mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-03-17 04:39:40 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirrors:walnascar-5.2.3
Branches Tags
mirrors:master mirrors:kirkstone mirrors:scarthgap mirrors:walnascar mirrors:styhead mirrors:walnascar-next mirrors:dunfell mirrors:nanbield mirrors:mickledore mirrors:langdale mirrors:honister mirrors:gatesgarth mirrors:hardknott mirrors:thud mirrors:warrior mirrors:zeus mirrors:pyro mirrors:sumo mirrors:rocko mirrors:jethro mirrors:krogoth mirrors:morty mirrors:fido mirrors:dizzy mirrors:daisy mirrors:dylan mirrors:dora mirrors:danny mirrors:denzil mirrors:edison mirrors:bernard mirrors:laverne mirrors:green mirrors:purple mirrors:pinky mirrors:elroy mirrors:clyde mirrors:blinky
mirrors:yocto-5.0.16 mirrors:scarthgap-5.0.16 mirrors:yocto-4.0.33 mirrors:kirkstone-4.0.33 mirrors:yocto-5.0.15 mirrors:scarthgap-5.0.15 mirrors:yocto-4.0.32 mirrors:kirkstone-4.0.32 mirrors:yocto-5.0.14 mirrors:scarthgap-5.0.14 mirrors:yocto-4.0.31 mirrors:kirkstone-4.0.31 mirrors:yocto-5.0.13 mirrors:scarthgap-5.0.13 mirrors:yocto-5.2.4 mirrors:walnascar-5.2.4 mirrors:yocto-4.0.30 mirrors:kirkstone-4.0.30 mirrors:yocto-5.2.3 mirrors:walnascar-5.2.3 mirrors:yocto-5.0.12 mirrors:scarthgap-5.0.12 mirrors:yocto-4.0.29 mirrors:kirkstone-4.0.29 mirrors:5.3_M2 mirrors:yocto-5.0.11 mirrors:scarthgap-5.0.11 mirrors:yocto-5.2.2 mirrors:walnascar-5.2.2 mirrors:yocto-4.0.28 mirrors:kirkstone-4.0.28 mirrors:5.3_M1 mirrors:yocto-5.0.10 mirrors:scarthgap-5.0.10 mirrors:yocto-5.2.1 mirrors:walnascar-5.2.1 mirrors:yocto-4.0.27 mirrors:kirkstone-4.0.27 mirrors:yocto-5.2 mirrors:walnascar-5.2 mirrors:yocto-5.0.9 mirrors:scarthgap-5.0.9 mirrors:yocto-4.0.26 mirrors:kirkstone-4.0.26 mirrors:yocto-5.1.4 mirrors:styhead-5.1.4 mirrors:yocto-5.0.8 mirrors:scarthgap-5.0.8 mirrors:5.2_M3 mirrors:yocto-5.1.3 mirrors:styhead-5.1.3 mirrors:yocto-4.0.25 mirrors:kirkstone-4.0.25 mirrors:yocto-5.0.7 mirrors:scarthgap-5.0.7 mirrors:5.2_M2 mirrors:yocto-4.0.24 mirrors:kirkstone-4.0.24 mirrors:yocto-5.1.2 mirrors:styhead-5.1.2 mirrors:5.2_M1 mirrors:yocto-5.0.6 mirrors:scarthgap-5.0.6 mirrors:styhead-5.1.1 mirrors:yocto-5.1.1 mirrors:yocto-4.0.23 mirrors:kirkstone-4.0.23 mirrors:yocto-5.0.5 mirrors:scarthgap-5.0.5 mirrors:yocto-4.0.22 mirrors:kirkstone-4.0.22 mirrors:styhead-5.1 mirrors:yocto-5.1 mirrors:yocto-5.0.4 mirrors:scarthgap-5.0.4 mirrors:kirkstone-4.0.21 mirrors:yocto-4.0.21 mirrors:5.1_M3 mirrors:yocto-5.0.3 mirrors:scarthgap-5.0.3 mirrors:5.1_M2 mirrors:yocto-4.0.20 mirrors:kirkstone-4.0.20 mirrors:yocto-5.0.2 mirrors:scarthgap-5.0.2 mirrors:5.1_M1 mirrors:kirkstone-4.0.19 mirrors:yocto-4.0.19 mirrors:yocto-5.0.1 mirrors:scarthgap-5.0.1 mirrors:yocto-4.0.18 mirrors:kirkstone-4.0.18 mirrors:yocto-3.1.33 mirrors:dunfell-23.0.33 mirrors:scarthgap-5.0 mirrors:yocto-5.0 mirrors:yocto-4.3.4 mirrors:nanbield-4.3.4 mirrors:yocto-4.0.17 mirrors:kirkstone-4.0.17 mirrors:5.0_M3 mirrors:dunfell-23.0.32 mirrors:yocto-3.1.32 mirrors:nanbield-4.3.3 mirrors:yocto-4.3.3 mirrors:yocto-4.0.16 mirrors:kirkstone-4.0.16 mirrors:yocto-3.1.31 mirrors:dunfell-23.0.31 mirrors:5.0_M2 mirrors:yocto-4.3.2 mirrors:nanbield-4.3.2 mirrors:5.0_M1 mirrors:yocto-4.0.15 mirrors:kirkstone-4.0.15 mirrors:yocto-3.1.30 mirrors:dunfell-23.0.30 mirrors:nanbield-4.3.1 mirrors:yocto-4.3.1 mirrors:mickledore-4.2.4 mirrors:yocto-4.2.4 mirrors:kirkstone-4.0.14 mirrors:yocto-4.0.14 mirrors:dunfell-23.0.29 mirrors:yocto-3.1.29 mirrors:yocto-4.3 mirrors:nanbield-4.3 mirrors:yocto-4.0.13 mirrors:kirkstone-4.0.13 mirrors:yocto-3.1.28 mirrors:dunfell-23.0.28 mirrors:4.3_M3 mirrors:yocto-4.2.3 mirrors:mickledore-4.2.3 mirrors:yocto-4.0.12 mirrors:kirkstone-4.0.12 mirrors:yocto-3.1.27 mirrors:dunfell-23.0.27 mirrors:4.3_M2 mirrors:yocto-4.2.2 mirrors:mickledore-4.2.2 mirrors:yocto-4.0.11 mirrors:kirkstone-4.0.11 mirrors:yocto-3.1.26 mirrors:dunfell-23.0.26 mirrors:4.3_M1 mirrors:yocto-4.2.1 mirrors:mickledore-4.2.1 mirrors:yocto-4.0.10 mirrors:kirkstone-4.0.10 mirrors:yocto-4.1.4 mirrors:langdale-4.1.4 mirrors:yocto-3.1.25 mirrors:dunfell-23.0.25 mirrors:mickledore-4.2 mirrors:yocto-4.2 mirrors:yocto-4.0.9 mirrors:kirkstone-4.0.9 mirrors:yocto-3.1.24 mirrors:dunfell-23.0.24 mirrors:yocto-4.1.3 mirrors:langdale-4.1.3 mirrors:yocto-4.0.8 mirrors:kirkstone-4.0.8 mirrors:4.2_M3 mirrors:yocto-3.1.23 mirrors:dunfell-23.0.23 mirrors:yocto-4.0.7 mirrors:kirkstone-4.0.7 mirrors:4.2_M2 mirrors:yocto-3.1.22 mirrors:dunfell-23.0.22 mirrors:yocto-4.1.2 mirrors:langdale-4.1.2 mirrors:yocto-4.0.6 mirrors:kirkstone-4.0.6 mirrors:4.2_M1 mirrors:yocto-3.1.21 mirrors:dunfell-23.0.21 mirrors:yocto-4.1.1 mirrors:langdale-4.1.1 mirrors:yocto-4.0.5 mirrors:kirkstone-4.0.5 mirrors:yocto-4.1 mirrors:langdale-4.1 mirrors:yocto-3.1.20 mirrors:dunfell-23.0.20 mirrors:yocto-4.0.4 mirrors:kirkstone-4.0.4 mirrors:4.1_M3 mirrors:yocto-3.1.19 mirrors:dunfell-23.0.19 mirrors:yocto-4.0.3 mirrors:kirkstone-4.0.3 mirrors:uninative-3.7 mirrors:yocto-3.1.18 mirrors:dunfell-23.0.18 mirrors:4.1_M2 mirrors:yocto-4.0.2 mirrors:kirkstone-4.0.2 mirrors:yocto-3.1.17 mirrors:dunfell-23.0.17 mirrors:4.1_M1 mirrors:yocto-4.0.1 mirrors:kirkstone-4.0.1 mirrors:honister-3.4.4 mirrors:yocto-3.4.4 mirrors:yocto-3.1.16 mirrors:dunfell-23.0.16 mirrors:yocto-3.3.6 mirrors:hardknott-3.3.6 mirrors:kirkstone-4.0 mirrors:yocto-4.0 mirrors:uninative-3.6 mirrors:honister-3.4.3 mirrors:yocto-3.4.3 mirrors:yocto-3.1.15 mirrors:dunfell-23.0.15 mirrors:3.5_M3 mirrors:yocto-3.3.5 mirrors:hardknott-3.3.5 mirrors:yocto-3.4.2 mirrors:honister-3.4.2 mirrors:yocto-3.1.14 mirrors:dunfell-23.0.14 mirrors:uninative-3.5 mirrors:3.5_M2 mirrors:dunfell-23.0.13 mirrors:yocto-3.1.13 mirrors:3.5_M1 mirrors:yocto-3.4.1 mirrors:honister-3.4.1 mirrors:dunfell-23.0.12 mirrors:yocto-3.1.12 mirrors:yocto-3.3.4 mirrors:hardknott-3.3.4 mirrors:yocto-3.4 mirrors:honister-3.4 mirrors:yocto-3.1.11 mirrors:dunfell-23.0.11 mirrors:yocto-3.3.3 mirrors:hardknott-3.3.3 mirrors:3.4_M3 mirrors:yocto-3.1.10 mirrors:dunfell-23.0.10 mirrors:hardknott-3.3.2 mirrors:yocto-3.3.2 mirrors:3.4_M2 mirrors:dunfell-23.0.9 mirrors:yocto-3.1.9 mirrors:3.4_M1 mirrors:dunfell-23.0.8 mirrors:hardknott-3.3 mirrors:hardknott-3.3.1 mirrors:yocto-3.1.8 mirrors:yocto-3.3.1 mirrors:uninative-3.2 mirrors:gatesgarth-24.0.4 mirrors:yocto-3.2.4 mirrors:uninative-3.1 mirrors:yocto-3.1.7 mirrors:dunfell-23.0.7 mirrors:yocto-3.3 mirrors:yocto-3.2.3 mirrors:gatesgarth-24.0.3 mirrors:3.3_M3 mirrors:yocto-3.1.6 mirrors:dunfell-23.0.6 mirrors:yocto-3.2.2 mirrors:gatesgarth-24.0.2 mirrors:uninative-3.0 mirrors:uninative-2.11 mirrors:uninative-2.10 mirrors:3.3_M2 mirrors:yocto-3.1.5 mirrors:dunfell-23.0.5 mirrors:3.3_M1 mirrors:yocto-3.2.1 mirrors:gatesgarth-24.0.1 mirrors:yocto-3.1.4 mirrors:dunfell-23.0.4 mirrors:yocto-3.2 mirrors:gatesgarth-24.0.0 mirrors:dunfell-23.0.3 mirrors:yocto-3.1.3 mirrors:3.2_M3 mirrors:uninative-2.9 mirrors:yocto-3.0.4 mirrors:zeus-22.0.4 mirrors:3.2_M2 mirrors:dunfell-23.0.2 mirrors:yocto-3.1.2 mirrors:3.2_M1 mirrors:yocto-3.1.1 mirrors:dunfell-23.0.1 mirrors:warrior-21.0.4 mirrors:yocto-2.7.4 mirrors:yocto-3.0.3 mirrors:zeus-22.0.3 mirrors:dunfell-23.0.0 mirrors:yocto-3.1 mirrors:3.1_M3 mirrors:yocto-2.7.3 mirrors:warrior-21.0.3 mirrors:uninative-2.8 mirrors:zeus-22.0.2 mirrors:yocto-3.0.2 mirrors:3.1_M2 mirrors:3.1_M1 mirrors:yocto-3.0.1 mirrors:zeus-22.0.1 mirrors:warrior-21.0.2 mirrors:yocto-2.7.2 mirrors:thud-20.0.4 mirrors:yocto-2.6.4 mirrors:yocto-3.0 mirrors:zeus-22.0.0 mirrors:uninative-2.7 mirrors:2.8_M3 mirrors:thud-20.0.3 mirrors:yocto-2.6.3 mirrors:2.8_M2 mirrors:warrior-21.0.1 mirrors:yocto-2.7.1 mirrors:uninative-2.6 mirrors:2.8_M1 mirrors:uninative-2.5 mirrors:warrior-21.0.0 mirrors:yocto-2.7 mirrors:yocto-2.5.3 mirrors:sumo-19.0.3 mirrors:thud-20.0.2 mirrors:yocto-2.6.2 mirrors:2.7_M3 mirrors:uninative-2.4 mirrors:2.7_M2 mirrors:thud-20.0.1 mirrors:yocto-2.6.1 mirrors:2.7_M1 mirrors:yocto-2.5.2 mirrors:sumo-19.0.2 mirrors:rocko-18.0.4 mirrors:yocto-2.4.4 mirrors:yocto-2.6 mirrors:thud-20.0.0 mirrors:uninative-2.3 mirrors:2.6_M3 mirrors:yocto-2.5.1 mirrors:sumo-19.0.1 mirrors:2.6_M2 mirrors:uninative-2.2 mirrors:morty-16.0.4 mirrors:yocto-2.2.4 mirrors:pyro-17.0.4 mirrors:yocto-2.3.4 mirrors:2.6_M1 mirrors:uninative-2.1 mirrors:rocko-18.0.3 mirrors:yocto-2.4.3 mirrors:uninative-2.0 mirrors:sumo-19.0.0 mirrors:yocto-2.5 mirrors:uninative-1.9 mirrors:2.5_M3 mirrors:rocko-18.0.2 mirrors:yocto-2.4.2 mirrors:uninative-1.8 mirrors:morty-16.0.3 mirrors:yocto-2.2.3 mirrors:2.5_M2 mirrors:2.5_M1 mirrors:yocto-2.4.1 mirrors:rocko-18.0.1 mirrors:pyro-17.0.3 mirrors:yocto-2.3.3 mirrors:yocto-2.4 mirrors:rocko-18.0.0 mirrors:pyro-17.0.2 mirrors:yocto-2.3.2 mirrors:morty-16.0.2 mirrors:yocto-2.2.2 mirrors:2.4_M3 mirrors:2.4_M2 mirrors:uninative-1.7 mirrors:yocto-2.3.1 mirrors:pyro-17.0.1 mirrors:krogoth-15.0.3 mirrors:yocto-2.1.3 mirrors:2.4_M1 mirrors:yocto-2.3 mirrors:pyro-17.0.0 mirrors:2.3_M3 mirrors:uninative-1.6 mirrors:uninative-1.5 mirrors:morty-16.0.1 mirrors:yocto-2.2.1 mirrors:2.3_M2 mirrors:2.3_M1 mirrors:jethro-14.0.3 mirrors:yocto-2.0.3 mirrors:yocto-2.1.2 mirrors:krogoth-15.0.2 mirrors:morty-16.0.0 mirrors:yocto-2.2 mirrors:uninative-1.4 mirrors:2.2_M3 mirrors:yocto-2.1.1 mirrors:krogoth-15.0.1 mirrors:uninative-1.3 mirrors:2.2_M1 mirrors:2.2_M2 mirrors:jethro-14.0.2 mirrors:yocto-2.0.2 mirrors:yocto-1.8.2 mirrors:fido-13.0.2 mirrors:uninative-1.0 mirrors:krogoth-15.0.0 mirrors:yocto-2.1 mirrors:jethro-14.0.1 mirrors:yocto-2.0.1 mirrors:2.1_M1 mirrors:yocto-2.0 mirrors:jethro-14.0.0 mirrors:dizzy-12.0.3 mirrors:yocto-1.7.3 mirrors:fido-13.0.1 mirrors:yocto-1.8.1 mirrors:1.9_M2 mirrors:yocto-1.9_M1 mirrors:daisy-11.0.3 mirrors:yocto-1.6.3 mirrors:dizzy-12.0.2 mirrors:yocto-1.7.2 mirrors:fido-13.0.0 mirrors:yocto-1.8 mirrors:1.7_M3 mirrors:1.8_M1 mirrors:1.8_M2 mirrors:1.8_M3 mirrors:yocto-1.7.1 mirrors:dizzy-12.0.1 mirrors:dora-10.0.4 mirrors:yocto-1.5.4 mirrors:daisy-11.0.2 mirrors:yocto-1.6.2 mirrors:dizzy-12.0.0 mirrors:yocto-1.7 mirrors:1.7_M1 mirrors:1.7_M2 mirrors:yocto-1.5.3 mirrors:dora-10.0.3 mirrors:daisy-11.0.1 mirrors:yocto-1.6.1 mirrors:dylan-9.0.4 mirrors:yocto-1.4.4 mirrors:yocto-1.5.2 mirrors:dora-10.0.2 mirrors:yocto-1.6 mirrors:daisy-11.0.0 mirrors:yocto-1.4.3 mirrors:dylan-9.0.3 mirrors:1.6_M4 mirrors:1.5_M5.rc1 mirrors:1.6_M3.final mirrors:1.6_M3 mirrors:1.6_M5 mirrors:1.6_M2 mirrors:1.3.1 mirrors:dora-10.0.1.final mirrors:dora-10.0.1 mirrors:yocto-1.5.1 mirrors:yocto-1.5.1.final mirrors:1.6_M1.final mirrors:1.6_M1 mirrors:dora-10.0.0.final mirrors:1.6_M1.rc1 mirrors:toaster-dora mirrors:toaster-dora-10.0.0 mirrors:poky-10.0.0.final mirrors:yocto-1.5.final mirrors:1.5_M5.rc8 mirrors:dora-10.0.0 mirrors:yocto-1.5 mirrors:1.5_M5.rc7 mirrors:1.5_M5.rc6 mirrors:1.5_M5.rc5 mirrors:1.5_M5.rc4 mirrors:1.5_M5.rc3 mirrors:1.5_M4.final mirrors:1.5_M4 mirrors:1.5_M5.rc2 mirrors:yocto-1.5_M5.rc2 mirrors:1.5_M4.rc3 mirrors:yocto-1.4.2 mirrors:dylan-9.0.2 mirrors:yocto-1.4.2.rc1 mirrors:dylan-9.0.2.rc1 mirrors:1.5_M4.rc2 mirrors:1.5_M4.rc1 mirrors:1.5_M3 mirrors:1.5_M3.final mirrors:1.5_M3.rc1 mirrors:1.5_M2.rc1 mirrors:yocto-1.4.1 mirrors:dylan-9.0.1 mirrors:1.5_M1.final mirrors:dylan-9.0.1.rc1 mirrors:1.4.1.rc1 mirrors:1.5_M1.rc1 mirrors:green-3.3.1 mirrors:green-3.3 mirrors:danny-8.0.2 mirrors:1.3.2 mirrors:1.3.2.final mirrors:dylan-9.0.0 mirrors:yocto-1.4 mirrors:danny-8.0.1 mirrors:1.4_M5.rc1 mirrors:1.4_M5.rc2 mirrors:1.4_M5.final mirrors:1.4_M5 mirrors:1.4_M5.rc3 mirrors:1.4_M6.rc1 mirrors:1.4_M4 mirrors:1.4_M4.final mirrors:1.4_M4.rc1 mirrors:1.4_M3 mirrors:1.4_M3.final mirrors:1.4_M3.rc2 mirrors:1.4_M3.rc1 mirrors:denzil-7.0.2 mirrors:danny-8.0 mirrors:1.4_M1 mirrors:1.4_M1.final mirrors:1.4_M1.rc1 mirrors:1.3 mirrors:1.3_M5.rc4 mirrors:1.3_M5.rc3 mirrors:1.3_M4.final mirrors:1.3_M4 mirrors:1.3_M5.rc2 mirrors:1.3_M5.rc1 mirrors:1.3_M5 mirrors:1.3_M4.rc1 mirrors:1.3_M3.final mirrors:1.3_M3 mirrors:1.3_M3.rc2 mirrors:1.3_M2.final mirrors:1.3_M2 mirrors:yocto-1.1.2 mirrors:edison-6.0.2 mirrors:denzil-7.0.1 mirrors:edison-6.0.2_rc1 mirrors:1.3_M2.rc1 mirrors:denzil-7.0.1_rc2 mirrors:1.3_M1.final mirrors:1.3_M1 mirrors:1.3_M1.rc1 mirrors:denzil-7.0 mirrors:yocto-1.2 mirrors:denzil-7.0.0 mirrors:1.2_M4 mirrors:1.2_M4.rc4.0 mirrors:1.2_M4.rc3.2 mirrors:1.2_M4.rc3.1 mirrors:1.2_M4.rc3 mirrors:1.2_M4.rc2 mirrors:1.2_M4.rc1 mirrors:1.2_M4.rc4 mirrors:edison-6.0.1.release mirrors:edison-6.0.1.final mirrors:yocto-1.1.1 mirrors:edison-6.0.1 mirrors:1.2_M3.final mirrors:1.2_M3 mirrors:1.2_M3.rc1 mirrors:1.2_M2.final mirrors:1.2_M2 mirrors:1.2_M2.rc1 mirrors:1.2_M1.final mirrors:1.2_M1 mirrors:bernard-5.0.2+docs mirrors:bernard-5.0.2 mirrors:1.2_M1.rc2 mirrors:1.2_M1.rc1 mirrors:1.1_M4.rc4 mirrors:edison-6.0 mirrors:yocto-1.1 mirrors:1.1_M4.rc3 mirrors:1.1_M4 mirrors:1.1_M4.rc2+ mirrors:1.1_M3.rc3 mirrors:1.1_M3.final mirrors:1.1_M3 mirrors:1.1_M3.rc2 mirrors:1.1_M2 mirrors:1.1_M2.final mirrors:1.1_M2.rc3 mirrors:1.1_M2.rc2 mirrors:1.1_M2.rc1 mirrors:1.1_M1.final mirrors:1.1_M1 mirrors:1.1_M1.rc2 mirrors:bernard-5.0.1 mirrors:1.1_M1.rc1 mirrors:yocto-1.0 mirrors:bernard-5.0 mirrors:bernard-5.0rc2 mirrors:bernard-1.0rc1 mirrors:bernard-5.0rc1 mirrors:bernard-5.0-alpha mirrors:laverne-4.0.1 mirrors:laverne-4.0 mirrors:purple-3.2.1 mirrors:purple-3.2 mirrors:inky-1.0 mirrors:clyde-2.0 mirrors:blinky-3.0 mirrors:pinky-3.1 mirrors:pinky-3.1.1 mirrors:pinky-3.1.2
..
compare: mirrors:walnascar-next
Branches Tags
mirrors:kirkstone mirrors:scarthgap mirrors:master mirrors:walnascar mirrors:styhead mirrors:walnascar-next mirrors:dunfell mirrors:nanbield mirrors:mickledore mirrors:langdale mirrors:honister mirrors:gatesgarth mirrors:hardknott mirrors:thud mirrors:warrior mirrors:zeus mirrors:pyro mirrors:sumo mirrors:rocko mirrors:jethro mirrors:krogoth mirrors:morty mirrors:fido mirrors:dizzy mirrors:daisy mirrors:dylan mirrors:dora mirrors:danny mirrors:denzil mirrors:edison mirrors:bernard mirrors:laverne mirrors:green mirrors:purple mirrors:pinky mirrors:elroy mirrors:clyde mirrors:blinky
mirrors:yocto-5.0.16 mirrors:scarthgap-5.0.16 mirrors:yocto-4.0.33 mirrors:kirkstone-4.0.33 mirrors:yocto-5.0.15 mirrors:scarthgap-5.0.15 mirrors:yocto-4.0.32 mirrors:kirkstone-4.0.32 mirrors:yocto-5.0.14 mirrors:scarthgap-5.0.14 mirrors:yocto-4.0.31 mirrors:kirkstone-4.0.31 mirrors:yocto-5.0.13 mirrors:scarthgap-5.0.13 mirrors:yocto-5.2.4 mirrors:walnascar-5.2.4 mirrors:yocto-4.0.30 mirrors:kirkstone-4.0.30 mirrors:yocto-5.2.3 mirrors:walnascar-5.2.3 mirrors:yocto-5.0.12 mirrors:scarthgap-5.0.12 mirrors:yocto-4.0.29 mirrors:kirkstone-4.0.29 mirrors:5.3_M2 mirrors:yocto-5.0.11 mirrors:scarthgap-5.0.11 mirrors:yocto-5.2.2 mirrors:walnascar-5.2.2 mirrors:yocto-4.0.28 mirrors:kirkstone-4.0.28 mirrors:5.3_M1 mirrors:yocto-5.0.10 mirrors:scarthgap-5.0.10 mirrors:yocto-5.2.1 mirrors:walnascar-5.2.1 mirrors:yocto-4.0.27 mirrors:kirkstone-4.0.27 mirrors:yocto-5.2 mirrors:walnascar-5.2 mirrors:yocto-5.0.9 mirrors:scarthgap-5.0.9 mirrors:yocto-4.0.26 mirrors:kirkstone-4.0.26 mirrors:yocto-5.1.4 mirrors:styhead-5.1.4 mirrors:yocto-5.0.8 mirrors:scarthgap-5.0.8 mirrors:5.2_M3 mirrors:yocto-5.1.3 mirrors:styhead-5.1.3 mirrors:yocto-4.0.25 mirrors:kirkstone-4.0.25 mirrors:yocto-5.0.7 mirrors:scarthgap-5.0.7 mirrors:5.2_M2 mirrors:yocto-4.0.24 mirrors:kirkstone-4.0.24 mirrors:yocto-5.1.2 mirrors:styhead-5.1.2 mirrors:5.2_M1 mirrors:yocto-5.0.6 mirrors:scarthgap-5.0.6 mirrors:styhead-5.1.1 mirrors:yocto-5.1.1 mirrors:yocto-4.0.23 mirrors:kirkstone-4.0.23 mirrors:yocto-5.0.5 mirrors:scarthgap-5.0.5 mirrors:yocto-4.0.22 mirrors:kirkstone-4.0.22 mirrors:styhead-5.1 mirrors:yocto-5.1 mirrors:yocto-5.0.4 mirrors:scarthgap-5.0.4 mirrors:kirkstone-4.0.21 mirrors:yocto-4.0.21 mirrors:5.1_M3 mirrors:yocto-5.0.3 mirrors:scarthgap-5.0.3 mirrors:5.1_M2 mirrors:yocto-4.0.20 mirrors:kirkstone-4.0.20 mirrors:yocto-5.0.2 mirrors:scarthgap-5.0.2 mirrors:5.1_M1 mirrors:kirkstone-4.0.19 mirrors:yocto-4.0.19 mirrors:yocto-5.0.1 mirrors:scarthgap-5.0.1 mirrors:yocto-4.0.18 mirrors:kirkstone-4.0.18 mirrors:yocto-3.1.33 mirrors:dunfell-23.0.33 mirrors:scarthgap-5.0 mirrors:yocto-5.0 mirrors:yocto-4.3.4 mirrors:nanbield-4.3.4 mirrors:yocto-4.0.17 mirrors:kirkstone-4.0.17 mirrors:5.0_M3 mirrors:dunfell-23.0.32 mirrors:yocto-3.1.32 mirrors:nanbield-4.3.3 mirrors:yocto-4.3.3 mirrors:yocto-4.0.16 mirrors:kirkstone-4.0.16 mirrors:yocto-3.1.31 mirrors:dunfell-23.0.31 mirrors:5.0_M2 mirrors:yocto-4.3.2 mirrors:nanbield-4.3.2 mirrors:5.0_M1 mirrors:yocto-4.0.15 mirrors:kirkstone-4.0.15 mirrors:yocto-3.1.30 mirrors:dunfell-23.0.30 mirrors:nanbield-4.3.1 mirrors:yocto-4.3.1 mirrors:mickledore-4.2.4 mirrors:yocto-4.2.4 mirrors:kirkstone-4.0.14 mirrors:yocto-4.0.14 mirrors:dunfell-23.0.29 mirrors:yocto-3.1.29 mirrors:yocto-4.3 mirrors:nanbield-4.3 mirrors:yocto-4.0.13 mirrors:kirkstone-4.0.13 mirrors:yocto-3.1.28 mirrors:dunfell-23.0.28 mirrors:4.3_M3 mirrors:yocto-4.2.3 mirrors:mickledore-4.2.3 mirrors:yocto-4.0.12 mirrors:kirkstone-4.0.12 mirrors:yocto-3.1.27 mirrors:dunfell-23.0.27 mirrors:4.3_M2 mirrors:yocto-4.2.2 mirrors:mickledore-4.2.2 mirrors:yocto-4.0.11 mirrors:kirkstone-4.0.11 mirrors:yocto-3.1.26 mirrors:dunfell-23.0.26 mirrors:4.3_M1 mirrors:yocto-4.2.1 mirrors:mickledore-4.2.1 mirrors:yocto-4.0.10 mirrors:kirkstone-4.0.10 mirrors:yocto-4.1.4 mirrors:langdale-4.1.4 mirrors:yocto-3.1.25 mirrors:dunfell-23.0.25 mirrors:mickledore-4.2 mirrors:yocto-4.2 mirrors:yocto-4.0.9 mirrors:kirkstone-4.0.9 mirrors:yocto-3.1.24 mirrors:dunfell-23.0.24 mirrors:yocto-4.1.3 mirrors:langdale-4.1.3 mirrors:yocto-4.0.8 mirrors:kirkstone-4.0.8 mirrors:4.2_M3 mirrors:yocto-3.1.23 mirrors:dunfell-23.0.23 mirrors:yocto-4.0.7 mirrors:kirkstone-4.0.7 mirrors:4.2_M2 mirrors:yocto-3.1.22 mirrors:dunfell-23.0.22 mirrors:yocto-4.1.2 mirrors:langdale-4.1.2 mirrors:yocto-4.0.6 mirrors:kirkstone-4.0.6 mirrors:4.2_M1 mirrors:yocto-3.1.21 mirrors:dunfell-23.0.21 mirrors:yocto-4.1.1 mirrors:langdale-4.1.1 mirrors:yocto-4.0.5 mirrors:kirkstone-4.0.5 mirrors:yocto-4.1 mirrors:langdale-4.1 mirrors:yocto-3.1.20 mirrors:dunfell-23.0.20 mirrors:yocto-4.0.4 mirrors:kirkstone-4.0.4 mirrors:4.1_M3 mirrors:yocto-3.1.19 mirrors:dunfell-23.0.19 mirrors:yocto-4.0.3 mirrors:kirkstone-4.0.3 mirrors:uninative-3.7 mirrors:yocto-3.1.18 mirrors:dunfell-23.0.18 mirrors:4.1_M2 mirrors:yocto-4.0.2 mirrors:kirkstone-4.0.2 mirrors:yocto-3.1.17 mirrors:dunfell-23.0.17 mirrors:4.1_M1 mirrors:yocto-4.0.1 mirrors:kirkstone-4.0.1 mirrors:honister-3.4.4 mirrors:yocto-3.4.4 mirrors:yocto-3.1.16 mirrors:dunfell-23.0.16 mirrors:yocto-3.3.6 mirrors:hardknott-3.3.6 mirrors:kirkstone-4.0 mirrors:yocto-4.0 mirrors:uninative-3.6 mirrors:honister-3.4.3 mirrors:yocto-3.4.3 mirrors:yocto-3.1.15 mirrors:dunfell-23.0.15 mirrors:3.5_M3 mirrors:yocto-3.3.5 mirrors:hardknott-3.3.5 mirrors:yocto-3.4.2 mirrors:honister-3.4.2 mirrors:yocto-3.1.14 mirrors:dunfell-23.0.14 mirrors:uninative-3.5 mirrors:3.5_M2 mirrors:dunfell-23.0.13 mirrors:yocto-3.1.13 mirrors:3.5_M1 mirrors:yocto-3.4.1 mirrors:honister-3.4.1 mirrors:dunfell-23.0.12 mirrors:yocto-3.1.12 mirrors:yocto-3.3.4 mirrors:hardknott-3.3.4 mirrors:yocto-3.4 mirrors:honister-3.4 mirrors:yocto-3.1.11 mirrors:dunfell-23.0.11 mirrors:yocto-3.3.3 mirrors:hardknott-3.3.3 mirrors:3.4_M3 mirrors:yocto-3.1.10 mirrors:dunfell-23.0.10 mirrors:hardknott-3.3.2 mirrors:yocto-3.3.2 mirrors:3.4_M2 mirrors:dunfell-23.0.9 mirrors:yocto-3.1.9 mirrors:3.4_M1 mirrors:dunfell-23.0.8 mirrors:hardknott-3.3 mirrors:hardknott-3.3.1 mirrors:yocto-3.1.8 mirrors:yocto-3.3.1 mirrors:uninative-3.2 mirrors:gatesgarth-24.0.4 mirrors:yocto-3.2.4 mirrors:uninative-3.1 mirrors:yocto-3.1.7 mirrors:dunfell-23.0.7 mirrors:yocto-3.3 mirrors:yocto-3.2.3 mirrors:gatesgarth-24.0.3 mirrors:3.3_M3 mirrors:yocto-3.1.6 mirrors:dunfell-23.0.6 mirrors:yocto-3.2.2 mirrors:gatesgarth-24.0.2 mirrors:uninative-3.0 mirrors:uninative-2.11 mirrors:uninative-2.10 mirrors:3.3_M2 mirrors:yocto-3.1.5 mirrors:dunfell-23.0.5 mirrors:3.3_M1 mirrors:yocto-3.2.1 mirrors:gatesgarth-24.0.1 mirrors:yocto-3.1.4 mirrors:dunfell-23.0.4 mirrors:yocto-3.2 mirrors:gatesgarth-24.0.0 mirrors:dunfell-23.0.3 mirrors:yocto-3.1.3 mirrors:3.2_M3 mirrors:uninative-2.9 mirrors:yocto-3.0.4 mirrors:zeus-22.0.4 mirrors:3.2_M2 mirrors:dunfell-23.0.2 mirrors:yocto-3.1.2 mirrors:3.2_M1 mirrors:yocto-3.1.1 mirrors:dunfell-23.0.1 mirrors:warrior-21.0.4 mirrors:yocto-2.7.4 mirrors:yocto-3.0.3 mirrors:zeus-22.0.3 mirrors:dunfell-23.0.0 mirrors:yocto-3.1 mirrors:3.1_M3 mirrors:yocto-2.7.3 mirrors:warrior-21.0.3 mirrors:uninative-2.8 mirrors:zeus-22.0.2 mirrors:yocto-3.0.2 mirrors:3.1_M2 mirrors:3.1_M1 mirrors:yocto-3.0.1 mirrors:zeus-22.0.1 mirrors:warrior-21.0.2 mirrors:yocto-2.7.2 mirrors:thud-20.0.4 mirrors:yocto-2.6.4 mirrors:yocto-3.0 mirrors:zeus-22.0.0 mirrors:uninative-2.7 mirrors:2.8_M3 mirrors:thud-20.0.3 mirrors:yocto-2.6.3 mirrors:2.8_M2 mirrors:warrior-21.0.1 mirrors:yocto-2.7.1 mirrors:uninative-2.6 mirrors:2.8_M1 mirrors:uninative-2.5 mirrors:warrior-21.0.0 mirrors:yocto-2.7 mirrors:yocto-2.5.3 mirrors:sumo-19.0.3 mirrors:thud-20.0.2 mirrors:yocto-2.6.2 mirrors:2.7_M3 mirrors:uninative-2.4 mirrors:2.7_M2 mirrors:thud-20.0.1 mirrors:yocto-2.6.1 mirrors:2.7_M1 mirrors:yocto-2.5.2 mirrors:sumo-19.0.2 mirrors:rocko-18.0.4 mirrors:yocto-2.4.4 mirrors:yocto-2.6 mirrors:thud-20.0.0 mirrors:uninative-2.3 mirrors:2.6_M3 mirrors:yocto-2.5.1 mirrors:sumo-19.0.1 mirrors:2.6_M2 mirrors:uninative-2.2 mirrors:morty-16.0.4 mirrors:yocto-2.2.4 mirrors:pyro-17.0.4 mirrors:yocto-2.3.4 mirrors:2.6_M1 mirrors:uninative-2.1 mirrors:rocko-18.0.3 mirrors:yocto-2.4.3 mirrors:uninative-2.0 mirrors:sumo-19.0.0 mirrors:yocto-2.5 mirrors:uninative-1.9 mirrors:2.5_M3 mirrors:rocko-18.0.2 mirrors:yocto-2.4.2 mirrors:uninative-1.8 mirrors:morty-16.0.3 mirrors:yocto-2.2.3 mirrors:2.5_M2 mirrors:2.5_M1 mirrors:yocto-2.4.1 mirrors:rocko-18.0.1 mirrors:pyro-17.0.3 mirrors:yocto-2.3.3 mirrors:yocto-2.4 mirrors:rocko-18.0.0 mirrors:pyro-17.0.2 mirrors:yocto-2.3.2 mirrors:morty-16.0.2 mirrors:yocto-2.2.2 mirrors:2.4_M3 mirrors:2.4_M2 mirrors:uninative-1.7 mirrors:yocto-2.3.1 mirrors:pyro-17.0.1 mirrors:krogoth-15.0.3 mirrors:yocto-2.1.3 mirrors:2.4_M1 mirrors:yocto-2.3 mirrors:pyro-17.0.0 mirrors:2.3_M3 mirrors:uninative-1.6 mirrors:uninative-1.5 mirrors:morty-16.0.1 mirrors:yocto-2.2.1 mirrors:2.3_M2 mirrors:2.3_M1 mirrors:jethro-14.0.3 mirrors:yocto-2.0.3 mirrors:yocto-2.1.2 mirrors:krogoth-15.0.2 mirrors:morty-16.0.0 mirrors:yocto-2.2 mirrors:uninative-1.4 mirrors:2.2_M3 mirrors:yocto-2.1.1 mirrors:krogoth-15.0.1 mirrors:uninative-1.3 mirrors:2.2_M1 mirrors:2.2_M2 mirrors:jethro-14.0.2 mirrors:yocto-2.0.2 mirrors:yocto-1.8.2 mirrors:fido-13.0.2 mirrors:uninative-1.0 mirrors:krogoth-15.0.0 mirrors:yocto-2.1 mirrors:jethro-14.0.1 mirrors:yocto-2.0.1 mirrors:2.1_M1 mirrors:yocto-2.0 mirrors:jethro-14.0.0 mirrors:dizzy-12.0.3 mirrors:yocto-1.7.3 mirrors:fido-13.0.1 mirrors:yocto-1.8.1 mirrors:1.9_M2 mirrors:yocto-1.9_M1 mirrors:daisy-11.0.3 mirrors:yocto-1.6.3 mirrors:dizzy-12.0.2 mirrors:yocto-1.7.2 mirrors:fido-13.0.0 mirrors:yocto-1.8 mirrors:1.7_M3 mirrors:1.8_M1 mirrors:1.8_M2 mirrors:1.8_M3 mirrors:yocto-1.7.1 mirrors:dizzy-12.0.1 mirrors:dora-10.0.4 mirrors:yocto-1.5.4 mirrors:daisy-11.0.2 mirrors:yocto-1.6.2 mirrors:dizzy-12.0.0 mirrors:yocto-1.7 mirrors:1.7_M1 mirrors:1.7_M2 mirrors:yocto-1.5.3 mirrors:dora-10.0.3 mirrors:daisy-11.0.1 mirrors:yocto-1.6.1 mirrors:dylan-9.0.4 mirrors:yocto-1.4.4 mirrors:yocto-1.5.2 mirrors:dora-10.0.2 mirrors:yocto-1.6 mirrors:daisy-11.0.0 mirrors:yocto-1.4.3 mirrors:dylan-9.0.3 mirrors:1.6_M4 mirrors:1.5_M5.rc1 mirrors:1.6_M3.final mirrors:1.6_M3 mirrors:1.6_M5 mirrors:1.6_M2 mirrors:1.3.1 mirrors:dora-10.0.1.final mirrors:dora-10.0.1 mirrors:yocto-1.5.1 mirrors:yocto-1.5.1.final mirrors:1.6_M1.final mirrors:1.6_M1 mirrors:dora-10.0.0.final mirrors:1.6_M1.rc1 mirrors:toaster-dora mirrors:toaster-dora-10.0.0 mirrors:poky-10.0.0.final mirrors:yocto-1.5.final mirrors:1.5_M5.rc8 mirrors:dora-10.0.0 mirrors:yocto-1.5 mirrors:1.5_M5.rc7 mirrors:1.5_M5.rc6 mirrors:1.5_M5.rc5 mirrors:1.5_M5.rc4 mirrors:1.5_M5.rc3 mirrors:1.5_M4.final mirrors:1.5_M4 mirrors:1.5_M5.rc2 mirrors:yocto-1.5_M5.rc2 mirrors:1.5_M4.rc3 mirrors:yocto-1.4.2 mirrors:dylan-9.0.2 mirrors:yocto-1.4.2.rc1 mirrors:dylan-9.0.2.rc1 mirrors:1.5_M4.rc2 mirrors:1.5_M4.rc1 mirrors:1.5_M3 mirrors:1.5_M3.final mirrors:1.5_M3.rc1 mirrors:1.5_M2.rc1 mirrors:yocto-1.4.1 mirrors:dylan-9.0.1 mirrors:1.5_M1.final mirrors:dylan-9.0.1.rc1 mirrors:1.4.1.rc1 mirrors:1.5_M1.rc1 mirrors:green-3.3.1 mirrors:green-3.3 mirrors:danny-8.0.2 mirrors:1.3.2 mirrors:1.3.2.final mirrors:dylan-9.0.0 mirrors:yocto-1.4 mirrors:danny-8.0.1 mirrors:1.4_M5.rc1 mirrors:1.4_M5.rc2 mirrors:1.4_M5.final mirrors:1.4_M5 mirrors:1.4_M5.rc3 mirrors:1.4_M6.rc1 mirrors:1.4_M4 mirrors:1.4_M4.final mirrors:1.4_M4.rc1 mirrors:1.4_M3 mirrors:1.4_M3.final mirrors:1.4_M3.rc2 mirrors:1.4_M3.rc1 mirrors:denzil-7.0.2 mirrors:danny-8.0 mirrors:1.4_M1 mirrors:1.4_M1.final mirrors:1.4_M1.rc1 mirrors:1.3 mirrors:1.3_M5.rc4 mirrors:1.3_M5.rc3 mirrors:1.3_M4.final mirrors:1.3_M4 mirrors:1.3_M5.rc2 mirrors:1.3_M5.rc1 mirrors:1.3_M5 mirrors:1.3_M4.rc1 mirrors:1.3_M3.final mirrors:1.3_M3 mirrors:1.3_M3.rc2 mirrors:1.3_M2.final mirrors:1.3_M2 mirrors:yocto-1.1.2 mirrors:edison-6.0.2 mirrors:denzil-7.0.1 mirrors:edison-6.0.2_rc1 mirrors:1.3_M2.rc1 mirrors:denzil-7.0.1_rc2 mirrors:1.3_M1.final mirrors:1.3_M1 mirrors:1.3_M1.rc1 mirrors:denzil-7.0 mirrors:yocto-1.2 mirrors:denzil-7.0.0 mirrors:1.2_M4 mirrors:1.2_M4.rc4.0 mirrors:1.2_M4.rc3.2 mirrors:1.2_M4.rc3.1 mirrors:1.2_M4.rc3 mirrors:1.2_M4.rc2 mirrors:1.2_M4.rc1 mirrors:1.2_M4.rc4 mirrors:edison-6.0.1.release mirrors:edison-6.0.1.final mirrors:yocto-1.1.1 mirrors:edison-6.0.1 mirrors:1.2_M3.final mirrors:1.2_M3 mirrors:1.2_M3.rc1 mirrors:1.2_M2.final mirrors:1.2_M2 mirrors:1.2_M2.rc1 mirrors:1.2_M1.final mirrors:1.2_M1 mirrors:bernard-5.0.2+docs mirrors:bernard-5.0.2 mirrors:1.2_M1.rc2 mirrors:1.2_M1.rc1 mirrors:1.1_M4.rc4 mirrors:edison-6.0 mirrors:yocto-1.1 mirrors:1.1_M4.rc3 mirrors:1.1_M4 mirrors:1.1_M4.rc2+ mirrors:1.1_M3.rc3 mirrors:1.1_M3.final mirrors:1.1_M3 mirrors:1.1_M3.rc2 mirrors:1.1_M2 mirrors:1.1_M2.final mirrors:1.1_M2.rc3 mirrors:1.1_M2.rc2 mirrors:1.1_M2.rc1 mirrors:1.1_M1.final mirrors:1.1_M1 mirrors:1.1_M1.rc2 mirrors:bernard-5.0.1 mirrors:1.1_M1.rc1 mirrors:yocto-1.0 mirrors:bernard-5.0 mirrors:bernard-5.0rc2 mirrors:bernard-1.0rc1 mirrors:bernard-5.0rc1 mirrors:bernard-5.0-alpha mirrors:laverne-4.0.1 mirrors:laverne-4.0 mirrors:purple-3.2.1 mirrors:purple-3.2 mirrors:inky-1.0 mirrors:clyde-2.0 mirrors:blinky-3.0 mirrors:pinky-3.1 mirrors:pinky-3.1.1 mirrors:pinky-3.1.2

2 Commits
walnascar- ... walnascar-

Author SHA1 Message Date
Daniel Turull
167f714a72 linux/cve-exclusion: Execute the script after changing to the new data source 
Execute new script generate-cve-exclusions.py
./generate-cve-exclusions.py ~/cvelistV5/ 6.12.19 > cve-exclusion_6.12.inc

After using the database from CVEproject, some old
CVEs did not have correct metadata, therefore moving missing ones
from old cve-exclusions_6.12.inc into cve-exclusion.inc

Comparing output from cve_check before and after, two CVEs are removed:
CVE-2023-52904 and CVE-2024-38381

(From OE-Core rev: 02a8d5d255397e85d32879b178dd6dd559a34a05)

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-04-23 19:50:57 +01:00
Daniel Turull
13f4119ccf linux/generate-cve-exclusions: use data from CVEProject 
The old script was relying on linuxkernelcves.com that was archived in
May 2024 when kernel.org became a CNA.

The new script reads CVE json files from the datadir that can be either
from the official kernel.org CNA [1] or CVEProject [2]

[1] https://git.kernel.org/pub/scm/linux/security/vulns.git
[2] https://github.com/CVEProject/cvelistV5

(From OE-Core rev: 96ef76d88851a5a397d9fc04e37baa285d9f4074)

Signed-off-by: Daniel Turull <daniel.turull@ericsson.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2025-04-23 19:50:57 +01:00
297 changed files with 6064 additions and 16218 deletions
Expand all files Collapse all files

2
bitbake/lib/bb/tests/fetch.py
View File

@@ -1453,7 +1453,7 @@ class FetchLatestVersionTest(FetcherTest):
# combination version pattern
("sysprof", "git://git.yoctoproject.org/sysprof.git;protocol=https;branch=master", "cd44ee6644c3641507fb53b8a2a69137f2971219", "", "")
: "1.2.0",
("u-boot-mkimage", "git://git.yoctoproject.org/bbfetchtests-u-boot.git;branch=master;protocol=https", "62c175fbb8a0f9a926c88294ea9f7e88eb898f6c", "", "")
("u-boot-mkimage", "git://source.denx.de/u-boot/u-boot.git;branch=master;protocol=https", "62c175fbb8a0f9a926c88294ea9f7e88eb898f6c", "", "")
: "2014.01",
# version pattern "yyyymmdd"
("mobile-broadband-provider-info", "git://git.yoctoproject.org/mobile-broadband-provider-info.git;protocol=https;branch=master", "4ed19e11c2975105b71b956440acdb25d46a347d", "", "")

17
bitbake/lib/bb/utils.py
View File

@@ -1876,15 +1876,6 @@ def path_is_descendant(descendant, ancestor):
return False
# Recomputing the sets in signal.py is expensive (bitbake -pP idle)
# so try and use _signal directly to avoid it
valid_signals = signal.valid_signals()
try:
import _signal
sigmask = _signal.pthread_sigmask
except ImportError:
sigmask = signal.pthread_sigmask
# If we don't have a timeout of some kind and a process/thread exits badly (for example
# OOM killed) and held a lock, we'd just hang in the lock futex forever. It is better
# we exit at some point than hang. 5 minutes with no progress means we're probably deadlocked.
@@ -1894,7 +1885,7 @@ except ImportError:
@contextmanager
def lock_timeout(lock):
try:
s = sigmask(signal.SIG_BLOCK, valid_signals)
s = signal.pthread_sigmask(signal.SIG_BLOCK, signal.valid_signals())
held = lock.acquire(timeout=5*60)
if not held:
bb.server.process.serverlog("Couldn't get the lock for 5 mins, timed out, exiting.\n%s" % traceback.format_stack())
@@ -1902,16 +1893,16 @@ def lock_timeout(lock):
yield held
finally:
lock.release()
sigmask(signal.SIG_SETMASK, s)
signal.pthread_sigmask(signal.SIG_SETMASK, s)
# A version of lock_timeout without the check that the lock was locked and a shorter timeout
@contextmanager
def lock_timeout_nocheck(lock):
try:
s = sigmask(signal.SIG_BLOCK, valid_signals)
s = signal.pthread_sigmask(signal.SIG_BLOCK, signal.valid_signals())
l = lock.acquire(timeout=10)
yield l
finally:
if l:
lock.release()
sigmask(signal.SIG_SETMASK, s)
signal.pthread_sigmask(signal.SIG_SETMASK, s)

2
bitbake/lib/toaster/tests/builds/buildtest.py
View File

@@ -128,7 +128,7 @@ class BuildTest(unittest.TestCase):
if os.environ.get("TOASTER_TEST_USE_SSTATE_MIRROR"):
ProjectVariable.objects.get_or_create(
name="SSTATE_MIRRORS",
value="file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH",
value="file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH",
project=project)
ProjectTarget.objects.create(project=project,

21
documentation/README
View File

@@ -406,22 +406,5 @@ both the Yocto Project and BitBake manuals:
Submitting documentation changes
================================
Please refer to our contributor guide here: https://docs.yoctoproject.org/contributor-guide/
for full details on how to submit changes.
As a quick guide, patches should be sent to docs@lists.yoctoproject.org
The git command to do that would be:
git send-email -M -1 --to docs@lists.yoctoproject.org
The 'To' header can be set as default for this repository:
git config sendemail.to docs@lists.yoctoproject.org
Now you can just do 'git send-email origin/master..' to send all local patches.
Read the other sections in this document and documentation/standards.md for
rules to follow when contributing to the documentation.
Git repository: https://git.yoctoproject.org/yocto-docs
Mailing list: docs@lists.yoctoproject.org
Please see the top level README file in this repository for details of where
to send patches.

13
documentation/brief-yoctoprojectqs/index.rst
View File

@@ -57,7 +57,7 @@ following requirements:
:ref:`dev-manual/start:preparing the build host`
section in the Yocto Project Development Tasks Manual.
- Ensure that the following utilities have these minimum version numbers:
-
- Git &MIN_GIT_VERSION; or greater
- tar &MIN_TAR_VERSION; or greater
@@ -65,7 +65,7 @@ following requirements:
- gcc &MIN_GCC_VERSION; or greater.
- GNU make &MIN_MAKE_VERSION; or greater
If your build host does not satisfy all of the above version
If your build host does not meet any of these three listed version
requirements, you can take steps to prepare the system so that you
can still use the Yocto Project. See the
:ref:`ref-manual/system-requirements:required git, tar, python, make and gcc versions`
@@ -76,10 +76,9 @@ Build Host Packages
You must install essential host packages on your build host. The
following command installs the host packages based on an Ubuntu
distribution:
distribution::
.. literalinclude:: ../tools/host_packages_scripts/ubuntu_essential.sh
:language: shell
$ sudo apt install &UBUNTU_DEBIAN_HOST_PACKAGES_ESSENTIAL;
.. note::
@@ -183,7 +182,7 @@ an entire Linux distribution, including the toolchain, from source.
page of the Yocto Project Wiki.
#. **Initialize the Build Environment:** From within the ``poky``
directory, run the :ref:`ref-manual/structure:``oe-init-build-env```
directory, run the :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``
environment
setup script to define Yocto Project's build environment on your
build host.
@@ -253,7 +252,7 @@ an entire Linux distribution, including the toolchain, from source.
file in the :term:`Build Directory`::
BB_HASHSERVE_UPSTREAM = "wss://hashserv.yoctoproject.org/ws"
SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
BB_HASHSERVE = "auto"
BB_SIGNATURE_HANDLER = "OEEquivHash"

54
documentation/bsp-guide/bsp.rst
View File

@@ -81,7 +81,7 @@ directory of that Layer. This directory is what you add to the
``conf/bblayers.conf`` file found in your
:term:`Build Directory`, which is
established after you run the OpenEmbedded build environment setup
script (i.e. :ref:`ref-manual/structure:``oe-init-build-env```).
script (i.e. :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``).
Adding the root directory allows the :term:`OpenEmbedded Build System`
to recognize the BSP
layer and from it build an image. Here is an example::
@@ -229,7 +229,7 @@ section.
#. *Initialize the Build Environment:* While in the root directory of
the Source Directory (i.e. ``poky``), run the
:ref:`ref-manual/structure:``oe-init-build-env``` environment
:ref:`ref-manual/structure:\`\`oe-init-build-env\`\`` environment
setup script to define the OpenEmbedded build environment on your
build host. ::
@@ -674,21 +674,21 @@ to the kernel recipe by using a similarly named append file, which is
located in the BSP Layer for your target device (e.g. the
``meta-bsp_root_name/recipes-kernel/linux`` directory).
Suppose you are using the ``linux-yocto_6.12.bb`` recipe to build the
Suppose you are using the ``linux-yocto_4.4.bb`` recipe to build the
kernel. In other words, you have selected the kernel in your
``"bsp_root_name".conf`` file by adding
:term:`PREFERRED_PROVIDER` and :term:`PREFERRED_VERSION`
statements as follows::
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
PREFERRED_VERSION_linux-yocto ?= "6.12%"
PREFERRED_VERSION_linux-yocto ?= "4.4%"
.. note::
When the preferred provider is assumed by default, the :term:`PREFERRED_PROVIDER`
statement does not appear in the ``"bsp_root_name".conf`` file.
You would use the ``linux-yocto_6.12.bbappend`` file to append specific
You would use the ``linux-yocto_4.4.bbappend`` file to append specific
BSP settings to the kernel, thus configuring the kernel for your
particular BSP.
@@ -698,19 +698,14 @@ in the Yocto Project Linux Kernel Development Manual.
An alternate scenario is when you create your own kernel recipe for the
BSP. A good example of this is the Raspberry Pi BSP. If you examine the
``recipes-kernel/linux`` directory in that layer you see the following
Raspberry Pi-specific recipes and associated files::
``recipes-kernel/linux`` directory you see the following::
files/
linux-raspberrypi_6.12.bb
linux-raspberrypi_6.1.bb
linux-raspberrypi_6.6.bb
linux-raspberrypi-dev.bb
linux-raspberrypi.inc
linux-raspberrypi-v7_6.12.bb
linux-raspberrypi-v7_6.1.bb
linux-raspberrypi-v7_6.6.bb
linux-raspberrypi-v7.inc
linux-raspberrypi_4.14.bb
linux-raspberrypi_4.9.bb
The directory contains three kernel recipes and a common include file.
Developing a Board Support Package (BSP)
========================================
@@ -1182,7 +1177,7 @@ Use these steps to create a BSP layer:
- *Create a Kernel Recipe:* Create a kernel recipe in
``recipes-kernel/linux`` by either using a kernel append file or a
new custom kernel recipe file (e.g. ``linux-yocto_6.12.bb``). The BSP
new custom kernel recipe file (e.g. ``linux-yocto_4.12.bb``). The BSP
layers mentioned in the previous step also contain different kernel
examples. See the ":ref:`kernel-dev/common:modifying an existing recipe`"
section in the Yocto Project Linux Kernel Development Manual for
@@ -1247,7 +1242,7 @@ located in :yocto_git:`poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
PREFERRED_PROVIDER_virtual/xserver ?= "xserver-xorg"
MACHINE_EXTRA_RRECOMMENDS = "kernel-modules"
MACHINE_EXTRA_RRECOMMENDS = "kernel-modules kernel-devicetree"
EXTRA_IMAGEDEPENDS += "virtual/bootloader"
@@ -1263,21 +1258,23 @@ located in :yocto_git:`poky/meta-yocto-bsp/conf/machine/beaglebone-yocto.conf
SERIAL_CONSOLES ?= "115200;ttyS0 115200;ttyO0 115200;ttyAMA0"
PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
PREFERRED_VERSION_linux-yocto ?= "6.12%"
PREFERRED_VERSION_linux-yocto ?= "6.1%"
KERNEL_IMAGETYPE = "zImage"
DTB_FILES = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
KERNEL_DEVICETREE = '${@' '.join('ti/omap/%s' % d for d in '${DTB_FILES}'.split())}'
KERNEL_DEVICETREE = "am335x-bone.dtb am335x-boneblack.dtb am335x-bonegreen.dtb"
KERNEL_EXTRA_ARGS += "LOADADDR=${UBOOT_ENTRYPOINT}"
PREFERRED_PROVIDER_virtual/bootloader ?= "u-boot"
SPL_BINARY = "MLO"
UBOOT_SUFFIX = "img"
UBOOT_MACHINE = "am335x_evm_defconfig"
UBOOT_ENTRYPOINT = "0x80008000"
UBOOT_LOADADDRESS = "0x80008000"
MACHINE_FEATURES = "usbgadget usbhost vfat alsa"
IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${DTB_FILES}"
IMAGE_BOOT_FILES ?= "u-boot.${UBOOT_SUFFIX} ${SPL_BINARY} ${KERNEL_IMAGETYPE} ${KERNEL_DEVICETREE}"
# support runqemu
EXTRA_IMAGEDEPENDS += "qemu-native qemu-helper-native"
@@ -1331,12 +1328,12 @@ Project Reference Manual.
needed in the root filesystem. In this case, the U-Boot recipe must
be built for the image.
At the end of the file, we also use this setting to implement
At the end of the file, we also use this setings to implement
``runqemu`` support on the host machine.
- :term:`DEFAULTTUNE`: Machines
use tunings to optimize machine, CPU, and application performance.
These features --- collectively known as "tuning features" ---
These features, which are collectively known as "tuning features",
are set in the :term:`OpenEmbedded-Core (OE-Core)` layer. In this
example, the default tuning file is :oe_git:`tune-cortexa8
</openembedded-core/tree/meta/conf/machine/include/arm/armv7a/tune-cortexa8.inc>`.
@@ -1366,7 +1363,8 @@ Project Reference Manual.
to create the sysroot when building a Wic image.
- :term:`SERIAL_CONSOLES`:
Defines one or more serial consoles (TTYs) to enable using getty.
Defines a serial console (TTY) to enable using getty. In this case,
the baud rate is "115200" and the device name is "ttyO0".
- :term:`PREFERRED_PROVIDER_virtual/kernel <PREFERRED_PROVIDER>`:
Specifies the recipe that provides "virtual/kernel" when more than
@@ -1376,7 +1374,7 @@ Project Reference Manual.
- :term:`PREFERRED_VERSION_linux-yocto <PREFERRED_VERSION>`:
Defines the version of the recipe used to build the kernel, which is
"6.12" in this case.
"6.1" in this case.
- :term:`KERNEL_IMAGETYPE`:
The type of kernel to build for the device. In this case, the
@@ -1418,6 +1416,12 @@ Project Reference Manual.
Specifies the value passed on the make command line when building
a U-Boot image.
- :term:`UBOOT_ENTRYPOINT`:
Specifies the entry point for the U-Boot image.
- :term:`UBOOT_LOADADDRESS`:
Specifies the load address for the U-Boot image.
- :term:`MACHINE_FEATURES`:
Specifies the list of hardware features the BeagleBone device is
capable of supporting. In this case, the device supports "usbgadget

19
documentation/conf.py
View File

@@ -13,7 +13,6 @@
# documentation root, use os.path.abspath to make it absolute, like shown here.
#
import os
import re
import sys
import datetime
try:
@@ -174,24 +173,6 @@ latex_elements = {
'preamble': '\\usepackage[UTF8]{ctex}\n\\setcounter{tocdepth}{2}',
}
from sphinx.search import SearchEnglish
from sphinx.search import languages
class DashFriendlySearchEnglish(SearchEnglish):
# Accept words that can include 'inner' hyphens or dots
_word_re = re.compile(r'[\w]+(?:[\.\-][\w]+)*')
js_splitter_code = r"""
function splitQuery(query) {
return query
.split(/[^\p{Letter}\p{Number}_\p{Emoji_Presentation}\-\.]+/gu)
.filter(term => term.length > 0);
}
"""
languages['en'] = DashFriendlySearchEnglish
# Make the EPUB builder prefer PNG to SVG because of issues rendering Inkscape SVG
from sphinx.builders.epub3 import Epub3Builder
Epub3Builder.supported_image_types = ['image/png', 'image/gif', 'image/jpeg']

32
documentation/contributor-guide/submit-changes.rst
View File

@@ -776,38 +776,6 @@ argument to ``git format-patch`` with a version number::
git format-patch -v2 <ref-branch>
After generating updated patches (v2, v3, and so on) via ``git
format-patch``, ideally developers will add a patch version changelog
to each patch that describes what has changed between each revision of
the patch. Add patch version changelogs after the ``---`` marker in the
patch, indicating that this information is part of this patch, but is not
suitable for inclusion in the commit message (i.e. the git history) itself.
Providing a patch version changelog makes it easier for maintainers and
reviewers to succinctly understand what changed in all versions of the
patch, without having to consult alternate sources of information, such as
searching through messages on a mailing list. For example::
<patch title>
<commit message>
<Signed-off-by/other trailers>
---
changes in v4:
- provide a clearer commit message
- fix spelling mistakes
changes in v3:
- replace func() to use other_func() instead
changes in v2:
- this patch was added in v2
---
<diffstat output>
<unified diff>
Lastly please ensure that you also test your revised changes. In particular
please don't just edit the patch file written out by ``git format-patch`` and
resend it.

2
documentation/dev-manual/debugging.rst
View File

@@ -36,7 +36,7 @@ section:
use the BitBake ``-e`` option to examine variable values after a
recipe has been parsed.
- ":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
- ":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
describes how to use the ``oe-pkgdata-util`` utility to query
:term:`PKGDATA_DIR` and
display package-related information for built packages.

2
documentation/dev-manual/devtool.rst
View File

@@ -552,7 +552,7 @@ the two modes:
This instance of VSCode uses plugins that are useful for the development
of the application. ``devtool ide-sdk`` generates the necessary
``extensions.json``, ``settings.json``, ``tasks.json`` and ``launch.json``
``extensions.json``, ``settings.json``, ``tasks.json``and ``launch.json``
configuration files for all the involved plugins.
When the source code folder present in the workspace folder is opened in

2
documentation/dev-manual/new-recipe.rst
View File

@@ -56,7 +56,7 @@ necessary when adding a recipe to build a new piece of software to be
included in a build.
You can find a complete description of the ``devtool add`` command in
the ":ref:`dev-manual/devtool:a closer look at ``devtool add```" section
the ":ref:`dev-manual/devtool:a closer look at \`\`devtool add\`\``" section
in the Yocto Project Application Development and the Extensible Software
Development Kit (eSDK) manual.

14
documentation/dev-manual/sbom.rst
View File

@@ -24,20 +24,12 @@ users can read in standardized format.
:term:`SBOM` information is also critical to performing vulnerability exposure
assessments, as all the components used in the Software Supply Chain are listed.
The OpenEmbedded build system doesn't generate such information by default,
though the :term:`Poky` reference distribution has it enabled out of the box.
To enable it, inherit the :ref:`ref-classes-create-spdx` class from a
configuration file::
The OpenEmbedded build system doesn't generate such information by default.
To make this happen, you must inherit the
:ref:`ref-classes-create-spdx` class from a configuration file::
INHERIT += "create-spdx"
In the :term:`Poky` reference distribution, :term:`SPDX` generation does
consume some build time resources and thus if needed it can be disabled from a
:term:`configuration file`::
INHERIT:remove = "create-spdx"
Upon building an image, you will then get:
- :term:`SPDX` output in JSON format as an ``IMAGE-MACHINE.spdx.json`` file in

13
documentation/dev-manual/start.rst
View File

@@ -228,12 +228,6 @@ particular working environment and set of practices.
used by developers in the same organization and share the same
source directories on their machines.
- Set up a local :ref:`overview-manual/concepts:Hash Equivalence` server.
See the :ref:`overview-manual/concepts:Hash Equivalence` section of the
Yocto Project Overview and Concepts Manual for more details on the hash
equivalence feature.
- Set up an Autobuilder and have it populate the sstate cache and
source directories.
@@ -549,7 +543,6 @@ your Yocto Project build host:
DISKPART> select vdisk file="<path_to_VHDX_file>"
DISKPART> attach vdisk readonly
DISKPART> compact vdisk
DISKPART> detach
DISKPART> exit
.. note::
@@ -865,9 +858,9 @@ Initializing the Build Environment
==================================
Before you can use Yocto you need to setup the build environment.
From within the ``poky`` directory, source the :ref:`ref-manual/structure:``oe-init-build-env``` environment
From within the ``poky`` directory, source the :ref:`ref-manual/structure:\`\`oe-init-build-env\`\`` environment
setup script to define Yocto Project's build environment on your build host::
$ source oe-init-build-env
$ source oe-init-build-env
Note, that this step will have to be repeated every time you open a new shell.

2
documentation/dev-manual/upgrading-recipes.rst
View File

@@ -333,7 +333,7 @@ Manually Upgrading a Recipe
If for some reason you choose not to upgrade recipes using
:ref:`dev-manual/upgrading-recipes:Using the Auto Upgrade Helper (AUH)` or
by :ref:`dev-manual/upgrading-recipes:Using ``devtool upgrade```,
by :ref:`dev-manual/upgrading-recipes:Using \`\`devtool upgrade\`\``,
you can manually edit the recipe files to upgrade the versions.
.. note::

14
documentation/kernel-dev/common.rst
View File

@@ -672,7 +672,7 @@ The steps in this procedure show you how you can patch the kernel using
Before attempting this procedure, be sure you have performed the
steps to get ready for updating the kernel as described in the
":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
section.
Patching the kernel involves changing or adding configurations to an
@@ -685,7 +685,7 @@ output at boot time through ``printk`` statements in the kernel's
``calibrate.c`` source code file. Applying the patch and booting the
modified image causes the added messages to appear on the emulator's
console. The example is a continuation of the setup procedure found in
the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Section.
the ":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``" Section.
#. *Check Out the Kernel Source Files:* First you must use ``devtool``
to checkout the kernel source code in its workspace.
@@ -693,7 +693,7 @@ the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Sectio
.. note::
See this step in the
":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
section for more information.
Use the following ``devtool`` command to check out the code::
@@ -804,7 +804,7 @@ the ":ref:`kernel-dev/common:getting ready to develop using ``devtool```" Sectio
.. note::
See Step 3 of the
":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
section for information on setting up this layer.
Once the command
@@ -1190,7 +1190,7 @@ appear in the ``.config`` file, which is in the :term:`Build Directory`.
For more information about where the ``.config`` file is located, see the
example in the
":ref:`kernel-dev/common:using ``menuconfig```"
":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
section.
It is simple to create a configuration fragment. One method is to use
@@ -1286,7 +1286,7 @@ when you override a policy configuration in a hardware configuration
fragment.
In order to run this task, you must have an existing ``.config`` file.
See the ":ref:`kernel-dev/common:using ``menuconfig```" section for
See the ":ref:`kernel-dev/common:using \`\`menuconfig\`\``" section for
information on how to create a configuration file.
Here is sample output from the :ref:`ref-tasks-kernel_configcheck` task:
@@ -1359,7 +1359,7 @@ and
tasks until they produce no warnings.
For more information on how to use the ``menuconfig`` tool, see the
:ref:`kernel-dev/common:using ``menuconfig``` section.
:ref:`kernel-dev/common:using \`\`menuconfig\`\`` section.
Fine-Tuning the Kernel Configuration File
-----------------------------------------

2
documentation/kernel-dev/intro.rst
View File

@@ -122,7 +122,7 @@ general information and references for further information.
Using ``devtool`` requires that you have a clean build
of the image. For
more information, see the
":ref:`kernel-dev/common:getting ready to develop using ``devtool```"
":ref:`kernel-dev/common:getting ready to develop using \`\`devtool\`\``"
section.
Using traditional kernel development requires that you have the

2
documentation/migration-guides/migration-3.2.rst
View File

@@ -166,7 +166,7 @@ be indicators of genuine underlying problems and are therefore now treated as
errors:
- :ref:`already-stripped <qa-check-already-stripped>`
- ``compile-host-path``
- :ref:`compile-host-path <qa-check-compile-host-path>`
- :ref:`installed-vs-shipped <qa-check-installed-vs-shipped>`
- :ref:`ldflags <qa-check-ldflags>`
- :ref:`pn-overrides <qa-check-pn-overrides>`

2
documentation/migration-guides/migration-5.2.rst
View File

@@ -83,7 +83,7 @@ systemd changes
files by starting them via
`Also <https://www.freedesktop.org/software/systemd/man/latest/systemd.unit.html#Also=>`__,
the other service files were automatically added to the :term:`FILES` variable of
the same package. Example:
the same package. Example:
a.service contains::

3
documentation/migration-guides/release-4.0.rst
View File

@@ -32,6 +32,3 @@ Release 4.0 (kirkstone)
release-notes-4.0.23
release-notes-4.0.24
release-notes-4.0.25
release-notes-4.0.26
release-notes-4.0.27
release-notes-4.0.28

3
documentation/migration-guides/release-5.0.rst
View File

@@ -15,6 +15,3 @@ Release 5.0 (scarthgap)
release-notes-5.0.6
release-notes-5.0.7
release-notes-5.0.8
release-notes-5.0.9
release-notes-5.0.10
release-notes-5.0.11

3
documentation/migration-guides/release-5.2.rst
View File

@@ -7,6 +7,3 @@ Release 5.2 (walnascar)
migration-5.2
release-notes-5.2
release-notes-5.2.1
release-notes-5.2.2

263
documentation/migration-guides/release-notes-4.0.26.rst
View File

@@ -1,263 +0,0 @@
Release notes for Yocto-4.0.26 (Kirkstone)
------------------------------------------
Security Fixes in Yocto-4.0.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- bind: Fix :cve_nist:`2024-11187` and :cve_nist:`2024-12705`
- binutils: Fix :cve_nist:`2025-0840`
- elfutils: Fix :cve_nist:`2025-1352` and :cve_nist:`2025-1372`
- ffmpeg: Fix CVE-2024-28661, :cve_nist:`2024-35369`, :cve_nist:`2024-36613`, :cve_nist:`2024-36616`,
:cve_nist:`2024-36617`, :cve_nist:`2024-36618`, :cve_nist:`2025-0518` and :cve_nist:`2025-25473`
- ffmpeg: Ignore :cve_nist:`2023-46407`, :cve_nist:`2023-47470`, :cve_nist:`2024-7272`,
:cve_nist:`2024-22860`, :cve_nist:`2024-22861` and :cve_nist:`2024-22862`
- freetype: Fix :cve_nist:`2025-27363`
- gnutls: Fix :cve_nist:`2024-12243`
- grub: Fix :cve_nist:`2024-45774`, :cve_nist:`2024-45775`, :cve_nist:`2024-45776`,
:cve_nist:`2024-45777`, :cve_nist:`2024-45778`, :cve_nist:`2024-45779`, :cve_nist:`2024-45780`,
:cve_nist:`2024-45781`, :cve_nist:`2024-45782`, :cve_nist:`2024-45783`, :cve_nist:`2024-56737`,
:cve_nist:`2025-0622`, :cve_nist:`2025-0624`, :cve_nist:`2025-0677`, :cve_nist:`2025-0684`,
:cve_nist:`2025-0685`, :cve_nist:`2025-0686`, :cve_nist:`2025-0689`, :cve_nist:`2025-0678`,
:cve_nist:`2025-0690`, :cve_nist:`2025-1118` and :cve_nist:`2025-1125`
- gstreamer1.0-rtsp-server: fix :cve_nist:`2024-44331`
- libarchive: Fix :cve_nist:`2025-25724`
- libarchive: Ignore :cve_nist:`2025-1632`
- libcap: Fix :cve_nist:`2025-1390`
- linux-yocto/5.10: Fix :cve_nist:`2024-36476`, :cve_nist:`2024-43098`, :cve_nist:`2024-47143`,
:cve_nist:`2024-48881`, :cve_nist:`2024-50051`, :cve_nist:`2024-50074`, :cve_nist:`2024-50082`,
:cve_nist:`2024-50083`, :cve_nist:`2024-50099`, :cve_nist:`2024-50115`, :cve_nist:`2024-50116`,
:cve_nist:`2024-50117`, :cve_nist:`2024-50142`, :cve_nist:`2024-50148`, :cve_nist:`2024-50150`,
:cve_nist:`2024-50151`, :cve_nist:`2024-50167`, :cve_nist:`2024-50168`, :cve_nist:`2024-50171`,
:cve_nist:`2024-50185`, :cve_nist:`2024-50192`, :cve_nist:`2024-50193`, :cve_nist:`2024-50194`,
:cve_nist:`2024-50195`, :cve_nist:`2024-50198`, :cve_nist:`2024-50201`, :cve_nist:`2024-50202`,
:cve_nist:`2024-50205`, :cve_nist:`2024-50208`, :cve_nist:`2024-50209`, :cve_nist:`2024-50229`,
:cve_nist:`2024-50230`, :cve_nist:`2024-50233`, :cve_nist:`2024-50234`, :cve_nist:`2024-50236`,
:cve_nist:`2024-50237`, :cve_nist:`2024-50251`, :cve_nist:`2024-50262`, :cve_nist:`2024-50264`,
:cve_nist:`2024-50265`, :cve_nist:`2024-50267`, :cve_nist:`2024-50268`, :cve_nist:`2024-50269`,
:cve_nist:`2024-50273`, :cve_nist:`2024-50278`, :cve_nist:`2024-50279`, :cve_nist:`2024-50282`,
:cve_nist:`2024-50287`, :cve_nist:`2024-50292`, :cve_nist:`2024-50296`, :cve_nist:`2024-50299`,
:cve_nist:`2024-50301`, :cve_nist:`2024-50302`, :cve_nist:`2024-53042`, :cve_nist:`2024-53052`,
:cve_nist:`2024-53057`, :cve_nist:`2024-53059`, :cve_nist:`2024-53060`, :cve_nist:`2024-53061`,
:cve_nist:`2024-53063`, :cve_nist:`2024-53066`, :cve_nist:`2024-53096`, :cve_nist:`2024-53097`,
:cve_nist:`2024-53101`, :cve_nist:`2024-53103`, :cve_nist:`2024-53104`, :cve_nist:`2024-53145`,
:cve_nist:`2024-53146`, :cve_nist:`2024-53150`, :cve_nist:`2024-53155`, :cve_nist:`2024-53156`,
:cve_nist:`2024-53157`, :cve_nist:`2024-53161`, :cve_nist:`2024-53165`, :cve_nist:`2024-53171`,
:cve_nist:`2024-53173`, :cve_nist:`2024-53174`, :cve_nist:`2024-53194`, :cve_nist:`2024-53197`,
:cve_nist:`2024-53217`, :cve_nist:`2024-53226`, :cve_nist:`2024-53227`, :cve_nist:`2024-53237`,
:cve_nist:`2024-53239`, :cve_nist:`2024-55916`, :cve_nist:`2024-56548`, :cve_nist:`2024-56558`,
:cve_nist:`2024-56567`, :cve_nist:`2024-56568`, :cve_nist:`2024-56569`, :cve_nist:`2024-56572`,
:cve_nist:`2024-56574`, :cve_nist:`2024-56581`, :cve_nist:`2024-56587`, :cve_nist:`2024-56593`,
:cve_nist:`2024-56595`, :cve_nist:`2024-56596`, :cve_nist:`2024-56598`, :cve_nist:`2024-56600`,
:cve_nist:`2024-56601`, :cve_nist:`2024-56602`, :cve_nist:`2024-56603`, :cve_nist:`2024-56605`,
:cve_nist:`2024-56606`, :cve_nist:`2024-56615`, :cve_nist:`2024-56619`, :cve_nist:`2024-56623`,
:cve_nist:`2024-56629`, :cve_nist:`2024-56634`, :cve_nist:`2024-56642`, :cve_nist:`2024-56643`,
:cve_nist:`2024-56648`, :cve_nist:`2024-56650`, :cve_nist:`2024-56659`, :cve_nist:`2024-56662`,
:cve_nist:`2024-56670`, :cve_nist:`2024-56688`, :cve_nist:`2024-56698`, :cve_nist:`2024-56704`,
:cve_nist:`2024-56716`, :cve_nist:`2024-56720`, :cve_nist:`2024-56723`, :cve_nist:`2024-56724`,
:cve_nist:`2024-56728`, :cve_nist:`2024-56739`, :cve_nist:`2024-56746`, :cve_nist:`2024-56747`,
:cve_nist:`2024-56748`, :cve_nist:`2024-56754`, :cve_nist:`2024-56756`, :cve_nist:`2024-56770`,
:cve_nist:`2024-56779`, :cve_nist:`2024-56780`, :cve_nist:`2024-56781`, :cve_nist:`2024-56785`,
:cve_nist:`2024-57802`, :cve_nist:`2024-57807`, :cve_nist:`2024-57850`, :cve_nist:`2024-57874`,
:cve_nist:`2024-57890`, :cve_nist:`2024-57896`, :cve_nist:`2024-57900`, :cve_nist:`2024-57901`,
:cve_nist:`2024-57902`, :cve_nist:`2024-57910`, :cve_nist:`2024-57911`, :cve_nist:`2024-57913`,
:cve_nist:`2024-57922`, :cve_nist:`2024-57938`, :cve_nist:`2024-57939`, :cve_nist:`2024-57946`,
:cve_nist:`2024-57951`, :cve_nist:`2025-21638`, :cve_nist:`2025-21687`, :cve_nist:`2025-21689`,
:cve_nist:`2025-21692`, :cve_nist:`2025-21694`, :cve_nist:`2025-21697` and :cve_nist:`2025-21699`
- linux-yocto/5.15: Fix :cve_nist:`2024-57979`, :cve_nist:`2024-58034`, :cve_nist:`2024-58052`,
:cve_nist:`2024-58055`, :cve_nist:`2024-58058`, :cve_nist:`2024-58063`, :cve_nist:`2024-58069`,
:cve_nist:`2024-58071`, :cve_nist:`2024-58076`, :cve_nist:`2024-58083`, :cve_nist:`2025-21700`,
:cve_nist:`2025-21703`, :cve_nist:`2025-21715`, :cve_nist:`2025-21722`, :cve_nist:`2025-21727`,
:cve_nist:`2025-21731`, :cve_nist:`2025-21753`, :cve_nist:`2025-21756`, :cve_nist:`2025-21760`,
:cve_nist:`2025-21761`, :cve_nist:`2025-21762`, :cve_nist:`2025-21763`, :cve_nist:`2025-21764`,
:cve_nist:`2025-21796`, :cve_nist:`2025-21811`, :cve_nist:`2025-21887`, :cve_nist:`2025-21898`,
:cve_nist:`2025-21904`, :cve_nist:`2025-21905`, :cve_nist:`2025-21912`, :cve_nist:`2025-21917`,
:cve_nist:`2025-21919`, :cve_nist:`2025-21920`, :cve_nist:`2025-21922`, :cve_nist:`2025-21934`,
:cve_nist:`2025-21943`, :cve_nist:`2025-21948` and :cve_nist:`2025-21951`
- libpcre2: Ignore :cve_nist:`2022-1586`
- libtasn1: Fix :cve_nist:`2024-12133`
- libxml2: Fix :cve_nist:`2022-49043`, :cve_nist:`2024-56171`, :cve_nist:`2025-24928` and
:cve_nist:`2025-27113`
- libxslt: Fix :cve_nist:`2024-55549` and :cve_nist:`2025-24855`
- llvm: Fix :cve_nist:`2024-0151`
- mpg123: Fix :cve_nist:`2024-10573`
- openssh: Fix :cve_nist:`2025-26465`
- ovmf: Revert Fix for CVE-2023-45236 :cve_nist:`2023-45237`
- perl: Ignore :cve_nist:`2023-47038`
- puzzles: Ignore :cve_nist:`2024-13769`, :cve_nist:`2024-13770` and :cve_nist:`2025-0837`
- python3: Fix :cve_nist:`2025-0938`
- ruby: Fix :cve_nist:`2024-41946`, :cve_nist:`2025-27219` and :cve_nist:`2025-27220`
- subversion: Ignore :cve_nist:`2024-45720`
- systemd: Fix :cve_nist:`2022-3821`, :cve_nist:`2022-4415`, :cve_nist:`2022-45873` and
:cve_nist:`2023-7008`
- tiff: mark :cve_nist:`2023-30774` as patched with existing patch
- u-boot: Fix :cve_nist:`2022-2347`, :cve_nist:`2022-30767`, :cve_nist:`2022-30790`,
:cve_nist:`2024-57254`, :cve_nist:`2024-57255`, :cve_nist:`2024-57256`, :cve_nist:`2024-57257`,
:cve_nist:`2024-57258` and :cve_nist:`2024-57259`
- vim: Fix :cve_nist:`2025-1215`, :cve_nist:`2025-22134`, :cve_nist:`2025-24014`,
:cve_nist:`2025-26603`, :cve_nist:`2025-27423` and :cve_nist:`2025-29768`
- xserver-xorg: Fix :cve_nist:`2022-49737`, :cve_nist:`2025-26594`, :cve_nist:`2025-26595`,
:cve_nist:`2025-26596`, :cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`,
:cve_nist:`2025-26600` and :cve_nist:`2025-26601`
- xwayland: Fix :cve_nist:`2022-49737`, :cve_nist:`2024-9632`, :cve_nist:`2024-21885`,
:cve_nist:`2024-21886`, :cve_nist:`2024-31080`, :cve_nist:`2024-31081`, :cve_nist:`2024-31083`,
:cve_nist:`2025-26594`, :cve_nist:`2025-26595`, :cve_nist:`2025-26596`, :cve_nist:`2025-26597`,
:cve_nist:`2025-26598`, :cve_nist:`2025-26599`, :cve_nist:`2025-26600` and :cve_nist:`2025-26601`
- zlib: Fix :cve_nist:`2014-9485`
Fixes in Yocto-4.0.26
~~~~~~~~~~~~~~~~~~~~~
- bind: Upgrade to 9.18.33
- bitbake: cache: bump cache version
- bitbake: siggen.py: Improve taskhash reproducibility
- boost: fix do_fetch error
- build-appliance-image: Update to kirkstone head revision
- contributor-guide/submit-changes: add policy on AI generated code
- cve-update-nvd2-native: handle missing vulnStatus
- docs: Add favicon for the documentation html
- docs: Remove all mention of core-image-lsb
- libtasn1: upgrade to 4.20.0
- libxcrypt-compat: Remove libcrypt.so to fix conflict with libcrypt
- libxml2: fix compilation of explicit child axis in pattern
- linux-yocto/5.10: update to v5.10.234
- linux-yocto/5.15: update to v5.15.179
- mesa: Fix missing GLES3 headers in SDK sysroot
- mesa: Update :term:`SRC_URI`
- meta: Enable '-o pipefail' for the SDK installer
- migration-guides: add release notes for 4.0.25
- poky.conf: add ubuntu2404 to :term:`SANITY_TESTED_DISTROS`
- poky.conf: bump version for 4.0.26
- procps: replaced one use of fputs(3) with a write(2) call
- ref-manual: don't refer to poky-lsb
- scripts/install-buildtools: Update to 4.0.24
- scritps/runqemu: Ensure we only have two serial ports
- systemd: upgrade to 250.14
- tzcode-native: Fix compiler setting from 2023d version
- tzcode: Update :term:`SRC_URI`
- tzdata/tzcode-native: upgrade 2025a
- vim: Upgrade to 9.1.1198
- virglrenderer: fix do_fetch error
- vulnerabilities/classes: remove references to cve-check text format
- xz: Update :term:`SRC_URI`
- yocto-uninative: Update to 4.7 for glibc 2.41
Known Issues in Yocto-4.0.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-4.0.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to the following people who contributed to this release:
- Aleksandar Nikolic
- Alessio Cascone
- Antonin Godard
- Archana Polampalli
- Ashish Sharma
- Bruce Ashfield
- Carlos Dominguez
- Deepesh Varatharajan
- Divya Chellam
- Guocai He
- Hitendra Prajapati
- Hongxu Jia
- Jiaying Song
- Johannes Kauffmann
- Kai Kang
- Lee Chee Yang
- Libo Chen
- Marta Rybczynska
- Michael Halstead
- Mingli Yu
- Moritz Haase
- Narpat Mali
- Paulo Neves
- Peter Marko
- Priyal Doshi
- Richard Purdie
- Robert Yang
- Ross Burton
- Sakib Sajal
- Steve Sakoman
- Vijay Anusuri
- Yogita Urade
- Zhang Peng
Repositories / Downloads for Yocto-4.0.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.26 </poky/log/?h=yocto-4.0.26>`
- Git Revision: :yocto_git:`d70d287a77d5026b698ac237ab865b2dafd36bb8 </poky/commit/?id=d70d287a77d5026b698ac237ab865b2dafd36bb8>`
- Release Artefact: poky-d70d287a77d5026b698ac237ab865b2dafd36bb8
- sha: 3ebfadb8bff4c1ca12b3cf3e4ef6e3ac2ce52b73570266daa98436c9959249f2
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/poky-d70d287a77d5026b698ac237ab865b2dafd36bb8.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/poky-d70d287a77d5026b698ac237ab865b2dafd36bb8.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
- Tag: :oe_git:`yocto-4.0.26 </openembedded-core/log/?h=yocto-4.0.26>`
- Git Revision: :oe_git:`1efbe1004bc82e7c14c1e8bd4ce644f5015c3346 </openembedded-core/commit/?id=1efbe1004bc82e7c14c1e8bd4ce644f5015c3346>`
- Release Artefact: oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346
- sha: d3805e034dabd0865dbf55488b2c16d4ea0351d37aa826f0054a6bfdde5a8be9
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/oecore-1efbe1004bc82e7c14c1e8bd4ce644f5015c3346.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.26 </meta-mingw/log/?h=yocto-4.0.26>`
- Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
- Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
- sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
meta-gplv2
- Repository Location: :yocto_git:`/meta-gplv2`
- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.26 </meta-gplv2/log/?h=yocto-4.0.26>`
- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
- Tag: :oe_git:`yocto-4.0.26 </bitbake/log/?h=yocto-4.0.26>`
- Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
- Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
- sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.26/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.26/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.26 </yocto-docs/log/?h=yocto-4.0.26>`
- Git Revision: :yocto_git:`9b4c36f7b02dd4bedfec90206744a1e90e37733c </yocto-docs/commit/?id=9b4c36f7b02dd4bedfec90206744a1e90e37733c>`

153
documentation/migration-guides/release-notes-4.0.27.rst
View File

@@ -1,153 +0,0 @@
Release notes for Yocto-4.0.27 (Kirkstone)
------------------------------------------
Security Fixes in Yocto-4.0.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- binutils: Fix :cve_nist:`2025-1178`
- busybox: fix :cve_nist:`2023-39810`
- connman :fix :cve_nist:`2025-32743`
- curl: Ignore :cve_nist:`2025-0725`
- ghostscript: Fix :cve_nist:`2025-27830`, :cve_nist:`2025-27831`, :cve_nist:`2025-27832`,
:cve_nist:`2025-27834`, :cve_nist:`2025-27835` and :cve_nist:`2025-27836`
- ghostscript: Ignore :cve_nist:`2024-29507`, :cve_nist:`2025-27833` and :cve_nist:`2025-27837`
- glib-2.0: Fix :cve_nist:`2025-3360`
- go: Fix :cve_nist:`2025-22871`
- libarchive: Ignore :cve_nist:`2024-48615`
- libpam: Fix :cve_nist:`2024-10041`
- libsoup-2.4: Fix :cve_nist:`2024-52532`, :cve_nist:`2025-32906` and :cve_nist:`2025-32909`
- libsoup: Fix :cve_nist:`2024-52532`, :cve_nist:`2025-32906`, :cve_nist:`2025-32909`,
:cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`
and :cve_nist:`2025-32914`
- libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
- ofono: Fix :cve_nist:`2024-7537`
- perl: Fix :cve_nist:`2024-56406`
- ppp: Fix :cve_nist:`2024-58250`
- python3-setuptools: Fix :cve_nist:`2024-6345`
- qemu: Ignore :cve_nist:`2023-1386`
- ruby: Fix :cve_nist:`2024-43398`
- sqlite3: Fix :cve_nist:`2025-29088`
- systemd: Ignore :cve_nist:`2022-3821`, :cve_nist:`2022-4415` and :cve_nist:`2022-45873`
Fixes in Yocto-4.0.27
~~~~~~~~~~~~~~~~~~~~~
- Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
- build-appliance-image: Update to kirkstone head revision
- cve-update-nvd2-native: add workaround for json5 style list
- docs: Fix dead links that use the :term:`DISTRO` macro
- docs: manuals: remove repeated word
- docs: poky.yaml: introduce DISTRO_LATEST_TAG
- glibc: Add single-threaded fast path to rand()
- glibc: stable 2.35 branch updates
- module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
- perl: enable _GNU_SOURCE define via d_gnulibc
- poky.conf: bump version for 4.0.27
- ref-manual/variables.rst: document autotools class related variables
- scripts/install-buildtools: Update to 4.0.26
- systemd: backport patch to fix journal issue
- systemd: systemd-journald fails to setup LogNamespace
- tzdata/tzcode-native: upgrade to 2025b
Known Issues in Yocto-4.0.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-4.0.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Aleksandar Nikolic
- Alexander Kanavin
- Alon Bar-Lev
- Andrew Kreimer
- Antonin Godard
- Chen Qi
- Deepesh Varatharajan
- Divya Chellam
- Haitao Liu
- Haixiao Yan
- Hitendra Prajapati
- Peter Marko
- Praveen Kumar
- Priyal Doshi
- Shubham Kulkarni
- Soumya Sambu
- Steve Sakoman
- Vijay Anusuri
- Yogita Urade
Repositories / Downloads for Yocto-4.0.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.27 </poky/log/?h=yocto-4.0.27>`
- Git Revision: :yocto_git:`ab9a994a8cd8e06b519a693db444030999d273b7 </poky/commit/?id=ab9a994a8cd8e06b519a693db444030999d273b7>`
- Release Artefact: poky-ab9a994a8cd8e06b519a693db444030999d273b7
- sha: 77a366c17cf29eef15c6ff3f44e73f81c07288c723fd4a6dbd8c7ee9b79933f3
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/poky-ab9a994a8cd8e06b519a693db444030999d273b7.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/poky-ab9a994a8cd8e06b519a693db444030999d273b7.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
- Tag: :oe_git:`yocto-4.0.27 </openembedded-core/log/?h=yocto-4.0.27>`
- Git Revision: :oe_git:`e8be08a624b2d024715a5c8b0c37f2345a02336b </openembedded-core/commit/?id=e8be08a624b2d024715a5c8b0c37f2345a02336b>`
- Release Artefact: oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b
- sha: cc5b0fadab021c6dc61f37fc4ff01a1cf657e7c219488ce264bede42f7f6212f
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/oecore-e8be08a624b2d024715a5c8b0c37f2345a02336b.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.27 </meta-mingw/log/?h=yocto-4.0.27>`
- Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
- Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
- sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
meta-gplv2
- Repository Location: :yocto_git:`/meta-gplv2`
- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.27 </meta-gplv2/log/?h=yocto-4.0.27>`
- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
- Tag: :oe_git:`yocto-4.0.27 </bitbake/log/?h=yocto-4.0.27>`
- Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
- Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
- sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.27/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.27/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.27 </yocto-docs/log/?h=yocto-4.0.27>`
- Git Revision: :yocto_git:`0d51e553d5f83eea6634e03ddc9c7740bf72fcea </yocto-docs/commit/?id=0d51e553d5f83eea6634e03ddc9c7740bf72fcea>`

224
documentation/migration-guides/release-notes-4.0.28.rst
View File

@@ -1,224 +0,0 @@
Release notes for Yocto-4.0.28 (Kirkstone)
------------------------------------------
Security Fixes in Yocto-4.0.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- binutils: Fix :cve_nist:`2025-1180`, :cve_nist:`2025-1182`, :cve_nist:`2025-5244` and
:cve_nist:`2025-5245`
- connman: Fix :cve_nist:`2025-32366`
- ffmpeg: Fix :cve_nist:`2025-1373`, :cve_nist:`2025-22919` and :cve_nist:`2025-22921`
- ffmpeg: Ignore :cve_nist:`2022-48434`
- ghostscript: Fix :cve_nist:`2025-48708`
- git: Fix :cve_nist:`2024-50349` and :cve_nist:`2024-52006`
- glib-2.0: Fix :cve_nist:`2025-4373`
- glibc: Fix for :cve_nist:`2025-4802`
- go: Fix :cve_nist:`2025-4673`
- go: ignore :cve_nist:`2024-3566`
- icu: Fix :cve_nist:`2025-5222`
- iputils: Fix :cve_nist:`2025-47268`
- libsoup-2.4: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4476`, :cve_nist:`2025-4948`,
:cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32052`, :cve_nist:`2025-32053`,
:cve_nist:`2025-32907`, :cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`,
:cve_nist:`2025-32913`, :cve_nist:`2025-32914`, :cve_nist:`2025-46420` and :cve_nist:`2025-46421`
- libsoup: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4476`, :cve_nist:`2025-4948`,
:cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32051`, :cve_nist:`2025-32052`,
:cve_nist:`2025-32053`, :cve_nist:`2025-32907`, :cve_nist:`2025-46420` and :cve_nist:`2025-46421`
- linux-yocto/5.15: Fix :cve_nist:`2024-26952`, :cve_nist:`2025-21941`, :cve_nist:`2025-21957`,
:cve_nist:`2025-21959`, :cve_nist:`2025-21962`, :cve_nist:`2025-21963`, :cve_nist:`2025-21964`,
:cve_nist:`2025-21968`, :cve_nist:`2025-21996`, :cve_nist:`2025-22018`, :cve_nist:`2025-22020`,
:cve_nist:`2025-22035`, :cve_nist:`2025-22054`, :cve_nist:`2025-22056`, :cve_nist:`2025-22063`,
:cve_nist:`2025-22066`, :cve_nist:`2025-22081`, :cve_nist:`2025-22097`, :cve_nist:`2025-23136`,
:cve_nist:`2025-37785`, :cve_nist:`2025-37803`, :cve_nist:`2025-37805`, :cve_nist:`2025-38152`,
:cve_nist:`2025-39728` and :cve_nist:`2025-39735`
- net-tools: Fix :cve_nist:`2025-46836`
- openssh: Fix :cve_nist:`2025-32728`
- python3: Fix :cve_nist:`2024-12718`, :cve_nist:`2025-0938`, :cve_nist:`2025-4138`,
:cve_nist:`2025-4330`, :cve_nist:`2025-4435`, :cve_nist:`2025-4516` and :cve_nist:`2025-4517`
- python3-requests: Fix :cve_nist:`2024-47081`
- python3-setuptools: Fix :cve_nist:`2025-47273`
- ruby: Fix :cve_nist:`2025-27221`
- screen: Fix :cve_nist:`2025-46802`, :cve_nist:`2025-46804` and :cve_nist:`2025-46805`
- taglib: Fix :cve_nist:`2023-47466`
Fixes in Yocto-4.0.28
~~~~~~~~~~~~~~~~~~~~~
- babeltrace/libatomic-ops: correct the :term:`SRC_URI`
- brief-yoctoprojectqs/ref-manual: Switch to new CDN
- bsp guide: update kernel version example to 6.12
- bsp-guide: update lonely "4.12" kernel reference to "6.12"
- build-appliance-image: Update to kirkstone head revision
- cmake: Correctly handle cost data of tests with arbitrary chars in name
- conf.py: tweak SearchEnglish to be hyphen-friendly
- contributor-guide/submit-changes: encourage patch version changelogs
- dev-manual/sbom.rst: fix wrong build outputs
- docs: Clean up explanation of minimum required version numbers
- docs: README: specify how to contribute instead of pointing at another file
- docs: conf.py: silence SyntaxWarning on js_splitter_code
- e2fsprogs: removed 'sed -u' option
- ffmpeg: Add "libswresample libavcodec" to :term:`CVE_PRODUCT`
- ffmpeg: upgrade to 5.0.3
- gcc: AArch64 - Fix strict-align cpymem/setmem
- glibc: nptl Fix indentation
- glibc: nptl Remove unnecessary catch-all-wake in condvar group switch
- glibc: nptl Remove unnecessary quadruple check in pthread_cond_wait
- glibc: nptl Update comments and indentation for new condvar implementation
- glibc: nptl Use a single loop in pthread_cond_wait instaed of a nested loop
- glibc: nptl Use all of g1_start and g_signals
- glibc: nptl rename __condvar_quiesce_and_switch_g1
- glibc: pthreads NPTL lost wakeup fix 2
- kernel.bbclass: add original package name to :term:`RPROVIDES` for -image and -base
- libpng: Improve ptest
- linux-yocto/5.15: update to v5.15.184
- migration-guides: add release notes for 4.0.26 and 4.0.27
- nfs-utils: don't use signals to shut down nfs server.
- poky.conf: bump version for 4.0.28
- python3: upgrade to 3.10.18
- ref-manual/release-process: update releases.svg
- ref-manual/variables.rst: document :term:`INHIBIT_DEFAULT_RUST_DEPS`
:term:`INHIBIT_UPDATERCD_BBCLASS` :term:`SSTATE_SKIP_CREATION` :term:`WIC_CREATE_EXTRA_ARGS`
:term:`IMAGE_ROOTFS_MAXSIZE` :term:`INITRAMFS_MAXSIZE`
- ref-manual: clarify :term:`KCONFIG_MODE` default behaviour
- ref-manual: classes: nativesdk: move note to appropriate section
- ref-manual: classes: reword to clarify that native/nativesdk options are exclusive
- ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
- scripts/install-buildtools: Update to 4.0.27
- sphinx-lint: role missing opening tag colon
- sphinx-lint: trailing whitespace
- sphinx-lint: unbalanced inline literal markup
- sysstat: correct the :term:`SRC_URI`
- systemtap: add sysroot Python paths to configure flags
- test-manual/intro: remove Buildbot version used
- util-linux: Add fix to isolate test fstab entries using CUSTOM_FSTAB
- xz: Update :term:`LICENSE` variable for xz packages
Known Issues in Yocto-4.0.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-4.0.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Aditya Tayade
- Adrian Freihofer
- Aleksandar Nikolic
- Alper Ak
- Antonin Godard
- Archana Polampalli
- Ashish Sharma
- Bruce Ashfield
- Carlos Sánchez de La Lama
- Changqing Li
- Christos Gavros
- Colin Pinnell McAllister
- Deepesh Varatharajan
- Divya Chellam
- Enrico Jörns
- Etienne Cordonnier
- Guocai He
- Harish Sadineni
- Hitendra Prajapati
- Jiaying Song
- Lee Chee Yang
- Martin Jansa
- Moritz Haase
- NeilBrown
- Peter Marko
- Poonam Jadhav
- Praveen Kumar
- Quentin Schulz
- Richard Purdie
- Robert P. J. Day
- Soumya Sambu
- Steve Sakoman
- Sundeep KOKKONDA
- Sunil Dora
- Trevor Woerner
- Vijay Anusuri
- Virendra Thakur
- Yi Zhao
- aszh07
Repositories / Downloads for Yocto-4.0.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.28 </poky/log/?h=yocto-4.0.28>`
- Git Revision: :yocto_git:`78c9cb3eaf071932567835742608404d5ce23cc4 </poky/commit/?id=78c9cb3eaf071932567835742608404d5ce23cc4>`
- Release Artefact: poky-78c9cb3eaf071932567835742608404d5ce23cc4
- sha: 9c73c6f89e70c2041a52851e5cc582e5a2f05ad2fdc110d2c518f2c4994e8de3
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/poky-78c9cb3eaf071932567835742608404d5ce23cc4.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/poky-78c9cb3eaf071932567835742608404d5ce23cc4.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
- Tag: :oe_git:`yocto-4.0.28 </openembedded-core/log/?h=yocto-4.0.28>`
- Git Revision: :oe_git:`75e54301c5076eb0454aee33c870adf078f563fd </openembedded-core/commit/?id=75e54301c5076eb0454aee33c870adf078f563fd>`
- Release Artefact: oecore-75e54301c5076eb0454aee33c870adf078f563fd
- sha: c5ffceab90881c4041ec4304da8b7b32d9c1f89a4c63ee7b8cbd53c796b0187b
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/oecore-75e54301c5076eb0454aee33c870adf078f563fd.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/oecore-75e54301c5076eb0454aee33c870adf078f563fd.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.28 </meta-mingw/log/?h=yocto-4.0.28>`
- Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e </meta-mingw/commit/?id=87c22abb1f11be430caf4372e6b833dc7d77564e>`
- Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e
- sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2
meta-gplv2
- Repository Location: :yocto_git:`/meta-gplv2`
- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.28 </meta-gplv2/log/?h=yocto-4.0.28>`
- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
- Tag: :oe_git:`yocto-4.0.28 </bitbake/log/?h=yocto-4.0.28>`
- Git Revision: :oe_git:`046871d9fd76efdca7b72718b328d8f545523f7e </bitbake/commit/?id=046871d9fd76efdca7b72718b328d8f545523f7e>`
- Release Artefact: bitbake-046871d9fd76efdca7b72718b328d8f545523f7e
- sha: e9df0a9f5921b583b539188d66b23f120e1751000e7822e76c3391d5c76ee21a
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.28/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-4.0.28/bitbake-046871d9fd76efdca7b72718b328d8f545523f7e.tar.bz2
meta-yocto
- Repository Location: :yocto_git:`/meta-yocto`
- Branch: :yocto_git:`kirkstone </meta-yocto/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.28 </meta-yocto/log/?h=yocto-4.0.28>`
- Git Revision: :yocto_git:`0bf3dcef1caa80fb047bf9c3514314ab658e30ea </meta-yocto/commit/?id=0bf3dcef1caa80fb047bf9c3514314ab658e30ea>`
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
- Tag: :yocto_git:`yocto-4.0.28 </yocto-docs/log/?h=yocto-4.0.28>`
- Git Revision: :yocto_git:`97cd3ee7f3bf1de8454708d1852ea9cdbd45c39b </yocto-docs/commit/?id=97cd3ee7f3bf1de8454708d1852ea9cdbd45c39b>`

2
documentation/migration-guides/release-notes-4.3.rst
View File

@@ -295,7 +295,7 @@ New Features / Enhancements in 4.3
- Generation of :term:`SPDX` manifests is now enabled by default.
- Git based recipes in OE-Core which used the ``git`` protocol have been
changed to use ``https`` where possible, as it is typically faster and
changed to use `https`` where possible, as it is typically faster and
more reliable.
- The ``os-release`` recipe added a ``CPE_NAME`` to the fields provided, with the

208
documentation/migration-guides/release-notes-5.0.10.rst
View File

@@ -1,208 +0,0 @@
.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
Release notes for Yocto-5.0.10 (Scarthgap)
------------------------------------------
Security Fixes in Yocto-5.0.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- binutils: Fix :cve_nist:`2025-1153`, :cve_nist:`2025-1179`, :cve_nist:`2025-1180` and
:cve_nist:`2025-1182`
- connman: Fix :cve_nist:`2025-32366` and :cve_nist:`2025-32743`
- curl: Fix :cve_nist:`2024-11053` and :cve_nist:`2025-0167`
- elfutils: Fix :cve_nist:`2025-1371`
- ffmpeg: Fix :cve_nist:`2024-7055`, :cve_nist:`2024-32230`, :cve_nist:`2024-35366`,
:cve_nist:`2024-36613`, :cve_nist:`2024-36616`, :cve_nist:`2024-36617` and :cve_nist:`2024-36619`
- git: Fix :cve_nist:`2024-50349` and :cve_nist:`2024-52006`
- glib-2.0: fix :cve_nist:`2025-3360` and :cve_nist:`2025-4373`
- iputils: Fix :cve_nist:`2025-47268`
- libpam: Fix :cve_nist:`2024-10041`
- libsoup-2.4: Fix :cve_nist:`2024-52530`, :cve_nist:`2024-52531`, :cve_nist:`2024-52532`,
:cve_nist:`2025-32906`, :cve_nist:`2025-32909`, :cve_nist:`2025-32910`, :cve_nist:`2025-32911`,
:cve_nist:`2025-32912`, :cve_nist:`2025-32913`, :cve_nist:`2025-32914` and :cve_nist:`2025-46420`
- libsoup: Fix :cve_nist:`2025-4476`, :cve_nist:`2025-32906`, :cve_nist:`2025-32909`,
:cve_nist:`2025-32910`, :cve_nist:`2025-32911`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`,
:cve_nist:`2025-32914` and :cve_nist:`2025-46420`
- libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
- openssh: Fix :cve_nist:`2025-32728`
- perl: Fix :cve_nist:`2024-56406`
- ppp: Fix :cve_nist:`2024-58250`
- python3-jinja2: Fix :cve_nist:`2024-56201`, :cve_nist:`2024-56326` and :cve_nist:`2025-27516`
- ruby: Fix :cve_nist:`2025-27221`
- sqlite3: Fix :cve_nist:`2025-3277`, :cve_nist:`2025-29087` and :cve_nist:`2025-29088`
Fixes in Yocto-5.0.10
~~~~~~~~~~~~~~~~~~~~~
- binutils: stable 2.42 branch updates
- bluez5: add missing tools to noinst-tools package
- bluez5: backport a patch to fix btmgmt -i
- bluez5: make media control a :term:`PACKAGECONFIG` option
- build-appliance-image: Update to scarthgap head revision
- buildtools-tarball: Make buildtools respects host CA certificates
- buildtools-tarball: add envvars into :term:`BB_ENV_PASSTHROUGH_ADDITIONS`
- buildtools-tarball: move setting of envvars to respective envfile
- contributor-guide/submit-changes: encourage patch version changelogs
- cve-check.bbclass: Fix symlink handling also for text files
- cve-update-nvd2-native: Revert "cve-update-nvd2-native: Tweak to work better with NFS DL_DIR"
- dev-manual/sbom.rst: fix wrong build outputs
- docs: Fix dead links that use the :term:`DISTRO` macro
- docs: conf.py: tweak SearchEnglish to be hyphen-friendly
- docs:conf.py: define a manpage url
- ffmpeg: upgrade to 6.1.2
- git: upgrade to 2.44.3
- glibc-y2038-tests: remove glibc-y2038-tests_2.39.bb recipe
- glibc: Add single-threaded fast path to rand()
- glibc: stable 2.39 branch updates
- initscripts: add function log_success_msg/log_failure_msg/log_warning_msg
- libatomic-ops: Update :term:`GITHUB_BASE_URI`
- manuals: remove repeated word
- migration-guides: add release notes for 4.0.26, 5.0.8, 5.0.9
- module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
- perl: upgrade to 5.38.4
- perlcross: upgrade to 1.6.2
- poky.conf: bump version for 5.0.10
- poky.yaml: introduce DISTRO_LATEST_TAG
- python3-jinja2: upgrade to 3.1.6
- ref-manual/release-process: update releases.svg
- ref-manual/variables.rst: HOST_CC_ARCH: fix wrong SDK reference
- ref-manual/variables.rst: WATCHDOG_TIMEOUT: fix recipe name
- ref-manual/variables.rst: add manpage links for toolchain variables
- ref-manual/variables.rst: add missing documentation for BUILD_* variables
- ref-manual/variables.rst: document HOST_*_ARCH variables
- ref-manual/variables.rst: document :term:`INHIBIT_DEFAULT_RUST_DEPS`
- ref-manual/variables.rst: document :term:`INHIBIT_UPDATERCD_BBCLASS`
- ref-manual/variables.rst: document :term:`SSTATE_SKIP_CREATION`
- ref-manual/variables.rst: document :term:`WIC_CREATE_EXTRA_ARGS`
- ref-manual/variables.rst: document autotools class related variables
- ref-manual/variables.rst: document missing SDK_*_ARCH variables
- ref-manual/variables.rst: document the :term:`IMAGE_ROOTFS_MAXSIZE` variable
- ref-manual/variables.rst: document the :term:`INITRAMFS_MAXSIZE` variable
- ref-manual/variables.rst: improve the :term:`PKGV` documentation
- ref-manual/variables.rst: update :term:`ROOT_HOME` documentation
- ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
- scripts/install-buildtools: Update to 5.0.9
- sphinx-lint: missing space after literal
- sphinx-lint: trailing whitespace
- sphinx-lint: unbalanced inline literal markup
- systemd: Password agents shouldn't be optional
- systemd: upgrade to 255.18
- test-manual/intro: remove Buildbot version used
- tzdata/tzcode-native: upgrade 2025a -> 2025b
- u-boot: ensure keys are generated before assembling U-Boot FIT image
- util-linux: Add fix to isolate test fstab entries using CUSTOM_FSTAB
- wic: bootimg-efi: Support + symbol in filenames
Known Issues in Yocto-5.0.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- There is an issue where the target libsoup-2.4 build may fail if apachectl is present on the build
host. The issue only affects test binaries which aren't actually used. The issue can be fixed by
disabling the tests or updating to more recent changes on the scarthgap branch which fix this.
Contributors to Yocto-5.0.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to the following people who contributed to this release:
- Adrian Freihofer
- Aleksandar Nikolic
- Alexander Kanavin
- Alon Bar-Lev
- Alper Ak
- Andrew Kreimer
- Antonin Godard
- Archana Polampalli
- Ashish Sharma
- Changqing Li
- Christos Gavros
- Deepesh Varatharajan
- Divya Chellam
- Divyanshu Rathore
- Enrico Jörns
- Etienne Cordonnier
- Guðni Már Gilbert
- Haixiao Yan
- Harish Sadineni
- Igor Opaniuk
- Jeroen Hofstee
- Lee Chee Yang
- Nguyen Dat Tho
- Niko Mauno
- Peter Marko
- Praveen Kumar
- Priyal Doshi
- Rogerio Guerra Borin
- Shubham Kulkarni
- Soumya Sambu
- Steve Sakoman
- Sunil Dora
- Trevor Woerner
- Vijay Anusuri
- Virendra Thakur
- Vyacheslav Yurkov
- Yi Zhao
- Yogita Urade
- rajmohan r
Repositories / Downloads for Yocto-5.0.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.10 </poky/log/?h=yocto-5.0.10>`
- Git Revision: :yocto_git:`ac257900c33754957b2696529682029d997a8f28 </poky/commit/?id=ac257900c33754957b2696529682029d997a8f28>`
- Release Artefact: poky-ac257900c33754957b2696529682029d997a8f28
- sha: ddca7e54b331e78214bea65b346320d4fbcddf4b51103bfbbd9fc3960f32cdc7
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/poky-ac257900c33754957b2696529682029d997a8f28.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/poky-ac257900c33754957b2696529682029d997a8f28.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
- Tag: :oe_git:`yocto-5.0.10 </openembedded-core/log/?h=yocto-5.0.10>`
- Git Revision: :oe_git:`d5342ffc570d47a723b18297d75bd2f63c2088db </openembedded-core/commit/?id=d5342ffc570d47a723b18297d75bd2f63c2088db>`
- Release Artefact: oecore-d5342ffc570d47a723b18297d75bd2f63c2088db
- sha: daa62094f2327f4b3fbcc485e8964d1b86a4722f58fb37e0d8e8e9885094a262
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/oecore-d5342ffc570d47a723b18297d75bd2f63c2088db.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/oecore-d5342ffc570d47a723b18297d75bd2f63c2088db.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.10 </meta-mingw/log/?h=yocto-5.0.10>`
- Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
- Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
- sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
- Tag: :oe_git:`yocto-5.0.10 </bitbake/log/?h=yocto-5.0.10>`
- Git Revision: :oe_git:`696c2c1ef095f8b11c7d2eff36fae50f58c62e5e </bitbake/commit/?id=696c2c1ef095f8b11c7d2eff36fae50f58c62e5e>`
- Release Artefact: bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e
- sha: fc83f879cd6dd14b9b7eba0161fec23ecc191fed0fb00556ba729dceef6c145f
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.10/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.10/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.10 </yocto-docs/log/?h=yocto-5.0.10>`
- Git Revision: :yocto_git:`3996388e337377bedc113d072a51fe9d68dd40c6 </yocto-docs/commit/?id=3996388e337377bedc113d072a51fe9d68dd40c6>`

219
documentation/migration-guides/release-notes-5.0.11.rst
View File

@@ -1,219 +0,0 @@
.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
Release notes for Yocto-5.0.11 (Scarthgap)
------------------------------------------
Security Fixes in Yocto-5.0.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- binutils: Fix :cve_nist:`2025-5244` and :cve_nist:`2025-5245`
- busybox: Fix :cve_nist:`2022-48174`
- coreutils: Fix :cve_nist:`2025-5278`
- curl: Ignore :cve_nist:`2025-5025` if :term:`PACKAGECONFIG` set with openssl
- ffmpeg: Fix :cve_nist:`2025-1373`
- glibc: fix :cve_nist:`2025-4802` and :cve_nist:`2025-5702`
- gnupg: Fix :cve_nist:`2025-30258`
- go: Fix :cve_nist:`2025-4673`
- go: Ignore :cve_nist:`2024-3566`
- icu: Fix :cve_nist:`2025-5222`
- kea: Fix :cve_nist:`2025-32801`, :cve_nist:`2025-32802` and :cve_nist:`2025-32803`
- libarchive: fix :cve_nist:`2025-5914`, :cve_nist:`2025-5915`, :cve_nist:`2025-5916`,
:cve_nist:`2025-5917` and :cve_nist:`2025-5918`
- libsoup-2.4: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4476`, :cve_nist:`2025-4945`,
:cve_nist:`2025-4948`, :cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32052`,
:cve_nist:`2025-32053`, :cve_nist:`2025-32907` and :cve_nist:`2025-46421`
- libsoup-3.4: Fix :cve_nist:`2025-2784`, :cve_nist:`2025-4945`, :cve_nist:`2025-4948`,
:cve_nist:`2025-4969`, :cve_nist:`2025-32050`, :cve_nist:`2025-32051`, :cve_nist:`2025-32052`,
:cve_nist:`2025-32053`, :cve_nist:`2025-32907`, :cve_nist:`2025-32908` and :cve_nist:`2025-46421`
- libxml2: Fix :cve_nist:`2025-6021`
- linux-yocto-6.6: Fix :cve_nist:`2025-21995`, :cve_nist:`2025-21996`, :cve_nist:`2025-21997`,
:cve_nist:`2025-21999`, :cve_nist:`2025-22001`, :cve_nist:`2025-22003`, :cve_nist:`2025-22004`,
:cve_nist:`2025-22005`, :cve_nist:`2025-22007`, :cve_nist:`2025-22009`, :cve_nist:`2025-22010`,
:cve_nist:`2025-22014`, :cve_nist:`2025-22018`, :cve_nist:`2025-22020`, :cve_nist:`2025-22027`,
:cve_nist:`2025-22033`, :cve_nist:`2025-22035`, :cve_nist:`2025-22038`, :cve_nist:`2025-22040`,
:cve_nist:`2025-22041`, :cve_nist:`2025-22054`, :cve_nist:`2025-22056`, :cve_nist:`2025-22063`,
:cve_nist:`2025-22066`, :cve_nist:`2025-22080`, :cve_nist:`2025-22081`, :cve_nist:`2025-22088`,
:cve_nist:`2025-22097`, :cve_nist:`2025-23136`, :cve_nist:`2025-37785`, :cve_nist:`2025-37800`,
:cve_nist:`2025-37801`, :cve_nist:`2025-37803`, :cve_nist:`2025-37805`, :cve_nist:`2025-37838`,
:cve_nist:`2025-37893`, :cve_nist:`2025-38152`, :cve_nist:`2025-39728` and :cve_nist:`2025-39735`
- net-tools: Fix :cve_nist:`2025-46836`
- python3-setuptools: Fix :cve_nist:`2025-47273`
- python3-requests: fix :cve_nist:`2024-47081`
- python3-urllib3: Fix :cve_nist:`2025-50181`
- python3: Fix CVE 2024-12718 CVE 2025-4138 CVE 2025-4330 CVE 2025-4435 :cve_nist:`2025-4516` CVE
2025-4517
- screen: fix :cve_nist:`2025-46802`, :cve_nist:`2025-46804` and :cve_nist:`2025-46805`
- sudo: Fix :cve_nist:`2025-32462`
- xwayland: Fix :cve_nist:`2025-49175`, :cve_nist:`2025-49176`, :cve_nist:`2025-49177`,
:cve_nist:`2025-49178`, :cve_nist:`2025-49179` and :cve_nist:`2025-49180`
Fixes in Yocto-5.0.11
~~~~~~~~~~~~~~~~~~~~~
- bitbake: ast: Change deferred inherits to happen per recipe
- bitbake: fetch2: Avoid deprecation warning
- bitbake: gcp.py: remove slow calls to gsutil stat
- bitbake: toaster/tests/buildtest: Switch to new CDN
- brief-yoctoprojectqs/ref-manual: Switch to new CDN
- bsp-guide: update kernel version example to 6.12
- bsp-guide: update all of section 1.8.2 to reflect current beaglebone conf file
- bsp-guide: update lonely "4.12" kernel reference to "6.12"
- build-appliance-image: Update to scarthgap head revision
- cmake: Correctly handle cost data of tests with arbitrary chars in name
- conf.py: improve SearchEnglish to handle terms with dots
- docs: Clean up explanation of minimum required version numbers
- docs: README: specify how to contribute instead of pointing at another file
- docs: conf.py: silence SyntaxWarning on js_splitter_code
- gcc: Upgrade to GCC 13.4
- ghostscript: upgrade to 10.05.1
- glibc: stable 2.39 branch updates (06a70769fd...)
- gnupg: update to 2.4.8
- gtk+: add missing libdrm dependency
- kea: upgrade to 2.4.2
- libpng: Add ptest
- libsoup-2.4: fix do_compile failure
- linux-yocto/6.6: fix beaglebone ethernet
- linux-yocto/6.6: update to v6.6.96
- local.conf.sample: Switch to new CDN
- ltp: backport patch to fix compilation error for x86_64
- migration-guides: add release notes for 4.0.27, 4.0.28, 5.0.10
- minicom: correct the :term:`SRC_URI`
- nfs-utils: don't use signals to shut down nfs server.
- overview-manual/concepts.rst: fix sayhello hardcoded bindir
- overview-manual: small number of pedantic cleanups
- package: export debugsources in :term:`PKGDESTWORK` as json
- poky.conf: bump version for 5.0.11
- python3-requests: upgrade to 2.32.4
- python3: upgrade to 3.12.11
- ref-manual: clarify :term:`KCONFIG_MODE` default behaviour
- ref-manual: classes: nativesdk: move note to appropriate section
- ref-manual: classes: reword to clarify that native/nativesdk options are exclusive
- ref-manual: document :term:`KERNEL_SPLIT_MODULES` variable
- scripts/install-buildtools: Update to 5.0.10
- spdx: add option to include only compiled sources
- sstatetests: Switch to new CDN
- systemd: Rename systemd_v255.21 to systemd_255.21
- systemd: upgrade to 255.21
- tcf-agent: correct the :term:`SRC_URI`
- testimage: get real os-release file
- tune-cortexr52: Remove aarch64 for ARM Cortex-R52
- uboot: Allow for customizing installed/deployed file names
Known Issues in Yocto-5.0.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-5.0.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to the following people who contributed to this release:
- Aleksandar Nikolic
- Andrew Fernandes
- Antonin Godard
- Archana Polampalli
- Ashish Sharma
- Bruce Ashfield
- Carlos Sánchez de La Lama
- Changqing Li
- Chen Qi
- Colin Pinnell McAllister
- Daniel Turull
- Deepesh Varatharajan
- Divya Chellam
- Dixit Parmar
- Enrico Jörns
- Etienne Cordonnier
- Guocai He
- Guðni Már Gilbert
- Hitendra Prajapati
- Jiaying Song
- Lee Chee Yang
- Moritz Haase
- NeilBrown
- Peter Marko
- Poonam Jadhav
- Praveen Kumar
- Preeti Sachan
- Quentin Schulz
- Richard Purdie
- Robert P. J. Day
- Roland Kovacs
- Ryan Eatmon
- Sandeep Gundlupet Raju
- Savvas Etairidis
- Steve Sakoman
- Victor Giraud
- Vijay Anusuri
- Virendra Thakur
- Wang Mingyu
- Yogita Urade
Repositories / Downloads for Yocto-5.0.11
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.11 </poky/log/?h=yocto-5.0.11>`
- Git Revision: :yocto_git:`ae2d52758fc2fcb0ed996aa234430464ebf4b310 </poky/commit/?id=ae2d52758fc2fcb0ed996aa234430464ebf4b310>`
- Release Artefact: poky-ae2d52758fc2fcb0ed996aa234430464ebf4b310
- sha: 48dec434dd51e5c9c626abdccc334da300fa2b4975137d526f5df6703e5a930e
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/poky-ae2d52758fc2fcb0ed996aa234430464ebf4b310.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/poky-ae2d52758fc2fcb0ed996aa234430464ebf4b310.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
- Tag: :oe_git:`yocto-5.0.11 </openembedded-core/log/?h=yocto-5.0.11>`
- Git Revision: :oe_git:`7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b </openembedded-core/commit/?id=7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b>`
- Release Artefact: oecore-7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b
- sha: fb50992a28298915fe195e327628d6d5872fd2dbc74189c2d840178cd860bb2e
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/oecore-7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/oecore-7a59dc5ee6edd9596e87c2fbcd1f2594c06b3d1b.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.11 </meta-mingw/log/?h=yocto-5.0.11>`
- Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
- Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
- sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
- Tag: :oe_git:`yocto-5.0.11 </bitbake/log/?h=yocto-5.0.11>`
- Git Revision: :oe_git:`139f61fe9eec221745184a14b3618d2dfa650b91 </bitbake/commit/?id=139f61fe9eec221745184a14b3618d2dfa650b91>`
- Release Artefact: bitbake-139f61fe9eec221745184a14b3618d2dfa650b91
- sha: 86669d4220c50d35c0703f151571954ad9c6285cc91a870afbb878d2e555d2ca
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.11/bitbake-139f61fe9eec221745184a14b3618d2dfa650b91.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.11/bitbake-139f61fe9eec221745184a14b3618d2dfa650b91.tar.bz2
meta-yocto
- Repository Location: :yocto_git:`/meta-yocto`
- Branch: :yocto_git:`scarthgap </meta-yocto/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.11 </meta-yocto/log/?h=yocto-5.0.11>`
- Git Revision: :yocto_git:`50e5c0d85d3775ac1294bdcd7f11deaa382c9d08 </meta-yocto/commit/?id=50e5c0d85d3775ac1294bdcd7f11deaa382c9d08>`
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.11 </yocto-docs/log/?h=yocto-5.0.11>`
- Git Revision: :yocto_git:`3f88cb85cca8f9128cfaab36882c4563457b03d9 </yocto-docs/commit/?id=3f88cb85cca8f9128cfaab36882c4563457b03d9>`

206
documentation/migration-guides/release-notes-5.0.9.rst
View File

@@ -1,206 +0,0 @@
.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
Release notes for Yocto-5.0.9 (Scarthgap)
-----------------------------------------
Security Fixes in Yocto-5.0.9
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- binutils: Fix :cve_nist:`2024-57360`, :cve_nist:`2025-1176`, :cve_nist:`2025-1178` and
:cve_nist:`2025-1181`
- expat: Fix :cve_nist:`2024-8176`
- freetype: Fix :cve_nist:`2025-27363`
- ghostscript: Fix :cve_nist:`2025-27830`, :cve_nist:`2025-27831`, :cve_nist:`2025-27832`,
:cve_nist:`2025-27833`, :cve_nist:`2025-27833`, :cve_nist:`2025-27834`, :cve_nist:`2025-27835`
and :cve_nist:`2025-27836`
- go: fix :cve_nist:`2025-22870` and :cve_nist:`2025-22871`
- grub: Fix :cve_nist:`2024-45781`, :cve_nist:`2024-45774`, :cve_nist:`2024-45775`,
:cve_nist:`2024-45776`, :cve_nist:`2024-45777`, :cve_nist:`2024-45778`, :cve_nist:`2024-45779`,
:cve_nist:`2024-45780`, :cve_nist:`2024-45782`, :cve_nist:`2024-45783`, :cve_nist:`2024-56737`,
:cve_nist:`2025-0622`, :cve_nist:`2025-0624`, :cve_nist:`2025-0677`, :cve_nist:`2025-0678`,
:cve_nist:`2025-0684`, :cve_nist:`2025-0685`, :cve_nist:`2025-0686`, :cve_nist:`2025-0689`,
:cve_nist:`2025-0690`, :cve_nist:`2025-1118` and :cve_nist:`2025-1125`
- libarchive: Fix :cve_nist:`2024-20696`, :cve_nist:`2024-48957`, :cve_nist:`2024-48958`,
:cve_nist:`2025-1632` and :cve_nist:`2025-25724`
- libxslt: Fix :cve_nist:`2024-24855` and :cve_nist:`2024-55549`
- linux-yocto/6.6: Fix :cve_nist:`2024-54458`, :cve_nist:`2024-57834`, :cve_nist:`2024-57973`,
:cve_nist:`2024-57978`, :cve_nist:`2024-57979`, :cve_nist:`2024-57980`, :cve_nist:`2024-57981`,
:cve_nist:`2024-57984`, :cve_nist:`2024-57996`, :cve_nist:`2024-57997`, :cve_nist:`2024-58002`,
:cve_nist:`2024-58005`, :cve_nist:`2024-58007`, :cve_nist:`2024-58010`, :cve_nist:`2024-58011`,
:cve_nist:`2024-58013`, :cve_nist:`2024-58017`, :cve_nist:`2024-58020`, :cve_nist:`2024-58034`,
:cve_nist:`2024-58052`, :cve_nist:`2024-58055`, :cve_nist:`2024-58058`, :cve_nist:`2024-58063`,
:cve_nist:`2024-58068`, :cve_nist:`2024-58069`, :cve_nist:`2024-58070`, :cve_nist:`2024-58071`,
:cve_nist:`2024-58076`, :cve_nist:`2024-58080`, :cve_nist:`2024-58083`, :cve_nist:`2024-58088`,
:cve_nist:`2025-21700`, :cve_nist:`2025-21703`, :cve_nist:`2025-21707`, :cve_nist:`2025-21711`,
:cve_nist:`2025-21715`, :cve_nist:`2025-21716`, :cve_nist:`2025-21718`, :cve_nist:`2025-21726`,
:cve_nist:`2025-21727`, :cve_nist:`2025-21731`, :cve_nist:`2025-21735`, :cve_nist:`2025-21736`,
:cve_nist:`2025-21741`, :cve_nist:`2025-21742`, :cve_nist:`2025-21743`, :cve_nist:`2025-21744`,
:cve_nist:`2025-21745`, :cve_nist:`2025-21748`, :cve_nist:`2025-21749`, :cve_nist:`2025-21753`,
:cve_nist:`2025-21756`, :cve_nist:`2025-21759`, :cve_nist:`2025-21760`, :cve_nist:`2025-21761`,
:cve_nist:`2025-21762`, :cve_nist:`2025-21763`, :cve_nist:`2025-21764`, :cve_nist:`2025-21773`,
:cve_nist:`2025-21775`, :cve_nist:`2025-21776`, :cve_nist:`2025-21779`, :cve_nist:`2025-21780`,
:cve_nist:`2025-21782`, :cve_nist:`2025-21783`, :cve_nist:`2025-21785`, :cve_nist:`2025-21787`,
:cve_nist:`2025-21789`, :cve_nist:`2025-21790`, :cve_nist:`2025-21791`, :cve_nist:`2025-21792`,
:cve_nist:`2025-21793`, :cve_nist:`2025-21796`, :cve_nist:`2025-21811`, :cve_nist:`2025-21812`,
:cve_nist:`2025-21814`, :cve_nist:`2025-21820`, :cve_nist:`2025-21844`, :cve_nist:`2025-21846`,
:cve_nist:`2025-21847`, :cve_nist:`2025-21848`, :cve_nist:`2025-21853`, :cve_nist:`2025-21854`,
:cve_nist:`2025-21855`, :cve_nist:`2025-21856`, :cve_nist:`2025-21857`, :cve_nist:`2025-21858`,
:cve_nist:`2025-21859`, :cve_nist:`2025-21862`, :cve_nist:`2025-21863`, :cve_nist:`2025-21864`,
:cve_nist:`2025-21865`, :cve_nist:`2025-21866`, :cve_nist:`2025-21867`, :cve_nist:`2025-21887`,
:cve_nist:`2025-21891`, :cve_nist:`2025-21898`, :cve_nist:`2025-21904`, :cve_nist:`2025-21905`,
:cve_nist:`2025-21908`, :cve_nist:`2025-21912`, :cve_nist:`2025-21915`, :cve_nist:`2025-21917`,
:cve_nist:`2025-21918`, :cve_nist:`2025-21919`, :cve_nist:`2025-21920`, :cve_nist:`2025-21922`,
:cve_nist:`2025-21928`, :cve_nist:`2025-21934`, :cve_nist:`2025-21936`, :cve_nist:`2025-21937`,
:cve_nist:`2025-21941`, :cve_nist:`2025-21943`, :cve_nist:`2025-21945`, :cve_nist:`2025-21947`,
:cve_nist:`2025-21948`, :cve_nist:`2025-21951`, :cve_nist:`2025-21957`, :cve_nist:`2025-21959`,
:cve_nist:`2025-21962`, :cve_nist:`2025-21963`, :cve_nist:`2025-21964`, :cve_nist:`2025-21966`,
:cve_nist:`2025-21967`, :cve_nist:`2025-21968`, :cve_nist:`2025-21969`, :cve_nist:`2025-21979`,
:cve_nist:`2025-21980`, :cve_nist:`2025-21981`, :cve_nist:`2025-21991` and :cve_nist:`2025-21993`
- mpg123: Fix :cve_nist:`2024-10573`
- ofono: Fix :cve_nist:`2024-7537`
- openssh: Fix :cve_nist:`2025-26465`
- puzzles: Ignore :cve_nist:`2024-13769`, :cve_nist:`2024-13770` and :cve_nist:`2025-0837`
- qemu: Ignore :cve_nist:`2023-1386`
- ruby: Fix :cve_nist:`2025-27219` and :cve_nist:`2025-27220`
- rust-cross-canadian: Ignore :cve_nist:`2024-43402`
- vim: Fix :cve_nist:`2025-1215`, :cve_nist:`2025-26603`, :cve_nist:`2025-27423` and
:cve_nist:`2025-29768`
- xserver-xorg: Fix :cve_nist:`2025-26594`, :cve_nist:`2025-26595`, :cve_nist:`2025-26596`,
:cve_nist:`2025-26597`, :cve_nist:`2025-26598`, :cve_nist:`2025-26599`, :cve_nist:`2025-26600`
and :cve_nist:`2025-26601`
- xz: Fix :cve_nist:`2025-31115`
Fixes in Yocto-5.0.9
~~~~~~~~~~~~~~~~~~~~
- babeltrace2: extend to nativesdk
- babeltrace: extend to nativesdk
- bitbake: event/utils: Avoid deadlock from lock_timeout() and recursive events
- bitbake: utils: Add signal blocking for lock_timeout
- bitbake: utils: Print information about lock issue before exiting
- bitbake: utils: Tweak lock_timeout logic
- build-appliance-image: Update to scarthgap head revision
- cve-check.bbclass: Mitigate symlink related error
- cve-update-nvd2-native: add workaround for json5 style list
- cve-update-nvd2-native: handle missing vulnStatus
- gcc: remove paths to sysroot from configargs.h and checksum-options for gcc-cross-canadian
- gcc: unify cleanup of include-fixed, apply to cross-canadian
- ghostscript: upgrade to 10.05.0
- grub: backport strlcpy function
- grub: drop obsolete CVE statuses
- icu: Adjust ICU_DATA_DIR path on big endian targets
- kernel-arch: add macro-prefix-map in KERNEL_CC
- libarchive: upgrade to 3.7.9
- libxslt: upgrade to 1.1.43
- linux-yocto/6.6: update to v6.6.84
- mc: set ac_cv_path_ZIP to avoid buildpaths QA issues
- mpg123: upgrade to 1.32.10
- nativesdk-libtool: sanitize the script, remove buildpaths
- openssl: rewrite ptest installation
- overview-manual/concepts: remove :term:`PR` from the build dir list
- patch.py: set commituser and commitemail for addNote
- poky.conf: bump version for 5.0.9
- vim: Upgrade to 9.1.1198
- xserver-xf86-config: add a configuration fragment to disable screen blanking
- xserver-xf86-config: remove obsolete configuration files
- xserver-xorg: upgrade to 21.1.16
- xz: upgrade to 5.4.7
- yocto-uninative: Update to 4.7 for glibc 2.41
Known Issues in Yocto-5.0.9
~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-5.0.9
~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks to the following people who contributed to this release:
- Antonin Godard
- Archana Polampalli
- Ashish Sharma
- Bruce Ashfield
- Changqing Li
- Denys Dmytriyenko
- Divya Chellam
- Hitendra Prajapati
- Madhu Marri
- Makarios Christakis
- Martin Jansa
- Michael Halstead
- Niko Mauno
- Oleksandr Hnatiuk
- Peter Marko
- Richard Purdie
- Ross Burton
- Sana Kazi
- Stefan Mueller-Klieser
- Steve Sakoman
- Vijay Anusuri
- Virendra Thakur
- Vishwas Udupa
- Wang Mingyu
- Zhang Peng
Repositories / Downloads for Yocto-5.0.9
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.9 </poky/log/?h=yocto-5.0.9>`
- Git Revision: :yocto_git:`bab0f9f62af9af580744948dd3240f648a99879a </poky/commit/?id=bab0f9f62af9af580744948dd3240f648a99879a>`
- Release Artefact: poky-bab0f9f62af9af580744948dd3240f648a99879a
- sha: ee6811d9fb6c4913e19d6e3569f1edc8ccd793779b237520596506446a6b4531
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/poky-bab0f9f62af9af580744948dd3240f648a99879a.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/poky-bab0f9f62af9af580744948dd3240f648a99879a.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
- Tag: :oe_git:`yocto-5.0.9 </openembedded-core/log/?h=yocto-5.0.9>`
- Git Revision: :oe_git:`04038ecd1edd6592b826665a2b787387bb7074fa </openembedded-core/commit/?id=04038ecd1edd6592b826665a2b787387bb7074fa>`
- Release Artefact: oecore-04038ecd1edd6592b826665a2b787387bb7074fa
- sha: 6e201a4b486dfbdfcb7e96d83b962a205ec4764db6ad0e34bd623db18910eddb
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/oecore-04038ecd1edd6592b826665a2b787387bb7074fa.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/oecore-04038ecd1edd6592b826665a2b787387bb7074fa.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.9 </meta-mingw/log/?h=yocto-5.0.9>`
- Git Revision: :yocto_git:`bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f </meta-mingw/commit/?id=bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f>`
- Release Artefact: meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f
- sha: ab073def6487f237ac125d239b3739bf02415270959546b6b287778664f0ae65
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/meta-mingw-bd9fef71ec005be3c3a6d7f8b99d8116daf70c4f.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.8 </bitbake/log/?h=2.8>`
- Tag: :oe_git:`yocto-5.0.9 </bitbake/log/?h=yocto-5.0.9>`
- Git Revision: :oe_git:`696c2c1ef095f8b11c7d2eff36fae50f58c62e5e </bitbake/commit/?id=696c2c1ef095f8b11c7d2eff36fae50f58c62e5e>`
- Release Artefact: bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e
- sha: fc83f879cd6dd14b9b7eba0161fec23ecc191fed0fb00556ba729dceef6c145f
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.0.9/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.0.9/bitbake-696c2c1ef095f8b11c7d2eff36fae50f58c62e5e.tar.bz2
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
- Tag: :yocto_git:`yocto-5.0.9 </yocto-docs/log/?h=yocto-5.0.9>`
- Git Revision: :yocto_git:`56db4fd81f6235428bef9e46a61c11ca0ba89733 </yocto-docs/commit/?id=56db4fd81f6235428bef9e46a61c11ca0ba89733>`

161
documentation/migration-guides/release-notes-5.2.1.rst
View File

@@ -1,161 +0,0 @@
Release notes for Yocto-5.2.1 (Walnascar)
-----------------------------------------
Security Fixes in Yocto-5.2.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- connman :Fix :cve_nist:`2025-32366` and :cve_nist:`2025-32743`
- ffmpeg: Fix :cve_nist:`2025-22921`
- go: Fix :cve_nist:`2025-22871` and CVE-2025-22873
- iputils: Fix :cve_nist:`2025-47268`
- libsoup-2.4: Fix :cve_nist:`2024-52532` and :cve_nist:`2025-32911`
- libxml2: Fix :cve_nist:`2025-32414` and :cve_nist:`2025-32415`
- openssh: Fix :cve_nist:`2025-32728`
- perl: Fix :cve_nist:`2024-56406`
- qemu: Ignore :cve_nist:`2023-1386`
- ruby: Fix :cve_nist:`2025-27219`, :cve_nist:`2025-27220` and :cve_nist:`2025-27221`
- webkitgtk: Fix :cve_nist:`2024-54551`, :cve_nist:`2025-24208`, :cve_nist:`2025-24209`,
:cve_nist:`2025-24213`, :cve_nist:`2025-24216`, :cve_nist:`2025-24264` and :cve_nist:`2025-30427`
Fixes in Yocto-5.2.1
~~~~~~~~~~~~~~~~~~~~
- binutils: stable 2.44 branch updates
- bluez5: add missing tools to noinst-tools package
- build-appliance-image: Update to walnascar head revision
- buildtools-tarball: Make buildtools respects host CA certificates
- buildtools-tarball: add envvars into :term:`BB_ENV_PASSTHROUGH_ADDITIONS`
- buildtools-tarball: move setting of envvars to respective envfile
- cdrtools-native: fix booting EFI ISO live failed
- contributor-guide/submit-changes: encourage patch version changelogs
- gcc: Fix LDRD register overlap in register-indexed mode
- glibc-y2038-tests: remove glibc-y2038-tests_2.41.bb recipe
- glibc: Add single-threaded fast path to rand()
- glibc: stable 2.41 branch update
- go: upgrade to 1.24.3
- gobject-introspection: Fix wrong :term:`PN` used in MULTILIB_SCRIPTS
- icu: set ac_cv_path_install to ensure install tool reproducibility
- initscripts: add function log_success_msg/log_failure_msg/log_warning_msg
- insane.bbclass: Move test for invalid PACKAGECONFIGs to do_recipe_qa
- insane.bbclass: Report all invalid PACKAGECONFIGs for a recipe at once
- libxml2: upgrade to 2.13.8
- makedumpfile: upgrade to 1.7.7
- migration-guides: add release notes for 4.0.26 and 5.0.9
- module.bbclass: add KBUILD_EXTRA_SYMBOLS to install
- patch.py: set commituser and commitemail for addNote
- perl: upgrade to 5.40.2
- perlcross: upgrade to 1.6.2
- poky.conf: bump version for 5.2.1
- ref-manual/release-process: update releases.svg
- ref-manual/variables.rst: document :term:`WIC_CREATE_EXTRA_ARGS`
- ref-manual/variables.rst: update :term:`ROOT_HOME` documentation
- ref-manual: classes: uki: Fix git links
- ref-manual: kernel-fitimage.bbclass does not use :term:`SPL_SIGN_KEYNAME`
- ruby: upgrade to 3.4.3
- sbom.rst: how to disable :term:`SPDX` generation
- scripts/install-buildtools: Update to 5.2
- sphinx-lint: various fixes
- syslinux: improve isohybrid to process extra sector count for ISO 9660 image
- test-manual/intro: remove Buildbot version used
- tzdata/tzcode-native: upgrade to 2025b
- webkitgtk: Use WTF_CPU_UNKNOWN when building for riscv64
- webkitgtk: upgrade to 2.48.1
Known Issues in Yocto-5.2.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-5.2.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Adrian Freihofer
- Aleksandar Nikolic
- Alon Bar-Lev
- Antonin Godard
- Archana Polampalli
- Changqing Li
- Deepesh Varatharajan
- Divya Chellam
- Enrico Jörns
- Guðni Már Gilbert
- Haixiao Yan
- Hongxu Jia
- Jiaying Song
- Khem Raj
- Lee Chee Yang
- Leonard Anderweit
- Madhu Marri
- Mikko Rapeli
- Peter Kjellerstedt
- Peter Marko
- Praveen Kumar
- Priyal Doshi
- Steve Sakoman
- Trevor Woerner
- Yi Zhao
- Yogita Urade
- rajmohan r
Repositories / Downloads for Yocto-5.2.1
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`walnascar </poky/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.1 </poky/log/?h=yocto-5.2.1>`
- Git Revision: :yocto_git:`fd9b605507a20d850a9991316cd190c1d20dc4a6 </poky/commit/?id=fd9b605507a20d850a9991316cd190c1d20dc4a6>`
- Release Artefact: poky-fd9b605507a20d850a9991316cd190c1d20dc4a6
- sha: 0234a96fc28e60e0acaae2a03118ecde76810c47e8bb259f4950492bd75fc050
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/poky-fd9b605507a20d850a9991316cd190c1d20dc4a6.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/poky-fd9b605507a20d850a9991316cd190c1d20dc4a6.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`walnascar </openembedded-core/log/?h=walnascar>`
- Tag: :oe_git:`yocto-5.2.1 </openembedded-core/log/?h=yocto-5.2.1>`
- Git Revision: :oe_git:`17affdaa600896282e07fb4d64cb23195673baa1 </openembedded-core/commit/?id=17affdaa600896282e07fb4d64cb23195673baa1>`
- Release Artefact: oecore-17affdaa600896282e07fb4d64cb23195673baa1
- sha: b6c3c15004fcd1efbaa26c9695202806402730dde8e41552a70140cff67c97c9
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/oecore-17affdaa600896282e07fb4d64cb23195673baa1.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/oecore-17affdaa600896282e07fb4d64cb23195673baa1.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`walnascar </meta-mingw/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.1 </meta-mingw/log/?h=yocto-5.2.1>`
- Git Revision: :yocto_git:`edce693e1b8fabd84651aa6c0888aafbcf238577 </meta-mingw/commit/?id=edce693e1b8fabd84651aa6c0888aafbcf238577>`
- Release Artefact: meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577
- sha: 6cfed41b54f83da91a6cf201ec1c2cd4ac284f642b1268c8fa89d2335ea2bce1
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.12 </bitbake/log/?h=2.12>`
- Tag: :oe_git:`yocto-5.2.1 </bitbake/log/?h=yocto-5.2.1>`
- Git Revision: :oe_git:`5b4e20377eea8d428edf1aeb2187c18f82ca6757 </bitbake/commit/?id=5b4e20377eea8d428edf1aeb2187c18f82ca6757>`
- Release Artefact: bitbake-5b4e20377eea8d428edf1aeb2187c18f82ca6757
- sha: 48cff22c1e61f47adce474b636ca865e7e0b62293fc5c8829d09e7f1ac5252af
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.1/bitbake-5b4e20377eea8d428edf1aeb2187c18f82ca6757.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.1/bitbake-5b4e20377eea8d428edf1aeb2187c18f82ca6757.tar.bz2
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`walnascar </yocto-docs/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.1 </yocto-docs/log/?h=yocto-5.2.1>`
- Git Revision: :yocto_git:`6b7019c13054bf11fb16657a3fac85831352cea9 </yocto-docs/commit/?id=6b7019c13054bf11fb16657a3fac85831352cea9>`

249
documentation/migration-guides/release-notes-5.2.2.rst
View File

@@ -1,249 +0,0 @@
Release notes for Yocto-5.2.2 (Walnascar)
-----------------------------------------
Security Fixes in Yocto-5.2.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- bind: Fix :cve_nist:`2025-40775`
- binutils: Fix :cve_nist:`2025-1153`, :cve_nist:`2025-1178`, :cve_nist:`2025-1180`,
:cve_nist:`2025-1181`, :cve_nist:`2025-1182`, :cve_nist:`2025-3198` and :cve_nist:`2025-5244`
- binutils: Ignore :cve_nist:`2025-1153` (fixed in current version)
- epiphany: Fix CVE-2025-3839
- go: Fix :cve_nist:`2025-0913`, :cve_nist:`2025-4673` and :cve_nist:`2025-22874`
- go: Ignore :cve_nist:`2024-3566`
- kea: Fix :cve_nist:`2025-32801`, :cve_nist:`2025-32802` and :cve_nist:`2025-32803`
- libarchive: Fix :cve_nist:`2025-5914`
- libsoup-2.4: Fix :cve_nist:`2024-52530`, :cve_nist:`2024-52531`, :cve_nist:`2025-2784`,
:cve_nist:`2025-4476`, :cve_nist:`2025-4948`, :cve_nist:`2025-4969`, :cve_nist:`2025-32050`,
:cve_nist:`2025-32052`, :cve_nist:`2025-32053`, :cve_nist:`2025-32906`, :cve_nist:`2025-32907`,
:cve_nist:`2025-32909`, :cve_nist:`2025-32910`, :cve_nist:`2025-32912`, :cve_nist:`2025-32913`,
:cve_nist:`2025-32914`, :cve_nist:`2025-46420` and :cve_nist:`2025-46421`
- libsoup: Fix :cve_nist:`2025-4476`, :cve_nist:`2025-4948`, :cve_nist:`2025-4969`,
:cve_nist:`2025-32907`, :cve_nist:`2025-32908` and :cve_nist:`2025-32914`
- linux-yocto: Fix :cve_nist:`2023-3079`, :cve_nist:`2023-52904`, :cve_nist:`2023-52979`,
:cve_nist:`2025-22102`, :cve_nist:`2025-37800`, :cve_nist:`2025-37801`, :cve_nist:`2025-37802`,
:cve_nist:`2025-37805`, :cve_nist:`2025-37821`, :cve_nist:`2025-37838`, :cve_nist:`2025-37890`,
:cve_nist:`2025-37891`, :cve_nist:`2025-37894`, :cve_nist:`2025-37895`, :cve_nist:`2025-37897`,
:cve_nist:`2025-37899`, :cve_nist:`2025-37900`, :cve_nist:`2025-37901`, :cve_nist:`2025-37903`,
:cve_nist:`2025-37905`, :cve_nist:`2025-37907`, :cve_nist:`2025-37908`, :cve_nist:`2025-37909`,
:cve_nist:`2025-37910`, :cve_nist:`2025-37911`, :cve_nist:`2025-37912`, :cve_nist:`2025-37913`,
:cve_nist:`2025-37914`, :cve_nist:`2025-37915`, :cve_nist:`2025-37916`, :cve_nist:`2025-37917`,
:cve_nist:`2025-37918`, :cve_nist:`2025-37919`, :cve_nist:`2025-37920`, :cve_nist:`2025-37921`,
:cve_nist:`2025-37922`, :cve_nist:`2025-37923`, :cve_nist:`2025-37924`, :cve_nist:`2025-37926`,
:cve_nist:`2025-37927`, :cve_nist:`2025-37928`, :cve_nist:`2025-37929`, :cve_nist:`2025-37930`,
:cve_nist:`2025-37931`, :cve_nist:`2025-37932`, :cve_nist:`2025-37933`, :cve_nist:`2025-37934`,
:cve_nist:`2025-37935`, :cve_nist:`2025-37936`, :cve_nist:`2025-37946`, :cve_nist:`2025-37947`,
:cve_nist:`2025-37948`, :cve_nist:`2025-37949`, :cve_nist:`2025-37951`, :cve_nist:`2025-37952`,
:cve_nist:`2025-37953`, :cve_nist:`2025-37954`, :cve_nist:`2025-37955`, :cve_nist:`2025-37956`,
:cve_nist:`2025-37957`, :cve_nist:`2025-37958`, :cve_nist:`2025-37959`, :cve_nist:`2025-37960`,
:cve_nist:`2025-37961`, :cve_nist:`2025-37962`, :cve_nist:`2025-37963`, :cve_nist:`2025-37964`,
:cve_nist:`2025-37965`, :cve_nist:`2025-37967`, :cve_nist:`2025-37968`, :cve_nist:`2025-37969`,
:cve_nist:`2025-37970`, :cve_nist:`2025-37971`, :cve_nist:`2025-37972`, :cve_nist:`2025-37973`,
:cve_nist:`2025-37974`, :cve_nist:`2025-37990`, :cve_nist:`2025-37991`, :cve_nist:`2025-37992`,
:cve_nist:`2025-37993`, :cve_nist:`2025-37994`, :cve_nist:`2025-37995`, :cve_nist:`2025-37997`,
:cve_nist:`2025-37998` and :cve_nist:`2025-37999`
- linux-yocto: Ignore :cve_nist:`2023-3079` and :cve_nist:`2025-37996`
- net-tools: Fix :cve_nist:`2025-46836`
- ofono: Fix :cve_nist:`2024-7537`
- python3-setuptools: Fix :cve_nist:`2025-47273`
- python3-urllib3: Fix :cve_nist:`2025-50181` and :cve_nist:`2025-50182`
- sqlite3: Fix :cve_nist:`2025-3277` and :cve_nist:`2025-29088`
- sqlite3: mark :cve_nist:`2025-29087` as patched
- systemd: Fix :cve_nist:`2025-4598`
- xz: Fix :cve_nist:`2025-31115`
Fixes in Yocto-5.2.2
~~~~~~~~~~~~~~~~~~~~
- bind: upgrade to 9.20.9
- bitbake: toaster/tests/buildtest: Switch to new CDN
- brief-yoctoprojectqs/index.rst: replace removed macro
- brief-yoctoprojectqs/ref-manual: Switch to new CDN
- bsp guide: update kernel version example to 6.12
- bsp-guide: update all of section 1.8.2 to reflect current beaglebone conf file
- bsp-guide: update lonely "4.12" kernel reference to "6.12"
- build-appliance-image: Update to walnascar head revision
- cmake: Correctly handle cost data of tests with arbitrary chars in name
- conf.py: tweak SearchEnglish to be hyphen-friendly
- cve-exclusion_6.12.inc: Update using current cvelistV5
- cve-exclusions: correct cve status for 5 entries
- docs: Clean up explanation of minimum required version numbers
- docs: README: specify how to contribute instead of pointing at another file
- docs: conf.py: silence SyntaxWarning on js_splitter_code
- docs: sphinx-lint: superfluous backtick in front of role
- docs: sphinx-lint: unbalanced inline literal markup
- epiphany: upgrade to 48.3
- gcc: Upgrade to GCC 14.3
- gcc: fix incorrect preprocessor line numbers in large files
- genericarm64.conf: increase :term:`INITRAMFS_MAXSIZE`
- ghostscript: upgrade to 10.05.1
- glibc: stable 2.41 branch updates
- go: upgrade to 1.24.4
- kea: upgrade to 2.6.3
- libarchive: upgrade to 3.7.9
- libmatchbox: upgrade to 1.14
- libsoup: upgrade to 3.6.5
- linux-yocto/6.12: bsp/genericarm64: modular configuration updates
- linux-yocto/6.12: libbpf: silence maybe-uninitialized warning from clang
- linux-yocto/6.12: update to v6.12.31
- linux-yoto/6.12: bsp/arm: fix CONFIG_CRYPTO_LIB_CHACHA
- linux/cve-exclusion: Execute the script after changing to the new data source
- linux/cve-exclusion: correct fixed-version calculation
- linux/cve-exclusion: do not shift first_affected
- linux/cve-exclusion: update exclusions after script fixes
- linux/cve-exclusion: update with latest cvelistV5
- linux/generate-cve-exclusions: show the name and version of the data source
- linux/generate-cve-exclusions: use data from CVEProject
- linux: cve-exclusions: Amend terminology
- linux: cve-exclusions: Fix false negatives
- local.conf.sample: Switch to new CDN
- migration-guides: add release notes for 4.0.27, 5.0.10, 5.2.1
- nfs-utils: don't use signals to shut down nfs server.
- oeqa/sstatetests: Fix :term:`NATIVELSBSTRING` handling
- oeqa/sstatetests: Improve/fix sstate creation tests
- overview-manual: small number of pedantic cleanups
- package_rpm.bbclass: Remove empty build directory
- poky.conf: bump version for 5.2.2
- python3-pygobject: :term:`RDEPENDS` on gobject-introspection
- python3-requests: upgrade to 2.32.4
- python3: backport the full fix for importlib scanning invalid distributions
- python3: drop old nis module dependencies
- python3: remove obsolete deletion of non-deterministic .pyc files
- python3: upgrade to 3.13.4
- ref-manual/variables.rst: document :term:`IMAGE_ROOTFS_MAXSIZE` :term:`INHIBIT_DEFAULT_RUST_DEPS`
:term:`INHIBIT_UPDATERCD_BBCLASS` :term:`INITRAMFS_MAXSIZE` :term:`KERNEL_SPLIT_MODULES`
:term:`SSTATE_SKIP_CREATION`
- ref-manual: clarify :term:`KCONFIG_MODE` default behaviour
- ref-manual: classes: nativesdk: move note to appropriate section
- ref-manual: classes: reword to clarify that native/nativesdk options are exclusive
- scripts/install-buildtools: Update to 5.2.1
- sstate: apply proper umask when fetching from SSTATE_MIRROR
- sstatetests: Switch to new CDN
- systemd.bbclass: generate preset for templates
- systemd: upgrade to 257.6
- tcf-agent: correct the :term:`SRC_URI`
- testimage: get real os-release file
- tune-cortexr52: Remove aarch64 for ARM Cortex-R52
- util-linux: fix agetty segfault issue
- xwayland: Add missing libtirpc dependency
Known Issues in Yocto-5.2.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~
- N/A
Contributors to Yocto-5.2.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Aleksandar Nikolic
- Alper Ak
- Antonin Godard
- Archana Polampalli
- Bruce Ashfield
- Carlos Sánchez de La Lama
- Changqing Li
- Christos Gavros
- Colin Pinnell McAllister
- Daniel Turull
- Deepesh Varatharajan
- Dixit Parmar
- Enrico Jörns
- Etienne Cordonnier
- Guocai He
- Guðni Már Gilbert
- Gyorgy Sarvari
- Harish Sadineni
- Jiaying Song
- Lee Chee Yang
- Mathieu Dubois-Briand
- Mikko Rapeli
- Moritz Haase
- NeilBrown
- Niko Mauno
- Patrick Williams
- Peter Marko
- Praveen Kumar
- Quentin Schulz
- Randy MacLeod
- Rasmus Villemoes
- Richard Purdie
- Robert P. J. Day
- Robert Yang
- Ross Burton
- Sandeep Gundlupet Raju
- Steve Sakoman
- Trevor Gamblin
- Trevor Woerner
- Wang Mingyu
- Yash Shinde
- Yi Zhao
- Yogita Urade
- Yongxin Liu
Repositories / Downloads for Yocto-5.2.2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
poky
- Repository Location: :yocto_git:`/poky`
- Branch: :yocto_git:`walnascar </poky/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.2 </poky/log/?h=yocto-5.2.2>`
- Git Revision: :yocto_git:`41038342a471b4a8884548568ad147a1704253a3 </poky/commit/?id=41038342a471b4a8884548568ad147a1704253a3>`
- Release Artefact: poky-41038342a471b4a8884548568ad147a1704253a3
- sha: 4b1e9c80949e5c5ab5ffeb4fa3dadb43b74b813fc9d132caabf1fc8c38bd8f5e
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/poky-41038342a471b4a8884548568ad147a1704253a3.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/poky-41038342a471b4a8884548568ad147a1704253a3.tar.bz2
openembedded-core
- Repository Location: :oe_git:`/openembedded-core`
- Branch: :oe_git:`walnascar </openembedded-core/log/?h=walnascar>`
- Tag: :oe_git:`yocto-5.2.2 </openembedded-core/log/?h=yocto-5.2.2>`
- Git Revision: :oe_git:`c855be07828c9cff3aa7ddfa04eb0c4df28658e4 </openembedded-core/commit/?id=c855be07828c9cff3aa7ddfa04eb0c4df28658e4>`
- Release Artefact: oecore-c855be07828c9cff3aa7ddfa04eb0c4df28658e4
- sha: c510b69b984be7ad8045236a3dde9bc4f5833bc9f3045dc04d6442a9453165f4
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/oecore-c855be07828c9cff3aa7ddfa04eb0c4df28658e4.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/oecore-c855be07828c9cff3aa7ddfa04eb0c4df28658e4.tar.bz2
meta-mingw
- Repository Location: :yocto_git:`/meta-mingw`
- Branch: :yocto_git:`walnascar </meta-mingw/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.2 </meta-mingw/log/?h=yocto-5.2.2>`
- Git Revision: :yocto_git:`edce693e1b8fabd84651aa6c0888aafbcf238577 </meta-mingw/commit/?id=edce693e1b8fabd84651aa6c0888aafbcf238577>`
- Release Artefact: meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577
- sha: 6cfed41b54f83da91a6cf201ec1c2cd4ac284f642b1268c8fa89d2335ea2bce1
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/meta-mingw-edce693e1b8fabd84651aa6c0888aafbcf238577.tar.bz2
bitbake
- Repository Location: :oe_git:`/bitbake`
- Branch: :oe_git:`2.12 </bitbake/log/?h=2.12>`
- Tag: :oe_git:`yocto-5.2.2 </bitbake/log/?h=yocto-5.2.2>`
- Git Revision: :oe_git:`74c28e14a9b5e2ff908a03f93c189efa6f56b0ca </bitbake/commit/?id=74c28e14a9b5e2ff908a03f93c189efa6f56b0ca>`
- Release Artefact: bitbake-74c28e14a9b5e2ff908a03f93c189efa6f56b0ca
- sha: 1d417990d922289152af6274d461d7809d06c290d57e5373fd46bb0112e6b812
- Download Locations:
https://downloads.yoctoproject.org/releases/yocto/yocto-5.2.2/bitbake-74c28e14a9b5e2ff908a03f93c189efa6f56b0ca.tar.bz2
https://mirrors.kernel.org/yocto/yocto/yocto-5.2.2/bitbake-74c28e14a9b5e2ff908a03f93c189efa6f56b0ca.tar.bz2
meta-yocto
- Repository Location: :yocto_git:`/meta-yocto`
- Branch: :yocto_git:`walnascar </meta-yocto/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.2 </meta-yocto/log/?h=yocto-5.2.2>`
- Git Revision: :yocto_git:`5754fb5efb54cf06f96012a88619baba0995b0fc </meta-yocto/commit/?id=5754fb5efb54cf06f96012a88619baba0995b0fc>`
yocto-docs
- Repository Location: :yocto_git:`/yocto-docs`
- Branch: :yocto_git:`walnascar </yocto-docs/log/?h=walnascar>`
- Tag: :yocto_git:`yocto-5.2.2 </yocto-docs/log/?h=yocto-5.2.2>`
- Git Revision: :yocto_git:`85f8e5c799ef38c6dcca615d7cc6baff325df259 </yocto-docs/commit/?id=85f8e5c799ef38c6dcca615d7cc6baff325df259>`

4
documentation/migration-guides/release-notes-5.2.rst
View File

@@ -25,7 +25,7 @@ New Features / Enhancements in |yocto-ver|
:ref:`Shared State <overview-manual/concepts:Shared State>` for the
dependencies. See :doc:`/test-manual/reproducible-builds`.
- ``systemd``: Add :term:`WATCHDOG_RUNTIME_SEC`: for controlling the
- ``systemd``: Add term:`WATCHDOG_RUNTIME_SEC`: for controlling the
``RuntimeWatchdogSec`` option in ``/etc/systemd/system.conf``.
- :term:`FIT_UBOOT_ENV` to allow including a u-boot script as a text in a
@@ -671,7 +671,7 @@ New Features / Enhancements in |yocto-ver|
- New ``bbverbnote`` log utility which can be used to print on the console
(equivalent to the ``bb.verbnote`` Python implementation).
- :ref:`ref-classes-grub-efi`: Add :term:`GRUB_TITLE` variable to set
- :ref:``ref-classes-grub-efi``: Add :term:`GRUB_TITLE` variable to set
custom GRUB titles.
- ``gawk``: Enable high precision arithmetic support by default (``mpfr``

34
documentation/overview-manual/concepts.rst
View File

@@ -98,7 +98,7 @@ files, and how to package the compiled output.
The term "package" is sometimes used to refer to recipes. However, since
the word "package" is used for the packaged output from the OpenEmbedded
build system (i.e. ``.ipk``, ``.deb`` or ``.rpm`` files), this document avoids
build system (i.e. ``.ipk`` or ``.deb`` files), this document avoids
using the term "package" when referring to recipes.
Classes
@@ -256,7 +256,7 @@ development environment.
.. note::
The
``scripts/oe-setup-builddir``
scripts/oe-setup-builddir
script uses the
``$TEMPLATECONF``
variable to determine which sample configuration files to locate.
@@ -277,9 +277,6 @@ in the ``meta-poky`` layer:
- *Shared State Directory:* Controlled by the
:term:`SSTATE_DIR` variable.
- *Persistent Data Directory:* Controlled by the
:term:`PERSISTENT_DIR` variable.
- *Build Output:* Controlled by the
:term:`TMPDIR` variable.
@@ -355,7 +352,7 @@ layers the build system uses to further control the build. These layers
provide Metadata for the software, machine, and policies.
In general, there are three types of layer input. You can see them below
the "User Configuration" box in the :ref:`general workflow
the "User Configuration" box in the `general workflow
figure <overview-manual/concepts:openembedded build system concepts>`:
- *Metadata (.bb + Patches):* Software layers containing
@@ -423,14 +420,14 @@ build.
Distro Layer
~~~~~~~~~~~~
A distribution layer provides policy configurations for your
The distribution layer provides policy configurations for your
distribution. Best practices dictate that you isolate these types of
configurations into their own layer. Settings you provide in
``conf/distro/distro.conf`` override similar settings that BitBake finds
in your ``conf/local.conf`` file in the :term:`Build Directory`.
The following list provides some explanation and references for what you
typically find in a distribution layer:
typically find in the distribution layer:
- *classes:* Class files (``.bbclass``) hold common functionality that
can be shared among recipes in the distribution. When your recipes
@@ -457,7 +454,7 @@ typically find in a distribution layer:
BSP Layer
~~~~~~~~~
A BSP layer provides machine configurations that target specific
The BSP Layer provides machine configurations that target specific
hardware. Everything in this layer is specific to the machine for which
you are building the image or the SDK. A common structure or form is
defined for BSP layers. You can learn more about this structure in the
@@ -468,7 +465,7 @@ defined for BSP layers. You can learn more about this structure in the
In order for a BSP layer to be considered compliant with the Yocto
Project, it must meet some structural requirements.
A BSP layer's configuration directory contains configuration files for
The BSP Layer's configuration directory contains configuration files for
the machine (``conf/machine/machine.conf``) and, of course, the layer
(``conf/layer.conf``).
@@ -480,18 +477,18 @@ formfactors, graphics support systems, and so forth.
.. note::
While the figure shows several
``recipes-*``
recipes-\*
directories, not all these directories appear in all BSP layers.
Software Layer
~~~~~~~~~~~~~~
A software layer provides the Metadata for additional software
The software layer provides the Metadata for additional software
packages used during the build. This layer does not include Metadata
that is specific to the distribution or the machine, which are found in
their respective layers.
This layer contains any recipes, append files, and patches that your
This layer contains any recipes, append files, and patches, that your
project needs.
Sources
@@ -563,8 +560,9 @@ source tree used by the group).
The canonical method through which to include a local project is to use the
:ref:`ref-classes-externalsrc` class to include that local project. You use
either ``local.conf`` or a recipe's append file to override or set the
recipe to point to the local directory from which to fetch the source.
either the ``local.conf`` or a recipe's append file to override or set the
recipe to point to the local directory on your disk to pull in the whole
source tree.
Source Control Managers (Optional)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -958,7 +956,7 @@ package.
For more information on the ``oe-pkgdata-util`` utility, see the section
:ref:`dev-manual/debugging:Viewing Package Information with
``oe-pkgdata-util``` of the Yocto Project Development Tasks Manual.
\`\`oe-pkgdata-util\`\`` of the Yocto Project Development Tasks Manual.
To add a custom package variant of the ``${PN}`` recipe named
``${PN}-extra`` (name is arbitrary), one can add it to the
@@ -2400,8 +2398,8 @@ The contents of ``sayhello_0.1.bb`` are::
S = "${WORKDIR}/git"
do_install(){
install -d ${D}${bindir}
install -m 0700 sayhello ${D}${bindir}
install -d ${D}/usr/bin
install -m 0700 sayhello ${D}/usr/bin
}
After placing the recipes in a custom layer we can run ``bitbake sayhello``

2
documentation/overview-manual/yp-intro.rst
View File

@@ -28,7 +28,7 @@ platforms as well as software stacks that can be maintained and scaled.
For further introductory information on the Yocto Project, you might be
interested in this
`article <https://www.embedded.com/why-the-yocto-project-for-my-iot-project/>`__
`article <https://www.embedded.com/electronics-blogs/say-what-/4458600/Why-the-Yocto-Project-for-my-IoT-Project->`__
by Drew Moseley and in this short introductory
`video <https://www.youtube.com/watch?v=utZpKM7i5Z4>`__.

2
documentation/poky.yaml.in
View File

@@ -32,4 +32,4 @@ MIN_DISK_SPACE : "90"
# Disk space (Gbytes) needed to generate qemux86-64 core-image-sato on Ubuntu 22.04 (x86-64) with "rm_work", rounded up from 38
MIN_DISK_SPACE_RM_WORK : "40"
# RAM (Gbytes) needed to generate qemux86-64 core-image-sato on Ubuntu 22.04 (x86-64) on a 4 core system
MIN_RAM : "32"
MIN_RAM : "8"

71
documentation/ref-manual/classes.rst
View File

@@ -1390,6 +1390,16 @@ The tests you can list with the :term:`WARN_QA` and
directive, that the recipe also inherits the :ref:`ref-classes-gettext`
class to ensure that gettext is available during the build.
- ``compile-host-path:`` Checks the
:ref:`ref-tasks-compile` log for indications that
paths to locations on the build host were used. Using such paths
might result in host contamination of the build output.
- ``cve_status_not_in_db:`` Checks for each component if CVEs that are ignored
via :term:`CVE_STATUS`, that those are (still) reported for this component
in the NIST database. If not, a warning is printed. This check is disabled
by default.
- ``debug-deps:`` Checks that all packages except ``-dbg`` packages
do not depend on ``-dbg`` packages, which would cause a packaging
bug.
@@ -1457,6 +1467,11 @@ The tests you can list with the :term:`WARN_QA` and
being created due to being marked with a license that is in
:term:`INCOMPATIBLE_LICENSE`.
- ``install-host-path:`` Checks the
:ref:`ref-tasks-install` log for indications that
paths to locations on the build host were used. Using such paths
might result in host contamination of the build output.
- ``installed-vs-shipped:`` Reports when files have been installed
within :ref:`ref-tasks-install` but have not been included in any package by
way of the :term:`FILES` variable. Files that do not
@@ -1585,6 +1600,9 @@ The tests you can list with the :term:`WARN_QA` and
in a packaged script is not longer than 128 characters, which can cause
an error at runtime depending on the operating system.
- ``split-strip:`` Reports that splitting or stripping debug symbols
from binaries has failed.
- ``staticdev:`` Checks for static library files (``*.a``) in
non-``staticdev`` packages.
@@ -2032,8 +2050,7 @@ a couple different ways:
Not using this naming convention can lead to subtle problems
caused by existing code that depends on that naming convention.
- Or, create a :ref:`ref-classes-native` variant of any target recipe (e.g.
``myrecipe.bb``) by adding the following to the recipe::
- Create or modify a target recipe that contains the following::
BBCLASSEXTEND = "native"
@@ -2064,18 +2081,7 @@ couple different ways:
inherit statement in the recipe after all other inherit statements so
that the :ref:`ref-classes-nativesdk` class is inherited last.
.. note::
When creating a recipe, you must follow this naming convention::
nativesdk-myrecipe.bb
Not doing so can lead to subtle problems because there is code that
depends on the naming convention.
- Or, create a :ref:`ref-classes-nativesdk` variant of any target recipe (e.g.
``myrecipe.bb``) by adding the following to the recipe::
- Create a :ref:`ref-classes-nativesdk` variant of any recipe by adding the following::
BBCLASSEXTEND = "nativesdk"
@@ -2084,6 +2090,16 @@ couple different ways:
specify any functionality specific to the respective SDK machine or
target case.
.. note::
When creating a recipe, you must follow this naming convention::
nativesdk-myrecipe.bb
Not doing so can lead to subtle problems because there is code that
depends on the naming convention.
Although applied differently, the :ref:`ref-classes-nativesdk` class is used with both
methods. The advantage of the second method is that you do not need to
have two separate recipes (assuming you need both) for the SDK machine
@@ -3255,22 +3271,6 @@ class assuming :term:`PATCHRESOLVE` is set to "user", the
:ref:`ref-classes-cml1` class, and the :ref:`ref-classes-devshell` class all
use the :ref:`ref-classes-terminal` class.
.. _ref-classes-testexport:
``testexport``
==============
Based on the :ref:`ref-classes-testimage` class, the
:ref:`ref-classes-testexport` class can be used to export the test environment
outside of the :term:`OpenEmbedded Build System`. This will generate the
directory structure to execute the runtime tests using the
:oe_git:`runexported.py </openembedded-core/tree/meta/lib/oeqa/runexported.py>`
Python script.
For more details on how to use :ref:`ref-classes-testexport`, see
the :ref:`test-manual/runtime-testing:Exporting Tests` section in the Yocto
Project Test Environment Manual.
.. _ref-classes-testimage:
``testimage``
@@ -3401,9 +3401,6 @@ The variables used by this class are:
- :term:`SPL_SIGN_ENABLE`: enable signing the FIT image.
- :term:`SPL_SIGN_KEYDIR`: directory containing the signing keys.
- :term:`SPL_SIGN_KEYNAME`: base filename of the signing keys.
- :term:`SPL_DTB_BINARY`: Name of the SPL device tree binary. Can be set to an
empty string to indicate that no SPL should be created and added to the FIT
image.
- :term:`UBOOT_FIT_ADDRESS_CELLS`: ``#address-cells`` value for the FIT image.
- :term:`UBOOT_FIT_DESC`: description string encoded into the FIT image.
- :term:`UBOOT_FIT_GENERATE_KEYS`: generate the keys if they don't exist yet.
@@ -3455,7 +3452,7 @@ on target hardware. Using ``systemd`` as init is recommended. Image builds
should create an ESP partition for UEFI firmware and copy ``systemd-boot`` and
UKI files there. Sample configuration for Wic images is provided in
:oe_git:`scripts/lib/wic/canned-wks/efi-uki-bootdisk.wks.in
</openembedded-core/tree/scripts/lib/wic/canned-wks/efi-uki-bootdisk.wks.in>`.
<openembedded-core/tree/scripts/lib/wic/canned-wks/efi-uki-bootdisk.wks.in>`.
UKIs are generated using ``systemd`` reference implementation `ukify
<https://www.freedesktop.org/software/systemd/man/latest/ukify.html>`__.
This class uses a number of variables but tries to find sensible defaults for
@@ -3465,7 +3462,7 @@ The variables used by this class are:
- :term:`EFI_ARCH`: architecture name within EFI standard, set in
:oe_git:`meta/conf/image-uefi.conf
</openembedded-core/tree/meta/conf/image-uefi.conf>`
<openembedded-core/tree/meta/conf/image-uefi.conf>`
- :term:`IMAGE_EFI_BOOT_FILES`: files to install to EFI boot partition
created by the ``bootimg-efi`` Wic plugin
- :term:`INITRAMFS_IMAGE`: initramfs recipe name
@@ -3484,9 +3481,9 @@ The variables used by this class are:
For examples on how to use this class see oeqa selftest
:oe_git:`meta/lib/oeqa/selftest/cases/uki.py
</openembedded-core/tree/meta/lib/oeqa/selftest/cases/uki.py>`.
<openembedded-core/tree/meta/lib/oeqa/selftest/cases/uki.py>`.
Also an oeqa runtime test :oe_git:`meta/lib/oeqa/runtime/cases/uki.py
</openembedded-core/tree/meta/lib/oeqa/runtime/cases/uki.py>` is provided which
<openembedded-core/tree/meta/lib/oeqa/runtime/cases/uki.py>` is provided which
verifies that the target system booted the same UKI binary as was set at
buildtime via :term:`UKI_FILENAME`.

2
documentation/ref-manual/devtool-reference.rst
View File

@@ -435,7 +435,7 @@ You can read more on the ``devtool upgrade`` workflow in the
":ref:`dev-manual/devtool:use \`\`devtool upgrade\`\` to create a version of the recipe that supports a newer version of the software`"
section in the Yocto Project Application Development and the Extensible
Software Development Kit (eSDK) manual. You can also see an example of
how to use ``devtool upgrade`` in the ":ref:`dev-manual/upgrading-recipes:using ``devtool upgrade```"
how to use ``devtool upgrade`` in the ":ref:`dev-manual/upgrading-recipes:using \`\`devtool upgrade\`\``"
section in the Yocto Project Development Tasks Manual.
.. _devtool-resetting-a-recipe:

5
documentation/ref-manual/structure.rst
View File

@@ -246,8 +246,7 @@ section in the Yocto Project Development Tasks Manual.
----------------
This directory contains several internal files used by the OpenEmbedded
build system. The path to this directory is defined by the
:term:`PERSISTENT_DIR` variable.
build system.
It also contains ``sanity_info``, a text file keeping track of important
build information such as the values of :term:`TMPDIR`, :term:`SSTATE_DIR`,
@@ -516,7 +515,7 @@ generated during the :ref:`ref-tasks-packagedata` task. The files stored in this
directory contain information about each output package produced by the
OpenEmbedded build system, and are used in different ways by the build system
such as ":ref:`dev-manual/debugging:viewing package information with
``oe-pkgdata-util```".
\`\`oe-pkgdata-util\`\``".
.. _structure-build-tmp-sstate-control:

518
documentation/ref-manual/svg/releases.svg
View File

@@ -2,11 +2,11 @@
<svg
version="1.1"
id="svg2"
width="1992.7236"
height="613.35602"
viewBox="0 0 1992.7236 613.35599"
width="1523.001"
height="504.30499"
viewBox="0 0 1523.001 504.30497"
sodipodi:docname="releases.svg"
inkscape:version="1.4.1 (93de688d07, 2025-03-30)"
inkscape:version="1.3.2 (091e20ef0f, 2023-11-25, custom)"
inkscape:export-filename="../../../../../../../../tmp/releases.png"
inkscape:export-xdpi="96"
inkscape:export-ydpi="96"
@@ -70,7 +70,7 @@
scale_width="1"
end_linecap_type="zerowidth"
not_jump="false"
message="" />
message="&lt;b&gt;Ctrl + click&lt;/b&gt; on existing node and move it" />
<marker
style="overflow:visible"
id="marker5783"
@@ -412,9 +412,9 @@
inkscape:window-height="2069"
id="namedview4"
showgrid="true"
inkscape:zoom="1.5536106"
inkscape:cx="1158.2696"
inkscape:cy="273.55632"
inkscape:zoom="2.1971372"
inkscape:cx="1068.2082"
inkscape:cy="287.87461"
inkscape:window-x="2256"
inkscape:window-y="60"
inkscape:window-maximized="1"
@@ -433,8 +433,8 @@
<inkscape:grid
type="xygrid"
id="grid1257"
originx="-289.06071"
originy="478.43017"
originx="-289.99936"
originy="369.99997"
spacingy="1"
spacingx="1"
units="px"
@@ -444,90 +444,66 @@
inkscape:groupmode="layer"
inkscape:label="Image"
id="g10"
transform="translate(-289.06072,478.43022)">
<rect
style="fill:#333333;fill-opacity:0;stroke:#000000;stroke-width:0.713896;stroke-linejoin:bevel;stroke-miterlimit:0;stroke-opacity:0"
id="rect1"
width="1992.0098"
height="612.64215"
x="289.41766"
y="-478.07327"
ry="24.97636" />
transform="translate(-289.99936,370.00003)">
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 563.40434,64.000628 v -524.414808 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 563.40434,64.000628 v -415.635938 0 0"
id="path207708" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 683.40434,64.000628 v -524.414808 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 683.40434,64.000628 v -415.635938 0 0"
id="path207708-4" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 803.40434,64.000628 v -524.414808 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 803.40434,64.000628 v -415.635938 0 0"
id="path207708-4-3" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 923.40434,64.000577 v -524.414757 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 923.40434,64.000588 v -415.635898 0 0"
id="path207708-4-3-6" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1043.4043,64.000577 v -524.414757 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1043.4043,64.000588 v -415.635898 0 0"
id="path207708-4-3-6-2" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1163.4043,64.000577 v -524.414757 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1163.4043,64.000588 v -415.635898 0 0"
id="path207708-4-3-6-2-8" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1283.4043,64.000577 v -524.414757 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1283.4043,64.000588 v -415.635898 0 0"
id="path207708-4-3-6-2-8-4" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1403.4043,64.000577 v -524.414757 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1403.4043,64.000588 v -415.635898 0 0"
id="path207708-4-3-6-2-8-4-3" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.475347;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1523.4043,64.000568 v -415.757648 0 0"
id="path207708-4-3-6-2-8-4-3-8" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1523.4043,64.000577 v -524.414757 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1523.4043,64.000588 v -415.635898 0 0"
id="path207708-4-3-6-2-8-4-3-8-0" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1643.3583,64.000565 v -524.414715 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1643.3583,64.000578 v -415.635868 0 0"
id="path207708-4-3-6-2-8-4-3-8-4" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1763.4043,64.000565 v -524.414715 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1763.4043,64.000578 v -415.635868 0 0"
id="path207708-4-3-6-2-8-4-3-8-4-0" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1883.7877,64.878769 v -524.414709 0 0"
id="path207708-4-3-6-2-8-4-3-8-4-0-8" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2002.9599,64.984489 v -524.414709 0 0"
id="path207708-4-3-6-2-8-4-3-8-4-0-8-8" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2123.2232,62.984489 v -524.414709 0 0"
id="path207708-4-3-6-2-8-4-3-8-4-0-8-8-1" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2243.313,63.984489 v -524.414709 0 0"
id="path207708-4-3-6-2-8-4-3-8-4-0-8-8-1-9" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 443.40434,64.000628 v -524.414808 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 443.40434,64.000628 v -415.635938 0 0"
id="path207708-9" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.5;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 323.40434,64.000608 v -375.000008 0 0"
id="path207708-9-6" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.50455;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 323.40434,64.000616 v -524.414766 0 0"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.449183;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 323.40434,64.000618 v -415.635908 0 0"
id="path207708-9-6-2" />
<text
xml:space="preserve"
@@ -560,7 +536,7 @@
x="-59.575905"
y="580.05695" /></text>
<rect
style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1;opacity:0.5"
id="rect917-0-0-4-4-9-4"
width="160.00002"
height="45.000004"
@@ -607,6 +583,14 @@
y="-73.501534"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4">4.2</tspan></text>
<rect
style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-3"
width="140"
height="45.000004"
x="1043.132"
y="-328.2114"
ry="2.2558987" />
<rect
style="opacity:1;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-3-6"
@@ -631,78 +615,22 @@
y="-238.332"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6">5.1</tspan></text>
<rect
style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-3-6-2"
width="140"
height="45.000004"
x="1043.4697"
y="-328.48172"
ry="2.2558987" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="1090.4542"
y="-309.61823"
id="text1185-3-55-4-0-0-0-1-1-6-4-7"><tspan
x="1094.2197"
y="-309.83084"
id="text1185-3-55-4-0-0-0-1-1-6-4-3"><tspan
sodipodi:role="line"
x="1090.4542"
y="-309.61823"
x="1094.2197"
y="-309.83084"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan957-2-8-6-3-9-7-4-2-0-0">Walnascar</tspan><tspan
id="tspan957-2-8-6-3-9-7-4-2-0-5">Walnascar</tspan><tspan
sodipodi:role="line"
x="1090.4542"
y="-291.62155"
x="1094.2197"
y="-291.83417"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-9">5.2</tspan></text>
<rect
style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:2;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-3-67"
width="140"
height="45.000004"
x="1163.6425"
y="-382.27469"
ry="2.2558987" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="1214.9716"
y="-363.89413"
id="text1185-3-55-4-0-0-0-1-1-6-4-3-53"><tspan
sodipodi:role="line"
x="1214.9716"
y="-363.89413"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan957-2-8-6-3-9-7-4-2-0-5-5">Whinlatter</tspan><tspan
sodipodi:role="line"
x="1214.9716"
y="-345.89746"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-6-6">5.3</tspan></text>
<rect
style="opacity:0.75;fill:#251f32;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:5.29752;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-3-67-6"
width="982.23163"
height="45.000004"
x="1283.7023"
y="-436.77539"
ry="2.2558987" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="1335.1118"
y="-418.39484"
id="text1185-3-55-4-0-0-0-1-1-6-4-3-53-0"><tspan
sodipodi:role="line"
x="1335.1118"
y="-418.39484"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan957-2-8-6-3-9-7-4-2-0-5-5-6">Wrynose</tspan><tspan
sodipodi:role="line"
x="1335.1118"
y="-400.39816"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#fffefe;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-6-6-2">6.0</tspan></text>
id="tspan10317-2-9-1-4-6-5-6-6">5.2</tspan></text>
<g
id="g1591"
transform="translate(-516.59566,64.000598)">
@@ -753,7 +681,7 @@
id="tspan10317-2-9-0-1">5.0</tspan></text>
<g
id="g1125-0"
transform="matrix(0.42240595,0,0,0.41654472,330.77064,-497.11721)"
transform="matrix(0.42240595,0,0,0.41654472,330.77064,-441.11721)"
style="stroke:none;stroke-width:2.38399">
<rect
style="opacity:1;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:4.76797;stroke-opacity:1"
@@ -995,8 +923,8 @@
y="345.7359" /></text>
<path
id="path29430"
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.99503;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="M 307.54809,63.999718 H 2277.72 Z" />
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1.72671;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="M 307.54809,63.999718 H 1783.4043 Z" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 323.40434,64.000618 v 9.99995 0"
@@ -1509,324 +1437,50 @@
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1763.4043,64.000578 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-2-0-0" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="1885.6029"
y="94.285194"
id="text1185-9-7-1-1-8-1-0-4-2-8-2"><tspan
sodipodi:role="line"
x="1885.6029"
y="94.285194"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan31345-4-0-4-81-5-2-8">Oct.</tspan><tspan
sodipodi:role="line"
x="1885.6029"
y="112.28188"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan49906-7-3-8-2-8-9-9">2028</tspan></text>
<g
id="g1267-4-5-2-7"
transform="translate(563.45518,-155.9782)">
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1200,220.00002 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-1-3" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1220,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1240,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1260,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1280,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1299.7216,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3"
inkscape:transform-center-x="-14.78205"
inkscape:transform-center-y="-0.085282837" />
</g>
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1883.4551,64.021829 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2005.5908"
y="94.339828"
id="text1185-9-7-1-1-8-1-0-4-2-8-2-4"><tspan
sodipodi:role="line"
x="2005.5908"
y="94.339828"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan31345-4-0-4-81-5-2-8-7">Apr.</tspan><tspan
sodipodi:role="line"
x="2005.5908"
y="112.33651"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan49906-7-3-8-2-8-9-9-8">2029</tspan></text>
<g
id="g1267-4-5-2-7-4"
transform="translate(683.44312,-155.92356)">
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1200,220.00002 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-1-3-5" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1220,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1240,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1260,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1280,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1299.7216,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0"
inkscape:transform-center-x="-14.78205"
inkscape:transform-center-y="-0.085282837" />
</g>
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2003.443,64.076464 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2125.6079"
y="94.692207"
id="text1185-9-7-1-1-8-1-0-4-2-8-2-4-2"><tspan
sodipodi:role="line"
x="2125.6079"
y="94.692207"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan31345-4-0-4-81-5-2-8-7-0">Oct.</tspan><tspan
sodipodi:role="line"
x="2125.6079"
y="112.68889"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan49906-7-3-8-2-8-9-9-8-6">2029</tspan></text>
<g
id="g1267-4-5-2-7-4-1"
transform="translate(803.46019,-155.57118)">
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1200,220.00002 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1220,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1240,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1260,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1280,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1299.7216,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5"
inkscape:transform-center-x="-14.78205"
inkscape:transform-center-y="-0.085282837" />
</g>
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2123.4601,64.428843 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-6" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2123.3825,64.223284 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-3" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#000000;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2245.5474"
y="94.839027"
id="text1185-9-7-1-1-8-1-0-4-2-8-2-4-2-7"><tspan
sodipodi:role="line"
x="2245.5474"
y="94.839027"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan31345-4-0-4-81-5-2-8-7-0-4">Apr.</tspan><tspan
sodipodi:role="line"
x="2245.5474"
y="112.83571"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans, Bold';font-variant-ligatures:normal;font-variant-caps:normal;font-variant-numeric:normal;font-variant-east-asian:normal;text-align:center;text-anchor:middle;stroke:none"
id="tspan49906-7-3-8-2-8-9-9-8-6-5">2030</tspan></text>
<g
id="g1267-4-5-2-7-4-1-2"
transform="translate(923.39972,-155.42436)">
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1200,220.00002 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5-5" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1220,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5-4"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1240,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4-7"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1260,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7-4"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1280,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6-4"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1299.7216,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5-3"
inkscape:transform-center-x="-14.78205"
inkscape:transform-center-y="-0.085282837" />
</g>
<g
id="g1267-4-5-2-7-4-1-2-0"
transform="translate(1043.3579,-155.33829)">
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1200,220.00002 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-1-3-5-5-5-6" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1220,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-0-5-0-0-5-6-0-5-4-8"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1240,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-7-5-3-5-9-1-3-4-7-9"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1260,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-5-2-0-9-9-2-6-7-4-2"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1280,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-8-9-9-4-1-9-1-6-4-6"
inkscape:transform-center-x="14.782001"
inkscape:transform-center-y="-0.085282837" />
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 1299.7216,219.99997 v 5.00004 0"
id="path29548-8-5-0-6-4-6-2-9-0-8-1-3-1-9-6-9-3-4-0-4-6-2-2-7-6-1-9-9-1-4-9-7-0-2-6-4-3-0-5-3-6"
inkscape:transform-center-x="-14.78205"
inkscape:transform-center-y="-0.085282837" />
</g>
<path
style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:2;stroke-linecap:butt;stroke-linejoin:miter;stroke-miterlimit:4;stroke-dasharray:none;stroke-opacity:1"
d="m 2243.3996,64.575663 v 9.99999 0"
id="path29548-5-1-3-6-3-1-0-3-4-2-0-0-1-6-6-0" />
<rect
style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.751473;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-36"
width="38.418175"
height="23.151052"
x="2047.6135"
y="-45.172161"
x="1605.6135"
y="-41.172161"
ry="1.1605872" />
<rect
style="opacity:1;fill:#ffffff;fill-opacity:1;fill-rule:evenodd;stroke:#000000;stroke-width:1.98878;stroke-dasharray:none;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-36-7"
width="186.42949"
height="110.40546"
x="2036.5294"
y="-77.753708"
x="1594.5294"
y="-73.753708"
ry="5.5347452" />
<rect
style="opacity:0.75;fill:#241f31;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1"
id="rect917-0-0-4-4-9-4-5-3-9-2-6"
width="21.197233"
height="19.28739"
x="2053.8164"
y="-45.883858"
x="1611.8163"
y="-41.883858"
ry="0.96689767" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2132.4917"
y="-57.687912"
x="1690.4917"
y="-53.687912"
id="text1185-3-55-4-0-0-0-1-1-6-4-3-5"><tspan
sodipodi:role="line"
x="2132.4917"
y="-57.687912"
x="1690.4917"
y="-53.687912"
style="font-style:normal;font-variant:normal;font-weight:bold;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans Bold';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-6-5">Legend</tspan></text>
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2098.0986"
y="-31.899874"
x="1656.0988"
y="-27.899874"
id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2"><tspan
sodipodi:role="line"
x="2098.0986"
y="-31.899874"
x="1656.0988"
y="-27.899874"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-6-5-9">Future</tspan></text>
<rect
@@ -1834,38 +1488,38 @@
id="rect917-0-0-4-4-9-4-5-3-9-2-6-1"
width="21.197233"
height="19.28739"
x="2053.8672"
y="-21.756365"
x="1611.8671"
y="-17.756365"
ry="0.96689767" />
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2128.7158"
y="-7.6722765"
x="1686.7159"
y="-3.6722763"
id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2-2"><tspan
sodipodi:role="line"
x="2128.7158"
y="-7.6722765"
x="1686.7159"
y="-3.6722763"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-6-5-9-7">Current (Apr. 25)</tspan></text>
id="tspan10317-2-9-1-4-6-5-6-6-5-9-7">Current (Oct. 24)</tspan></text>
<text
xml:space="preserve"
style="font-weight:bold;font-size:13.3333px;line-height:125%;font-family:'Nimbus Roman';-inkscape-font-specification:'Nimbus Roman, Bold';letter-spacing:0px;word-spacing:0px;writing-mode:lr-tb;fill:#fffefe;fill-opacity:1;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
x="2109.363"
y="16.03771"
x="1667.363"
y="20.03771"
id="text1185-3-55-4-0-0-0-1-1-6-4-3-5-2-2-9"><tspan
sodipodi:role="line"
x="2109.363"
y="16.03771"
x="1667.363"
y="20.03771"
style="font-style:normal;font-variant:normal;font-weight:normal;font-stretch:normal;font-size:13.3333px;font-family:'Liberation Sans';-inkscape-font-specification:'Liberation Sans';text-align:center;text-anchor:middle;fill:#000000;fill-opacity:1;stroke:none"
id="tspan10317-2-9-1-4-6-5-6-6-5-9-7-3">End-of-life</tspan></text>
<rect
style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1"
style="fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:0.50949;stroke-opacity:1;opacity:0.5"
id="rect917-0-0-4-4-9-4-5-3-9-2-6-1-0"
width="21.197233"
height="19.28739"
x="2054.0239"
y="1.9667883"
x="1612.0239"
y="5.9667883"
ry="0.96689767" />
<rect
style="opacity:0.5;fill:#333333;fill-opacity:1;fill-rule:evenodd;stroke:none;stroke-width:1.85786;stroke-opacity:1"
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 117 KiB

After

Width:  |  Height:  |  Size: 93 KiB

60
documentation/ref-manual/system-requirements.rst
View File

@@ -58,40 +58,44 @@ Supported Linux Distributions
Currently, the &DISTRO; release ("&DISTRO_NAME;") of the Yocto Project is
supported on the following distributions:
..
Can be generated with yocto-autobuilder-helper's scripts/yocto-supported-distros:
yocto-supported-distros --release walnascar --config yocto-autobuilder2/config.py --output-format docs --poky-distros
- Ubuntu 22.04 (LTS)
- Ubuntu 24.04 (LTS)
- Ubuntu 24.10
- Fedora 39
- Fedora 40
- Fedora 41
- CentOS Stream 9
- Debian GNU/Linux 11 (Bullseye)
- Debian GNU/Linux 12 (Bookworm)
- OpenSUSE Leap 15.5
- OpenSUSE Leap 15.6
- AlmaLinux 8
- AlmaLinux 9
- CentOS Stream 9
- Debian 11
- Debian 12
- Fedora 39
- Fedora 40
- Fedora 41
- OpenSUSE Leap 15.5
- OpenSUSE Leap 15.6
- Rocky Linux 8
- Rocky Linux 9
- Ubuntu 20.04 (LTS)
- Ubuntu 22.04 (LTS)
- Ubuntu 24.04 (LTS)
- Ubuntu 24.10
- Rocky 8
- Rocky 9
The following distribution versions are still tested, even though the
organizations publishing them no longer make updates publicly available:
..
This list contains EOL distros that are still tested on the Autobuilder
(meaning there are running workers).
See https://endoflife.date for information of EOL releases.
- Ubuntu 18.04 (LTS)
- Fedora 39
- Fedora 40
- OpenSUSE Leap 15.5
- Ubuntu 20.04 (LTS)
- Ubuntu 24.10
- Ubuntu 23.04
Note that the Yocto Project doesn't have access to private updates
that some of these versions may have. Therefore, our testing has
@@ -102,11 +106,7 @@ tools, such as python.
Finally, here are the distribution versions which were previously
tested on former revisions of "&DISTRO_NAME;", but no longer are:
..
Can be generated with yocto-autobuilder-helper's scripts/yocto-supported-distros:
yocto-supported-distros --release walnascar --config yocto-autobuilder2/config.py --output-format docs --old-distros
- Ubuntu 23.04
*This list is currently empty*
.. note::

4
documentation/ref-manual/tasks.rst
View File

@@ -726,7 +726,7 @@ tool, which you then use to modify the kernel configuration.
$ bitbake linux-yocto -c menuconfig
See the ":ref:`kernel-dev/common:using ``menuconfig```"
See the ":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
section in the Yocto Project Linux Kernel Development Manual for more
information on this configuration tool.
@@ -750,7 +750,7 @@ which can then be applied by subsequent tasks such as
Runs ``make menuconfig`` for the kernel. For information on
``menuconfig``, see the
":ref:`kernel-dev/common:using ``menuconfig```"
":ref:`kernel-dev/common:using \`\`menuconfig\`\``"
section in the Yocto Project Linux Kernel Development Manual.
.. _ref-tasks-savedefconfig:

2
documentation/ref-manual/terms.rst
View File

@@ -63,7 +63,7 @@ universal, the list includes them just in case:
This term refers to the area used by the OpenEmbedded build system for
builds. The area is created when you ``source`` the setup environment
script that is found in the Source Directory
(i.e. :ref:`ref-manual/structure:``oe-init-build-env```). The
(i.e. :ref:`ref-manual/structure:\`\`oe-init-build-env\`\``). The
:term:`TOPDIR` variable points to the :term:`Build Directory`.
You have a lot of flexibility when creating the :term:`Build Directory`.

196
documentation/ref-manual/variables.rst
View File

@@ -2243,7 +2243,7 @@ system and gives an overview of their function and contents.
resides within the :term:`Build Directory` as ``${TMPDIR}/deploy``.
For more information on the structure of the Build Directory, see
":ref:`ref-manual/structure:the build directory --- ``build/```" section.
":ref:`ref-manual/structure:the build directory --- \`\`build/\`\``" section.
For more detail on the contents of the ``deploy`` directory, see the
":ref:`overview-manual/concepts:images`",
":ref:`overview-manual/concepts:package feeds`", and
@@ -2285,7 +2285,7 @@ system and gives an overview of their function and contents.
contents of :term:`IMGDEPLOYDIR` by the :ref:`ref-classes-image` class.
For more information on the structure of the :term:`Build Directory`, see
":ref:`ref-manual/structure:the build directory --- ``build/```" section.
":ref:`ref-manual/structure:the build directory --- \`\`build/\`\``" section.
For more detail on the contents of the ``deploy`` directory, see the
":ref:`overview-manual/concepts:images`" and
":ref:`overview-manual/concepts:application development sdk`" sections both in
@@ -3339,10 +3339,6 @@ system and gives an overview of their function and contents.
This variable is used in the :ref:`ref-classes-kernel-fitimage` class.
:term:`FIT_CONF_PREFIX`
When using the :ref:`ref-classes-kernel-fitimage`, this is the prefix
used for creating FIT configuration nodes. Its default value is "conf-".
:term:`FIT_DESC`
Specifies the description string encoded into a FIT image. The
default value is set by the :ref:`ref-classes-kernel-fitimage` class as
@@ -4225,13 +4221,13 @@ system and gives an overview of their function and contents.
variable.
:term:`IMAGE_PKGTYPE`
Defines the package type (i.e. DEB, RPM or IPK) used by the
Defines the package type (i.e. DEB, RPM, IPK, or TAR) used by the
OpenEmbedded build system. The variable is defined appropriately by
one of the :ref:`ref-classes-package_deb`, :ref:`ref-classes-package_rpm`,
or :ref:`ref-classes-package_ipk` classes.
the :ref:`ref-classes-package_deb`, :ref:`ref-classes-package_rpm`,
or :ref:`ref-classes-package_ipk` class.
The :ref:`ref-classes-populate-sdk-*` and :ref:`ref-classes-image`
classes use the :term:`IMAGE_PKGTYPE` for packaging images and SDKs.
classes use the :term:`IMAGE_PKGTYPE` for packaging up images and SDKs.
You should not set the :term:`IMAGE_PKGTYPE` manually. Rather, the
variable is set indirectly through the appropriate
@@ -4240,6 +4236,12 @@ system and gives an overview of their function and contents.
OpenEmbedded build system uses the first package type (e.g. DEB, RPM,
or IPK) that appears with the variable
.. note::
Files using the ``.tar`` format are never used as a substitute
packaging format for DEB, RPM, and IPK formatted files for your image
or SDK.
:term:`IMAGE_POSTPROCESS_COMMAND`
Specifies a list of functions to call once the OpenEmbedded build
system creates the final image output files. You can specify
@@ -4297,33 +4299,9 @@ system and gives an overview of their function and contents.
IMAGE_ROOTFS_EXTRA_SPACE = "41943040"
:term:`IMAGE_ROOTFS_MAXSIZE`
Defines the maximum allowed size of the generated image in kilobytes.
The build will fail if the generated image size exceeds this value.
The generated image size undergoes several calculation steps before being
compared to :term:`IMAGE_ROOTFS_MAXSIZE`.
In the first step, the size of the directory pointed to by :term:`IMAGE_ROOTFS`
is calculated.
In the second step, the result from the first step is multiplied
by :term:`IMAGE_OVERHEAD_FACTOR`.
In the third step, the result from the second step is compared with
:term:`IMAGE_ROOTFS_SIZE`. The larger value of these is added to
:term:`IMAGE_ROOTFS_EXTRA_SPACE`.
In the fourth step, the result from the third step is checked for
a decimal part. If it has one, it is rounded up to the next integer.
If it does not, it is simply converted into an integer.
In the fifth step, the :term:`IMAGE_ROOTFS_ALIGNMENT` is added to the result
from the fourth step and "1" is subtracted.
In the sixth step, the remainder of the division between the result
from the fifth step and :term:`IMAGE_ROOTFS_ALIGNMENT` is subtracted from the
result of the fifth step. In this way, the result from the fourth step is
rounded up to the nearest multiple of :term:`IMAGE_ROOTFS_ALIGNMENT`.
Thus, if the :term:`IMAGE_ROOTFS_MAXSIZE` is set, is compared with the result
of the above calculations and is independent of the final image type.
No default value is set for :term:`IMAGE_ROOTFS_MAXSIZE`.
It's a good idea to set this variable for images that need to fit on a limited
Defines the maximum size in Kbytes for the generated image. If the
generated image size is above that, the build will fail. It's a good
idea to set this variable for images that need to fit on a limited
space (e.g. SD card, a fixed-size partition, ...).
:term:`IMAGE_ROOTFS_SIZE`
@@ -4518,23 +4496,6 @@ system and gives an overview of their function and contents.
Set the variable to "1" to prevent the default dependencies from
being added.
:term:`INHIBIT_DEFAULT_RUST_DEPS`
Prevents the :ref:`ref-classes-rust` class from automatically adding
its default build-time dependencies.
When a recipe inherits the :ref:`ref-classes-rust` class, several
tools such as ``rust-native`` and ``${RUSTLIB_DEP}`` (only added when cross-compiling) are added
to :term:`DEPENDS` to support the ``rust`` build process.
To prevent the build system from adding these dependencies automatically,
set the :term:`INHIBIT_DEFAULT_RUST_DEPS` variable as follows::
INHIBIT_DEFAULT_RUST_DEPS = "1"
By default, the value of :term:`INHIBIT_DEFAULT_RUST_DEPS` is empty. Setting
it to "0" does not disable inhibition. Only the empty string will disable
inhibition.
:term:`INHIBIT_PACKAGE_DEBUG_SPLIT`
Prevents the OpenEmbedded build system from splitting out debug
information during packaging. By default, the build system splits out
@@ -4581,25 +4542,6 @@ system and gives an overview of their function and contents.
even if the toolchain's binaries are strippable, there are other files
needed for the build that are not strippable.
:term:`INHIBIT_UPDATERCD_BBCLASS`
Prevents the :ref:`ref-classes-update-rc.d` class from automatically
installing and registering SysV init scripts for packages.
When a recipe inherits the :ref:`ref-classes-update-rc.d` class, init
scripts are typically installed and registered for the packages listed in
:term:`INITSCRIPT_PACKAGES`. This ensures that the relevant
services are started and stopped at the appropriate runlevels using the
traditional SysV init system.
To prevent the build system from adding these scripts and configurations
automatically, set the :term:`INHIBIT_UPDATERCD_BBCLASS` variable as follows::
INHIBIT_UPDATERCD_BBCLASS = "1"
By default, the value of :term:`INHIBIT_UPDATERCD_BBCLASS` is empty. Setting
it to "0" does not disable inhibition. Only the empty string will disable
inhibition.
:term:`INIT_MANAGER`
Specifies the system init manager to use. Available options are:
@@ -4766,20 +4708,6 @@ system and gives an overview of their function and contents.
See the :term:`MACHINE` variable for additional
information.
:term:`INITRAMFS_MAXSIZE`
Defines the maximum allowed size of the :term:`Initramfs` image in Kbytes.
The build will fail if the :term:`Initramfs` image size exceeds this value.
The :term:`Initramfs` image size undergoes several calculation steps before
being compared to :term:`INITRAMFS_MAXSIZE`.
These steps are the same as those used for :term:`IMAGE_ROOTFS_MAXSIZE`
and are described in detail in that entry.
Thus, :term:`INITRAMFS_MAXSIZE` is compared with the result of the calculations
and is independent of the final image type (e.g. compressed).
A default value for :term:`INITRAMFS_MAXSIZE` is set in
:oe_git:`meta/conf/bitbake.conf </openembedded-core/tree/meta/conf/bitbake.conf>`.
:term:`INITRAMFS_MULTICONFIG`
Defines the multiconfig to create a multiconfig dependency to be used by
the :ref:`ref-classes-kernel` class.
@@ -5016,8 +4944,15 @@ system and gives an overview of their function and contents.
options not explicitly specified will be disabled in the kernel
config.
In case :term:`KCONFIG_MODE` is not set the ``defconfig`` file
will be handled in ``allnoconfig`` mode.
In case :term:`KCONFIG_MODE` is not set the behaviour will depend on where
the ``defconfig`` file is coming from. An "in-tree" ``defconfig`` file
will be handled in ``alldefconfig`` mode, a ``defconfig`` file placed
in ``${WORKDIR}`` through a meta-layer will be handled in
``allnoconfig`` mode.
An "in-tree" ``defconfig`` file can be selected via the
:term:`KBUILD_DEFCONFIG` variable. :term:`KCONFIG_MODE` does not need to
be explicitly set.
A ``defconfig`` file compatible with ``allnoconfig`` mode can be
generated by copying the ``.config`` file from a working Linux kernel
@@ -5332,27 +5267,6 @@ system and gives an overview of their function and contents.
the :term:`KERNEL_PATH` variable. Both variables are common variables
used by external Makefiles to point to the kernel source directory.
:term:`KERNEL_SPLIT_MODULES`
When inheriting the :ref:`ref-classes-kernel-module-split` class, this
variable controls whether kernel modules are split into separate packages
or bundled into a single package.
For some use cases, a monolithic kernel module package
:term:`KERNEL_PACKAGE_NAME` that contains all modules built from the
kernel sources may be preferred to speed up the installation.
By default, this variable is set to ``1``, resulting in one package per
module. Setting it to any other value will generate a single monolithic
package containing all kernel modules.
.. note::
If :term:`KERNEL_SPLIT_MODULES` is set to 0, it is still possible to
install all kernel modules at once by adding ``kernel-modules`` (assuming
:term:`KERNEL_PACKAGE_NAME` is ``kernel-modules``) to :term:`IMAGE_INSTALL`.
The way it works is that a placeholder "kernel-modules" package will be
created and will depend on every other individual kernel module packages.
:term:`KERNEL_SRC`
The location of the kernel sources. This variable is set to the value
of the :term:`STAGING_KERNEL_DIR` within the :ref:`ref-classes-module`
@@ -6217,7 +6131,7 @@ system and gives an overview of their function and contents.
By default, no API key is used, which results in larger delays between API
requests and limits the number of queries to the public rate limits posted
at the `NVD developer's page <https://nvd.nist.gov/developers/start-here>`__.
NVD API keys can be requested through the
`Request an API Key <https://nvd.nist.gov/developers/request-an-api-key>`__
page. You can set this variable to the NVD API key in your ``local.conf`` file.
@@ -7096,7 +7010,7 @@ system and gives an overview of their function and contents.
For examples of how this data is used, see the
":ref:`overview-manual/concepts:automatically added runtime dependencies`"
section in the Yocto Project Overview and Concepts Manual and the
":ref:`dev-manual/debugging:viewing package information with ``oe-pkgdata-util```"
":ref:`dev-manual/debugging:viewing package information with \`\`oe-pkgdata-util\`\``"
section in the Yocto Project Development Tasks Manual. For more
information on the shared, global-state directory, see
:term:`STAGING_DIR_HOST`.
@@ -7150,7 +7064,7 @@ system and gives an overview of their function and contents.
the package is built, the version information can be retrieved with
``oe-pkgdata-util package-info <package name>``. See the
:ref:`dev-manual/debugging:Viewing Package Information with
``oe-pkgdata-util``` section of the Yocto Project Development Tasks
\`\`oe-pkgdata-util\`\`` section of the Yocto Project Development Tasks
Manual for more information on ``oe-pkgdata-util``.
@@ -7847,12 +7761,17 @@ system and gives an overview of their function and contents.
prefer to have a read-only root filesystem and prefer to keep
writeable data in one place.
When setting ``INIT_MANAGER = systemd``, the default will be set to::
You can override the default by setting the variable in any layer or
in the ``local.conf`` file. Because the default is set using a "weak"
assignment (i.e. "??="), you can use either of the following forms to
define your override::
ROOT_HOME = "/root"
ROOT_HOME ?= "/root"
You can also override the default by setting the variable in your distro
configuration or in the ``local.conf`` file.
These
override examples use ``/root``, which is probably the most commonly
used override.
:term:`ROOTFS`
Indicates a filesystem image to include as the root filesystem.
@@ -8827,11 +8746,6 @@ system and gives an overview of their function and contents.
section in the Yocto Project Board Support Package Developer's Guide
for additional information.
:term:`SPL_DTB_BINARY`
When inheriting the :ref:`ref-classes-uboot-sign` class, the
:term:`SPL_DTB_BINARY` variable contains the name of the SPL binary to be
compiled.
:term:`SPL_MKIMAGE_DTCOPTS`
Options for the device tree compiler passed to ``mkimage -D`` feature
while creating a FIT image with the :ref:`ref-classes-uboot-sign`
@@ -8852,7 +8766,7 @@ system and gives an overview of their function and contents.
class.
:term:`SPL_SIGN_KEYNAME`
The name of keys used by the :ref:`ref-classes-uboot-sign` class
The name of keys used by the :ref:`ref-classes-kernel-fitimage` class
for signing U-Boot FIT image stored in the :term:`SPL_SIGN_KEYDIR`
directory. If we have for example a ``dev.key`` key and a ``dev.crt``
certificate stored in the :term:`SPL_SIGN_KEYDIR` directory, you will
@@ -9116,7 +9030,7 @@ system and gives an overview of their function and contents.
The Yocto Project actually shares the cache data objects built by its
autobuilder::
SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
As such binary artifacts are built for the generic QEMU machines
supported by the various Poky releases, they are less likely to be
@@ -9140,26 +9054,6 @@ system and gives an overview of their function and contents.
For details on the process, see the :ref:`ref-classes-staging` class.
:term:`SSTATE_SKIP_CREATION`
The :term:`SSTATE_SKIP_CREATION` variable can be used to skip the
creation of :ref:`shared state <overview-manual/concepts:shared state cache>`
tarball files. It makes sense e.g. for image creation tasks as tarring images
and keeping them in sstate would consume a lot of disk space.
In general it is not recommended to use this variable as missing sstate
artefacts adversely impact the build, particularly for entries in the
middle of dependency chains. The case it can make sense is where the
size and time costs of the artefact are similar to just running the
tasks. This generally only applies to end artefact output like images.
The syntax to disable it for one task is::
SSTATE_SKIP_CREATION:task-image-complete = "1"
The syntax to disable it for the whole recipe is::
SSTATE_SKIP_CREATION = "1"
:term:`STAGING_BASE_LIBDIR_NATIVE`
Specifies the path to the ``/lib`` subdirectory of the sysroot
directory for the build host.
@@ -10510,7 +10404,7 @@ system and gives an overview of their function and contents.
UBOOT_FIT_TEE_IMAGE ?= "tee-raw.bin"
If a relative path is provided, the file is expected to be relative to
If a relative path is provided, the file is expected to be relative to
U-Boot's :term:`B` directory. An absolute path can be provided too,
e.g.::
@@ -11048,20 +10942,6 @@ system and gives an overview of their function and contents.
Specifies the timeout in seconds used by the ``watchdog-config`` recipe
and also by ``systemd`` during reboot. The default is 60 seconds.
:term:`WIC_CREATE_EXTRA_ARGS`
If the :term:`IMAGE_FSTYPES` variable contains "wic", the build
will generate a
:ref:`Wic image <dev-manual/wic:creating partitioned images using wic>`
automatically when BitBake builds an image recipe. As part of
this process BitBake will invoke the "`wic create`" command. The
:term:`WIC_CREATE_EXTRA_ARGS` variable is placed at the end of this
command which allows the user to supply additional arguments.
One such useful purpose for this mechanism is to add the ``-D`` (or
``--debug``) argument to the "`wic create`" command. This increases the
amount of debugging information written out to the Wic log during the
Wic creation process.
:term:`WIC_SECTOR_SIZE`
The variable :term:`WIC_SECTOR_SIZE` controls the sector size of Wic
images. In the background, this controls the value of the

12
documentation/test-manual/intro.rst
View File

@@ -51,11 +51,13 @@ fashion. Basically, during the development of a Yocto Project release,
the Autobuilder tests if things work. The Autobuilder builds all test
targets and runs all the tests.
The Yocto Project uses standard upstream Buildbot to drive its integration and
testing. Buildbot has a plug-in interface that the Yocto Project customizes
using code from the :yocto_git:`yocto-autobuilder2 </yocto-autobuilder2>`
repository, adding its own console UI plugin. The resulting UI plug-in allows
you to visualize builds in a way suited to the project's needs.
The Yocto Project uses now uses standard upstream
Buildbot (`version 3.8 <https://docs.buildbot.net/3.8.0/>`__) to
drive its integration and testing. Buildbot has a plug-in interface
that the Yocto Project customizes using code from the
``yocto-autobuilder2`` repository, adding its own console UI plugin. The
resulting UI plug-in allows you to visualize builds in a way suited to
the project's needs.
A ``helper`` layer provides configuration and job management through
scripts found in the ``yocto-autobuilder-helper`` repository. The

6
documentation/test-manual/understand-autobuilder.rst
View File

@@ -184,12 +184,6 @@ directory to be shared between them. This means once a Worker has built
an artifact, all the others can benefit from it. The usage of the directory
within the build system is designed for sharing over NFS.
Shared Hash Equivalence Server
------------------------------
The Workers all use the same Hash Equivalence server, through a common
definition for :term:`BB_HASHSERVE`.
Resulttool
----------

6
documentation/toaster-manual/reference.rst
View File

@@ -546,7 +546,7 @@ database.
You need to run the ``buildslist`` command first to identify existing
builds in the database before using the
:ref:`toaster-manual/reference:``builddelete``` command. Here is an
:ref:`toaster-manual/reference:\`\`builddelete\`\`` command. Here is an
example that assumes default repository and :term:`Build Directory` names:
.. code-block:: shell
@@ -555,7 +555,7 @@ example that assumes default repository and :term:`Build Directory` names:
$ python ../bitbake/lib/toaster/manage.py buildslist
If your Toaster database had only one build, the above
:ref:`toaster-manual/reference:``buildslist```
:ref:`toaster-manual/reference:\`\`buildslist\`\``
command would return something like the following::
1: qemux86 poky core-image-minimal
@@ -576,7 +576,7 @@ the database.
Prior to running the ``builddelete`` command, you need to get the ID
associated with builds by using the
:ref:`toaster-manual/reference:``buildslist``` command.
:ref:`toaster-manual/reference:\`\`buildslist\`\`` command.
``perf``
--------

2
meta-poky/conf/distro/poky.conf
View File

@@ -1,6 +1,6 @@
DISTRO = "poky"
DISTRO_NAME = "Poky (Yocto Project Reference Distro)"
DISTRO_VERSION = "5.2.3"
DISTRO_VERSION = "5.2"
DISTRO_CODENAME = "walnascar"
SDK_VENDOR = "-pokysdk"
SDK_VERSION = "${@d.getVar('DISTRO_VERSION').replace('snapshot-${METADATA_REVISION}', 'snapshot')}"

5
meta-poky/conf/templates/default/local.conf.sample
View File

@@ -240,7 +240,10 @@ BB_DISKMON_DIRS ??= "\
# Using the CDN rather than the yoctoproject.org address is suggested/preferred.
#
#BB_HASHSERVE_UPSTREAM = 'wss://hashserv.yoctoproject.org/ws'
#SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
#SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
#
###SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
#
# Qemu configuration

2
meta-yocto-bsp/conf/machine/genericarm64.conf
View File

@@ -17,8 +17,6 @@ PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
MACHINE_EXTRA_RRECOMMENDS += "kernel-modules"
# Install selected pieces of firmware
MACHINE_EXTRA_RRECOMMENDS += "linux-firmware-wl12xx linux-firmware-wl18xx linux-firmware-rtl-nic"
# increase default size since we install a lot of kernel drivers and firmware by default
INITRAMFS_MAXSIZE = "200000"
# Use an initramfs and populate it with the kernel modules and key firmware
INITRAMFS_IMAGE ?= "core-image-initramfs-boot"

20
meta/classes-global/insane.bbclass
View File

@@ -1418,6 +1418,16 @@ Rerun configure task after fixing this."""
except subprocess.CalledProcessError:
pass
# Check invalid PACKAGECONFIG
pkgconfig = (d.getVar("PACKAGECONFIG") or "").split()
if pkgconfig:
pkgconfigflags = d.getVarFlags("PACKAGECONFIG") or {}
for pconfig in pkgconfig:
if pconfig not in pkgconfigflags:
pn = d.getVar('PN')
error_msg = "%s: invalid PACKAGECONFIG: %s" % (pn, pconfig)
oe.qa.handle_error("invalid-packageconfig", error_msg, d)
oe.qa.exit_if_errors(d)
}
@@ -1465,20 +1475,10 @@ python do_recipe_qa() {
if re.search(r"git(hu|la)b\.com/.+/.+/archive/.+", url) or "//codeload.github.com/" in url:
oe.qa.handle_error("src-uri-bad", "%s: SRC_URI uses unstable GitHub/GitLab archives, convert recipe to use git protocol" % pn, d)
def test_packageconfig(pn, d):
pkgconfigs = (d.getVar("PACKAGECONFIG") or "").split()
if pkgconfigs:
pkgconfigflags = d.getVarFlags("PACKAGECONFIG") or {}
invalid_pkgconfigs = set(pkgconfigs) - set(pkgconfigflags)
if invalid_pkgconfigs:
error_msg = "%s: invalid PACKAGECONFIG(s): %s" % (pn, " ".join(sorted(invalid_pkgconfigs)))
oe.qa.handle_error("invalid-packageconfig", error_msg, d)
pn = d.getVar('PN')
test_missing_metadata(pn, d)
test_missing_maintainer(pn, d)
test_srcuri(pn, d)
test_packageconfig(pn, d)
oe.qa.exit_if_errors(d)
}

1
meta/classes-global/package_rpm.bbclass
View File

@@ -728,7 +728,6 @@ python do_package_rpm () {
# rpm 4 creates various empty directories in _topdir, let's clean them up
cleanupcmd = "rm -rf %s/BUILDROOT %s/SOURCES %s/SPECS %s/SRPMS" % (workdir, workdir, workdir, workdir)
cleanupcmd += " %s/%s-build" % (d.getVar('B'), d.getVar('P'))
# Build the rpm package!
d.setVar('BUILDSPEC', cmd + "\n" + cleanupcmd + "\n")

22
meta/classes-global/sstate.bbclass
View File

@@ -726,6 +726,7 @@ def pstaging_fetch(sstatefetch, d):
localdata = bb.data.createCopy(d)
dldir = localdata.expand("${SSTATE_DIR}")
bb.utils.mkdirhier(dldir)
localdata.delVar('MIRRORS')
localdata.setVar('FILESPATH', dldir)
@@ -745,19 +746,16 @@ def pstaging_fetch(sstatefetch, d):
if bb.utils.to_boolean(d.getVar("SSTATE_VERIFY_SIG"), False):
uris += ['file://{0}.sig;downloadfilename={0}.sig'.format(sstatefetch)]
with bb.utils.umask(0o002):
bb.utils.mkdirhier(dldir)
for srcuri in uris:
localdata.delVar('SRC_URI')
localdata.setVar('SRC_URI', srcuri)
try:
fetcher = bb.fetch2.Fetch([srcuri], localdata, cache=False)
fetcher.checkstatus()
fetcher.download()
for srcuri in uris:
localdata.delVar('SRC_URI')
localdata.setVar('SRC_URI', srcuri)
try:
fetcher = bb.fetch2.Fetch([srcuri], localdata, cache=False)
fetcher.checkstatus()
fetcher.download()
except bb.fetch2.BBFetchException:
pass
except bb.fetch2.BBFetchException:
pass
def sstate_setscene(d):
shared_state = sstate_state_fromvars(d)

1
meta/classes-recipe/module.bbclass
View File

@@ -65,7 +65,6 @@ module_do_install() {
CC="${KERNEL_CC}" LD="${KERNEL_LD}" OBJCOPY="${KERNEL_OBJCOPY}" \
STRIP="${KERNEL_STRIP}" \
O=${STAGING_KERNEL_BUILDDIR} \
KBUILD_EXTRA_SYMBOLS="${KBUILD_EXTRA_SYMBOLS}" \
${MODULES_INSTALL_TARGET}
if [ ! -e "${B}/${MODULES_MODULE_SYMVERS_LOCATION}/Module.symvers" ] ; then

11
meta/classes-recipe/systemd.bbclass
View File

@@ -224,8 +224,6 @@ python systemd_populate_packages() {
service, pkg_systemd, "Also looked for service unit '{0}'.".format(base) if base is not None else ""))
def systemd_create_presets(pkg, action, user):
import re
# Check there is at least one service of given type (system/user), don't
# create empty files.
needs_preset = False
@@ -241,17 +239,10 @@ python systemd_populate_packages() {
presetf = oe.path.join(d.getVar("PKGD"), d.getVar("systemd_unitdir"), "%s-preset/98-%s.preset" % (prefix, pkg))
bb.utils.mkdirhier(os.path.dirname(presetf))
with open(presetf, 'a') as fd:
template_services = {}
for service in d.getVar('SYSTEMD_SERVICE:%s' % pkg).split():
if not systemd_service_exists(service, user, d):
continue
if '@' in service and '@.' not in service:
(servicename, instance, service_type) = re.split('[@.]', service)
template_services.setdefault(servicename + '@.' + service_type, []).append(instance)
else:
fd.write("%s %s\n" % (action,service))
for template, instances in template_services.items():
fd.write("%s %s %s\n" % (action, template, ' '.join(instances)))
fd.write("%s %s\n" % (action,service))
d.appendVar("FILES:%s" % pkg, ' ' + oe.path.join(d.getVar("systemd_unitdir"), "%s-preset/98-%s.preset" % (prefix, pkg)))
# Run all modifications once when creating package

4
meta/classes-recipe/testimage.bbclass
View File

@@ -26,9 +26,7 @@ TESTIMAGE_FAILED_QA_ARTIFACTS = "\
${localstatedir}/log \
${localstatedir}/volatile/log \
${sysconfdir}/version \
${sysconfdir}/os-release \
${nonarch_libdir}/os-release \
"
${sysconfdir}/os-release"
# If some ptests are run and fail, retrieve corresponding directories
TESTIMAGE_FAILED_QA_ARTIFACTS += "${@bb.utils.contains('DISTRO_FEATURES', 'ptest', '${libdir}/*/ptest', '', d)}"

3
meta/conf/distro/include/maintainers.inc
View File

@@ -194,7 +194,7 @@ RECIPE_MAINTAINER:pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r
RECIPE_MAINTAINER:pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gcc-source-14.3.0 = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gcc-source-14.2.0 = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gconf = "Ross Burton <ross.burton@arm.com>"
RECIPE_MAINTAINER:pn-gcr = "Unassigned <unassigned@yoctoproject.org>"
RECIPE_MAINTAINER:pn-gdb = "Khem Raj <raj.khem@gmail.com>"
@@ -215,6 +215,7 @@ RECIPE_MAINTAINER:pn-glibc = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-glibc-locale = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-glibc-mtrace = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-glibc-scripts = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-glibc-y2038-tests = "Lukasz Majewski <lukma@denx.de>"
RECIPE_MAINTAINER:pn-glibc-testsuite = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-gmp = "Khem Raj <raj.khem@gmail.com>"
RECIPE_MAINTAINER:pn-glslang = "Jose Quaresma <quaresma.jose@gmail.com>"

2
meta/conf/distro/include/ptest-packagelists.inc
View File

@@ -86,6 +86,8 @@ PTESTS_FAST = "\
xz \
zlib \
"
PTESTS_FAST:append:libc-glibc = " glibc-y2038-tests"
PTESTS_PROBLEMS:remove:libc-glibc = "glibc-y2038-tests"
PTESTS_FAST:remove:mips64 = "qemu"
PTESTS_PROBLEMS:append:mips64 = " qemu"
PTESTS_FAST:remove:riscv32 = "qemu"

2
meta/conf/distro/include/time64.inc
View File

@@ -20,6 +20,7 @@ TARGET_CC_ARCH:append:powerpc = "${@bb.utils.contains('TUNE_FEATURES', 'm32', '$
TARGET_CC_ARCH:append:x86 = "${@bb.utils.contains('TUNE_FEATURES', 'm32', '${GLIBC_64BIT_TIME_FLAGS}', '', d)}"
GLIBC_64BIT_TIME_FLAGS:pn-glibc = ""
GLIBC_64BIT_TIME_FLAGS:pn-glibc-y2038-tests = ""
GLIBC_64BIT_TIME_FLAGS:pn-glibc-testsuite = ""
# pipewire-v4l2 explicitly sets _FILE_OFFSET_BITS=32 to get access to
# both 32 and 64 bit file APIs. But it does not handle the time side?
@@ -32,6 +33,7 @@ GLIBC_64BIT_TIME_FLAGS:pn-gcc-sanitizers = ""
# Caused by the flags exceptions above
INSANE_SKIP:append:pn-gcc-sanitizers = " 32bit-time"
INSANE_SKIP:append:pn-glibc = " 32bit-time"
INSANE_SKIP:append:pn-glibc-y2038-tests = " 32bit-time"
# Strace has tests that call 32 bit API directly, which is fair enough, e.g.
# /usr/lib/strace/ptest/tests/ioctl_termios uses 32-bit api 'ioctl'

5
meta/conf/machine/include/arm/armv8r/tune-cortexr52.inc
View File

@@ -10,10 +10,11 @@ require conf/machine/include/arm/arch-armv8r.inc
AVAILTUNES += "cortexr52"
ARMPKGARCH:tune-cortexr52 = "cortexr52"
TUNE_FEATURES:tune-cortexr52 = "${TUNE_FEATURES:tune-armv8r-crc-simd} cortexr52"
# We do not want -march since -mcpu is added above to cover for it
TUNE_FEATURES:tune-cortexr52 = "aarch64 crc simd cortexr52"
PACKAGE_EXTRA_ARCHS:tune-cortexr52 = "${PACKAGE_EXTRA_ARCHS:tune-armv8r-crc-simd} cortexr52"
AVAILTUNES += "cortexr52hf"
ARMPKGARCH:tune-cortexr52hf = "cortexr52hf"
ARMPKGARCH:tune-cortexr52hf = "cortexr52"
TUNE_FEATURES:tune-cortexr52hf = "${TUNE_FEATURES:tune-cortexr52} callconvention-hard"
PACKAGE_EXTRA_ARCHS:tune-cortexr52hf = "cortexr52hf"

14
meta/lib/oe/patch.py
View File

@@ -462,23 +462,21 @@ class GitApplyTree(PatchTree):
return (tmpfile, cmd)
@staticmethod
def addNote(repo, ref, key, value=None, commituser=None, commitemail=None):
def addNote(repo, ref, key, value=None):
note = key + (": %s" % value if value else "")
notes_ref = GitApplyTree.notes_ref
runcmd(["git", "config", "notes.rewriteMode", "ignore"], repo)
runcmd(["git", "config", "notes.displayRef", notes_ref, notes_ref], repo)
runcmd(["git", "config", "notes.rewriteRef", notes_ref, notes_ref], repo)
cmd = ["git"]
GitApplyTree.gitCommandUserOptions(cmd, commituser, commitemail)
runcmd(cmd + ["notes", "--ref", notes_ref, "append", "-m", note, ref], repo)
runcmd(["git", "notes", "--ref", notes_ref, "append", "-m", note, ref], repo)
@staticmethod
def removeNote(repo, ref, key, commituser=None, commitemail=None):
def removeNote(repo, ref, key):
notes = GitApplyTree.getNotes(repo, ref)
notes = {k: v for k, v in notes.items() if k != key and not k.startswith(key + ":")}
runcmd(["git", "notes", "--ref", GitApplyTree.notes_ref, "remove", "--ignore-missing", ref], repo)
for note, value in notes.items():
GitApplyTree.addNote(repo, ref, note, value, commituser, commitemail)
GitApplyTree.addNote(repo, ref, note, value)
@staticmethod
def getNotes(repo, ref):
@@ -509,7 +507,7 @@ class GitApplyTree(PatchTree):
GitApplyTree.gitCommandUserOptions(cmd, d=d)
cmd += ["commit", "-m", subject, "--no-verify"]
runcmd(cmd, dir)
GitApplyTree.addNote(dir, "HEAD", GitApplyTree.ignore_commit, d.getVar('PATCH_GIT_USER_NAME'), d.getVar('PATCH_GIT_USER_EMAIL'))
GitApplyTree.addNote(dir, "HEAD", GitApplyTree.ignore_commit)
@staticmethod
def extractPatches(tree, startcommits, outdir, paths=None):
@@ -656,7 +654,7 @@ class GitApplyTree(PatchTree):
raise
finally:
if patch_applied:
GitApplyTree.addNote(self.dir, "HEAD", GitApplyTree.original_patch, os.path.basename(patch['file']), self.commituser, self.commitemail)
GitApplyTree.addNote(self.dir, "HEAD", GitApplyTree.original_patch, os.path.basename(patch['file']))
class QuiltTree(PatchSet):

105
meta/lib/oeqa/selftest/cases/sstatetests.py
View File

@@ -27,15 +27,17 @@ class SStateBase(OESelftestTestCase):
def setUpLocal(self):
super(SStateBase, self).setUpLocal()
self.temp_sstate_location = None
needed_vars = ['SSTATE_DIR', 'TCLIBC', 'TUNE_ARCH',
needed_vars = ['SSTATE_DIR', 'NATIVELSBSTRING', 'TCLIBC', 'TUNE_ARCH',
'TOPDIR', 'TARGET_VENDOR', 'TARGET_OS']
bb_vars = get_bb_vars(needed_vars)
self.sstate_path = bb_vars['SSTATE_DIR']
self.hostdistro = bb_vars['NATIVELSBSTRING']
self.tclibc = bb_vars['TCLIBC']
self.tune_arch = bb_vars['TUNE_ARCH']
self.topdir = bb_vars['TOPDIR']
self.target_vendor = bb_vars['TARGET_VENDOR']
self.target_os = bb_vars['TARGET_OS']
self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
def track_for_cleanup(self, path):
if not keep_temp_files:
@@ -50,7 +52,10 @@ class SStateBase(OESelftestTestCase):
config_temp_sstate = "SSTATE_DIR = \"%s\"" % temp_sstate_path
self.append_config(config_temp_sstate)
self.track_for_cleanup(temp_sstate_path)
self.sstate_path = get_bb_var('SSTATE_DIR')
bb_vars = get_bb_vars(['SSTATE_DIR', 'NATIVELSBSTRING'])
self.sstate_path = bb_vars['SSTATE_DIR']
self.hostdistro = bb_vars['NATIVELSBSTRING']
self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
if add_local_mirrors:
config_set_sstate_if_not_set = 'SSTATE_MIRRORS ?= ""'
@@ -60,16 +65,8 @@ class SStateBase(OESelftestTestCase):
config_sstate_mirror = "SSTATE_MIRRORS += \"file://.* file:///%s/PATH\"" % local_mirror
self.append_config(config_sstate_mirror)
def set_hostdistro(self):
# This needs to be read after a BuildStarted event in case it gets changed by event
# handling in uninative.bbclass
self.hostdistro = get_bb_var('NATIVELSBSTRING')
self.distro_specific_sstate = os.path.join(self.sstate_path, self.hostdistro)
# Returns a list containing sstate files
def search_sstate(self, filename_regex, distro_specific=True, distro_nonspecific=True):
self.set_hostdistro()
result = []
for root, dirs, files in os.walk(self.sstate_path):
if distro_specific and re.search(r"%s/%s/[a-z0-9]{2}/[a-z0-9]{2}$" % (self.sstate_path, self.hostdistro), root):
@@ -83,43 +80,55 @@ class SStateBase(OESelftestTestCase):
return result
# Test sstate files creation and their location and directory perms
def run_test_sstate_creation(self, targets, hostdistro_specific):
self.config_sstate(True, [self.sstate_path])
def run_test_sstate_creation(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True, should_pass=True):
self.config_sstate(temp_sstate_location, [self.sstate_path])
bitbake(['-cclean'] + targets)
# Set it to a umask we know will be 'wrong'
with bb.utils.umask(0o022):
bitbake(targets)
# Distro specific files
distro_specific_files = self.search_sstate('|'.join(map(str, targets)), True, False)
# Distro non-specific
distro_non_specific_files = []
results = self.search_sstate('|'.join(map(str, targets)), False, True)
for r in results:
if r.endswith(("_populate_lic.tar.zst", "_populate_lic.tar.zst.siginfo", "_fetch.tar.zst.siginfo", "_unpack.tar.zst.siginfo", "_patch.tar.zst.siginfo")):
continue
distro_non_specific_files.append(r)
if hostdistro_specific:
self.assertTrue(distro_specific_files , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
self.assertFalse(distro_non_specific_files, msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(distro_non_specific_files)))
if self.temp_sstate_location:
bitbake(['-cclean'] + targets)
else:
self.assertTrue(distro_non_specific_files , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
self.assertFalse(distro_specific_files, msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(distro_specific_files)))
bitbake(['-ccleansstate'] + targets)
# We need to test that the env umask have does not effect sstate directory creation
# So, first, we'll get the current umask and set it to something we know incorrect
# See: sstate_task_postfunc for correct umask of os.umask(0o002)
import os
def current_umask():
current_umask = os.umask(0)
os.umask(current_umask)
return current_umask
orig_umask = current_umask()
# Set it to a umask we know will be 'wrong'
os.umask(0o022)
bitbake(targets)
file_tracker = []
results = self.search_sstate('|'.join(map(str, targets)), distro_specific, distro_nonspecific)
if distro_nonspecific:
for r in results:
if r.endswith(("_populate_lic.tar.zst", "_populate_lic.tar.zst.siginfo", "_fetch.tar.zst.siginfo", "_unpack.tar.zst.siginfo", "_patch.tar.zst.siginfo")):
continue
file_tracker.append(r)
else:
file_tracker = results
if should_pass:
self.assertTrue(file_tracker , msg="Could not find sstate files for: %s" % ', '.join(map(str, targets)))
else:
self.assertTrue(not file_tracker , msg="Found sstate files in the wrong place for: %s (found %s)" % (', '.join(map(str, targets)), str(file_tracker)))
# Now we'll walk the tree to check the mode and see if things are incorrect.
badperms = []
for root, dirs, files in os.walk(self.sstate_path):
for directory in dirs:
mode = os.stat(os.path.join(root, directory)).st_mode & 0o777
if mode != 0o775:
badperms.append("%s: %s vs %s" % (os.path.join(root, directory), mode, 0o775))
if (os.stat(os.path.join(root, directory)).st_mode & 0o777) != 0o775:
badperms.append(os.path.join(root, directory))
# Check badperms is empty
self.assertFalse(badperms , msg="Found sstate directories with the wrong permissions: %s (found %s)" % (', '.join(map(str, targets)), str(badperms)))
# Return to original umask
os.umask(orig_umask)
if should_pass:
self.assertTrue(badperms , msg="Found sstate directories with the wrong permissions: %s (found %s)" % (', '.join(map(str, targets)), str(badperms)))
# Test the sstate files deletion part of the do_cleansstate task
def run_test_cleansstate_task(self, targets, distro_specific=True, distro_nonspecific=True, temp_sstate_location=True):
@@ -144,8 +153,6 @@ class SStateBase(OESelftestTestCase):
bitbake(['-ccleansstate'] + targets)
self.set_hostdistro()
bitbake(targets)
results = self.search_sstate('|'.join(map(str, [s + r'.*?\.tar.zst$' for s in targets])), distro_specific=False, distro_nonspecific=True)
filtered_results = []
@@ -244,11 +251,17 @@ class SStateTests(SStateBase):
bitbake("dbus-wait-test -c unpack")
class SStateCreation(SStateBase):
def test_sstate_creation_distro_specific(self):
self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], hostdistro_specific=True)
def test_sstate_creation_distro_specific_pass(self):
self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], distro_specific=True, distro_nonspecific=False, temp_sstate_location=True)
def test_sstate_creation_distro_nonspecific(self):
self.run_test_sstate_creation(['linux-libc-headers'], hostdistro_specific=False)
def test_sstate_creation_distro_specific_fail(self):
self.run_test_sstate_creation(['binutils-cross-'+ self.tune_arch, 'binutils-native'], distro_specific=False, distro_nonspecific=True, temp_sstate_location=True, should_pass=False)
def test_sstate_creation_distro_nonspecific_pass(self):
self.run_test_sstate_creation(['linux-libc-headers'], distro_specific=False, distro_nonspecific=True, temp_sstate_location=True)
def test_sstate_creation_distro_nonspecific_fail(self):
self.run_test_sstate_creation(['linux-libc-headers'], distro_specific=True, distro_nonspecific=False, temp_sstate_location=True, should_pass=False)
class SStateCleanup(SStateBase):
def test_cleansstate_task_distro_specific_nonspecific(self):
@@ -959,7 +972,7 @@ class SStateMirrors(SStateCheckObjectPresence):
self.append_config("""
MACHINE = "{}"
BB_HASHSERVE_UPSTREAM = "hashserv.yoctoproject.org:8686"
SSTATE_MIRRORS ?= "file://.* http://sstate.yoctoproject.org/all/PATH;downloadfilename=PATH"
SSTATE_MIRRORS ?= "file://.* http://cdn.jsdelivr.net/yocto/sstate/all/PATH;downloadfilename=PATH"
""".format(machine))
else:
self.append_config("""

2
meta/recipes-connectivity/avahi/avahi_0.8.bb
View File

@@ -35,8 +35,6 @@ SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
file://CVE-2023-38471-2.patch \
file://CVE-2023-38472.patch \
file://CVE-2023-38473.patch \
file://CVE-2024-52616.patch \
file://CVE-2024-52615.patch \
"
GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"

228
meta/recipes-connectivity/avahi/files/CVE-2024-52615.patch
View File

@@ -1,228 +0,0 @@
From 4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 27 Nov 2024 18:07:32 +0100
Subject: [PATCH] core/wide-area: fix for CVE-2024-52615
CVE: CVE-2024-52615
Upstream-Status: Backport [https://github.com/avahi/avahi/commit/4e2e1ea0908d7e6ad7f38ae04fdcdf2411f8b942]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
avahi-core/wide-area.c | 128 ++++++++++++++++++++++-------------------
1 file changed, 69 insertions(+), 59 deletions(-)
diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
index 00a15056e..06df7afc6 100644
--- a/avahi-core/wide-area.c
+++ b/avahi-core/wide-area.c
@@ -81,6 +81,10 @@ struct AvahiWideAreaLookup {
AvahiAddress dns_server_used;
+ int fd;
+ AvahiWatch *watch;
+ AvahiProtocol proto;
+
AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, lookups);
AVAHI_LLIST_FIELDS(AvahiWideAreaLookup, by_key);
};
@@ -88,9 +92,6 @@ struct AvahiWideAreaLookup {
struct AvahiWideAreaLookupEngine {
AvahiServer *server;
- int fd_ipv4, fd_ipv6;
- AvahiWatch *watch_ipv4, *watch_ipv6;
-
/* Cache */
AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
AvahiHashmap *cache_by_key;
@@ -125,35 +126,67 @@ static AvahiWideAreaLookup* find_lookup(AvahiWideAreaLookupEngine *e, uint16_t i
return l;
}
+static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata);
+
static int send_to_dns_server(AvahiWideAreaLookup *l, AvahiDnsPacket *p) {
+ AvahiWideAreaLookupEngine *e;
AvahiAddress *a;
+ AvahiServer *s;
+ AvahiWatch *w;
+ int r;
assert(l);
assert(p);
- if (l->engine->n_dns_servers <= 0)
+ e = l->engine;
+ assert(e);
+
+ s = e->server;
+ assert(s);
+
+ if (e->n_dns_servers <= 0)
return -1;
- assert(l->engine->current_dns_server < l->engine->n_dns_servers);
+ assert(e->current_dns_server < e->n_dns_servers);
- a = &l->engine->dns_servers[l->engine->current_dns_server];
+ a = &e->dns_servers[e->current_dns_server];
l->dns_server_used = *a;
- if (a->proto == AVAHI_PROTO_INET) {
+ if (l->fd >= 0) {
+ /* We are reusing lookup object and sending packet to another server so let's cleanup before we establish connection to new server. */
+ s->poll_api->watch_free(l->watch);
+ l->watch = NULL;
- if (l->engine->fd_ipv4 < 0)
- return -1;
+ close(l->fd);
+ l->fd = -EBADF;
+ }
- return avahi_send_dns_packet_ipv4(l->engine->fd_ipv4, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT);
+ assert(a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6);
- } else {
- assert(a->proto == AVAHI_PROTO_INET6);
+ if (a->proto == AVAHI_PROTO_INET)
+ r = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
+ else
+ r = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
- if (l->engine->fd_ipv6 < 0)
- return -1;
+ if (r < 0) {
+ avahi_log_error(__FILE__ ": Failed to create socket for wide area lookup");
+ return -1;
+ }
- return avahi_send_dns_packet_ipv6(l->engine->fd_ipv6, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
+ w = s->poll_api->watch_new(s->poll_api, r, AVAHI_WATCH_IN, socket_event, l);
+ if (!w) {
+ close(r);
+ avahi_log_error(__FILE__ ": Failed to create socket watch for wide area lookup");
+ return -1;
}
+
+ l->fd = r;
+ l->watch = w;
+ l->proto = a->proto;
+
+ return a->proto == AVAHI_PROTO_INET ?
+ avahi_send_dns_packet_ipv4(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv4, AVAHI_DNS_PORT):
+ avahi_send_dns_packet_ipv6(l->fd, AVAHI_IF_UNSPEC, p, NULL, &a->data.ipv6, AVAHI_DNS_PORT);
}
static void next_dns_server(AvahiWideAreaLookupEngine *e) {
@@ -246,6 +279,9 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
l->dead = 0;
l->key = avahi_key_ref(key);
l->cname_key = avahi_key_new_cname(l->key);
+ l->fd = -EBADF;
+ l->watch = NULL;
+ l->proto = AVAHI_PROTO_UNSPEC;
l->callback = callback;
l->userdata = userdata;
@@ -314,6 +350,12 @@ static void lookup_destroy(AvahiWideAreaLookup *l) {
if (l->cname_key)
avahi_key_unref(l->cname_key);
+ if (l->watch)
+ l->engine->server->poll_api->watch_free(l->watch);
+
+ if (l->fd >= 0)
+ close(l->fd);
+
avahi_free(l);
}
@@ -572,14 +614,20 @@ static void handle_packet(AvahiWideAreaLookupEngine *e, AvahiDnsPacket *p) {
}
static void socket_event(AVAHI_GCC_UNUSED AvahiWatch *w, int fd, AVAHI_GCC_UNUSED AvahiWatchEvent events, void *userdata) {
- AvahiWideAreaLookupEngine *e = userdata;
+ AvahiWideAreaLookup *l = userdata;
+ AvahiWideAreaLookupEngine *e = l->engine;
AvahiDnsPacket *p = NULL;
- if (fd == e->fd_ipv4)
- p = avahi_recv_dns_packet_ipv4(e->fd_ipv4, NULL, NULL, NULL, NULL, NULL);
+ assert(l);
+ assert(e);
+ assert(l->fd == fd);
+
+ if (l->proto == AVAHI_PROTO_INET)
+ p = avahi_recv_dns_packet_ipv4(l->fd, NULL, NULL, NULL, NULL, NULL);
else {
- assert(fd == e->fd_ipv6);
- p = avahi_recv_dns_packet_ipv6(e->fd_ipv6, NULL, NULL, NULL, NULL, NULL);
+ assert(l->proto == AVAHI_PROTO_INET6);
+
+ p = avahi_recv_dns_packet_ipv6(l->fd, NULL, NULL, NULL, NULL, NULL);
}
if (p) {
@@ -598,32 +646,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
e->server = s;
e->cleanup_dead = 0;
- /* Create sockets */
- e->fd_ipv4 = s->config.use_ipv4 ? avahi_open_unicast_socket_ipv4() : -1;
- e->fd_ipv6 = s->config.use_ipv6 ? avahi_open_unicast_socket_ipv6() : -1;
-
- if (e->fd_ipv4 < 0 && e->fd_ipv6 < 0) {
- avahi_log_error(__FILE__": Failed to create wide area sockets: %s", strerror(errno));
-
- if (e->fd_ipv6 >= 0)
- close(e->fd_ipv6);
-
- if (e->fd_ipv4 >= 0)
- close(e->fd_ipv4);
-
- avahi_free(e);
- return NULL;
- }
-
- /* Create watches */
-
- e->watch_ipv4 = e->watch_ipv6 = NULL;
-
- if (e->fd_ipv4 >= 0)
- e->watch_ipv4 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv4, AVAHI_WATCH_IN, socket_event, e);
- if (e->fd_ipv6 >= 0)
- e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
-
e->n_dns_servers = e->current_dns_server = 0;
/* Initialize cache */
@@ -651,18 +673,6 @@ void avahi_wide_area_engine_free(AvahiWideAreaLookupEngine *e) {
avahi_hashmap_free(e->lookups_by_id);
avahi_hashmap_free(e->lookups_by_key);
- if (e->watch_ipv4)
- e->server->poll_api->watch_free(e->watch_ipv4);
-
- if (e->watch_ipv6)
- e->server->poll_api->watch_free(e->watch_ipv6);
-
- if (e->fd_ipv6 >= 0)
- close(e->fd_ipv6);
-
- if (e->fd_ipv4 >= 0)
- close(e->fd_ipv4);
-
avahi_free(e);
}
@@ -680,7 +690,7 @@ void avahi_wide_area_set_servers(AvahiWideAreaLookupEngine *e, const AvahiAddres
if (a) {
for (e->n_dns_servers = 0; n > 0 && e->n_dns_servers < AVAHI_WIDE_AREA_SERVERS_MAX; a++, n--)
- if ((a->proto == AVAHI_PROTO_INET && e->fd_ipv4 >= 0) || (a->proto == AVAHI_PROTO_INET6 && e->fd_ipv6 >= 0))
+ if (a->proto == AVAHI_PROTO_INET || a->proto == AVAHI_PROTO_INET6)
e->dns_servers[e->n_dns_servers++] = *a;
} else {
assert(n == 0);

104
meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch
View File

@@ -1,104 +0,0 @@
From f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 11 Nov 2024 00:56:09 +0100
Subject: [PATCH] Properly randomize query id of DNS packets
CVE: CVE-2024-52616
Upstream-Status: Backport [https://github.com/avahi/avahi/commit/f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
avahi-core/wide-area.c | 36 ++++++++++++++++++++++++++++--------
configure.ac | 3 ++-
2 files changed, 30 insertions(+), 9 deletions(-)
diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
index 971f5e714..00a15056e 100644
--- a/avahi-core/wide-area.c
+++ b/avahi-core/wide-area.c
@@ -40,6 +40,13 @@
#include "addr-util.h"
#include "rr-util.h"
+#ifdef HAVE_SYS_RANDOM_H
+#include <sys/random.h>
+#endif
+#ifndef HAVE_GETRANDOM
+# define getrandom(d, len, flags) (-1)
+#endif
+
#define CACHE_ENTRIES_MAX 500
typedef struct AvahiWideAreaCacheEntry AvahiWideAreaCacheEntry;
@@ -84,8 +91,6 @@ struct AvahiWideAreaLookupEngine {
int fd_ipv4, fd_ipv6;
AvahiWatch *watch_ipv4, *watch_ipv6;
- uint16_t next_id;
-
/* Cache */
AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
AvahiHashmap *cache_by_key;
@@ -201,6 +206,26 @@ static void sender_timeout_callback(AvahiTimeEvent *e, void *userdata) {
avahi_time_event_update(e, avahi_elapse_time(&tv, 1000, 0));
}
+static uint16_t get_random_uint16(void) {
+ uint16_t next_id;
+
+ if (getrandom(&next_id, sizeof(next_id), 0) == -1)
+ next_id = (uint16_t) rand();
+ return next_id;
+}
+
+static uint16_t avahi_wide_area_next_id(AvahiWideAreaLookupEngine *e) {
+ uint16_t next_id;
+
+ next_id = get_random_uint16();
+ while (find_lookup(e, next_id)) {
+ /* This ID is already used, get new. */
+ next_id = get_random_uint16();
+ }
+ return next_id;
+}
+
+
AvahiWideAreaLookup *avahi_wide_area_lookup_new(
AvahiWideAreaLookupEngine *e,
AvahiKey *key,
@@ -227,11 +252,7 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
/* If more than 65K wide area quries are issued simultaneously,
* this will break. This should be limited by some higher level */
- for (;; e->next_id++)
- if (!find_lookup(e, e->next_id))
- break; /* This ID is not yet used. */
-
- l->id = e->next_id++;
+ l->id = avahi_wide_area_next_id(e);
/* We keep the packet around in case we need to repeat our query */
l->packet = avahi_dns_packet_new(0);
@@ -604,7 +625,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
e->n_dns_servers = e->current_dns_server = 0;
- e->next_id = (uint16_t) rand();
/* Initialize cache */
AVAHI_LLIST_HEAD_INIT(AvahiWideAreaCacheEntry, e->cache);
diff --git a/configure.ac b/configure.ac
index a3211b80e..31bce3d76 100644
--- a/configure.ac
+++ b/configure.ac
@@ -367,7 +367,8 @@ AC_FUNC_SELECT_ARGTYPES
# whether libc's malloc does too. (Same for realloc.)
#AC_FUNC_MALLOC
#AC_FUNC_REALLOC
-AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname])
+AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname getrandom])
+AC_CHECK_HEADERS([sys/random.h])
AC_FUNC_CHOWN
AC_FUNC_STAT

2
meta/recipes-connectivity/bind/bind/0001-avoid-start-failure-with-bind-user.patch
View File

@@ -1,4 +1,4 @@
From c70f74164bea8a8c54c03becffb2f21103dd1f31 Mon Sep 17 00:00:00 2001
From 0a45935f9d1207535f83df62ed52f358ed546bbe Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Mon, 15 Oct 2018 16:55:09 +0800
Subject: [PATCH] avoid start failure with bind user

4
meta/recipes-connectivity/bind/bind/0001-named-lwresd-V-and-start-log-hide-build-options.patch
View File

@@ -1,4 +1,4 @@
From 0dd67d85705cbcfa9a2759c46f3cdf3d0d6375de Mon Sep 17 00:00:00 2001
From dd484b0bd58832fc241afdc8ea05693228348353 Mon Sep 17 00:00:00 2001
From: Hongxu Jia <hongxu.jia@windriver.com>
Date: Mon, 27 Aug 2018 21:24:20 +0800
Subject: [PATCH] `named/lwresd -V' and start log hide build options
@@ -20,7 +20,7 @@ Signed-off-by: Armin Kuster <akuster@mvista.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index f9cf4a4..0ce3d26 100644
index 13f9d7f..6516d0d 100644
--- a/configure.ac
+++ b/configure.ac
@@ -35,7 +35,7 @@ AC_DEFINE([PACKAGE_VERSION_EXTRA], ["][bind_VERSION_EXTRA]["], [BIND 9 Extra par

4
meta/recipes-connectivity/bind/bind/bind-ensure-searching-for-json-headers-searches-sysr.patch
View File

@@ -1,4 +1,4 @@
From 8c9c817933eef20328f10237bbd964580db0a3ad Mon Sep 17 00:00:00 2001
From 9a06dbf831f012c6019237527d2bf1aa7a3a543a Mon Sep 17 00:00:00 2001
From: Paul Gortmaker <paul.gortmaker@windriver.com>
Date: Tue, 9 Jun 2015 11:22:00 -0400
Subject: [PATCH] bind: ensure searching for json headers searches sysroot
@@ -32,7 +32,7 @@ Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 334b551..f9cf4a4 100644
index 168a77a..13f9d7f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -863,7 +863,7 @@ AS_CASE([$with_lmdb],

2
meta/recipes-connectivity/bind/bind/conf.patch
View File

@@ -1,4 +1,4 @@
From 83a892af19bf1455ce7132350332ed6d7f1e2b94 Mon Sep 17 00:00:00 2001
From 27d1113a4c378583e0fcff91d70256bdcd78de0b Mon Sep 17 00:00:00 2001
From: Qing He <qing.he@intel.com>
Date: Tue, 30 Nov 2010 13:35:42 +0800
Subject: [PATCH] bind: add new recipe

2
meta/recipes-connectivity/bind/bind/init.d-add-support-for-read-only-rootfs.patch
View File

@@ -1,4 +1,4 @@
From 1393cbf6b0084128fdfc9b5afb3bcc307265d094 Mon Sep 17 00:00:00 2001
From 1fa4d0eb9631771bd751f04ce898433580996e5e Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Thu, 27 Mar 2014 02:34:41 +0000
Subject: [PATCH] init.d: add support for read-only rootfs

2
meta/recipes-connectivity/bind/bind/make-etc-initd-bind-stop-work.patch
View File

@@ -1,4 +1,4 @@
From ce06506bb3fe661e03161af3a603bd228590a254 Mon Sep 17 00:00:00 2001
From 2ea2e4e502e5840d52e76461e071882cc65f1766 Mon Sep 17 00:00:00 2001
From: Roy Li <rongqing.li@windriver.com>
Date: Thu, 15 Nov 2012 02:27:54 +0000
Subject: [PATCH] bind: make "/etc/init.d/bind stop" work

2
meta/recipes-connectivity/bind/bind_9.20.11.bb → meta/recipes-connectivity/bind/bind_9.20.6.bb
View File

@@ -20,7 +20,7 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \
file://0001-avoid-start-failure-with-bind-user.patch \
"
SRC_URI[sha256sum] = "4da2d532e668bc21e883f6e6d9d3d81794d9ec60b181530385649a56f46ee17a"
SRC_URI[sha256sum] = "ed7f54b44f84a7201a2fa7a949f3021ea568529bfad90fca664fd55c05104134"
UPSTREAM_CHECK_URI = "https://ftp.isc.org/isc/bind9/"
# follow the ESV versions divisible by 2

8
meta/recipes-connectivity/bluez5/bluez5_5.79.bb
View File

@@ -32,9 +32,6 @@ NOINST_TOOLS_TESTING ?= " \
tools/rfcomm-tester \
tools/bnep-tester \
tools/userchan-tester \
tools/iso-tester \
tools/mesh-tester \
tools/ioctl-tester \
"
# noinst programs in Makefile.tools that are conditional on TOOLS
@@ -49,7 +46,6 @@ NOINST_TOOLS_BT ?= " \
tools/hcieventmask \
tools/hcisecfilter \
tools/btinfo \
tools/btconfig \
tools/btsnoop \
tools/btproxy \
tools/btiotest \
@@ -60,8 +56,6 @@ NOINST_TOOLS_BT ?= " \
tools/advtest \
tools/seq2bseq \
tools/nokfw \
tools/rtlfw \
tools/bcmfw \
tools/create-image \
tools/eddystone \
tools/ibeacon \
@@ -71,5 +65,5 @@ NOINST_TOOLS_BT ?= " \
tools/check-selftest \
tools/gatt-service \
profiles/iap/iapd \
${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient tools/btpclientctl', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'btpclient', 'tools/btpclient', '', d)} \
"

41
meta/recipes-connectivity/connman/connman/CVE-2025-32366.patch
View File

@@ -1,41 +0,0 @@
From 8d3be0285f1d4667bfe85dba555c663eb3d704b4 Mon Sep 17 00:00:00 2001
From: Yoonje Shin <ioerts@kookmin.ac.kr>
Date: Mon, 12 May 2025 10:48:18 +0200
Subject: [PATCH] dnsproxy: Address CVE-2025-32366 vulnerability
In Connman parse_rr in dnsproxy.c has a memcpy length
that depends on an RR RDLENGTH value (i.e., *rdlen=ntohs(rr->rdlen)
and memcpy(response+offset,*end,*rdlen)). Here, rdlen may be larger
than the amount of remaining packet data in the current state of
parsing. As a result, values of stack memory locations may be sent
over the network in a response.
This patch adds a check to ensure that (*end + *rdlen) does not exceed
the valid range. If the condition is violated, the function returns
-EINVAL.
CVE: CVE-2025-32366
Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=8d3be0285f1d4667bfe85dba555c663eb3d704b4]
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
src/dnsproxy.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index 7ee26d9..1dd2f7f 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -998,6 +998,9 @@ static int parse_rr(const unsigned char *buf, const unsigned char *start,
if ((offset + *rdlen) > *response_size)
return -ENOBUFS;
+ if ((*end + *rdlen) > max)
+ return -EINVAL;
+
memcpy(response + offset, *end, *rdlen);
*end += *rdlen;
--
2.40.0

48
meta/recipes-connectivity/connman/connman/CVE-2025-32743.patch
View File

@@ -1,48 +0,0 @@
From d90b911f6760959bdf1393c39fe8d1118315490f Mon Sep 17 00:00:00 2001
From: Praveen Kumar <praveen.kumar@windriver.com>
Date: Thu, 24 Apr 2025 11:39:29 +0000
Subject: [PATCH] dnsproxy: Fix NULL/empty lookup causing potential crash
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c
can be NULL or an empty string when the TC (Truncated) bit is set in
a DNS response. This allows attackers to cause a denial of service
(application crash) or possibly execute arbitrary code, because those
lookup values lead to incorrect length calculations and incorrect
memcpy operations.
This patch includes a check to make sure loookup value is valid before
using it. This helps avoid unexpected value when the input is empty or
incorrect.
Fixes: CVE-2025-32743
CVE: CVE-2025-32743
Upstream-Status: Backport [https://git.kernel.org/pub/scm/network/connman/connman.git/commit/?id=d90b911f6760959bdf1393c39fe8d1118315490f]
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
---
src/dnsproxy.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/dnsproxy.c b/src/dnsproxy.c
index f28a5d7..7ee26d9 100644
--- a/src/dnsproxy.c
+++ b/src/dnsproxy.c
@@ -1685,8 +1685,13 @@ static int ns_resolv(struct server_data *server, struct request_data *req,
gpointer request, gpointer name)
{
int sk = -1;
+ int err;
const char *lookup = (const char *)name;
- int err = ns_try_resolv_from_cache(req, request, lookup);
+
+ if (!lookup || strlen(lookup) == 0)
+ return -EINVAL;
+
+ err = ns_try_resolv_from_cache(req, request, lookup);
if (err > 0)
/* cache hit */
--
2.40.0

2
meta/recipes-connectivity/connman/connman_1.43.bb
View File

@@ -6,8 +6,6 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
file://connman \
file://no-version-scripts.patch \
file://0002-resolve-musl-does-not-implement-res_ninit.patch \
file://CVE-2025-32743.patch \
file://CVE-2025-32366.patch \
"

148
meta/recipes-connectivity/kea/files/0001-Avoid-assert-on-empty-packet.patch Normal file
View File

@@ -0,0 +1,148 @@
From 9cf3b6e8d705957927c2fbc9928318f4eda265c8 Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Tue, 11 Feb 2025 18:52:41 +0000
Subject: [PATCH 1/2] Avoid assert on empty packet
/src/lib/dhcp/pkt_filter_lpf.cc
PktFilterLPF::receive() - throw if packet has no data
/src/lib/util/buffer.h
InputBuffer::readVecotr() - avoid peek if read request length is 0
/src/lib/util/tests/buffer_unittest.cc
Updated test
Upstream-Status: Backport
[https://gitlab.isc.org/isc-projects/kea/-/commit/0b98eae16d9b6ecdf57005624712b9b26fa05bc0]
[https://gitlab.isc.org/isc-projects/kea/-/commit/16306026e37b32a2ce4b16fb5b78561ae153d570]
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
src/lib/dhcp/pkt_filter_lpf.cc | 10 +++++++---
src/lib/util/buffer.h | 9 ++++++---
src/lib/util/tests/buffer_unittest.cc | 8 +++++++-
3 files changed, 20 insertions(+), 7 deletions(-)
diff --git a/src/lib/dhcp/pkt_filter_lpf.cc b/src/lib/dhcp/pkt_filter_lpf.cc
index 69bdecc0e1..b0c8f108d3 100644
--- a/src/lib/dhcp/pkt_filter_lpf.cc
+++ b/src/lib/dhcp/pkt_filter_lpf.cc
@@ -318,9 +318,14 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
decodeEthernetHeader(buf, dummy_pkt);
decodeIpUdpHeader(buf, dummy_pkt);
+ auto v4_len = buf.getLength() - buf.getPosition();
+ if (v4_len <= 0) {
+ isc_throw(SocketReadError, "Pkt4FilterLpf:: packet has no DHCPv4 data");
+ }
+
// Read the DHCP data.
std::vector<uint8_t> dhcp_buf;
- buf.readVector(dhcp_buf, buf.getLength() - buf.getPosition());
+ buf.readVector(dhcp_buf, v4_len);
// Decode DHCP data into the Pkt4 object.
Pkt4Ptr pkt = Pkt4Ptr(new Pkt4(&dhcp_buf[0], dhcp_buf.size()));
@@ -344,8 +349,7 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
struct timeval cmsg_time;
memcpy(&cmsg_time, CMSG_DATA(cmsg), sizeof(cmsg_time));
- pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time);
- break;
+ pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time); break;
}
cmsg = CMSG_NXTHDR(&m, cmsg);
diff --git a/src/lib/util/buffer.h b/src/lib/util/buffer.h
index 41ecdf3375..c426a14495 100644
--- a/src/lib/util/buffer.h
+++ b/src/lib/util/buffer.h
@@ -1,4 +1,4 @@
-// Copyright (C) 2009-2024 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2009-2025 Internet Systems Consortium, Inc. ("ISC")
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -233,7 +233,8 @@ public:
/// @details If specified buffer is too short, it will be expanded using
/// vector::resize() method. If the remaining length of the buffer
/// is smaller than the specified length, an exception of class
- /// @c isc::OutOfRange will be thrown.
+ /// @c isc::OutOfRange will be thrown. Read length zero results
+ /// in an empty vector.
///
/// @param data Reference to a buffer (data will be stored there).
/// @param len Size specified number of bytes to read in a vector.
@@ -244,7 +245,9 @@ public:
}
data.resize(len);
- peekData(&data[0], len);
+ if (len) {
+ peekData(&data[0], len);
+ }
}
/// @brief Read specified number of bytes as a vector.
diff --git a/src/lib/util/tests/buffer_unittest.cc b/src/lib/util/tests/buffer_unittest.cc
index 66c43e8f21..bae051dd16 100644
--- a/src/lib/util/tests/buffer_unittest.cc
+++ b/src/lib/util/tests/buffer_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (C) 2009-2024 Internet Systems Consortium, Inc. ("ISC")
+// Copyright (C) 2009-2025 Internet Systems Consortium, Inc. ("ISC")
//
// This Source Code Form is subject to the terms of the Mozilla Public
// License, v. 2.0. If a copy of the MPL was not distributed with this
@@ -197,6 +197,12 @@ TEST_F(BufferTest, inputBufferRead) {
ASSERT_EQ(sizeof(vdata), datav.size());
ASSERT_EQ(0, memcmp(&vdata[0], testdata, sizeof(testdata)));
ASSERT_EQ(sizeof(vdata), ibuffer.getPosition());
+
+ // Verify that read len of zero results in an empty
+ // vector without throwing.
+ datav.resize(8);
+ ASSERT_NO_THROW(ibuffer.readVector(datav, 0));
+ ASSERT_EQ(datav.size(), 0);
}
TEST_F(BufferTest, outputBufferReadAt) {
--
2.25.1
From 614a6c136fc20ee428b1c880889ef61253657499 Mon Sep 17 00:00:00 2001
From: Thomas Markwalder <tmark@isc.org>
Date: Tue, 18 Feb 2025 15:03:12 +0000
Subject: [PATCH 2/2] Addressed review comments
Couple of typos fixed.
---
src/lib/dhcp/pkt_filter_lpf.cc | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lib/dhcp/pkt_filter_lpf.cc b/src/lib/dhcp/pkt_filter_lpf.cc
index b0c8f108d3..3642915cc1 100644
--- a/src/lib/dhcp/pkt_filter_lpf.cc
+++ b/src/lib/dhcp/pkt_filter_lpf.cc
@@ -320,7 +320,7 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
auto v4_len = buf.getLength() - buf.getPosition();
if (v4_len <= 0) {
- isc_throw(SocketReadError, "Pkt4FilterLpf:: packet has no DHCPv4 data");
+ isc_throw(SocketReadError, "Pkt4FilterLpf packet has no DHCPv4 data");
}
// Read the DHCP data.
@@ -349,7 +349,8 @@ PktFilterLPF::receive(Iface& iface, const SocketInfo& socket_info) {
struct timeval cmsg_time;
memcpy(&cmsg_time, CMSG_DATA(cmsg), sizeof(cmsg_time));
- pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time); break;
+ pkt->addPktEvent(PktEvent::SOCKET_RECEIVED, cmsg_time);
+ break;
}
cmsg = CMSG_NXTHDR(&m, cmsg);
--
2.25.1

90
meta/recipes-connectivity/kea/files/0001-Replace-Name-NameString-with-vector-of-uint8_t.patch Normal file
View File

@@ -0,0 +1,90 @@
From 6b9fb56e3573aa65923df9a08201dd5321a1b1f1 Mon Sep 17 00:00:00 2001
From: Dimitry Andric <dimitry@andric.com>
Date: Sat, 3 Aug 2024 14:37:52 +0200
Subject: [PATCH 1/2] Replace Name::NameString with vector of uint8_t
As noted in the libc++ 19 release notes, it now only provides
std::char_traits<> for types char, char8_t, char16_t, char32_t and
wchar_t, and any instantiation for other types will fail.
Name::NameString is defined as a std::basic_string<uint8_t>, so that
will no longer work. Redefine it as a std::vector<uint8_t> instead.
Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2410]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
src/lib/dns/name.cc | 12 ++++++------
src/lib/dns/name.h | 2 +-
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/lib/dns/name.cc b/src/lib/dns/name.cc
index ac48205..085229b 100644
--- a/src/lib/dns/name.cc
+++ b/src/lib/dns/name.cc
@@ -303,7 +303,7 @@ Name::Name(const std::string &namestring, bool downcase) {
// And get the output
labelcount_ = offsets.size();
isc_throw_assert(labelcount_ > 0 && labelcount_ <= Name::MAX_LABELS);
- ndata_.assign(ndata.data(), ndata.size());
+ ndata_.assign(ndata.data(), ndata.data() + ndata.size());
length_ = ndata_.size();
offsets_.assign(offsets.begin(), offsets.end());
}
@@ -336,7 +336,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin,
// Get the output
labelcount_ = offsets.size();
isc_throw_assert(labelcount_ > 0 && labelcount_ <= Name::MAX_LABELS);
- ndata_.assign(ndata.data(), ndata.size());
+ ndata_.assign(ndata.data(), ndata.data() + ndata.size());
length_ = ndata_.size();
offsets_.assign(offsets.begin(), offsets.end());
@@ -347,7 +347,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin,
// Drop the last character of the data (the \0) and append a copy of
// the origin's data
ndata_.erase(ndata_.end() - 1);
- ndata_.append(origin->ndata_);
+ ndata_.insert(ndata.end(), origin->ndata_.begin(), origin->ndata_.end());
// Do a similar thing with offsets. However, we need to move them
// so they point after the prefix we parsed before.
@@ -582,7 +582,7 @@ Name::concatenate(const Name& suffix) const {
Name retname;
retname.ndata_.reserve(length);
- retname.ndata_.assign(ndata_, 0, length_ - 1);
+ retname.ndata_.assign(ndata_.data(), ndata_.data() + length_ - 1);
retname.ndata_.insert(retname.ndata_.end(),
suffix.ndata_.begin(), suffix.ndata_.end());
isc_throw_assert(retname.ndata_.size() == length);
@@ -622,7 +622,7 @@ Name::reverse() const {
NameString::const_iterator n0 = ndata_.begin();
retname.offsets_.push_back(0);
while (rit1 != offsets_.rend()) {
- retname.ndata_.append(n0 + *rit1, n0 + *rit0);
+ retname.ndata_.insert(retname.ndata_.end(), n0 + *rit1, n0 + *rit0);
retname.offsets_.push_back(retname.ndata_.size());
++rit0;
++rit1;
@@ -662,7 +662,7 @@ Name::split(const unsigned int first, const unsigned int n) const {
// original name, and append the trailing dot explicitly.
//
retname.ndata_.reserve(retname.offsets_.back() + 1);
- retname.ndata_.assign(ndata_, offsets_[first], retname.offsets_.back());
+ retname.ndata_.assign(ndata_.data() + offsets_[first], ndata_.data() + retname.offsets_.back());
retname.ndata_.push_back(0);
retname.length_ = retname.ndata_.size();
diff --git a/src/lib/dns/name.h b/src/lib/dns/name.h
index 37723e8..fac0036 100644
--- a/src/lib/dns/name.h
+++ b/src/lib/dns/name.h
@@ -228,7 +228,7 @@ class Name {
//@{
private:
/// \brief Name data string
- typedef std::basic_string<uint8_t> NameString;
+ typedef std::vector<uint8_t> NameString;
/// \brief Name offsets type
typedef std::vector<uint8_t> NameOffsets;

190
meta/recipes-connectivity/kea/files/0001-Update-asiolink-for-boost-1.87.patch Normal file
View File

@@ -0,0 +1,190 @@
From dab0f3daafb760ace0d4091f74ff90edb225ca02 Mon Sep 17 00:00:00 2001
From: q66 <q66@chimera-linux.org>
Date: Sun, 15 Dec 2024 03:04:53 +0100
Subject: [PATCH] Update asiolink for boost 1.87
Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2523]
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
---
src/lib/asiolink/io_address.cc | 4 ++--
src/lib/asiolink/io_service.cc | 8 ++++----
src/lib/asiolink/tcp_endpoint.h | 2 +-
src/lib/asiolink/udp_endpoint.h | 2 +-
src/lib/asiolink/unix_domain_socket.cc | 16 ++++++++--------
src/lib/dhcp/iface_mgr.cc | 2 +-
6 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/src/lib/asiolink/io_address.cc b/src/lib/asiolink/io_address.cc
index 43459bf..06b7d3d 100644
--- a/src/lib/asiolink/io_address.cc
+++ b/src/lib/asiolink/io_address.cc
@@ -37,7 +37,7 @@ IOAddress::Hash::operator()(const IOAddress &io_address) const {
// because we'd like to throw our own exception on failure.
IOAddress::IOAddress(const std::string& address_str) {
boost::system::error_code err;
- asio_address_ = ip::address::from_string(address_str, err);
+ asio_address_ = ip::make_address(address_str, err);
if (err) {
isc_throw(IOError, "Failed to convert string to address '"
<< address_str << "': " << err.message());
@@ -116,7 +116,7 @@ IOAddress::isV6Multicast() const {
uint32_t
IOAddress::toUint32() const {
if (asio_address_.is_v4()) {
- return (asio_address_.to_v4().to_ulong());
+ return (asio_address_.to_v4().to_uint());
} else {
isc_throw(BadValue, "Can't convert " << toText()
<< " address to IPv4.");
diff --git a/src/lib/asiolink/io_service.cc b/src/lib/asiolink/io_service.cc
index 411de64..cc28d24 100644
--- a/src/lib/asiolink/io_service.cc
+++ b/src/lib/asiolink/io_service.cc
@@ -30,7 +30,7 @@ public:
/// @brief The constructor.
IOServiceImpl() :
io_service_(),
- work_(new boost::asio::io_service::work(io_service_)) {
+ work_(boost::asio::make_work_guard(io_service_)) {
};
/// @brief The destructor.
@@ -92,7 +92,7 @@ public:
/// @brief Restarts the IOService in preparation for a subsequent @ref run() invocation.
void restart() {
- io_service_.reset();
+ io_service_.restart();
}
/// @brief Removes IO service work object to let it finish running
@@ -115,12 +115,12 @@ public:
///
/// @param callback The callback to be run on the IO service.
void post(const std::function<void ()>& callback) {
- io_service_.post(callback);
+ boost::asio::post(io_service_, callback);
}
private:
boost::asio::io_service io_service_;
- boost::shared_ptr<boost::asio::io_service::work> work_;
+ boost::asio::executor_work_guard<boost::asio::io_service::executor_type> work_;
};
IOService::IOService() : io_impl_(new IOServiceImpl()) {
diff --git a/src/lib/asiolink/tcp_endpoint.h b/src/lib/asiolink/tcp_endpoint.h
index 8ebd575..7c8cb35 100644
--- a/src/lib/asiolink/tcp_endpoint.h
+++ b/src/lib/asiolink/tcp_endpoint.h
@@ -42,7 +42,7 @@ public:
/// \param port The TCP port number of the endpoint.
TCPEndpoint(const IOAddress& address, const unsigned short port) :
asio_endpoint_placeholder_(
- new boost::asio::ip::tcp::endpoint(boost::asio::ip::address::from_string(address.toText()),
+ new boost::asio::ip::tcp::endpoint(boost::asio::ip::make_address(address.toText()),
port)),
asio_endpoint_(*asio_endpoint_placeholder_)
{}
diff --git a/src/lib/asiolink/udp_endpoint.h b/src/lib/asiolink/udp_endpoint.h
index f960bf3..2a3da9f 100644
--- a/src/lib/asiolink/udp_endpoint.h
+++ b/src/lib/asiolink/udp_endpoint.h
@@ -42,7 +42,7 @@ public:
/// \param port The UDP port number of the endpoint.
UDPEndpoint(const IOAddress& address, const unsigned short port) :
asio_endpoint_placeholder_(
- new boost::asio::ip::udp::endpoint(boost::asio::ip::address::from_string(address.toText()),
+ new boost::asio::ip::udp::endpoint(boost::asio::ip::make_address(address.toText()),
port)),
asio_endpoint_(*asio_endpoint_placeholder_)
{}
diff --git a/src/lib/asiolink/unix_domain_socket.cc b/src/lib/asiolink/unix_domain_socket.cc
index f43e1c9..43ff3c8 100644
--- a/src/lib/asiolink/unix_domain_socket.cc
+++ b/src/lib/asiolink/unix_domain_socket.cc
@@ -83,7 +83,7 @@ public:
/// @param buffer Buffers holding the data to be sent.
/// @param handler User supplied callback to be invoked when data have
/// been sent or sending error is signalled.
- void doSend(const boost::asio::const_buffers_1& buffer,
+ void doSend(const boost::asio::const_buffer& buffer,
const UnixDomainSocket::Handler& handler);
@@ -103,7 +103,7 @@ public:
/// @param ec Error code returned as a result of sending the data.
/// @param length Length of the data sent.
void sendHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::const_buffers_1& buffer,
+ const boost::asio::const_buffer& buffer,
const boost::system::error_code& ec,
size_t length);
@@ -127,7 +127,7 @@ public:
/// @param buffer A buffer into which the data should be received.
/// @param handler User supplied callback invoked when data have been
/// received on an error is signalled.
- void doReceive(const boost::asio::mutable_buffers_1& buffer,
+ void doReceive(const boost::asio::mutable_buffer& buffer,
const UnixDomainSocket::Handler& handler);
/// @brief Local handler invoked as a result of asynchronous receive.
@@ -146,7 +146,7 @@ public:
/// @param ec Error code returned as a result of asynchronous receive.
/// @param length Size of the received data.
void receiveHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::mutable_buffers_1& buffer,
+ const boost::asio::mutable_buffer& buffer,
const boost::system::error_code& ec,
size_t length);
@@ -197,7 +197,7 @@ UnixDomainSocketImpl::asyncSend(const void* data, const size_t length,
}
void
-UnixDomainSocketImpl::doSend(const boost::asio::const_buffers_1& buffer,
+UnixDomainSocketImpl::doSend(const boost::asio::const_buffer& buffer,
const UnixDomainSocket::Handler& handler) {
auto local_handler = std::bind(&UnixDomainSocketImpl::sendHandler,
shared_from_this(),
@@ -207,7 +207,7 @@ UnixDomainSocketImpl::doSend(const boost::asio::const_buffers_1& buffer,
void
UnixDomainSocketImpl::sendHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::const_buffers_1& buffer,
+ const boost::asio::const_buffer& buffer,
const boost::system::error_code& ec,
size_t length) {
// The asynchronous send may return EWOULDBLOCK or EAGAIN on some
@@ -230,7 +230,7 @@ UnixDomainSocketImpl::asyncReceive(void* data, const size_t length,
}
void
-UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffers_1& buffer,
+UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffer& buffer,
const UnixDomainSocket::Handler& handler) {
auto local_handler = std::bind(&UnixDomainSocketImpl::receiveHandler,
shared_from_this(),
@@ -240,7 +240,7 @@ UnixDomainSocketImpl::doReceive(const boost::asio::mutable_buffers_1& buffer,
void
UnixDomainSocketImpl::receiveHandler(const UnixDomainSocket::Handler& remote_handler,
- const boost::asio::mutable_buffers_1& buffer,
+ const boost::asio::mutable_buffer& buffer,
const boost::system::error_code& ec,
size_t length) {
// The asynchronous receive may return EWOULDBLOCK or EAGAIN on some
diff --git a/src/lib/dhcp/iface_mgr.cc b/src/lib/dhcp/iface_mgr.cc
index 01a1d63..419268b 100644
--- a/src/lib/dhcp/iface_mgr.cc
+++ b/src/lib/dhcp/iface_mgr.cc
@@ -1034,7 +1034,7 @@ IfaceMgr::getLocalAddress(const IOAddress& remote_addr, const uint16_t port) {
}
// Create socket that will be used to connect to remote endpoint.
- boost::asio::io_service io_service;
+ boost::asio::io_context io_service;
boost::asio::ip::udp::socket sock(io_service);
boost::system::error_code err_code;

36
meta/recipes-connectivity/kea/files/0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch Normal file
View File

@@ -0,0 +1,36 @@
From b5f6cc6b3a2b2c35c9b9bb856861c502771079cc Mon Sep 17 00:00:00 2001
From: Dimitry Andric <dimitry@unified-streaming.com>
Date: Wed, 28 Aug 2024 22:32:44 +0200
Subject: [PATCH 2/2] Fix unittests: * Typo in `Name::Name`: append to
`ndata_`, not `ndata` * In `Name::split`, use the correct iterators for
assigning
Upstream-Status: Submitted [https://gitlab.isc.org/isc-projects/kea/-/merge_requests/2410]
Signed-off-by: Khem Raj <raj.khem@gmail.com>
---
src/lib/dns/name.cc | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/lib/dns/name.cc b/src/lib/dns/name.cc
index 085229b..47d9b8f 100644
--- a/src/lib/dns/name.cc
+++ b/src/lib/dns/name.cc
@@ -347,7 +347,7 @@ Name::Name(const char* namedata, size_t data_len, const Name* origin,
// Drop the last character of the data (the \0) and append a copy of
// the origin's data
ndata_.erase(ndata_.end() - 1);
- ndata_.insert(ndata.end(), origin->ndata_.begin(), origin->ndata_.end());
+ ndata_.insert(ndata_.end(), origin->ndata_.begin(), origin->ndata_.end());
// Do a similar thing with offsets. However, we need to move them
// so they point after the prefix we parsed before.
@@ -662,7 +662,8 @@ Name::split(const unsigned int first, const unsigned int n) const {
// original name, and append the trailing dot explicitly.
//
retname.ndata_.reserve(retname.offsets_.back() + 1);
- retname.ndata_.assign(ndata_.data() + offsets_[first], ndata_.data() + retname.offsets_.back());
+ auto it = ndata_.data() + offsets_[first];
+ retname.ndata_.assign(it, it + retname.offsets_.back());
retname.ndata_.push_back(0);
retname.length_ = retname.ndata_.size();

1
meta/recipes-connectivity/kea/files/kea-dhcp-ddns.service
View File

@@ -6,7 +6,6 @@ After=time-sync.target
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/chmod 750 @LOCALSTATEDIR@/run/kea/
ExecStart=@SBINDIR@/kea-dhcp-ddns -c @SYSCONFDIR@/kea/kea-dhcp-ddns.conf
[Install]

1
meta/recipes-connectivity/kea/files/kea-dhcp4.service
View File

@@ -6,7 +6,6 @@ After=time-sync.target
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/chmod 750 @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/lib/kea
ExecStart=@SBINDIR@/kea-dhcp4 -c @SYSCONFDIR@/kea/kea-dhcp4.conf

1
meta/recipes-connectivity/kea/files/kea-dhcp6.service
View File

@@ -6,7 +6,6 @@ After=time-sync.target
[Service]
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/chmod 750 @LOCALSTATEDIR@/run/kea/
ExecStartPre=@BASE_BINDIR@/mkdir -p @LOCALSTATEDIR@/lib/kea
ExecStart=@SBINDIR@/kea-dhcp6 -c @SYSCONFDIR@/kea/kea-dhcp6.conf

8
meta/recipes-connectivity/kea/kea_2.6.3.bb → meta/recipes-connectivity/kea/kea_2.6.1.bb
View File

@@ -3,7 +3,7 @@ DESCRIPTION = "Kea is the next generation of DHCP software developed by ISC. It
HOMEPAGE = "http://kea.isc.org"
SECTION = "connectivity"
LICENSE = "MPL-2.0"
LIC_FILES_CHKSUM = "file://COPYING;md5=ee16e7280a6cf2a1487717faf33190dc"
LIC_FILES_CHKSUM = "file://COPYING;md5=618093ea9de92c70a115268c1d53421f"
DEPENDS = "boost log4cplus openssl"
@@ -17,9 +17,13 @@ SRC_URI = "http://ftp.isc.org/isc/kea/${PV}/${BP}.tar.gz \
file://fix-multilib-conflict.patch \
file://fix_pid_keactrl.patch \
file://0001-src-lib-log-logger_unittest_support.cc-do-not-write-.patch \
file://0001-Replace-Name-NameString-with-vector-of-uint8_t.patch \
file://0002-Fix-unittests-Typo-in-Name-Name-append-to-ndata_-not.patch \
file://0001-Update-asiolink-for-boost-1.87.patch \
file://0001-make-kea-environment-available-to-lfc.patch \
file://0001-Avoid-assert-on-empty-packet.patch \
"
SRC_URI[sha256sum] = "00241a5955ffd3d215a2c098c4527f9d7f4b203188b276f9a36250dd3d9dd612"
SRC_URI[sha256sum] = "d2ce14a91c2e248ad2876e29152d647bcc5e433bc68dafad0ee96ec166fcfad1"
inherit autotools systemd update-rc.d upstream-version-is-even

28
meta/recipes-connectivity/nfs-utils/nfs-utils/nfsserver
View File

@@ -89,14 +89,34 @@ start_nfsd(){
start-stop-daemon --start --exec "$NFS_NFSD" -- "$@"
echo done
}
delay_nfsd(){
for delay in 0 1 2 3 4 5 6 7 8 9
do
if pidof nfsd >/dev/null
then
echo -n .
sleep 1
else
return 0
fi
done
return 1
}
stop_nfsd(){
# WARNING: this kills any process with the executable
# name 'nfsd'.
echo -n 'stopping nfsd: '
$NFS_NFSD 0
if pidof nfsd
then
start-stop-daemon --stop --quiet --signal 1 --name nfsd
if delay_nfsd || {
echo failed
else
echo ' using signal 9: '
start-stop-daemon --stop --quiet --signal 9 --name nfsd
delay_nfsd
}
then
echo done
else
echo failed
fi
}

59
meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch
View File

@@ -1,59 +0,0 @@
From e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb Mon Sep 17 00:00:00 2001
From: Ivaylo Dimitrov <ivo.g.dimitrov.75@gmail.com>
Date: Sun, 16 Mar 2025 12:26:42 +0200
Subject: [PATCH] qmi: sms: Fix possible out-of-bounds read
Fixes: CVE-2024-7537
CVE: CVE-2024-7537
Upstream-Status: Backport [https://web.git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
drivers/qmimodem/sms.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/drivers/qmimodem/sms.c b/drivers/qmimodem/sms.c
index 3e2bef6e..75863480 100644
--- a/drivers/qmimodem/sms.c
+++ b/drivers/qmimodem/sms.c
@@ -442,6 +442,8 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
const struct qmi_wms_result_msg_list *list;
uint32_t cnt = 0;
uint16_t tmp;
+ uint16_t length;
+ size_t msg_size;
DBG("");
@@ -451,7 +453,7 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
goto done;
}
- list = qmi_result_get(result, QMI_WMS_RESULT_MSG_LIST, NULL);
+ list = qmi_result_get(result, QMI_WMS_RESULT_MSG_LIST, &length);
if (list == NULL) {
DBG("Err: get msg list empty");
goto done;
@@ -460,6 +462,13 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
cnt = L_LE32_TO_CPU(list->cnt);
DBG("msgs found %d", cnt);
+ msg_size = cnt * sizeof(list->msg[0]);
+
+ if (length != sizeof(list->cnt) + msg_size) {
+ DBG("Err: invalid msg list count");
+ goto done;
+ }
+
for (tmp = 0; tmp < cnt; tmp++) {
DBG("unread type %d ndx %d", list->msg[tmp].type,
L_LE32_TO_CPU(list->msg[tmp].ndx));
@@ -473,8 +482,6 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data)
/* save list and get 1st msg */
if (cnt) {
- int msg_size = cnt * sizeof(list->msg[0]);
-
data->msg_list = l_malloc(sizeof(list->cnt) + msg_size);
data->msg_list->cnt = cnt;
memcpy(data->msg_list->msg, list->msg, msg_size);

1
meta/recipes-connectivity/ofono/ofono_2.15.bb
View File

@@ -9,7 +9,6 @@ DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell"
SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \
file://ofono \
file://CVE-2024-7537.patch \
"
SRC_URI[sha256sum] = "1af93ab72a70502452fe3d0297a6eaea13750cacae1fff3b643dd2245a6408ca"

43
meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch
View File

@@ -1,43 +0,0 @@
From fc86875e6acb36401dfc1dfb6b628a9d1460f367 Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Wed, 9 Apr 2025 07:00:03 +0000
Subject: [PATCH] upstream: Fix logic error in DisableForwarding option. This
option
was documented as disabling X11 and agent forwarding but it failed to do so.
Spotted by Tim Rice.
OpenBSD-Commit-ID: fffc89195968f7eedd2fc57f0b1f1ef3193f5ed1
Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367]
CVE: CVE-2025-32728
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
---
session.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/session.c b/session.c
index aa342e8..eb932b8 100644
--- a/session.c
+++ b/session.c
@@ -2191,7 +2191,8 @@ session_auth_agent_req(struct ssh *ssh, Session *s)
if ((r = sshpkt_get_end(ssh)) != 0)
sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
if (!auth_opts->permit_agent_forwarding_flag ||
- !options.allow_agent_forwarding) {
+ !options.allow_agent_forwarding ||
+ options.disable_forwarding) {
debug_f("agent forwarding disabled");
return 0;
}
@@ -2586,7 +2587,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options.");
return 0;
}
- if (!options.x11_forwarding) {
+ if (!options.x11_forwarding || options.disable_forwarding) {
debug("X11 forwarding disabled in server configuration file.");
return 0;
}
--
2.25.1

1
meta/recipes-connectivity/openssh/openssh_9.9p2.bb
View File

@@ -25,7 +25,6 @@ SRC_URI = "https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.ta
file://sshd_check_keys \
file://0001-regress-banner.sh-log-input-and-output-files-on-erro.patch \
file://0001-regress-test-exec-use-the-absolute-path-in-the-SSH-e.patch \
file://CVE-2025-32728.patch \
"
SRC_URI[sha256sum] = "91aadb603e08cc285eddf965e1199d02585fa94d994d6cae5b41e1721e215673"

24
meta/recipes-connectivity/openssl/files/environment.d-openssl.sh
View File

@@ -1,24 +1,6 @@
export OPENSSL_CONF="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/openssl.cnf"
export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs"
export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs/ca-certificates.crt"
export OPENSSL_MODULES="$OECORE_NATIVE_SYSROOT/usr/lib/ossl-modules/"
export OPENSSL_ENGINES="$OECORE_NATIVE_SYSROOT/usr/lib/engines-3"
export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES"
# Respect host env SSL_CERT_FILE/SSL_CERT_DIR first, then auto-detected host cert, then cert in buildtools
# CAFILE/CAPATH is auto-deteced when source buildtools
if [ -z "$SSL_CERT_FILE" ]; then
if [ -n "$CAFILE" ];then
export SSL_CERT_FILE="$CAFILE"
elif [ -e "${OECORE_NATIVE_SYSROOT}/etc/ssl/certs/ca-certificates.crt" ];then
export SSL_CERT_FILE="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs/ca-certificates.crt"
fi
fi
if [ -z "$SSL_CERT_DIR" ]; then
if [ -n "$CAPATH" ];then
export SSL_CERT_DIR="$CAPATH"
elif [ -e "${OECORE_NATIVE_SYSROOT}/etc/ssl/certs/ca-certificates.crt" ];then
export SSL_CERT_DIR="$OECORE_NATIVE_SYSROOT/usr/lib/ssl-3/certs"
fi
fi
export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} SSL_CERT_DIR SSL_CERT_FILE"
export BB_ENV_PASSTHROUGH_ADDITIONS="${BB_ENV_PASSTHROUGH_ADDITIONS:-} SSL_CERT_DIR SSL_CERT_FILE OPENSSL_CONF OPENSSL_MODULES OPENSSL_ENGINES"

2
meta/recipes-connectivity/openssl/openssl_3.4.2.bb → meta/recipes-connectivity/openssl/openssl_3.4.1.bb
View File

@@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
SRC_URI[sha256sum] = "17b02459fc28be415470cccaae7434f3496cac1306b86b52c83886580e82834c"
SRC_URI[sha256sum] = "002a2d6b30b58bf4bea46c43bdd96365aaf8daa6c428782aa4feee06da197df3"
inherit lib_package multilib_header multilib_script ptest perlnative manpages
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"

136
meta/recipes-core/busybox/busybox/CVE-2023-39810.patch
View File

@@ -1,136 +0,0 @@
From 9a8796436b9b0641e13480811902ea2ac57881d3 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <vda.linux@googlemail.com>
Date: Wed, 2 Oct 2024 10:12:05 +0200
Subject: [PATCH] archival: disallow path traversals (CVE-2023-39810)
Create new configure option for archival/libarchive based extractions to
disallow path traversals.
As this is a paranoid option and might introduce backward
incompatibility, default it to no.
Fixes: CVE-2023-39810
Based on the patch by Peter Kaestle <peter.kaestle@nokia.com>
function old new delta
data_extract_all 921 945 +24
strip_unsafe_prefix 101 102 +1
------------------------------------------------------------------------------
(add/remove: 0/0 grow/shrink: 2/0 up/down: 25/0) Total: 25 bytes
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
CVE: CVE-2023-39810
Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=9a8796436b9b0641e13480811902ea2ac57881d3]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
archival/Config.src | 11 +++++++++++
archival/libarchive/data_extract_all.c | 8 ++++++++
archival/libarchive/unsafe_prefix.c | 6 +++++-
scripts/kconfig/lxdialog/check-lxdialog.sh | 2 +-
testsuite/cpio.tests | 23 ++++++++++++++++++++++
5 files changed, 48 insertions(+), 2 deletions(-)
diff --git a/archival/Config.src b/archival/Config.src
index 6f4f30c43..cbcd7217c 100644
--- a/archival/Config.src
+++ b/archival/Config.src
@@ -35,4 +35,15 @@ config FEATURE_LZMA_FAST
This option reduces decompression time by about 25% at the cost of
a 1K bigger binary.
+config FEATURE_PATH_TRAVERSAL_PROTECTION
+ bool "Prevent extraction of filenames with /../ path component"
+ default n
+ help
+ busybox tar and unzip remove "PREFIX/../" (if it exists)
+ from extracted names.
+ This option enables this behavior for all other unpacking applets,
+ such as cpio, ar, rpm.
+ GNU cpio 2.15 has NO such sanity check.
+# try other archivers and document their behavior?
+
endmenu
diff --git a/archival/libarchive/data_extract_all.c b/archival/libarchive/data_extract_all.c
index 049c2c156..8a69711c1 100644
--- a/archival/libarchive/data_extract_all.c
+++ b/archival/libarchive/data_extract_all.c
@@ -65,6 +65,14 @@ void FAST_FUNC data_extract_all(archive_handle_t *archive_handle)
} while (--n != 0);
}
#endif
+#if ENABLE_FEATURE_PATH_TRAVERSAL_PROTECTION
+ /* Strip leading "/" and up to last "/../" path component */
+ dst_name = (char *)strip_unsafe_prefix(dst_name);
+#endif
+// ^^^ This may be a problem if some applets do need to extract absolute names.
+// (Probably will need to invent ARCHIVE_ALLOW_UNSAFE_NAME flag).
+// You might think that rpm needs it, but in my tests rpm's internal cpio
+// archive has names like "./usr/bin/FOO", not "/usr/bin/FOO".
if (archive_handle->ah_flags & ARCHIVE_CREATE_LEADING_DIRS) {
char *slash = strrchr(dst_name, '/');
diff --git a/archival/libarchive/unsafe_prefix.c b/archival/libarchive/unsafe_prefix.c
index 33e487bf9..667081195 100644
--- a/archival/libarchive/unsafe_prefix.c
+++ b/archival/libarchive/unsafe_prefix.c
@@ -14,7 +14,11 @@ const char* FAST_FUNC strip_unsafe_prefix(const char *str)
cp++;
continue;
}
- if (is_prefixed_with(cp, "/../"+1)) {
+ /* We are called lots of times.
+ * is_prefixed_with(cp, "../") is slower than open-coding it,
+ * with minimal code growth (~few bytes).
+ */
+ if (cp[0] == '.' && cp[1] == '.' && cp[2] == '/') {
cp += 3;
continue;
}
diff --git a/scripts/kconfig/lxdialog/check-lxdialog.sh b/scripts/kconfig/lxdialog/check-lxdialog.sh
index 5075ebf2d..910ca1f7c 100755
--- a/scripts/kconfig/lxdialog/check-lxdialog.sh
+++ b/scripts/kconfig/lxdialog/check-lxdialog.sh
@@ -55,7 +55,7 @@ trap "rm -f $tmp" 0 1 2 3 15
check() {
$cc -x c - -o $tmp 2>/dev/null <<'EOF'
#include CURSES_LOC
-main() {}
+int main() { return 0; }
EOF
if [ $? != 0 ]; then
echo " *** Unable to find the ncurses libraries or the" 1>&2
diff --git a/testsuite/cpio.tests b/testsuite/cpio.tests
index 85e746589..a4462c53e 100755
--- a/testsuite/cpio.tests
+++ b/testsuite/cpio.tests
@@ -154,6 +154,29 @@ testing "cpio -R with extract" \
" "" ""
SKIP=
+# Create an archive containing a file with "../dont_write" filename.
+# See that it will not be allowed to unpack.
+# NB: GNU cpio 2.15 DOES NOT do such checks.
+optional FEATURE_PATH_TRAVERSAL_PROTECTION
+rm -rf cpio.testdir
+mkdir -p cpio.testdir/prepare/inner
+echo "file outside of destination was written" > cpio.testdir/prepare/dont_write
+echo "data" > cpio.testdir/prepare/inner/to_extract
+mkdir -p cpio.testdir/extract
+testing "cpio extract file outside of destination" "\
+(cd cpio.testdir/prepare/inner && echo -e '../dont_write\nto_extract' | cpio -o -H newc) | (cd cpio.testdir/extract && cpio -vi 2>&1)
+echo \$?
+ls cpio.testdir/dont_write 2>&1" \
+"\
+cpio: removing leading '../' from member names
+../dont_write
+to_extract
+1 blocks
+0
+ls: cpio.testdir/dont_write: No such file or directory
+" "" ""
+SKIP=
+
# Clean up
rm -rf cpio.testdir cpio.testdir2 2>/dev/null

1
meta/recipes-core/busybox/busybox_1.37.0.bb
View File

@@ -53,7 +53,6 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
file://0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch \
file://0002-start-stop-daemon-fix-tests.patch \
file://0003-start-stop-false.patch \
file://CVE-2023-39810.patch \
"
SRC_URI:append:libc-musl = " file://musl.cfg"
SRC_URI:append:x86-64 = " file://sha_accel.cfg"

112
meta/recipes-core/coreutils/coreutils/CVE-2025-5278.patch
View File

@@ -1,112 +0,0 @@
From 8763c305c29d0abb7e2be4695212b42917d054b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
Date: Tue, 20 May 2025 16:03:44 +0100
Subject: [PATCH] sort: fix buffer under-read (CWE-127)
* src/sort.c (begfield): Check pointer adjustment
to avoid Out-of-range pointer offset (CWE-823).
(limfield): Likewise.
* tests/sort/sort-field-limit.sh: Add a new test,
which triggers with ASAN or Valgrind.
* tests/local.mk: Reference the new test.
* NEWS: Mention bug fix introduced in v7.2 (2009).
Fixes https://bugs.gnu.org/78507
CVE: CVE-2025-5278
Upstream-Status: Backport [https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
src/sort.c | 12 ++++++++++--
tests/local.mk | 1 +
tests/sort/sort-field-limit.sh | 35 ++++++++++++++++++++++++++++++++++
3 files changed, 46 insertions(+), 2 deletions(-)
create mode 100755 tests/sort/sort-field-limit.sh
diff --git a/src/sort.c b/src/sort.c
index b10183b6f..7af1a2512 100644
--- a/src/sort.c
+++ b/src/sort.c
@@ -1644,7 +1644,11 @@ begfield (struct line const *line, struct keyfield const *key)
++ptr;
/* Advance PTR by SCHAR (if possible), but no further than LIM. */
- ptr = MIN (lim, ptr + schar);
+ size_t remaining_bytes = lim - ptr;
+ if (schar < remaining_bytes)
+ ptr += schar;
+ else
+ ptr = lim;
return ptr;
}
@@ -1746,7 +1750,11 @@ limfield (struct line const *line, struct keyfield const *key)
++ptr;
/* Advance PTR by ECHAR (if possible), but no further than LIM. */
- ptr = MIN (lim, ptr + echar);
+ size_t remaining_bytes = lim - ptr;
+ if (echar < remaining_bytes)
+ ptr += echar;
+ else
+ ptr = lim;
}
return ptr;
diff --git a/tests/local.mk b/tests/local.mk
index 4da6756ac..642d225fa 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -388,6 +388,7 @@ all_tests = \
tests/sort/sort-debug-keys.sh \
tests/sort/sort-debug-warn.sh \
tests/sort/sort-discrim.sh \
+ tests/sort/sort-field-limit.sh \
tests/sort/sort-files0-from.pl \
tests/sort/sort-float.sh \
tests/sort/sort-h-thousands-sep.sh \
diff --git a/tests/sort/sort-field-limit.sh b/tests/sort/sort-field-limit.sh
new file mode 100755
index 000000000..52d8e1d17
--- /dev/null
+++ b/tests/sort/sort-field-limit.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+# From 7.2-9.7, this would trigger an out of bounds mem read
+
+# Copyright (C) 2025 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <https://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+print_ver_ sort
+getlimits_
+
+# This issue triggers with valgrind or ASAN
+valgrind --error-exitcode=1 sort --version 2>/dev/null &&
+ VALGRIND='valgrind --error-exitcode=1'
+
+{ printf '%s\n' aa bb; } > in || framework_failure_
+
+_POSIX2_VERSION=200809 $VALGRIND sort +0.${SIZE_MAX}R in > out || fail=1
+compare in out || fail=1
+
+_POSIX2_VERSION=200809 $VALGRIND sort +1 -1.${SIZE_MAX}R in > out || fail=1
+compare in out || fail=1
+
+Exit $fail
--
2.34.1

1
meta/recipes-core/coreutils/coreutils_9.6.bb
View File

@@ -19,7 +19,6 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
file://intermittent-testfailure.patch \
file://0001-ls-fix-crash-with-context.patch \
file://0001-cksum-port-to-32-bit-uint_fast32_t.patch \
file://CVE-2025-5278.patch \
file://run-ptest \
"
SRC_URI[sha256sum] = "7a0124327b398fd9eb1a6abde583389821422c744ffa10734b24f557610d3283"

373
meta/recipes-core/dropbear/dropbear/CVE-2025-47203.patch
View File

@@ -1,373 +0,0 @@
From e5a0ef27c227f7ae69d9a9fec98a056494409b9b Mon Sep 17 00:00:00 2001
From: Matt Johnston <matt@ucc.asn.au>
Date: Mon, 5 May 2025 23:14:19 +0800
Subject: [PATCH] Execute multihop commands directly, no shell
This avoids problems with shell escaping if arguments contain special
characters.
CVE: CVE-2025-47203
Upstream-Status: Backport [https://github.com/mkj/dropbear/commit/e5a0ef27c227f7ae69d9a9fec98a056494409b9b]
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
src/cli-main.c | 59 +++++++++++++++++---------
src/cli-runopts.c | 104 ++++++++++++++++++++++++++++------------------
src/dbutil.c | 9 +++-
src/dbutil.h | 1 +
src/runopts.h | 5 +++
5 files changed, 117 insertions(+), 61 deletions(-)
diff --git a/src/cli-main.c b/src/cli-main.c
index 065fd76..2fafa88 100644
--- a/src/cli-main.c
+++ b/src/cli-main.c
@@ -77,9 +77,8 @@ int main(int argc, char ** argv) {
}
#if DROPBEAR_CLI_PROXYCMD
- if (cli_opts.proxycmd) {
+ if (cli_opts.proxycmd || cli_opts.proxyexec) {
cli_proxy_cmd(&sock_in, &sock_out, &proxy_cmd_pid);
- m_free(cli_opts.proxycmd);
if (signal(SIGINT, kill_proxy_sighandler) == SIG_ERR ||
signal(SIGTERM, kill_proxy_sighandler) == SIG_ERR ||
signal(SIGHUP, kill_proxy_sighandler) == SIG_ERR) {
@@ -101,7 +100,8 @@ int main(int argc, char ** argv) {
}
#endif /* DBMULTI stuff */
-static void exec_proxy_cmd(const void *user_data_cmd) {
+#if DROPBEAR_CLI_PROXYCMD
+static void shell_proxy_cmd(const void *user_data_cmd) {
const char *cmd = user_data_cmd;
char *usershell;
@@ -110,41 +110,62 @@ static void exec_proxy_cmd(const void *user_data_cmd) {
dropbear_exit("Failed to run '%s'\n", cmd);
}
-#if DROPBEAR_CLI_PROXYCMD
+static void exec_proxy_cmd(const void *unused) {
+ (void)unused;
+ run_command(cli_opts.proxyexec[0], cli_opts.proxyexec, ses.maxfd);
+ dropbear_exit("Failed to run '%s'\n", cli_opts.proxyexec[0]);
+}
+
static void cli_proxy_cmd(int *sock_in, int *sock_out, pid_t *pid_out) {
- char * ex_cmd = NULL;
- size_t ex_cmdlen;
+ char * cmd_arg = NULL;
+ void (*exec_fn)(const void *user_data) = NULL;
int ret;
+ /* exactly one of cli_opts.proxycmd or cli_opts.proxyexec should be set */
+
/* File descriptor "-j &3" */
- if (*cli_opts.proxycmd == '&') {
+ if (cli_opts.proxycmd && *cli_opts.proxycmd == '&') {
char *p = cli_opts.proxycmd + 1;
int sock = strtoul(p, &p, 10);
/* must be a single number, and not stdin/stdout/stderr */
if (sock > 2 && sock < 1024 && *p == '\0') {
*sock_in = sock;
*sock_out = sock;
- return;
+ goto cleanup;
}
}
- /* Normal proxycommand */
+ if (cli_opts.proxycmd) {
+ /* Normal proxycommand */
+ size_t shell_cmdlen;
+ /* So that spawn_command knows which shell to run */
+ fill_passwd(cli_opts.own_user);
- /* So that spawn_command knows which shell to run */
- fill_passwd(cli_opts.own_user);
+ shell_cmdlen = strlen(cli_opts.proxycmd) + 6; /* "exec " + command + '\0' */
+ cmd_arg = m_malloc(shell_cmdlen);
+ snprintf(cmd_arg, shell_cmdlen, "exec %s", cli_opts.proxycmd);
+ exec_fn = shell_proxy_cmd;
+ } else {
+ /* No shell */
+ exec_fn = exec_proxy_cmd;
+ }
- ex_cmdlen = strlen(cli_opts.proxycmd) + 6; /* "exec " + command + '\0' */
- ex_cmd = m_malloc(ex_cmdlen);
- snprintf(ex_cmd, ex_cmdlen, "exec %s", cli_opts.proxycmd);
-
- ret = spawn_command(exec_proxy_cmd, ex_cmd,
- sock_out, sock_in, NULL, pid_out);
- DEBUG1(("cmd: %s pid=%d", ex_cmd,*pid_out))
- m_free(ex_cmd);
+ ret = spawn_command(exec_fn, cmd_arg, sock_out, sock_in, NULL, pid_out);
if (ret == DROPBEAR_FAILURE) {
dropbear_exit("Failed running proxy command");
*sock_in = *sock_out = -1;
}
+
+cleanup:
+ m_free(cli_opts.proxycmd);
+ m_free(cmd_arg);
+ if (cli_opts.proxyexec) {
+ char **a = NULL;
+ for (a = cli_opts.proxyexec; *a; a++) {
+ m_free_direct(*a);
+ }
+ m_free(cli_opts.proxyexec);
+ }
}
static void kill_proxy_sighandler(int UNUSED(signo)) {
diff --git a/src/cli-runopts.c b/src/cli-runopts.c
index b664293..a21b7a2 100644
--- a/src/cli-runopts.c
+++ b/src/cli-runopts.c
@@ -556,62 +556,88 @@ void loadidentityfile(const char* filename, int warnfail) {
/* Fill out -i, -y, -W options that make sense for all
* the intermediate processes */
-static char* multihop_passthrough_args(void) {
- char *args = NULL;
- unsigned int len, total;
+static char** multihop_args(const char* argv0, const char* prior_hops) {
+ /* null terminated array */
+ char **args = NULL;
+ size_t max_args = 14, pos = 0, len;
#if DROPBEAR_CLI_PUBKEY_AUTH
m_list_elem *iter;
#endif
- /* Sufficient space for non-string args */
- len = 100;
- /* String arguments have arbitrary length, so determine space required */
- if (cli_opts.proxycmd) {
- len += strlen(cli_opts.proxycmd);
- }
#if DROPBEAR_CLI_PUBKEY_AUTH
for (iter = cli_opts.privkeys->first; iter; iter = iter->next)
{
- sign_key * key = (sign_key*)iter->item;
- len += 4 + strlen(key->filename);
+ /* "-i file" for each */
+ max_args += 2;
}
#endif
- args = m_malloc(len);
- total = 0;
+ args = m_malloc(sizeof(char*) * max_args);
+ pos = 0;
- /* Create new argument string */
+ args[pos] = m_strdup(argv0);
+ pos++;
if (cli_opts.quiet) {
- total += m_snprintf(args+total, len-total, "-q ");
+ args[pos] = m_strdup("-q");
+ pos++;
}
if (cli_opts.no_hostkey_check) {
- total += m_snprintf(args+total, len-total, "-y -y ");
+ args[pos] = m_strdup("-y");
+ pos++;
+ args[pos] = m_strdup("-y");
+ pos++;
} else if (cli_opts.always_accept_key) {
- total += m_snprintf(args+total, len-total, "-y ");
+ args[pos] = m_strdup("-y");
+ pos++;
}
if (cli_opts.batch_mode) {
- total += m_snprintf(args+total, len-total, "-o BatchMode=yes ");
+ args[pos] = m_strdup("-o");
+ pos++;
+ args[pos] = m_strdup("BatchMode=yes");
+ pos++;
}
if (cli_opts.proxycmd) {
- total += m_snprintf(args+total, len-total, "-J '%s' ", cli_opts.proxycmd);
+ args[pos] = m_strdup("-J");
+ pos++;
+ args[pos] = m_strdup(cli_opts.proxycmd);
+ pos++;
}
if (opts.recv_window != DEFAULT_RECV_WINDOW) {
- total += m_snprintf(args+total, len-total, "-W %u ", opts.recv_window);
+ args[pos] = m_strdup("-W");
+ pos++;
+ args[pos] = m_malloc(11);
+ m_snprintf(args[pos], 11, "%u", opts.recv_window);
+ pos++;
}
#if DROPBEAR_CLI_PUBKEY_AUTH
for (iter = cli_opts.privkeys->first; iter; iter = iter->next)
{
sign_key * key = (sign_key*)iter->item;
- total += m_snprintf(args+total, len-total, "-i %s ", key->filename);
+ args[pos] = m_strdup("-i");
+ pos++;
+ args[pos] = m_strdup(key->filename);
+ pos++;
}
#endif /* DROPBEAR_CLI_PUBKEY_AUTH */
+ /* last hop */
+ args[pos] = m_strdup("-B");
+ pos++;
+ len = strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport) + 2;
+ args[pos] = m_malloc(len);
+ snprintf(args[pos], len, "%s:%s", cli_opts.remotehost, cli_opts.remoteport);
+ pos++;
+
+ /* hostnames of prior hops */
+ args[pos] = m_strdup(prior_hops);
+ pos++;
+
return args;
}
@@ -626,7 +652,7 @@ static char* multihop_passthrough_args(void) {
* etc for as many hosts as we want.
*
* Note that "-J" arguments aren't actually used, instead
- * below sets cli_opts.proxycmd directly.
+ * below sets cli_opts.proxyexec directly.
*
* Ports for hosts can be specified as host/port.
*/
@@ -634,7 +660,7 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
char *userhostarg = NULL;
char *hostbuf = NULL;
char *last_hop = NULL;
- char *remainder = NULL;
+ char *prior_hops = NULL;
/* both scp and rsync parse a user@host argument
* and turn it into "-l user host". This breaks
@@ -652,6 +678,8 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
}
userhostarg = hostbuf;
+ /* Split off any last hostname and use that as remotehost/remoteport.
+ * That is used for authorized_keys checking etc */
last_hop = strrchr(userhostarg, ',');
if (last_hop) {
if (last_hop == userhostarg) {
@@ -659,32 +687,28 @@ static void parse_multihop_hostname(const char* orighostarg, const char* argv0)
}
*last_hop = '\0';
last_hop++;
- remainder = userhostarg;
+ prior_hops = userhostarg;
userhostarg = last_hop;
}
+ /* Update cli_opts.remotehost and cli_opts.remoteport */
parse_hostname(userhostarg);
- if (last_hop) {
- /* Set up the proxycmd */
- unsigned int cmd_len = 0;
- char *passthrough_args = multihop_passthrough_args();
- cmd_len = strlen(argv0) + strlen(remainder)
- + strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport)
- + strlen(passthrough_args)
- + 30;
- /* replace proxycmd. old -J arguments have been copied
- to passthrough_args */
- cli_opts.proxycmd = m_realloc(cli_opts.proxycmd, cmd_len);
- m_snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s",
- argv0, cli_opts.remotehost, cli_opts.remoteport,
- passthrough_args, remainder);
+ /* Construct any multihop proxy command. Use proxyexec to
+ * avoid worrying about shell escaping. */
+ if (prior_hops) {
+ cli_opts.proxyexec = multihop_args(argv0, prior_hops);
+ /* Any -J argument has been copied to proxyexec */
+ if (cli_opts.proxycmd) {
+ m_free(cli_opts.proxycmd);
+ }
+
#ifndef DISABLE_ZLIB
- /* The stream will be incompressible since it's encrypted. */
+ /* This outer stream will be incompressible since it's encrypted. */
opts.compress_mode = DROPBEAR_COMPRESS_OFF;
#endif
- m_free(passthrough_args);
}
+
m_free(hostbuf);
}
#endif /* DROPBEAR_CLI_MULTIHOP */
diff --git a/src/dbutil.c b/src/dbutil.c
index 2b44921..a70025e 100644
--- a/src/dbutil.c
+++ b/src/dbutil.c
@@ -371,7 +371,6 @@ int spawn_command(void(*exec_fn)(const void *user_data), const void *exec_data,
void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell) {
char * argv[4];
char * baseshell = NULL;
- unsigned int i;
baseshell = basename(usershell);
@@ -393,6 +392,12 @@ void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell) {
argv[1] = NULL;
}
+ run_command(usershell, argv, maxfd);
+}
+
+void run_command(const char* argv0, char** args, unsigned int maxfd) {
+ unsigned int i;
+
/* Re-enable SIGPIPE for the executed process */
if (signal(SIGPIPE, SIG_DFL) == SIG_ERR) {
dropbear_exit("signal() error");
@@ -404,7 +409,7 @@ void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell) {
m_close(i);
}
- execv(usershell, argv);
+ execv(argv0, args);
}
#if DEBUG_TRACE
diff --git a/src/dbutil.h b/src/dbutil.h
index 05fc50c..bfbed73 100644
--- a/src/dbutil.h
+++ b/src/dbutil.h
@@ -63,6 +63,7 @@ char * stripcontrol(const char * text);
int spawn_command(void(*exec_fn)(const void *user_data), const void *exec_data,
int *writefd, int *readfd, int *errfd, pid_t *pid);
void run_shell_command(const char* cmd, unsigned int maxfd, char* usershell);
+void run_command(const char* argv0, char** args, unsigned int maxfd);
#if ENABLE_CONNECT_UNIX
int connect_unix(const char* addr);
#endif
diff --git a/src/runopts.h b/src/runopts.h
index c4061a0..f255882 100644
--- a/src/runopts.h
+++ b/src/runopts.h
@@ -197,7 +197,12 @@ typedef struct cli_runopts {
unsigned int netcat_port;
#endif
#if DROPBEAR_CLI_PROXYCMD
+ /* A proxy command to run via the user's shell */
char *proxycmd;
+#endif
+#if DROPBEAR_CLI_MULTIHOP
+ /* Similar to proxycmd, but is arguments for execve(), not shell */
+ char **proxyexec;
#endif
const char *bind_arg;
char *bind_address;

1
meta/recipes-core/dropbear/dropbear_2024.86.bb
View File

@@ -21,7 +21,6 @@ SRC_URI = "http://matt.ucc.asn.au/dropbear/releases/dropbear-${PV}.tar.bz2 \
file://dropbear.default \
${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \
${@bb.utils.contains('PACKAGECONFIG', 'disable-weak-ciphers', 'file://dropbear-disable-weak-ciphers.patch', '', d)} \
file://CVE-2025-47203.patch \
"
SRC_URI[sha256sum] = "e78936dffc395f2e0db099321d6be659190966b99712b55c530dd0a1822e0a5e"

2
meta/recipes-core/glibc/glibc-version.inc
View File

@@ -1,6 +1,6 @@
SRCBRANCH ?= "release/2.41/master"
PV = "2.41+git"
SRCREV_glibc ?= "e7c419a2957590fb657900fc92a89708f41abd9d"
SRCREV_glibc ?= "0a7c7a3e283a55d1bfaa48fdef063a32a4689a2b"
SRCREV_localedef ?= "fab74f31b3811df543e24b6de47efdf45b538abc"
GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"

107
meta/recipes-core/glibc/glibc-y2038-tests_2.41.bb Normal file
View File

@@ -0,0 +1,107 @@
require glibc_${PV}.bb
require glibc-tests.inc
inherit ptest features_check
REQUIRED_DISTRO_FEATURES = "ptest"
SRC_URI += "\
file://run-ptest \
"
SUMMARY = "glibc tests using time32/time64 interfaces to be run with ptest for the purpose of checking y2038 compatiblity"
# Erase some variables already set by glibc_${PV}
python __anonymous() {
# Remove packages provided by glibc build, we only need a subset of them
d.setVar("PACKAGES", "${PN} ${PN}-dbg ${PN}-ptest")
d.setVar("PROVIDES", "${PN} ${PN}-ptest")
bbclassextend = d.getVar("BBCLASSEXTEND").replace("nativesdk", "").strip()
d.setVar("BBCLASSEXTEND", bbclassextend)
d.setVar("RRECOMMENDS", "")
d.setVar("SYSTEMD_SERVICE:nscd", "")
d.setVar("SYSTEMD_PACKAGES", "")
}
# Remove any leftovers from original glibc recipe
RPROVIDES:${PN} = "${PN}"
RRECOMMENDS:${PN} = ""
RDEPENDS:${PN} = "glibc libgcc sed bash"
RDEPENDS:${PN}-ptest = "${PN}"
DEPENDS += "sed"
export oe_srcdir = "${exec_prefix}/src/debug/glibc/${PV}/"
# Just build tests for target - do not run them
do_check:append () {
oe_runmake -i check run-built-tests=no
}
addtask do_check after do_compile before do_install_ptest_base
glibc_strip_build_directory () {
# Delete all non executable files from build directory
find ${B} ! -executable -type f -delete
# Remove build dynamic libraries and links to them as
# those are already installed in the target device
find ${B} -type f -name "*.so" -delete
find ${B} -type l -name "*.so*" -delete
# Remove headers (installed with glibc)
find ${B} -type f -name "*.h" -delete
find ${B} -type f -name "isomac" -delete
find ${B} -type f -name "annexc" -delete
}
do_install_ptest_base () {
glibc_strip_build_directory
ls -r ${B}/*/*-time64 > ${B}/tst_time64
# Remove '-time64' suffix - those tests are also time related
sed -e "s/-time64$//" ${B}/tst_time64 > ${B}/tst_time_tmp
tst_time=$(cat ${B}/tst_time_tmp ${B}/tst_time64)
rm ${B}/tst_time_tmp ${B}/tst_time64
echo "${tst_time}"
# Install build test programs to the image
install -d ${D}${PTEST_PATH}/tests/glibc-ptest/
for f in "${tst_time}"
do
cp -r ${f} ${D}${PTEST_PATH}/tests/glibc-ptest/
done
install -d ${D}${PTEST_PATH}
cp ${UNPACKDIR}/run-ptest ${D}${PTEST_PATH}/
}
# The datadir directory is required to allow core (and reused)
# glibc cleanup function to finish correctly, as this directory
# is not created for ptests
stash_locale_package_cleanup:prepend () {
mkdir -p ${PKGD}${datadir}
}
stash_locale_sysroot_cleanup:prepend () {
mkdir -p ${SYSROOT_DESTDIR}${datadir}
}
# Prevent the do_package() task to set 'libc6' prefix
# for glibc tests related packages
python populate_packages:prepend () {
if d.getVar('DEBIAN_NAMES'):
d.setVar('DEBIAN_NAMES', '')
}
FILES:${PN} = "${PTEST_PATH}/* /usr/src/debug/${PN}/*"
EXCLUDE_FROM_SHLIBS = "1"
deltask do_stash_locale
do_install[noexec] = "1"
do_populate_sysroot[noexec] = "1"

47
meta/recipes-core/glibc/glibc/0001-stdlib-Add-single-threaded-fast-path-to-rand.patch
View File

@@ -1,47 +0,0 @@
From 4f54b0dfc16dbe0df86afccb90e447df5f7f571e Mon Sep 17 00:00:00 2001
From: Wilco Dijkstra <wilco.dijkstra@arm.com>
Date: Mon, 18 Mar 2024 15:18:20 +0000
Subject: [PATCH] stdlib: Add single-threaded fast path to rand()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Improve performance of rand() and __random() by adding a single-threaded
fast path. Bench-random-lock shows about 5x speedup on Neoverse V1.
Upstream-Status: Backport [be0cfd848d9ad7378800d6302bc11467cf2b514f]
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
Signed-off-by: Haixiao Yan <haixiao.yan.cn@windriver.com>
---
stdlib/random.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/stdlib/random.c b/stdlib/random.c
index 17cc61ba8f55..5d482a857065 100644
--- a/stdlib/random.c
+++ b/stdlib/random.c
@@ -51,6 +51,7 @@
SUCH DAMAGE.*/
#include <libc-lock.h>
+#include <sys/single_threaded.h>
#include <limits.h>
#include <stddef.h>
#include <stdlib.h>
@@ -288,6 +289,12 @@ __random (void)
{
int32_t retval;
+ if (SINGLE_THREAD_P)
+ {
+ (void) __random_r (&unsafe_state, &retval);
+ return retval;
+ }
+
__libc_lock_lock (lock);
(void) __random_r (&unsafe_state, &retval);
--
2.34.1

2
meta/recipes-core/glibc/glibc/0023-tests-Skip-2-qemu-tests-that-can-hang-in-oe-selftest.patch
View File

@@ -40,7 +40,7 @@ index 8a755293b3..22dafcaad1 100644
# tests
# process_madvise requires CAP_SYS_ADMIN.
@@ -282,9 +283,10 @@ tests-time64 += \
@@ -277,9 +278,10 @@ tests-time64 += \
tst-ntp_gettimex-time64 \
tst-ppoll-time64 \
tst-prctl-time64 \

37
meta/recipes-core/glibc/glibc/run-ptest Executable file
View File

@@ -0,0 +1,37 @@
#!/bin/bash
# ptest script for glibc - to run time related tests to
# facilitate Y2038 validation
# Run with 'ptest-runner glibc-tests'
output() {
retcode=$?
if [ $retcode -eq 0 ]
then echo "PASS: $i"
elif [ $retcode -eq 77 ]
then echo "SKIP: $i"
else echo "FAIL: $i"
fi
}
# Allow altering time on the target
export GLIBC_TEST_ALLOW_TIME_SETTING="1"
tst_time64=$(ls -r ${PWD}/tests/glibc-ptest/*-time64)
# Remove '-time64' suffix - those tests are also time
# related
tst_time_tmp=$(sed -e "s/-time64$//" <<< ${tst_time64})
# Do not run tests supporting only 32 bit time
#for i in ${tst_time_tmp}
#do
# $i >/dev/null 2>&1
# output
#done
# Run tests supporting only 64 bit time
for i in ${tst_time64}
do
$i >/dev/null 2>&1
output
done

Some files were not shown because too many files have changed in this diff Show More