Hello We are pleased to announce the Yocto Project 3.1.17 (dunfell-23.0.17) Release is now available for download.
http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2 A gpg signed version of these release notes is available at: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/RELEASENOTES Full Test Report: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/testreport.txt Thank you for everyone's contributions to this release. Chee Yang Lee <chee.yang....@intel.com> Yocto Project Build and Release - -------------------------- yocto-3.1.17 Release Notes - -------------------------- - -------------------------- Repositories/Downloads - -------------------------- Repository Name: poky Repository Location: https://git.yoctoproject.org/git/poky Branch: dunfell Tag: yocto-3.1.17 Git Revision: 1e298a42223dd2628288b372caf66c52506a8081 Release Artefact: poky-dunfell-23.0.17 sha: deef3a590ed7e36b362ba4f35fe59dd6386360756cf4635e7d1adef350053f27 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/poky-dunfell-23.0.17.tar.bz2 Repository Name: openembedded-core Repository Location: https://git.openembedded.org/openembedded-core Branch: dunfell Tag: yocto-3.1.17 Git Revision: 4051d1a3aa5f70da96c381f9dea5f52cd9306939 Release Artefact: oecore-dunfell-23.0.17 sha: 71c768008842298d94c6769b105ed14033721286b20a0744f70c819242542dd5 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/oecore-dunfell-23.0.17.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/oecore-dunfell-23.0.17.tar.bz2 Repository Name: meta-mingw Repository Location: https://git.yoctoproject.org/git/meta-mingw Branch: dunfell Tag: yocto-3.1.17 Git Revision: 524de686205b5d6736661d4532f5f98fee8589b7 Release Artefact: meta-mingw-dunfell-23.0.17 sha: a2ffb2bf5505707eb77a60e21bcf14b3182bb192e102a61f991a98ca20d9289f Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/meta-mingw-dunfell-23.0.17.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/meta-mingw-dunfell-23.0.17.tar.bz2 Repository Name: meta-gplv2 Repository Location: https://git.yoctoproject.org/git/meta-gplv2 Branch: dunfell Tag: yocto-3.1.17 Git Revision: 60b251c25ba87e946a0ca4cdc8d17b1cb09292ac Release Artefact: meta-gplv2-dunfell-23.0.17 sha: e3c0ceb64ae564f3dac6334e8d741bce62888c6c414701166cec0c0c30d805a6 Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/meta-gplv2-dunfell-23.0.17.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/meta-gplv2-dunfell-23.0.17.tar.bz2 Repository Name: bitbake Repository Location: https://git.openembedded.org/bitbake Branch: dunfell Tag: yocto-3.1.17 Git Revision: 0784db7dd0fef6f0621ad8d74372f44e87fef950 Release Artefact: bitbake-dunfell-23.0.17 sha: 0b70a8d48a9b7a71a9ed19f60f6250e3beff3b910b1a066515dc2356a8a99cfe Download Locations: http://downloads.yoctoproject.org/releases/yocto/yocto-3.1.17/bitbake-dunfell-23.0.17.tar.bz2 http://mirrors.kernel.org/yocto/yocto/yocto-3.1.17/bitbake-dunfell-23.0.17.tar.bz2 Repository Name: yocto-docs Repository Location: https://git.yoctoproject.org/git/yocto-docs Branch: dunfell Tag: yocto-3.1.17 Git Revision: 8dd19c901813263554ac2bc6bda2cf9a1c3c1e58 - --------------- Known Issues - --------------- Openssl did have some ptest failures due to expired certificates in the tests themselves, this will be fixed in the next point release. openssl itself doesn't have any known issues. - --------------- Security Fixes - --------------- libxml2: Fix CVE-2022-29824 for libxml2 ncurses: Fix CVE-2022-29458 ffmpeg: Fix for CVE-2022-1475 libsdl2: Add fix for CVE-2021-33657 ruby: Whitelist CVE-2021-28966 as this affects Windows OS only pcre2: CVE-2022-1586 Out-of-bounds read freetype: Fix CVE-2022-27404 CVE-2022-27405 CVE-2022-27406 tiff: fix CVE-2022-0865 CVE-2022-0907 CVE-2022-0908 CVE-2022-0909 CVE-2022-0924 curl: Fix CVE-2022-22576 CVE-2022-27775 CVE-2022-27776 busybox: fix CVE-2022-28391 libinput: Add fix for CVE-2022-1215 fribidi: Add fix for CVE-2022-25308, CVE-2022-25309 and CVE-2022-25310 python3: ignore CVE-2015-20107 tiff: Fix CVE-2022-0891 - --------------- Fixes - --------------- openssl: Backport fix for ptest cert expiry poky.conf: bump version for 3.1.17 release documentation: update for 3.1.17 release cve-check: Allow warnings to be disabled cve-check: Only include installed packages for rootfs manifest cve-check: Add helper for symlink handling cve-check.bbclass: Added do_populate_sdk[recrdeptask]. ruby: Upgrade ruby to 2.7.6 for security fix oeqa/selftest/cve_check: add tests for recipe and image reports mobile-broadband-provider-info: upgrade 20220315 -> 20220511 cve-check: Fix report generation manuals: add missing space in appends selftest: skip virgl test on alma 8.6 linux-firmware: upgrade 20220411 -> 20220509 linux-firmware: replace mkdir by install openssl: Minor security upgrade 1.1.1n to 1.1.1o vim: Upgrade to 8.2.5034 scripts/git: Ensure we don't have circular references scripts: Make git intercept global base: Avoid circular references to our own scripts rootfs-postcommands: fix symlinks where link and output path are equal volatile-binds: Change DefaultDependencies from false to no cve-check: fix symlinks where link and output path are equal cve-check: add JSON format to summary output cve-update-db-native: let the user to drive the update interval cve-check: no need to depend on the fetch task linux-yocto/5.4: update to v5.4.192 uninative: Upgrade to 3.6 with gcc 12 support neard: Switch SRC_URI to git repo base: Drop git intercept install/devshell: Introduce git intercept script due to fakeroot issues cases/buildepoxy.py: fix typo busybox: Use base_bindir instead of hardcoding /bin path scripts/contrib/oe-build-perf-report-email.py: remove obsolete check for phantomjs and optipng perf-build-test/report: Drop phantomjs and html email reports support cve-check: add json format cve-update-db-native: update the CVE database once a day only linux-firmware: correct license for ar3k firmware boost: don't specify gcc version git: Use CVE_CHECK_WHITELIST instead of CVE_CHECK_IGNORE
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#249): https://lists.yoctoproject.org/g/yocto-announce/message/249 Mute This Topic: https://lists.yoctoproject.org/mt/91793553/21656 Group Owner: yocto-announce+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto-announce/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-