
-
-a="/etc/ssl/certs"
-if test -d "\$a" && ls "\$a"/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f].0 >/dev/null 2>/dev/null; then
-    CAPATH="\$a"
-fi
-
 if [ -d "\$OECORE_NATIVE_SYSROOT/environment-setup.d" ]; then
 	for envfile in \$OECORE_NATIVE_SYSROOT/environment-setup.d/*.sh; do
 		. \$envfile
 	done
 fi
-
 # We have to unset this else it can confuse oe-selftest and other tools
 # which may also use the overlapping namespace.
-unset OECORE_NATIVE_SYSROOT CAFILE CAPATH
+unset OECORE_NATIVE_SYSROOT
 EOF

 	if [ "${SDKMACHINE}" = "i686" ]; then
--- a/meta/recipes-core/systemd/systemd-boot-native_257.4.bb
+++ b/meta/recipes-core/systemd/systemd-boot-native_257.4.bb
--- a/meta/recipes-core/systemd/systemd-boot_257.4.bb
+++ b/meta/recipes-core/systemd/systemd-boot_257.4.bb
--- a/meta/recipes-core/systemd/systemd-systemctl-native_257.4.bb
+++ b/meta/recipes-core/systemd/systemd-systemctl-native_257.4.bb
--- a/meta/recipes-core/systemd/systemd.inc
+++ b/meta/recipes-core/systemd/systemd.inc
@@ -15,9 +15,9 @@ LICENSE:libsystemd = "LGPL-2.1-or-later"
 LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \
                    file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c"

-SRCREV = "00a12c234e2506f5cab683460199575f13c454db"
+SRCREV = "5ce1c02abc0cc386332384497b5939108314d80d"
 SRCBRANCH = "v257-stable"
-SRC_URI = "git://github.com/systemd/systemd.git;protocol=https;branch=${SRCBRANCH};tag=v${PV}"
+SRC_URI = "git://github.com/systemd/systemd.git;protocol=https;branch=${SRCBRANCH}"

 S = "${WORKDIR}/git"

--- a/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch
+++ b/meta/recipes-core/systemd/systemd/0004-add-fallback-parse_printf_format-implementation.patch
@@ -25,7 +25,7 @@ diff --git a/meson.build b/meson.build
 index bffda86845..4146f4beef 100644
 --- a/meson.build
 +++ b/meson.build
-@@ -770,6 +770,7 @@ foreach header : ['crypt.h',
+@@ -773,6 +773,7 @@ foreach header : ['crypt.h',
                   'linux/ioprio.h',
                   'linux/memfd.h',
                   'linux/time_types.h',
--- a/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch
+++ b/meta/recipes-core/systemd/systemd/0012-do-not-disable-buffer-in-writing-files.patch
@@ -71,7 +71,7 @@ diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c
 index 332e8cdfd5..804498127d 100644
 --- a/src/basic/namespace-util.c
 +++ b/src/basic/namespace-util.c
-@@ -359,12 +359,12 @@ int userns_acquire(const char *uid_map, const char *gid_map) {
+@@ -354,12 +354,12 @@ int userns_acquire(const char *uid_map, const char *gid_map) {
                 freeze();
 
         xsprintf(path, "/proc/" PID_FMT "/uid_map", pid);
@@ -154,7 +154,7 @@ diff --git a/src/core/cgroup.c b/src/core/cgroup.c
 index 6933aae54d..ab6fccc0e4 100644
 --- a/src/core/cgroup.c
 +++ b/src/core/cgroup.c
-@@ -5175,7 +5175,7 @@ int unit_cgroup_freezer_action(Unit *u, FreezerAction action) {
+@@ -5167,7 +5167,7 @@ int unit_cgroup_freezer_action(Unit *u, FreezerAction action) {
         if (r < 0)
                 return r;
 
@@ -180,7 +180,7 @@ diff --git a/src/core/main.c b/src/core/main.c
 index 172742c769..e68ce2a6d8 100644
 --- a/src/core/main.c
 +++ b/src/core/main.c
-@@ -1826,7 +1826,7 @@ static void initialize_core_pattern(bool skip_setup) {
+@@ -1812,7 +1812,7 @@ static void initialize_core_pattern(bool skip_setup) {
         if (getpid_cached() != 1)
                 return;
 
@@ -231,7 +231,7 @@ diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-
 index 01fa90b1ff..83ab655bf4 100644
 --- a/src/libsystemd/sd-device/sd-device.c
 +++ b/src/libsystemd/sd-device/sd-device.c
-@@ -2564,7 +2564,7 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
+@@ -2563,7 +2563,7 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
         if (!value)
                 return -ENOMEM;
 
@@ -359,7 +359,7 @@ diff --git a/src/shared/coredump-util.c b/src/shared/coredump-util.c
 index 805503f366..3234a1d76e 100644
 --- a/src/shared/coredump-util.c
 +++ b/src/shared/coredump-util.c
-@@ -180,7 +180,7 @@ void disable_coredumps(void) {
+@@ -173,7 +173,7 @@ void disable_coredumps(void) {
         if (detect_container() > 0)
                 return;
 
@@ -372,7 +372,7 @@ diff --git a/src/shared/hibernate-util.c b/src/shared/hibernate-util.c
 index 1213fdc2c7..4c26e6a4ee 100644
 --- a/src/shared/hibernate-util.c
 +++ b/src/shared/hibernate-util.c
-@@ -498,7 +498,7 @@ int write_resume_config(dev_t devno, uint64_t offset, const char *device) {
+@@ -495,7 +495,7 @@ int write_resume_config(dev_t devno, uint64_t offset, const char *device) {
 
         /* We write the offset first since it's safer. Note that this file is only available in 4.17+, so
          * fail gracefully if it doesn't exist and we're only overwriting it with 0. */
@@ -381,7 +381,7 @@ index 1213fdc2c7..4c26e6a4ee 100644
         if (r == -ENOENT) {
                 if (offset != 0)
                         return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
-@@ -514,7 +514,7 @@ int write_resume_config(dev_t devno, uint64_t offset, const char *device) {
+@@ -511,7 +511,7 @@ int write_resume_config(dev_t devno, uint64_t offset, const char *device) {
                 log_debug("Wrote resume_offset=%s for device '%s' to /sys/power/resume_offset.",
                           offset_str, device);
 
--- a/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch
+++ b/meta/recipes-core/systemd/systemd/0014-Handle-missing-gshadow.patch
@@ -140,7 +140,7 @@ diff --git a/src/shared/userdb.c b/src/shared/userdb.c
 index ff83d4bf90..54d36cc706 100644
 --- a/src/shared/userdb.c
 +++ b/src/shared/userdb.c
-@@ -1042,13 +1042,15 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
+@@ -1041,13 +1041,15 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
                 if (gr) {
                         _cleanup_free_ char *buffer = NULL;
                         bool incomplete = false;
@@ -157,7 +157,7 @@ index ff83d4bf90..54d36cc706 100644
                         if (!FLAGS_SET(iterator->flags, USERDB_SUPPRESS_SHADOW)) {
                                 r = nss_sgrp_for_group(gr, &sgrp, &buffer);
                                 if (r < 0) {
-@@ -1061,6 +1063,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
+@@ -1060,6 +1062,9 @@ int groupdb_iterator_get(UserDBIterator *iterator, GroupRecord **ret) {
                         }
 
                         r = nss_group_to_group_record(gr, r >= 0 ? &sgrp : NULL, ret);
--- a/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch
+++ b/meta/recipes-core/systemd/systemd/0019-errno-util-Make-STRERROR-portable-for-musl.patch
@@ -11,8 +11,8 @@ Upstream-Status: Inappropriate [musl specific]

 Signed-off-by: Khem Raj <raj.khem@gmail.com>
 ---
- src/basic/errno-util.h | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
+ src/basic/errno-util.h | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)

 diff --git a/src/basic/errno-util.h b/src/basic/errno-util.h
 index 48b76e4bf7..6e7653e2d9 100644
@@ -23,8 +23,9 @@ index 48b76e4bf7..6e7653e2d9 100644
  *
  * Note that we use the GNU variant of strerror_r() here. */
 -#define STRERROR(errnum) strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN)
+-
 +static inline const char * STRERROR(int errnum);
- 
+
 +static inline const char * STRERROR(int errnum) {
 +#ifdef __GLIBC__
 +        return strerror_r(abs(errnum), (char[ERRNO_BUF_LEN]){}, ERRNO_BUF_LEN);
--- a/meta/recipes-core/systemd/systemd_257.4.bb
+++ b/meta/recipes-core/systemd/systemd_257.4.bb
--- a/meta/recipes-core/util-linux/util-linux.inc
+++ b/meta/recipes-core/util-linux/util-linux.inc
@@ -40,7 +40,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/utils/util-linux/v${MAJOR_VERSION}/util-lin
           file://fcntl-lock.c \
           file://0001-cfdisk-add-sector-size-commanand-line-option.patch \
           file://0002-sfdisk-add-sector-size-commanand-line-option.patch \
-           file://0003-agetty-fix-stdin-conversion-to-tty-name.patch \
           "

 SRC_URI[sha256sum] = "5c1daf733b04e9859afdc3bd87cc481180ee0f88b5c0946b16fdec931975fb79"
--- a/meta/recipes-core/util-linux/util-linux/0003-agetty-fix-stdin-conversion-to-tty-name.patch
+++ b/meta/recipes-core/util-linux/util-linux/0003-agetty-fix-stdin-conversion-to-tty-name.patch
@@ -1,40 +0,0 @@
-From bd6c104f931329ce6fbc5a1250c8c80a1d8223ee Mon Sep 17 00:00:00 2001
-From: Karel Zak <kzak@redhat.com>
-Date: Mon, 24 Feb 2025 13:37:04 +0100
-Subject: [PATCH] agetty: fix stdin conversion to tty name
-
-Addresses: https://github.com/util-linux/util-linux/issues/3304
-
-Upstream-Status: Backport
-[https://github.com/util-linux/util-linux/commit/bd6c104f931329ce6fbc5a1250c8c80a1d8223ee]
-Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com>
---
- term-utils/agetty.c | 10 +++++++---
- 1 file changed, 7 insertions(+), 3 deletions(-)
-
-diff --git a/term-utils/agetty.c b/term-utils/agetty.c
-index aa859c27b..0dfe52c90 100644
--- a/term-utils/agetty.c
-+++ b/term-utils/agetty.c
-@@ -928,11 +928,15 @@ static void parse_args(int argc, char **argv, struct options *op)
- 
- 	/* resolve the tty path in case it was provided as stdin */
- 	if (strcmp(op->tty, "-") == 0) {
-+		int fd;
-+		const char *name = op->tty;
-+
- 		op->tty_is_stdin = 1;
-		int fd = get_terminal_name(NULL, &op->tty, NULL);
-		if (fd < 0) {
-+		fd = get_terminal_name(NULL, &name, NULL);
-+		if (fd >= 0)
-+			op->tty = name;	/* set real device name */
-+		else
- 			log_warn(_("could not get terminal name: %d"), fd);
-		}
- 	}
- 
- 	/* On virtual console remember the line which is used for */
-- 
-2.46.2
-
--- a/meta/recipes-devtools/binutils/binutils-2.44.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.44.inc
@@ -18,9 +18,9 @@ SRCBRANCH ?= "binutils-2_44-branch"

 UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)"

-CVE_STATUS[CVE-2025-1153] = "cpe-stable-backport: fix available in used git hash"
+CVE_STATUS[CVE-2023-25584] = "cpe-incorrect: Applies only for version 2.40 and earlier"

-SRCREV ?= "819d713b6340ed3657e00ad0bc8d5f2b73094a0f"
+SRCREV ?= "815d9a14cbbb3b81843f7566222c87fb22e7255d"
 BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https"
 SRC_URI = "\
     ${BINUTILS_GIT_URI} \
@@ -35,12 +35,6 @@ SRC_URI = "\
     file://0012-Only-generate-an-RPATH-entry-if-LD_RUN_PATH-is-not-e.patch \
     file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \
     file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \
-     file://0015-CVE-2025-1178.patch \
-     file://CVE-2025-1180.patch \
-     file://CVE-2025-1182.patch \
-     file://0016-CVE-2025-1181-1.patch \
-     file://0017-CVE-2025-1181-2.patch \
-     file://0016-CVE-2025-5244.patch \
-     file://0016-CVE-2025-3198.patch \
+     file://0015-CVE-2025-1153.patch \
 "
 S  = "${WORKDIR}/git"
--- a/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1153.patch
+++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1153.patch
--- a/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1178.patch
+++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1178.patch
@@ -1,33 +0,0 @@
-From 75086e9de1707281172cc77f178e7949a4414ed0 Mon Sep 17 00:00:00 2001
-From: Nick Clifton <nickc@redhat.com>
-Date: Wed, 5 Feb 2025 13:26:51 +0000
-Subject: [PATCH] Prevent an abort in the bfd linker when attempting to
- generate dynamic relocs for a corrupt input file.
-
-PR 32638
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0]
-CVE: CVE-2025-1178
-
-Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
-
-diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
-index cb32732e..a08e9c97 100644
--- a/bfd/elf64-x86-64.c
-+++ b/bfd/elf64-x86-64.c
-@@ -5031,6 +5031,15 @@ elf_x86_64_finish_dynamic_symbol (bfd *output_bfd,
- 
-       if (generate_dynamic_reloc)
- 	{
-+	  /* If the relgot section has not been created, then
-+	     generate an error instead of a reloc.  cf PR 32638.  */
-+	  if (relgot == NULL || relgot->size == 0)
-+	    {
-+	      info->callbacks->einfo (_("%F%pB: Unable to generate dynamic relocs because a suitable section does not exist\n"),
-+					output_bfd);
-+	      return false;
-+	    }
-+	  
- 	  if (relative_reloc_name != NULL
- 	      && htab->params->report_relative_reloc)
- 	    _bfd_x86_elf_link_report_relative_reloc
--- a/meta/recipes-devtools/binutils/binutils/0016-CVE-2025-1181-1.patch
+++ b/meta/recipes-devtools/binutils/binutils/0016-CVE-2025-1181-1.patch
@@ -1,141 +0,0 @@
-From: Nick Clifton <nickc@redhat.com>
-Date: Wed, 5 Feb 2025 14:31:10 +0000
-
-Prevent illegal memory access when checking relocs in a corrupt ELF binary.
-
-PR 32641
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=18cc11a2771d9e40180485da9a4fb660c03efac3]
-CVE: CVE-2025-1181
-
-Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
-
-diff --git a/bfd/elf-bfd.h b/bfd/elf-bfd.h
-index 785a37dd7fd..d2bf8e5cbae 100644
--- a/bfd/elf-bfd.h
-+++ b/bfd/elf-bfd.h
-@@ -3150,6 +3150,9 @@ extern bool _bfd_elf_link_mmap_section_contents
- extern void _bfd_elf_link_munmap_section_contents
-   (asection *);
- 
-+extern struct elf_link_hash_entry * _bfd_elf_get_link_hash_entry
-+  (struct elf_link_hash_entry **, unsigned int, Elf_Internal_Shdr *);
-+
- /* Large common section.  */
- extern asection _bfd_elf_large_com_section;
- 
-diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c
-index 32db254ba6c..2d82c6583c3 100644
--- a/bfd/elf64-x86-64.c
-+++ b/bfd/elf64-x86-64.c
-@@ -1744,7 +1744,7 @@ elf_x86_64_convert_load_reloc (bfd *abfd,
-   bool to_reloc_pc32;
-   bool abs_symbol;
-   bool local_ref;
-  asection *tsec;
-+  asection *tsec = NULL;
-   bfd_signed_vma raddend;
-   unsigned int opcode;
-   unsigned int modrm;
-@@ -1910,6 +1910,9 @@ elf_x86_64_convert_load_reloc (bfd *abfd,
- 	return true;
-     }
- 
-+  if (tsec == NULL)
-+    return false;
-+
-   /* Don't convert GOTPCREL relocation against large section.  */
-   if (elf_section_data (tsec) !=  NULL
-       && (elf_section_flags (tsec) & SHF_X86_64_LARGE) != 0)
-@@ -2206,10 +2209,7 @@ elf_x86_64_scan_relocs (bfd *abfd, struct bfd_link_info *info,
-       else
- 	{
- 	  isym = NULL;
-	  h = sym_hashes[r_symndx - symtab_hdr->sh_info];
-	  while (h->root.type == bfd_link_hash_indirect
-		 || h->root.type == bfd_link_hash_warning)
-	    h = (struct elf_link_hash_entry *) h->root.u.i.link;
-+	  h = _bfd_elf_get_link_hash_entry (sym_hashes, r_symndx, symtab_hdr);
- 	}
- 
-       /* Check invalid x32 relocations.  */
-diff --git a/bfd/elflink.c b/bfd/elflink.c
-index 1f1263007c0..eafbd133ff5 100644
--- a/bfd/elflink.c
-+++ b/bfd/elflink.c
-@@ -96,6 +96,27 @@ _bfd_elf_link_keep_memory (struct bfd_link_info *info)
-   return true;
- }
- 
-+struct elf_link_hash_entry *
-+_bfd_elf_get_link_hash_entry (struct elf_link_hash_entry **  sym_hashes,
-+			      unsigned int                   symndx,
-+			      Elf_Internal_Shdr *            symtab_hdr)
-+{
-+  if (symndx < symtab_hdr->sh_info)
-+    return NULL;
-+
-+  struct elf_link_hash_entry *h = sym_hashes[symndx - symtab_hdr->sh_info];
-+
-+  /* The hash might be empty.  See PR 32641 for an example of this.  */
-+  if (h == NULL)
-+    return NULL;
-+
-+  while (h->root.type == bfd_link_hash_indirect
-+	 || h->root.type == bfd_link_hash_warning)
-+    h = (struct elf_link_hash_entry *) h->root.u.i.link;
-+
-+  return h;
-+}
-+
- static struct elf_link_hash_entry *
- get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx)
- {
-@@ -108,6 +129,9 @@ get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx)
-     {
-       h = cookie->sym_hashes[r_symndx - cookie->extsymoff];
- 
-+      if (h == NULL)
-+	return NULL;
-+
-       while (h->root.type == bfd_link_hash_indirect
- 	     || h->root.type == bfd_link_hash_warning)
- 	h = (struct elf_link_hash_entry *) h->root.u.i.link;
-diff --git a/bfd/elfxx-x86.c b/bfd/elfxx-x86.c
-index 8e5a005fd36..832a5495eb1 100644
--- a/bfd/elfxx-x86.c
-+++ b/bfd/elfxx-x86.c
-@@ -973,15 +973,7 @@ _bfd_x86_elf_check_relocs (bfd *abfd,
- 	  goto error_return;
- 	}
- 
-      if (r_symndx < symtab_hdr->sh_info)
-	h = NULL;
-      else
-	{
-	  h = sym_hashes[r_symndx - symtab_hdr->sh_info];
-	  while (h->root.type == bfd_link_hash_indirect
-		 || h->root.type == bfd_link_hash_warning)
-	    h = (struct elf_link_hash_entry *) h->root.u.i.link;
-	}
-+      h = _bfd_elf_get_link_hash_entry (sym_hashes, r_symndx, symtab_hdr);
- 
-       if (X86_NEED_DYNAMIC_RELOC_TYPE_P (is_x86_64, r_type)
- 	  && NEED_DYNAMIC_RELOCATION_P (is_x86_64, info, true, h, sec,
-@@ -1209,10 +1201,12 @@ _bfd_x86_elf_link_relax_section (bfd *abfd ATTRIBUTE_UNUSED,
-       else
- 	{
- 	  /* Get H and SEC for GENERATE_DYNAMIC_RELOCATION_P below.  */
-	  h = sym_hashes[r_symndx - symtab_hdr->sh_info];
-	  while (h->root.type == bfd_link_hash_indirect
-		 || h->root.type == bfd_link_hash_warning)
-	    h = (struct elf_link_hash_entry *) h->root.u.i.link;
-+	  h = _bfd_elf_get_link_hash_entry (sym_hashes, r_symndx, symtab_hdr);
-+	  if (h == NULL)
-+	    {
-+	      /* FIXMEL: Issue an error message ?  */
-+	      continue;
-+	    }
- 
- 	  if (h->root.type == bfd_link_hash_defined
- 	      || h->root.type == bfd_link_hash_defweak)
--- a/meta/recipes-devtools/binutils/binutils/0016-CVE-2025-3198.patch
+++ b/meta/recipes-devtools/binutils/binutils/0016-CVE-2025-3198.patch
@@ -1,28 +0,0 @@
-From ba6ad3a18cb26b79e0e3b84c39f707535bbc344d Mon Sep 17 00:00:00 2001
-From: Alan Modra <amodra@gmail.com>
-Date: Wed, 19 Feb 2025 07:58:54 +1030
-Subject: [PATCH] PR32716, objdump -i memory leak
-
-	PR binutils/32716
-	* bucomm.c (display_info): Free arg.info.
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d]
-CVE: CVE-2025-3198
-
-Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
---
- binutils/bucomm.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/binutils/bucomm.c b/binutils/bucomm.c
-index ccf54099154..d4554737db1 100644
--- a/binutils/bucomm.c
-+++ b/binutils/bucomm.c
-@@ -435,6 +435,7 @@ display_info (void)
-   if (!arg.error)
-     display_target_tables (&arg);
- 
-+  free (arg.info);
-   return arg.error;
- }
- 
--- a/meta/recipes-devtools/binutils/binutils/0016-CVE-2025-5244.patch
+++ b/meta/recipes-devtools/binutils/binutils/0016-CVE-2025-5244.patch
@@ -1,25 +0,0 @@
-From: Alan Modra <amodra@gmail.com>
-Date: Thu, 10 Apr 2025 19:41:49 +0930
-
-Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=d1458933830456e54223d9fc61f0d9b3a19256f5]
-CVE: CVE-2025-5244
-
-PR32858 ld segfault on fuzzed object
-We missed one place where it is necessary to check for empty groups.
-
-Signed-off-by: Deepesh Varatharajan <Deepesh.Varatharajan@windriver.com>
-
-diff --git a/bfd/elflink.c b/bfd/elflink.c
-index a76e8e38da7..549b7b7dd92 100644
--- a/bfd/elflink.c
-+++ b/bfd/elflink.c
-@@ -14408,7 +14408,8 @@ elf_gc_sweep (bfd *abfd, struct bfd_link_info *info)
- 	  if (o->flags & SEC_GROUP)
- 	    {
- 	      asection *first = elf_next_in_group (o);
-	      o->gc_mark = first->gc_mark;
-+	      if (first != NULL)
-+		o->gc_mark = first->gc_mark;
- 	    }
- 
- 	  if (o->gc_mark)
--- a/Show More
+++ b/Show More