From patchwork Fri Feb 6 09:41:45 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: "Lee, Chee Yang" X-Patchwork-Id: 80560 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99F6BEA795C for ; Fri, 6 Feb 2026 09:42:41 +0000 (UTC) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.8040.1770370954342566121 for ; Fri, 06 Feb 2026 01:42:34 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.com header.s=Intel header.b=McjgJih+; spf=pass (domain: intel.com, ip: 192.198.163.10, mailfrom: chee.yang.lee@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1770370954; x=1801906954; h=from:to:subject:date:message-id:mime-version: content-transfer-encoding; bh=FW8k6OECS/MC4FQjNsCaiW3L/7n0hKlUX6B59og2rlw=; b=McjgJih+wma+sbNGX+2oW6oCHPzo6EQ5LX5rPMtwdQNmuQk3LVGF1oax 8qUi+DwDMnFhSdzv2R/2p2frM+CD/P3zrKHGkmfuq3my9FC3HDOY4Q+nY wmHPlJ1Qoa72ZDxggDflGmYI5oPyTwT+Rj00m/X5FVg4T9QmpJ6uH7SpA TfKIPHSdf0Yof2N7s4wPO4KCYH87QV+1Fiq6OJD9XhX+j0Z96MXqXdWiA tYfjG505+ag6xMFHLev2SS5fWcwGOY5nAgYXrv/ZKWtqz7Xhxvy2svbkJ VE1Rvbtq4pIHMY7eQCr/VHIGMuN9OEwJUQ/LIDM0DgeDfZ1zIemwWIFbp g==; X-CSE-ConnectionGUID: d6gH9IhTR4SeXFFg8lMmZQ== X-CSE-MsgGUID: qR9gvT+qRfebA5nPWfJsnQ== X-IronPort-AV: E=McAfee;i="6800,10657,11692"; a="82946770" X-IronPort-AV: E=Sophos;i="6.21,276,1763452800"; d="scan'208";a="82946770" Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Feb 2026 01:42:30 -0800 X-CSE-ConnectionGUID: tuG5B+baSoGq6poCPpNiYA== X-CSE-MsgGUID: 9x7R3mMuQb6yWFZsD+RjDA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.21,276,1763452800"; d="scan'208";a="210723680" Received: from cheeyang-desk4.png.intel.com ([10.107.249.123]) by fmviesa008.fm.intel.com with ESMTP; 06 Feb 2026 01:42:26 -0800 From: chee.yang.lee@intel.com To: docs@lists.yoctoproject.org Subject: [PATCH 1/2] migration-guides: add release notes for 5.3.1 Date: Fri, 6 Feb 2026 17:41:45 +0800 Message-ID: <20260206094146.61584-1-chee.yang.lee@intel.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 06 Feb 2026 09:42:41 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/docs/message/8874 From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- .../migration-guides/release-5.3.rst | 1 + .../migration-guides/release-notes-5.3.1.rst | 262 ++++++++++++++++++ 2 files changed, 263 insertions(+) create mode 100644 documentation/migration-guides/release-notes-5.3.1.rst diff --git a/documentation/migration-guides/release-5.3.rst b/documentation/migration-guides/release-5.3.rst index cbc4f13a7..30c0d277a 100644 --- a/documentation/migration-guides/release-5.3.rst +++ b/documentation/migration-guides/release-5.3.rst @@ -7,3 +7,4 @@ Release 5.3 (whinlatter) migration-5.3 release-notes-5.3 + release-notes-5.3.1 diff --git a/documentation/migration-guides/release-notes-5.3.1.rst b/documentation/migration-guides/release-notes-5.3.1.rst new file mode 100644 index 000000000..6c366f0f3 --- /dev/null +++ b/documentation/migration-guides/release-notes-5.3.1.rst @@ -0,0 +1,262 @@ +Release notes for Yocto-5.3.1 (Whinlatter) +------------------------------------------ + +Users of Alma 9, Rocky 9 and Centos Stream 9 rolling releases have seen obtuse failures in the execution of tar in various tasks after recent host distro updates. These newer versions of tar contain a CVE fix which uses a new glibc call/syscall (openat2). The fix is to update to a newer pseudo version which handles this syscall. This is not included in this stable release but we aim to include it in the next one. + +Security Fixes in Yocto-5.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- binutils: Fix :cve_nist:`2025-11494`, :cve_nist:`2025-11839` and :cve_nist:`2025-11840` +- cups: Fix :cve_nist:`2025-58436` and :cve_nist:`2025-61915` +- dropbear: Fix :cve_nist:`2019-6111` +- glib-2.0: Fix :cve_nist:`2025-13601`, :cve_nist:`2025-14087` and :cve_nist:`2025-14512` +- gnutls: Fix :cve_nist:`2025-9820` +- go: Fix :cve_nist:`2025-61727` and :cve_nist:`2025-61729` +- libarchive: Fix :cve_nist:`2025-60753` +- libpcap: Fix :cve_nist:`2025-11961` and :cve_nist:`2025-11964` +- libpng: Fix :cve_nist:`2025-64505`, :cve_nist:`2025-64506`, :cve_nist:`2025-64720`, + :cve_nist:`2025-65018` and :cve_nist:`2025-66293` +- linux-yocto/6.12: Ignore :cve_nist:`2023-7324`, :cve_nist:`2024-57995`, :cve_nist:`2025-21833`, + :cve_nist:`2025-22105`, :cve_nist:`2025-22107`, :cve_nist:`2025-22121`, :cve_nist:`2025-23129`, + :cve_nist:`2025-23130`, :cve_nist:`2025-37803`, :cve_nist:`2025-37860`, :cve_nist:`2025-38643`, + :cve_nist:`2025-38678`, :cve_nist:`2025-39678`, :cve_nist:`2025-39981`, :cve_nist:`2025-40014`, + :cve_nist:`2025-40026`, :cve_nist:`2025-40027`, :cve_nist:`2025-40028`, :cve_nist:`2025-40029`, + :cve_nist:`2025-40030`, :cve_nist:`2025-40031`, :cve_nist:`2025-40032`, :cve_nist:`2025-40033`, + :cve_nist:`2025-40034`, :cve_nist:`2025-40035`, :cve_nist:`2025-40036`, :cve_nist:`2025-40037`, + :cve_nist:`2025-40038`, :cve_nist:`2025-40039`, :cve_nist:`2025-40040`, :cve_nist:`2025-40041`, + :cve_nist:`2025-40042`, :cve_nist:`2025-40043`, :cve_nist:`2025-40044`, :cve_nist:`2025-40045`, + :cve_nist:`2025-40046`, :cve_nist:`2025-40047`, :cve_nist:`2025-40048`, :cve_nist:`2025-40049`, + :cve_nist:`2025-40050`, :cve_nist:`2025-40051`, :cve_nist:`2025-40052`, :cve_nist:`2025-40053`, + :cve_nist:`2025-40055`, :cve_nist:`2025-40056`, :cve_nist:`2025-40057`, :cve_nist:`2025-40058`, + :cve_nist:`2025-40059`, :cve_nist:`2025-40060`, :cve_nist:`2025-40061`, :cve_nist:`2025-40062`, + :cve_nist:`2025-40063`, :cve_nist:`2025-40066`, :cve_nist:`2025-40067`, :cve_nist:`2025-40068`, + :cve_nist:`2025-40069`, :cve_nist:`2025-40070`, :cve_nist:`2025-40071`, :cve_nist:`2025-40072`, + :cve_nist:`2025-40073`, :cve_nist:`2025-40076`, :cve_nist:`2025-40077`, :cve_nist:`2025-40078`, + :cve_nist:`2025-40079`, :cve_nist:`2025-40080`, :cve_nist:`2025-40081`, :cve_nist:`2025-40082`, + :cve_nist:`2025-40083`, :cve_nist:`2025-40084`, :cve_nist:`2025-40085`, :cve_nist:`2025-40087`, + :cve_nist:`2025-40088`, :cve_nist:`2025-40089`, :cve_nist:`2025-40090`, :cve_nist:`2025-40091`, + :cve_nist:`2025-40092`, :cve_nist:`2025-40093`, :cve_nist:`2025-40094`, :cve_nist:`2025-40095`, + :cve_nist:`2025-40096`, :cve_nist:`2025-40097`, :cve_nist:`2025-40099`, :cve_nist:`2025-40100`, + :cve_nist:`2025-40101`, :cve_nist:`2025-40103`, :cve_nist:`2025-40104`, :cve_nist:`2025-40105`, + :cve_nist:`2025-40106`, :cve_nist:`2025-40107`, :cve_nist:`2025-40108`, :cve_nist:`2025-40109`, + :cve_nist:`2025-40110`, :cve_nist:`2025-40111`, :cve_nist:`2025-40112`, :cve_nist:`2025-40115`, + :cve_nist:`2025-40116`, :cve_nist:`2025-40117`, :cve_nist:`2025-40118`, :cve_nist:`2025-40119`, + :cve_nist:`2025-40120`, :cve_nist:`2025-40121`, :cve_nist:`2025-40122`, :cve_nist:`2025-40123`, + :cve_nist:`2025-40124`, :cve_nist:`2025-40125`, :cve_nist:`2025-40126`, :cve_nist:`2025-40127`, + :cve_nist:`2025-40129`, :cve_nist:`2025-40131`, :cve_nist:`2025-40132`, :cve_nist:`2025-40133`, + :cve_nist:`2025-40134`, :cve_nist:`2025-40137`, :cve_nist:`2025-40138`, :cve_nist:`2025-40140`, + :cve_nist:`2025-40141`, :cve_nist:`2025-40142`, :cve_nist:`2025-40143`, :cve_nist:`2025-40144`, + :cve_nist:`2025-40145`, :cve_nist:`2025-40148`, :cve_nist:`2025-40151`, :cve_nist:`2025-40152`, + :cve_nist:`2025-40153`, :cve_nist:`2025-40154`, :cve_nist:`2025-40155`, :cve_nist:`2025-40156`, + :cve_nist:`2025-40157`, :cve_nist:`2025-40159`, :cve_nist:`2025-40160`, :cve_nist:`2025-40161`, + :cve_nist:`2025-40162`, :cve_nist:`2025-40163`, :cve_nist:`2025-40165`, :cve_nist:`2025-40166`, + :cve_nist:`2025-40167`, :cve_nist:`2025-40169`, :cve_nist:`2025-40171`, :cve_nist:`2025-40172`, + :cve_nist:`2025-40173`, :cve_nist:`2025-40174`, :cve_nist:`2025-40175`, :cve_nist:`2025-40176`, + :cve_nist:`2025-40177`, :cve_nist:`2025-40178`, :cve_nist:`2025-40179`, :cve_nist:`2025-40180`, + :cve_nist:`2025-40181`, :cve_nist:`2025-40182`, :cve_nist:`2025-40183`, :cve_nist:`2025-40184`, + :cve_nist:`2025-40185`, :cve_nist:`2025-40186`, :cve_nist:`2025-40187`, :cve_nist:`2025-40188`, + :cve_nist:`2025-40189`, :cve_nist:`2025-40190`, :cve_nist:`2025-40191`, :cve_nist:`2025-40192`, + :cve_nist:`2025-40193`, :cve_nist:`2025-40194`, :cve_nist:`2025-40195`, :cve_nist:`2025-40196`, + :cve_nist:`2025-40197`, :cve_nist:`2025-40198`, :cve_nist:`2025-40199`, :cve_nist:`2025-40200`, + :cve_nist:`2025-40201`, :cve_nist:`2025-40202`, :cve_nist:`2025-40203`, :cve_nist:`2025-40204`, + :cve_nist:`2025-40205`, :cve_nist:`2025-40206`, :cve_nist:`2025-40207`, :cve_nist:`2025-40208`, + :cve_nist:`2025-40209`, :cve_nist:`2025-40211`, :cve_nist:`2025-40212` and :cve_nist:`2025-40213` +- python3-urllib3: Fix :cve_nist:`2025-66418` +- python3: Fix :cve_nist:`2025-6075` and :cve_nist:`2025-12084` +- sqlite3: Fix :cve_nist:`2025-3277`, :cve_nist:`2025-6965` and :cve_nist:`2025-29087` + + +Fixes in Yocto-5.3.1 +~~~~~~~~~~~~~~~~~~~~ + +bitbake +^^^^^^^ +- bin: Hide os.fork() deprecation warning in all bitbake scripts +- bitbake-layers: Also hide os.fork() deprecation warning + +meta-yocto +^^^^^^^^^^ +- poky.conf: bump version for 5.3.1 + +oecore +^^^^^^ +- build-appliance-image: Update to whinlatter head revisions +- ccache: upgrade to 4.12.2 +- cross.bbclass: Propagate dependencies to outhash +- cups: upgrade to 2.4.15 +- curl: Use host CA bundle by default for native(sdk) builds +- cve-update: Avoid NFS caching issues +- e2fsprogs: misc/create_inode.c: Fix for file larger than 2GB +- ell: upgrade to 0.80 +- enchant2: upgrade to 2.8.14 +- glib-2.0: Upgrade to 2.86.1 +- glib-2.0: upgrade to 2.86.3 +- go: upgrade to 1.25.5 +- gst-devtools: upgrade to 1.26.7 +- gst-examples: upgrade to 1.26.7 +- gstreamer1.0: upgrade to 1.26.7 +- gstreamer1.0-libav: upgrade to 1.26.7 +- gstreamer1.0-plugins-bad: upgrade to 1.26.7 +- gstreamer1.0-plugins-base: upgrade to 1.26.7 +- gstreamer1.0-plugins-good: upgrade to 1.26.7 +- gstreamer1.0-plugins-ugly: upgrade to 1.26.7 +- gstreamer1.0-python: upgrade to 1.26.7 +- gstreamer1.0-rtsp-server: upgrade to 1.26.7 +- gstreamer1.0-vaapi: upgrade to 1.26.7 +- libarchive: upgrade to 3.8.3 +- libarchive: upgrade to 3.8.4 +- libpcap: upgrade to 1.10.6 +- libpng: upgrade to 1.6.52 +- libssh2: fix regression in KEX method validation (GH-1553) +- libxmlb: upgrade to 0.3.24 +- linux-yocto/6.12: update to v6.12.60 +- llvm/clang: Upgrade to 21.1.7 +- mesa: upgrade to 25.2.8 +- python3: upgrade to 3.13.11 +- spdx30_tasks: Fix :term:`SPDX_CUSTOM_ANNOTATION_VARS` implementation +- xserver-nodm-init: avoid race condition related to udev + +yocto-docs +^^^^^^^^^^ +- Add the sphinx-copybutton extension +- Fix bitbake version mapping for whinlatter +- Makefile: fix rsvg-convert --format capitalization +- brief-yoctoprojectqs/index.rst: fix improper code-block indentation +- brief-yoctoprojectqs/index.rst: switch shell block to to console/text blocks +- brief-yoctoprojectqs/index.rst: update available bitbake-setup configurations +- brief-yoctoprojectqs: specify what "recent Ubuntu Linux distribution" is +- dev-manual/limiting-resources.rst: update how to track pressure info +- make sure Quick Build section and System Requirements are in sync +- migration-guide: update 5.3 release notes download section +- migration-guides/release-notes-5.3.rst: add contributors +- migration-guides/release-notes-5.3.rst: add fixed cve +- migration-guides/release-notes-5.3.rst: add license updates +- migration-guides/release-notes-5.3.rst: add recipe upgrades +- migration-guides/release-notes-5.3.rst: latest changes from master +- overview-manual/concepts.rst: update the cross-development toolchain section +- poky.yaml.in: add DISTRO_RELEASE_SERIES +- ref-manual/classes.rst: document the image-container class +- ref-manual/faq.rst: add Q&A on third-party vuln scanning tools +- ref-manual/system-requirements.rst: add RockyLinux install instructions +- ref-manual/system-requirements.rst: fix AlmaLinux PDF build +- ref-manual/tasks.rst: document the do_list_image_features task +- ref-manual/variables.rst: document WESTON_USER/WESTON_USER_HOME variables +- ref-manual: Document :term:`SPDX` 3.0.1 variables +- set_versions.py: add wrynose as devbranch +- tools/build-docs-container: add CentOS Stream 9 support +- tools/build-docs-container: move container files in their own directory +- tools: add gen-cve-release-notes +- tools: ubuntu_docs: remove duplicate python3-saneyaml + + +Known Issues in Yocto-5.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-5.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Alexander Kanavin +- Ankur Tyagi +- Antonin Godard +- Bruce Ashfield +- Chen Qi +- Deepesh Varatharajan +- Dmitry Baryshkov +- Gyorgy Sarvari +- Jayasurya Maganuru +- Jörg Sommer +- Lee Chee Yang +- Martin Jansa +- Mathieu Dubois-Briand +- Moritz Haase +- Paul Barker +- Peter Marko +- Quentin Schulz +- Robert Yang +- Stefano Tondo +- Vijay Anusuri +- Wang Mingyu +- Yash Shinde +- Yoann Congal +- Zhang Peng + + +Repositories / Downloads for Yocto-5.3.1 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`whinlatter ` +- Tag: :yocto_git:`yocto-5.3.1 ` +- Git Revision: :yocto_git:`102a33294e63a5581c413555040f790161fc80ff ` +- Release Artefact: yocto-docs-102a33294e63a5581c413555040f790161fc80ff +- sha: 377b828c5dbf82b8a918360a52ff7b4122d37fd8d13d0451738edd57a1924083 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-5.3.1/yocto-docs-102a33294e63a5581c413555040f790161fc80ff.tar.bz2 + + https://mirrors.kernel.org/yocto/yocto/yocto-5.3.1/yocto-docs-102a33294e63a5581c413555040f790161fc80ff.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`whinlatter ` +- Tag: :oe_git:`yocto-5.3.1 ` +- Git Revision: :oe_git:`dd10706cfafb5574b7cf316fca2300d166ef71b0 ` +- Release Artefact: oecore-dd10706cfafb5574b7cf316fca2300d166ef71b0 +- sha: b3182231a4a10f57215289b0f42ebe658ee9b1ed0b0bfe414d846a778ff7c598 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-5.3.1/oecore-dd10706cfafb5574b7cf316fca2300d166ef71b0.tar.bz2 + + https://mirrors.kernel.org/yocto/yocto/yocto-5.3.1/oecore-dd10706cfafb5574b7cf316fca2300d166ef71b0.tar.bz2 + +meta-yocto + +- Repository Location: :yocto_git:`/meta-yocto` +- Branch: :yocto_git:`whinlatter ` +- Tag: :yocto_git:`yocto-5.3.1 ` +- Git Revision: :yocto_git:`6973ca663aaa9c3ab517ee960ab7985a5bf54c07 ` +- Release Artefact: meta-yocto-6973ca663aaa9c3ab517ee960ab7985a5bf54c07 +- sha: 0e126b092e74bb217416d9603002b20db8e552b45b23d634cdae955fd089dfe2 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-5.3.1/meta-yocto-6973ca663aaa9c3ab517ee960ab7985a5bf54c07.tar.bz2 + + https://mirrors.kernel.org/yocto/yocto/yocto-5.3.1/meta-yocto-6973ca663aaa9c3ab517ee960ab7985a5bf54c07.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`whinlatter ` +- Tag: :yocto_git:`yocto-5.3.1 ` +- Git Revision: :yocto_git:`00323de97e397d4f6734ef2191806616989f5e10 ` +- Release Artefact: meta-mingw-00323de97e397d4f6734ef2191806616989f5e10 +- sha: c9a70539b12c0642596fde6a2766d4a6a8fec8b2a366453fb6473363127a1c77 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-5.3.1/meta-mingw-00323de97e397d4f6734ef2191806616989f5e10.tar.bz2 + + https://mirrors.kernel.org/yocto/yocto/yocto-5.3.1/meta-mingw-00323de97e397d4f6734ef2191806616989f5e10.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.16 ` +- Tag: :oe_git:`yocto-5.3.1 ` +- Git Revision: :oe_git:`663021740bc086bd959a8457ad9ddb6da52a8278 ` +- Release Artefact: bitbake-663021740bc086bd959a8457ad9ddb6da52a8278 +- sha: a290072317e5c533fafd18608e61c9ebe9acf24d2ce46b43ba99df42c77e7073 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-5.3.1/bitbake-663021740bc086bd959a8457ad9ddb6da52a8278.tar.bz2 + + https://mirrors.kernel.org/yocto/yocto/yocto-5.3.1/bitbake-663021740bc086bd959a8457ad9ddb6da52a8278.tar.bz2 + + From patchwork Fri Feb 6 09:41:46 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Lee, Chee Yang" X-Patchwork-Id: 80559 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 988F0EB28FE for ; Fri, 6 Feb 2026 09:42:41 +0000 (UTC) Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10]) by mx.groups.io with SMTP id smtpd.msgproc02-g2.8040.1770370954342566121 for ; Fri, 06 Feb 2026 01:42:34 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.com header.s=Intel header.b=YeZNWDwN; spf=pass (domain: intel.com, ip: 192.198.163.10, mailfrom: chee.yang.lee@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1770370954; x=1801906954; h=from:to:subject:date:message-id:in-reply-to:references: mime-version:content-transfer-encoding; bh=Rb5CfYz8ADORjlrJrQGJLELV/JcUrZUJb5fcB4oEKtI=; b=YeZNWDwNASHbwU14eQ7At68KLl6gi24qTSvNb7FqsVegzranzZ+orRos h3ZPFXG6yrigpguOQCah/+hMrz4CxUMrXvi4iCXxdweJ24w59FubqA4r+ P6pS6476f+uPbMC9lEb+OovzOiD9yAaGNdrwmCxhXPKYRJ96/FyVTzHqp wX6m5866WZ5GSKGy+w7tMvxtEUWgiIiLzPjgfFWu+/rTN+kWoozFc1gXZ FKJY8YwgUCE0w5sLkm6on56zB1ccT/21+gGw1P25bmNVVtSQQ1B+KbufY HNKJKqlx/PUISI/wACLhSzp6uGV3hl45P2Rf3WEb+6sRhj7BcoZcsjatU Q==; X-CSE-ConnectionGUID: Bs1altuARfWr7tIj4GNQhA== X-CSE-MsgGUID: AGUV3n0pRHuxQzYlI0UNQg== X-IronPort-AV: E=McAfee;i="6800,10657,11692"; a="82946771" X-IronPort-AV: E=Sophos;i="6.21,276,1763452800"; d="scan'208";a="82946771" Received: from fmviesa008.fm.intel.com ([10.60.135.148]) by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Feb 2026 01:42:30 -0800 X-CSE-ConnectionGUID: DuxJqCKhSLaRJJesOx7nhQ== X-CSE-MsgGUID: FNp+bHxXT7y2wWS+DbJI5g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.21,276,1763452800"; d="scan'208";a="210723681" Received: from cheeyang-desk4.png.intel.com ([10.107.249.123]) by fmviesa008.fm.intel.com with ESMTP; 06 Feb 2026 01:42:27 -0800 From: chee.yang.lee@intel.com To: docs@lists.yoctoproject.org Subject: [PATCH 2/2] migration-guides: add release notes for 4.0.32 Date: Fri, 6 Feb 2026 17:41:46 +0800 Message-ID: <20260206094146.61584-2-chee.yang.lee@intel.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260206094146.61584-1-chee.yang.lee@intel.com> References: <20260206094146.61584-1-chee.yang.lee@intel.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from 45-33-107-173.ip.linodeusercontent.com [45.33.107.173] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 06 Feb 2026 09:42:41 -0000 X-Groupsio-URL: https://lists.yoctoproject.org/g/docs/message/8875 From: Lee Chee Yang Signed-off-by: Lee Chee Yang --- .../migration-guides/release-4.0.rst | 1 + .../migration-guides/release-notes-4.0.32.rst | 194 ++++++++++++++++++ 2 files changed, 195 insertions(+) create mode 100644 documentation/migration-guides/release-notes-4.0.32.rst diff --git a/documentation/migration-guides/release-4.0.rst b/documentation/migration-guides/release-4.0.rst index b143a8595..9b0cc01a1 100644 --- a/documentation/migration-guides/release-4.0.rst +++ b/documentation/migration-guides/release-4.0.rst @@ -38,3 +38,4 @@ Release 4.0 (kirkstone) release-notes-4.0.29 release-notes-4.0.30 release-notes-4.0.31 + release-notes-4.0.32 diff --git a/documentation/migration-guides/release-notes-4.0.32.rst b/documentation/migration-guides/release-notes-4.0.32.rst new file mode 100644 index 000000000..652b17eed --- /dev/null +++ b/documentation/migration-guides/release-notes-4.0.32.rst @@ -0,0 +1,194 @@ +Release notes for Yocto-4.0.32 (Kirkstone) +------------------------------------------ + +Security Fixes in Yocto-4.0.32 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- bind: Fix :cve_nist:`2025-8677`, :cve_nist:`2025-40778` and :cve_nist:`2025-40780` +- binutils: Fix :cve_nist:`2025-11412` and :cve_nist:`2025-11413` +- curl: Ignore :cve_nist:`2025-10966` +- elfutils: Fix :cve_nist:`2025-1376` and :cve_nist:`2025-1377` +- gnutls: Fix :cve_nist:`2025-9820` +- go: Fix :cve_nist:`2024-24783`, :cve_nist:`2025-58187`, :cve_nist:`2025-58189`, + :cve_nist:`2025-61723` and :cve_nist:`2025-61724` +- libarchive: Fix :cve_nist:`2025-60753` +- libarchive: Fix 2 security issue (https://github.com/libarchive/libarchive/pull/2753 and + https://github.com/libarchive/libarchive/pull/2768) +- libpng: Fix :cve_nist:`2025-64505`, :cve_nist:`2025-64506`, :cve_nist:`2025-64720`, + :cve_nist:`2025-65018` and :cve_nist:`2025-66293` +- libxml2: Fix :cve_nist:`2025-7425` +- musl: Fix :cve_nist:`2025-26519` +- openssh: Fix :cve_nist:`2025-61984` and :cve_nist:`2025-61985` +- python3-idna: Fix :cve_nist:`2024-3651` +- python3-urllib3: Fix :cve_nist:`2024-37891` +- python3: fix :cve_nist:`2025-6075` +- ruby: Fix :cve_nist:`2024-35176`, :cve_nist:`2024-39908` and :cve_nist:`2024-41123` +- rust-cross-canadian: Ignore :cve_nist:`2024-43402` +- u-boot: Fix :cve_nist:`2024-42040` +- wpa-supplicant: Fix :cve_nist:`2025-24912` +- xserver-xorg: Fix :cve_nist:`2025-62229`, :cve_nist:`2025-62230` and :cve_nist:`2025-62231` +- xwayland: Fix :cve_nist:`2025-62229`, :cve_nist:`2025-62230` and :cve_nist:`2025-62231` + + +Fixes in Yocto-4.0.32 +~~~~~~~~~~~~~~~~~~~~~ + +- babeltrace2: fetch with https protocol +- bind: upgrade to 9.18.41 +- build-appliance-image: Update to kirkstone head revision +- dev-manual/layers.rst: document "bitbake-layers show-machines" +- dev-manual/new-recipe.rst: replace 'bitbake -e' with 'bitbake-getvar' +- dev-manual/new-recipe.rst: typo, "whith" -> "which" +- dev-manual/new-recipe.rst: update "recipetool -h" output +- dev-manual: debugging: use bitbake-getvar in Viewing Variable Values section +- documentation: link to the Releases page on yoctoproject.org instead of wiki +- efibootmgr: update :term:`SRC_URI` branch +- flac: patch seeking bug +- goarch.bbclass: do not leak :term:`TUNE_FEATURES` into crosssdk task signatures +- kernel-dev: add disable config example +- kernel-dev: common: migrate bitbake -e to bitbake-getvar +- libmicrohttpd: disable experimental code by default +- migration-guides: add release notes for 4.0.31 +- oe-build-perf-report: relax metadata matching rules +- overview-manual: migrate to SVG + fix typo +- poky.conf: bump version for 4.0.32 +- python3-urllib3: upgrade to 1.26.20 +- recipes: Don't use ftp.gnome.org +- ref-manual: variables: migrate the :term:`OVERRIDES` note to bitbake-getvar +- systemd-bootchart: update :term:`SRC_URI` branch +- xf86-video-intel: correct :term:`SRC_URI` as freedesktop anongit is down + + +Known Issues in Yocto-4.0.32 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +- N/A + + +Contributors to Yocto-4.0.32 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +Thanks to the following people who contributed to this release: + +- Alexander Kanavin +- Archana Polampalli +- Divya Chellam +- Gyorgy Sarvari +- Hitendra Prajapati +- Hongxu Jia +- Jason Schonberg +- Lee Chee Yang +- Peter Marko +- Praveen Kumar +- Quentin Schulz +- Richard Purdie +- Robert P. J. Day +- Ross Burton +- Saquib Iltaf +- Soumya Sambu +- Steve Sakoman +- Vijay Anusuri +- Walter Werner SCHNEIDER + + +Repositories / Downloads for Yocto-4.0.32 +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +yocto-docs + +- Repository Location: :yocto_git:`/yocto-docs` +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.32 ` +- Git Revision: :yocto_git:`4b9df539fa06fb19ed8b51ef2d46e5c56779de81 ` +- Release Artefact: yocto-docs-4b9df539fa06fb19ed8b51ef2d46e5c56779de81 +- sha: 70ee2caf576683c5f31ac5a592cde1c0650ece25cfcd5ff3cc7eedf531575611 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/yocto-docs-4b9df539fa06fb19ed8b51ef2d46e5c56779de81.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/yocto-docs-4b9df539fa06fb19ed8b51ef2d46e5c56779de81.tar.bz2 + +poky + +- Repository Location: :yocto_git:`/poky` +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.32 ` +- Git Revision: :yocto_git:`2c05660b21c7cc1082aeac8b75d8a2d82e249f63 ` +- Release Artefact: poky-2c05660b21c7cc1082aeac8b75d8a2d82e249f63 +- sha: d7a55a18a597a7b140a81586b7ca6379c208ebbb3285de36c48fde10882947d8 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/poky-2c05660b21c7cc1082aeac8b75d8a2d82e249f63.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/poky-2c05660b21c7cc1082aeac8b75d8a2d82e249f63.tar.bz2 + +openembedded-core + +- Repository Location: :oe_git:`/openembedded-core` +- Branch: :oe_git:`kirkstone ` +- Tag: :oe_git:`yocto-4.0.32 ` +- Git Revision: :oe_git:`2ed3f8b938579dbbb804e04c45a968cc57761db7 ` +- Release Artefact: oecore-2ed3f8b938579dbbb804e04c45a968cc57761db7 +- sha: 11b9632586dfbf3f0ef69eca2014a8002f25ca8d53cfe9424e27361ba3a20831 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/oecore-2ed3f8b938579dbbb804e04c45a968cc57761db7.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/oecore-2ed3f8b938579dbbb804e04c45a968cc57761db7.tar.bz2 + +meta-yocto + +- Repository Location: :yocto_git:`/meta-yocto` +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.32 ` +- Git Revision: :yocto_git:`77b40877c179ea3ce5c37c7ba1831e9c0e289266 ` +- Release Artefact: meta-yocto-77b40877c179ea3ce5c37c7ba1831e9c0e289266 +- sha: e908d42690881cd6e07b9ca18a21eb8761a0ec72d940b12905622e75ba913974 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/meta-yocto-77b40877c179ea3ce5c37c7ba1831e9c0e289266.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/meta-yocto-77b40877c179ea3ce5c37c7ba1831e9c0e289266.tar.bz2 + +meta-mingw + +- Repository Location: :yocto_git:`/meta-mingw` +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.32 ` +- Git Revision: :yocto_git:`87c22abb1f11be430caf4372e6b833dc7d77564e ` +- Release Artefact: meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e +- sha: f0bc4873e2e0319fb9d6d6ab9b98eb3f89664d4339a167d2db6a787dd12bc1a8 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/meta-mingw-87c22abb1f11be430caf4372e6b833dc7d77564e.tar.bz2 + +meta-gplv2 + +- Repository Location: :yocto_git:`/meta-gplv2` +- Branch: :yocto_git:`kirkstone ` +- Tag: :yocto_git:`yocto-4.0.32 ` +- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a ` +- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a +- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 + +bitbake + +- Repository Location: :oe_git:`/bitbake` +- Branch: :oe_git:`2.0 ` +- Tag: :oe_git:`yocto-4.0.32 ` +- Git Revision: :oe_git:`8e2d1f8de055549b2101614d85454fcd1d0f94b2 ` +- Release Artefact: bitbake-8e2d1f8de055549b2101614d85454fcd1d0f94b2 +- sha: fad4e7699bae62082118e89785324b031b0af0743064caee87c91ba28549afb0 +- Download Locations: + + https://downloads.yoctoproject.org/releases/yocto/yocto-4.0.32/bitbake-8e2d1f8de055549b2101614d85454fcd1d0f94b2.tar.bz2 + + https://mirrors.edge.kernel.org/yocto/yocto/yocto-4.0.32/bitbake-8e2d1f8de055549b2101614d85454fcd1d0f94b2.tar.bz2 +