From patchwork Mon Nov 25 04:01:57 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: "Lee, Chee Yang" <chee.yang.lee@intel.com>
X-Patchwork-Id: 53086
Return-Path: <chee.yang.lee@intel.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id CBA3ED3B7D1
	for <webhook@archiver.kernel.org>; Mon, 25 Nov 2024 04:04:10 +0000 (UTC)
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13])
 by mx.groups.io with SMTP id smtpd.web10.11468.1732507447373522335
 for <docs@lists.yoctoproject.org>;
 Sun, 24 Nov 2024 20:04:07 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@intel.com header.s=Intel header.b=UQ3/eQW1;
 spf=pass (domain: intel.com, ip: 192.198.163.13,
 mailfrom: chee.yang.lee@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1732507447; x=1764043447;
  h=from:to:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=nfm1ACjl3KK48cYOfWJ/FlpCImrMKiAuWSsySJ02qxY=;
  b=UQ3/eQW160a46FbO6SXy104umFDctoMw8Mk/+tVHzU9JwmBQOFoSWhJt
   mXfu+rz8RxSZ61uVJWch5qPfyVP6ehjhBxjkuDnTPjwo1glxMOOcnADBe
   w67KrjenWkM3oqIRcRK3Mq7ybP9Q8nLX03qY+OSa9w3whFu8EY8v5Ar1j
   NAj7gJVllU0dMj8BbC+hMLwWIgzpkicwEGBFtrA/D+kCfY8N/oQjgZKAt
   zoELr1EEtalFuWOymTGTq8bK/i6L87fAQNF7LAzGF50OMRMchE+JYf3E3
   Sw6p+awP83UlCL6e5PKonP8redpE53QwGStFNXLYo6CkVsz+ZRyTBTNBR
   A==;
X-CSE-ConnectionGUID: GoLgYvSpRz6U/RfxznSseA==
X-CSE-MsgGUID: 4eUqBpYqQKSKI1hk1to1ng==
X-IronPort-AV: E=McAfee;i="6700,10204,11266"; a="35449741"
X-IronPort-AV: E=Sophos;i="6.12,182,1728975600";
   d="scan'208";a="35449741"
Received: from orviesa008.jf.intel.com ([10.64.159.148])
  by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 24 Nov 2024 20:04:07 -0800
X-CSE-ConnectionGUID: Md9S72AcSzCkaeTiKFQIaA==
X-CSE-MsgGUID: 4ly0Rx4JQo+5of6Sz/ILvg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.12,182,1728975600";
   d="scan'208";a="91929764"
Received: from cheeyang-desk1.png.intel.com ([10.107.249.127])
  by orviesa008.jf.intel.com with ESMTP; 24 Nov 2024 20:04:06 -0800
From: chee.yang.lee@intel.com
To: docs@lists.yoctoproject.org
Subject: [PATCH] migration-guides: add release notes for 5.0.5
Date: Mon, 25 Nov 2024 12:01:57 +0800
Message-Id: <20241125040157.1706215-1-chee.yang.lee@intel.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
List-Id: <docs.lists.yoctoproject.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <docs@lists.yoctoproject.org>; Mon, 25 Nov 2024 04:04:10 -0000
X-Groupsio-URL: https://lists.yoctoproject.org/g/docs/message/5794

From: Lee Chee Yang <chee.yang.lee@intel.com>

Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
---
 .../migration-guides/release-5.0.rst          |   1 +
 .../migration-guides/release-notes-5.0.5.rst  | 227 ++++++++++++++++++
 2 files changed, 228 insertions(+)
 create mode 100644 documentation/migration-guides/release-notes-5.0.5.rst

diff --git a/documentation/migration-guides/release-5.0.rst b/documentation/migration-guides/release-5.0.rst
index 25c8ebc16..9169188e9 100644
--- a/documentation/migration-guides/release-5.0.rst
+++ b/documentation/migration-guides/release-5.0.rst
@@ -11,3 +11,4 @@ Release 5.0 (scarthgap)
    release-notes-5.0.2
    release-notes-5.0.3
    release-notes-5.0.4
+   release-notes-5.0.5
diff --git a/documentation/migration-guides/release-notes-5.0.5.rst b/documentation/migration-guides/release-notes-5.0.5.rst
new file mode 100644
index 000000000..582e4614c
--- /dev/null
+++ b/documentation/migration-guides/release-notes-5.0.5.rst
@@ -0,0 +1,227 @@
+Release notes for Yocto-5.0.5 (Scarthgap)
+-----------------------------------------
+
+Security Fixes in Yocto-5.0.5
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  ``cups``: Fix :cve_nist:`2024-47175`
+-  ``curl``: Fix :cve_nist:`2024-8096`
+-  ``gnupg``: Ignore :cve_nist:`2022-3219` (wont-fix)
+-  ``libarchive``: Fix :cve_nist:`2024-48957` and :cve_nist:`2024-48958`
+-  ``openssh``: Ignore :cve_nist:`2023-51767` (wont-fix)
+-  ``openssl``: Fix :cve_nist:`2024-9143`
+-  ``ruby``: Fix :cve_nist:`2024-41123` and :cve_mitre:`2024-41496`
+-  ``rust-llvm``: Fix :cve_nist:`2024-0151`
+-  ``rust``, ``libstd-rs``: Ignore :cve_nist:`2024-43402`
+-  ``wpa-supplicant``: Patch SAE H2E and incomplete downgrade protection for group negotiation
+-  ``wpa-supplicant``: Fix :cve_nist:`2024-3596`
+-  ``wpa-supplicant``: Ignore :cve_nist:`2024-5290`
+
+
+Fixes in Yocto-5.0.5
+~~~~~~~~~~~~~~~~~~~~
+
+-  binutils: stable 2.42 branch updates
+-  bitbake.conf: Add truncate to :term:`HOSTTOOLS`
+-  bitbake: asyncrpc: Use client timeout for websocket open timeout
+-  bitbake: bitbake: doc/user-manual: Update the :term:`BB_HASHSERVE_UPSTREAM`
+-  bitbake: gitsm: Add call_process_submodules() to remove duplicated code
+-  bitbake: gitsm: Remove downloads/tmpdir when failed
+-  bitbake: tests/fetch: Use our own mirror of mobile-broadband-provider to decouple from gnome gitlab
+-  bitbake: tests/fetch: Use our own mirror of sysprof to decouple from gnome gitlab
+-  build-appliance-image: Update to scarthgap head revision
+-  cryptodev: upgrade to 1.14
+-  cve-check: add support for cvss v4.0
+-  cve_check: Use a local copy of the database during builds
+-  dev-manual: add bblock documentation
+-  documentation: conf.py: rename :cve: role to :cve_nist:
+-  documentation: README: add instruction to run Vale on a subset
+-  documentation: Makefile: add SPHINXLINTDOCS to specify subset to sphinx-lint
+-  e2fsprogs: removed 'sed -u' option
+-  ffmpeg: Add "libswresample libavcodec" to :term:`CVE_PRODUCT`
+-  glibc: stable 2.39 branch updates.
+-  go: upgrade to 1.22.8
+-  icu: update patch Upstream-Status
+-  image.bbclass: Drop support for ImageQAFailed exceptions in image_qa
+-  image_qa: fix error handling
+-  install-buildtools: fix "test installation" step
+-  install-buildtools: remove md5 checksum validation
+-  install-buildtools: update base-url, release and installer version
+-  kernel-devsrc: remove 64 bit vdso cmd files
+-  kernel-fitimage: fix external dtb check
+-  kernel-fitimage: fix intentation
+-  lib/oe/package-manager: skip processing installed-pkgs with empty globs
+-  liba52: fix do_fetch error
+-  libpcre2: Update base uri PhilipHazel -> PCRE2Project
+-  libsdl2: Fix non-deterministic configure option for libsamplerate
+-  license: Fix directory layout issues
+-  linux-firmware: upgrade to 20240909
+-  linux-yocto/6.6: fix genericarm64 config warning
+-  linux-yocto/6.6: upgrade to v6.6.54
+-  lsb-release: fix Distro Codename shell escaping
+-  makedevs: Fix issue when rootdir of / is given
+-  makedevs: Fix matching uid/gid
+-  meta-ide-support: Mark recipe as MACHINE-specific
+-  meta-world-pkgdata: Inherit nopackages
+-  migration-guide: add release notes for 4.0.21, 4.0.22 and 5.0.4
+-  migration-guide: release-notes-4.0: update :term:`BB_HASHSERVE_UPSTREAM` for new infrastructure
+-  migration-guide: release-notes-5.0.rst: update NO_OUTPUT -> NO_COLOR
+-  orc: upgrade to 0.4.40
+-  overview-manual: concepts: add details on package splitting
+-  poky.conf: bump version for 5.0.5
+-  populate_sdk_base: inherit nopackages
+-  ptest-runner: upgrade to 2.4.5
+-  pulseaudio: correct freedesktop.org -> www.freedesktop.org :term:`SRC_URI`
+-  desktop-file-utils: correct freedesktop.org -> www.freedesktop.org :term:`SRC_URI`
+-  python3-lxml: upgrade to v5.0.2
+-  python3-setuptools: Add "python:setuptools" to :term:`CVE_PRODUCT`
+-  recipes-bsp: usbutils: Fix usb-devices command using busybox
+-  ref-manual: add missing CVE_CHECK manifest variables
+-  ref-manual: add missing :term:`EXTERNAL_KERNEL_DEVICETREE` variable
+-  ref-manual: add missing :term:`OPKGBUILDCMD` variable
+-  ref-manual: add missing :term:`TESTIMAGE_FAILED_QA_ARTIFACTS`
+-  ref-manual: devtool-reference: document missing commands
+-  ref-manual: devtool-reference: refresh example outputs
+-  ref-manual: faq: add q&a on class appends
+-  ref-manual: introduce :term:`CVE_CHECK_REPORT_PATCHED` variable
+-  ref-manual: merge patch-status-* to patch-status
+-  ref-manual: release-process: add a reference to the doc's release
+-  ref-manual: release-process: refresh the current LTS releases
+-  ref-manual: release-process: update releases.svg
+-  ref-manual: release-process: update releases.svg with month after "Current"
+-  ref-manual: structure.rst: document missing tmp/ dirs
+-  ref-manual: variables: add SIGGEN_LOCKEDSIGS* variables
+-  rootfs-postcommands.bbclass: make opkg status reproducible
+-  rpm: fix expansion of %_libdir in macros
+-  ruby: upgrade to 3.3.5
+-  runqemu: Fix detection of -serial parameter
+-  runqemu: keep generating tap devices
+-  scripts/install-buildtools: Update to 5.0.3
+-  sqlite3: upgrade to 3.45.3
+-  styles: vocabularies: Yocto: add sstate
+-  systemtap: fix systemtap-native build error on Fedora 40
+-  sysvinit: take release tarballs from github
+-  testexport: fallback for empty :term:`IMAGE_LINK_NAME`
+-  testimage: fallback for empty :term:`IMAGE_LINK_NAME`
+-  uboot-sign: fix counters in do_uboot_assemble_fitimage
+-  vim: upgrade to 9.1.0764
+-  virglrenderer: Add patch to fix -int-conversion build issue
+-  webkitgtk: upgrade to 2.44.3
+-  weston: backport patch to allow neatvnc < v0.9.0
+-  wpa-supplicant: Patch security advisory 2024-2
+-  xserver-xorg: upgrade to 21.1.14
+
+
+Known Issues in Yocto-5.0.5
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  ``oeqa/runtime``: the ``beaglebone-yocto`` target fails the parselogs runtime test due to unexpected kernel error messages in the log (see bug 15624 on Bugzilla).
+
+
+Contributors to Yocto-5.0.5
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+-  Aditya Tayade
+-  Adrian Freihofer
+-  Aleksandar Nikolic
+-  Alexander Kanavin
+-  Antonin Godard
+-  Anuj Mittal
+-  Bruce Ashfield
+-  Claus Stovgaard
+-  Deepesh Varatharajan
+-  Deepthi Hemraj
+-  Hiago De Franco
+-  Hitendra Prajapati
+-  Jaeyoon Jung
+-  Jiaying Song
+-  Jonas Gorski
+-  Jose Quaresma
+-  Joshua Watt
+-  Julien Stephan
+-  Jörg Sommer
+-  Khem Raj
+-  Konrad Weihmann
+-  Lee Chee Yang
+-  Louis Rannou
+-  Macpaul Lin
+-  Martin Jansa
+-  Paul Barker
+-  Paul Gerber
+-  Peter Kjellerstedt
+-  Peter Marko
+-  Purushottam Choudhary
+-  Richard Purdie
+-  Robert Yang
+-  Rohini Sangam
+-  Ross Burton
+-  Sergei Zhmylev
+-  Shunsuke Tokumoto
+-  Steve Sakoman
+-  Teresa Remmet
+-  Victor Kamensky
+-  Vijay Anusuri
+-  Wang Mingyu
+-  Yi Zhao
+-  Yogita Urade
+-  Zahir Hussain
+
+
+Repositories / Downloads for Yocto-5.0.5
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+poky
+
+-  Repository Location: :yocto_git:`/poky`
+-  Branch: :yocto_git:`scarthgap </poky/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.5 </poky/log/?h=yocto-5.0.5>`
+-  Git Revision: :yocto_git:`dce4163d42f7036ea216b52b9135968d51bec4c1 </poky/commit/?id=dce4163d42f7036ea216b52b9135968d51bec4c1>`
+-  Release Artefact: poky-dce4163d42f7036ea216b52b9135968d51bec4c1
+-  sha: ad35a965a284490a962f6854ace536b8795f96514e14bf5c79f91f6d76ac25d3
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.5/poky-dce4163d42f7036ea216b52b9135968d51bec4c1.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.5/poky-dce4163d42f7036ea216b52b9135968d51bec4c1.tar.bz2
+
+openembedded-core
+
+-  Repository Location: :oe_git:`/openembedded-core`
+-  Branch: :oe_git:`scarthgap </openembedded-core/log/?h=scarthgap>`
+-  Tag:  :oe_git:`yocto-5.0.5 </openembedded-core/log/?h=yocto-5.0.5>`
+-  Git Revision: :oe_git:`a051a066da2874b95680d0353dfa18c1d56b2670 </openembedded-core/commit/?id=a051a066da2874b95680d0353dfa18c1d56b2670>`
+-  Release Artefact: oecore-a051a066da2874b95680d0353dfa18c1d56b2670
+-  sha: 16d252aade00161ade2692f41b2da3effeb1f41816a66db843bb1c5495125e93
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.5/oecore-a051a066da2874b95680d0353dfa18c1d56b2670.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.5/oecore-a051a066da2874b95680d0353dfa18c1d56b2670.tar.bz2
+
+meta-mingw
+
+-  Repository Location: :yocto_git:`/meta-mingw`
+-  Branch: :yocto_git:`scarthgap </meta-mingw/log/?h=scarthgap>`
+-  Tag:  :yocto_git:`yocto-5.0.5 </meta-mingw/log/?h=yocto-5.0.5>`
+-  Git Revision: :yocto_git:`acbba477893ef87388effc4679b7f40ee49fc852 </meta-mingw/commit/?id=acbba477893ef87388effc4679b7f40ee49fc852>`
+-  Release Artefact: meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852
+-  sha: 3b7c2f475dad5130bace652b150367f587d44b391218b1364a8bbc430b48c54c
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.5/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.5/meta-mingw-acbba477893ef87388effc4679b7f40ee49fc852.tar.bz2
+
+bitbake
+
+-  Repository Location: :bitbake_git:`/`
+-  Branch: :bitbake_git:`2.8 </log/?h=2.8>`
+-  Tag:  :bitbake_git:`yocto-5.0.5 </log/?h=yocto-5.0.5>`
+-  Git Revision: :bitbake_git:`377eba2361850adfb8ce7e761ef9c76be287f88c </commit/?id=377eba2361850adfb8ce7e761ef9c76be287f88c>`
+-  Release Artefact: bitbake-377eba2361850adfb8ce7e761ef9c76be287f88c
+-  sha: 4a5a35098eec719bbb879706d50e552a2b709295db4055c8050ae7dda1eb2994
+-  Download Locations:
+   http://downloads.yoctoproject.org/releases/yocto/yocto-5.0.5/bitbake-377eba2361850adfb8ce7e761ef9c76be287f88c.tar.bz2
+   http://mirrors.kernel.org/yocto/yocto/yocto-5.0.5/bitbake-377eba2361850adfb8ce7e761ef9c76be287f88c.tar.bz2
+
+yocto-docs
+
+-  Repository Location: :yocto_git:`/yocto-docs`
+-  Branch: :yocto_git:`scarthgap </yocto-docs/log/?h=scarthgap>`
+-  Tag: :yocto_git:`yocto-5.0.5 </yocto-docs/log/?h=yocto-5.0.5>`
+-  Git Revision: :yocto_git:`e882cb3e5816d081eb05cb83488f286cca70e0c6 </yocto-docs/commit/?id=e882cb3e5816d081eb05cb83488f286cca70e0c6>`
+