This service is available only in Japanese-language.

Yocto3.1.18 LTS(Dunfell 23.18)リリース


一昨年4月にリリースされたYocto3.1LTS(Dunfell)の18回目のポイントリリース、3.1.18 公開のアナウンスが2022年8月3日付けでありました。

元々は7月29日リリース予定となっていましたが、リスケジュール後は7月27日版で構築、8月6日 リース予定だったものが7月25日版で構築となり、QAを経てリリースされています。
今回のリリースではCVEへの対応、UpStreanでのアップデート対応(kernel は 5.4.205 )の他、bitbake/bin/bitbake-getvar がバックポートされています。

8/3 12:00 現在、リリース版以降のコミットは行われていません。

次のポイントリリース3.1.19は 2022/9/9 を予定しています。

本リリースの詳細は以下のURLでご確認ください。
https://lists.yoctoproject.org/g/yocto-announce/message/252

----------------
Known Issues
----------------
N/A

----------------
Security Fixes
----------------

grub2: CVE-2021-3981 Incorrect permission in grub.cfg allow unprivileged user to read the file content
unzip: Port debian fixes for CVE-2022-0529 and CVE-2022-0530
unzip: Fix CVE-2021-4217
golang: Fix CVE-2021-31525 net/http: panic in ReadRequest and ReadResponse when reading a very large header
golang: Fix CVE-2022-24675 encoding/pem: fix stack overflow in Decode
golang: Fix CVE-2021-44717 syscall: don't close fd 0 on ForkExec error
python-pip: Fix CVE-2021-3572 Incorrect handling of unicode separators in git references
openssh: Whitelist CVE-2021-36368
cups: Fix CVE-2022-26691
curl: Fix CVE-2022-27774, CVE-2022-27781, CVE-2022-27782, CVE-2022-32206, CVE-2022-32207, and CVE-2022-32208
libxslt: Mark CVE-2022-29824 as not applying
libxslt: Fix CVE-2021-30560
pcre2: Fix CVE-2022-1587 Out-of-bounds read
e2fsprogs: Fix CVE-2022-1304 out-of-bounds read/write via crafted filesystem

----------------
Fixes
----------------

IMAGE_LOCALES_ARCHIVE: add option to prevent locale archive creation
alsa-plugins: fix libavtp vs. avtp packageconfig
archiver: don't use machine variables in shared recipes
archiver: use bb.note instead of echo
bitbake: bin/bitbake-getvar: Add a new command to query a variable value (with history)
bitbake: fetch/git: Fix usehead for non-default names
bitbake: fetch/wget: Move files into place atomically
bitbake: knotty: display active tasks when printing keepAlive() message
bitbake: knotty: reduce keep-alive timeout from 5000s (83 minutes) to 10 minutes
bitbake: tinfoil/data_smart: Allow variable history emit() to function remotely
build-appliance-image: Update to dunfell head revision
classes/cve-check: Move get_patches_cves to library
curl: Fix CVE_CHECK_WHITELIST typo
cve-check: add coverage statistics on recipes with/without CVEs
cve-check: add support for Ignored CVEs
cve-check: hook cleanup to the BuildCompleted event, not CookerExit
cve-check: move update_symlinks to a library
cve-check: write empty fragment files in the text mode
cve-extra-exclusions.inc: Use CVE_CHECK_WHITELIST
cve-extra-exclusions: Clean up and ignore three CVEs (2xqemu and nasm)
cve-update-db-native: make it possible to disable database updates
documentation: update for 3.1.18 release
dpkg: update to 1.19.8
dropbear: break dependency on base package for -dev package
e2fsprogs: add alternatives handling of lsattr as well
efivar: change branch name to main
gcc-source: Fix incorrect task dependencies from ${B}
initramfs-framework: move storage mounts to actual rootfs
insane.bbclass: host-user-contaminated: Correct per package home path
kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
license.bbclass: Bound beginline and endline in copy_license_files()
linux-firmware: add support for building snapshots
linux-firmware: upgrade 20220509 -> 20220610
linux-yocto-rt/5.4: fixup -rt build breakage
linux-yocto/5.4: update to v5.4.205
local.conf.sample: Update sstate url to new 'all' path
lttng-modules: Backport Linux 5.18+, 5.15.44+, 5.10.119+ fixes
manuals: switch to the sstate mirror shared between all versions
oe-selftest-image: Ensure the image has sftp as well as dropbear
oeqa/runtime/scp: Disable scp test for dropbear
oeqa/selftest/cve_check: add tests for Ignored and partial reports
oescripts: change compare logic in OEListPackageconfigTests
openssh: break dependency on base package for -dev package
openssl: update fix for ptest certificate expiration
openssl: update the epoch time for ct_test ptest
openssl: upgrade to 1.1.1q
packagegroup-core-ssh-dropbear: Add openssh-sftp-server recommendation
poky.conf: bump version for 3.1.18 release
qemu: add PACKAGECONFIG for capstone
ref-manual: Add XZ_THREADS and XZ_MEMLIMIT
ref-manual: variables: remove sphinx directive from literal block
rootfs.py: close kernel_abi_ver_file
systemd: systemd-systemctl: Support instance conf files during enable
vim: upgrade to 9.0.0021
wic: fix WicError message
wireless-regdb: upgrade 2022.04.08 -> 2022.06.06