This service is available only in Japanese-language.
2022年4月にリリースされたYocto4.0 LTS (Kirkstone)の8回目のポイントリリース4.0.8公開のアナウンスが2023年3月10日付けでありました。
当初予定どおり2月27日版で構築、QA後の3月10日にリリースアナウンスとなりました。
今回のリリースでの主な変更点:
〇 CVEに登録された脆弱性への対応
〇 カーネルは 5.15.84から5.15.91 にアップグレード
なお、Release NoteのSecurity Fixesにリストアップされていませんが、Yocto4.0.7でunoatchedとなっているlibgit2のCVE-2023-22742は、libgit2-1.4.5にアップグレードを行ったことでFixedにステータスが変更となっているため、現在migration-guildeの修正を提案中です。
リリースアナウンスの時点で、2月27日以降 次のポイントリリースに向けたコミットとして以下のCVEへの対応を含んだ複数のレシピのアップグレードが行われています。
・binutils : Fix CVE-2023-22608
・less: backport the fix for CVE-2022-46663
・libsdl2: fix CVE-2022-4743
・xserver-xorg:CVE-2023-0494
・xwayland:CVE-2023-0494
・vim:CVE-2023-0433, CVE-2022-47024
次のポイントリリース4.0.9 は 2023/4/10 版で構築、QA後の2023/4/21 のリリースを予定しています。
本リリースの詳細は以下のURLでご確認ください。
https://lists.yoctoproject.org/g/yocto-announce/message/271
----------------
Known Issues
----------------
N/A
----------------
Security Fixes
----------------
apr-util: fix CVE-2022-25147
apr: fix CVE-2022-24963 CVE-2022-28331 CVE-2021-35940
bind: fix CVE-2022-3094 CVE-2022-3736 CVE-2022-3924
git: ignore CVE-2022-41953
git: fix CVE-2022-23521 CVE-2022-41903
ppp: fix CVE-2022-4603
python3-certifi: fix CVE-2022-23491
sudo: fix CVE-2023-2280
tar: CVE-2022-48303
----------------
Fixes
----------------
Fix missing leading whitespace with ':append'
apr-util: upgrade to 1.6.3
apr: upgrade to 1.7.2
apt: fix do_package_qa failure
bind: upgrade to 9.18.11
bitbake: bb/utils: include SSL certificate paths in export_proxies
bitbake: bitbake-diffsigs: Make PEP8 compliant
bitbake: bitbake-diffsigs: break on first dependent task difference
bitbake: fetch2/git: Clarify the meaning of namespace
bitbake: fetch2/git: Prevent git fetcher from fetching gitlab repository metadata
bitbake: fetch2/git: show SRCREV and git repo in error message about fixed SRCREV
bitbake: siggen: Fix inefficient string concatenation
bitbake: utils/ply: Update md5 to better report errors with hashlib
bootchart2: Fix usrmerge support
bsp-guide: fix broken git URLs and missing word
build-appliance-image: Update to kirkstone head revision
buildtools-tarball: set pkg-config search path
classes/fs-uuid: Fix command output decoding issue
dev-manual: common-tasks.rst: add link to FOSDEM 2023 video
dev-manual: fix old override syntax
devshell: Do not add scripts/git-intercept to PATH
devtool: fix devtool finish when gitmodules file is empty
diffutils: upgrade to 3.9
gdk-pixbuf: do not use tools from gdk-pixbuf-native when building tests
git: upgrade to 2.35.7
glslang: branch rename master -> main
httpserver: add error handler that write to the logger
image.bbclass: print all QA functions exceptions
kernel/linux-kernel-base: Fix kernel build artefact determinism issues
libc-locale: Fix on target locale generation
libgit2: upgrade to 1.4.5
libjpeg-turbo: upgrade to 2.1.5
libtirpc: Check if file exists before operating on it
libusb1: Link with latomic only if compiler has no atomic builtins
libusb1: Strip trailing whitespaces
linux-firmware: upgrade to 20230117
linux-yocto/5.15: update to v5.15.91
lsof: fix old override syntax
lttng-modules: Fix for 5.10.163 kernel version
lttng-tools: upgrade to 2.13.9
make-mod-scripts: Ensure kernel build output is deterministic
manuals: update patchwork instance URL
meta: remove True option to getVar and getVarFlag calls (again)
migration-guides: add release-notes for 4.0.7
native: Drop special variable handling
numactl: skip test case when target platform doesn't have 2 CPU node
oeqa context.py: fix --target-ip comment to include ssh port number
oeqa dump.py: add error counter and stop after 5 failures
oeqa qemurunner.py: add timeout to QMP calls
oeqa qemurunner.py: try to avoid reading one character at a time
oeqa qemurunner: read more data at a time from serial
oeqa ssh.py: add connection keep alive options to ssh client
oeqa ssh.py: move output prints to new line
oeqa/qemurunner: do not use Popen.poll() when terminating runqemu with a signal
oeqa/selftest/bbtests: Update message lookup for test_git_unpack_nonetwork_fail
oeqa/selftest/locales: Add selftest for locale generation/presence
poky.conf: Update SANITY_TESTED_DISTROS to match autobuilder
poky.conf: bump version for 4.0.8
profile-manual: update WireShark hyperlinks
python3-pytest: depend on python3-tomli instead of python3-toml
qemu: fix compile error
quilt: fix intermittent failure in faildiff.test
quilt: use upstreamed faildiff.test fix
recipe_sanity: fix old override syntax
ref-manual: document SSTATE_EXCLUDEDEPS_SYSROOT
scons.bbclass: Make MAXLINELENGTH overridable
scons: Pass MAXLINELENGTH to scons invocation
sdkext/cases/devtool: pass a logger to HTTPService
spirv-headers: set correct branch name
sudo: upgrade to 1.9.12p2
system-requirements.rst: add Fedora 36 and AlmaLinux 8.7 to list of supported distros
testimage: Fix error message to reflect new syntax
update-alternatives: fix typos
vulkan-samples: branch rename master -> main