Summary
Zephyr microPlatform changes for 0.30
Zephyr's v1.13 release and improvements to the reference applications.
Linux microPlatform changes for 0.30
OSF Unified Linux Kernel updated to the 4.18.10 stable release. Core layer updates based on the latest OE/Yocto master changes.
Zephyr microPlatform
Highlights
- Zephyr v1.13
- Numerous improvements to sample application helper scripts
Components
MCUboot
Features
Not addressed in this update
Bugs
Not addressed in this update
Zephyr
Features
Bluetooth
Support for the Central Address Resolution characteristic was added.
Continuous Integration
Sanitycheck footprint data for the v1.13.0 release was added.
Cryptography
The crypto tests were converted to use config-tls- generic.h, an mbedTLS configuration file that is part of Zephyr which is configurable with Kconfig.
Bugs
Documentation
The release's documentation was finalized.
Drivers
A fix was merged for ADC on SAM E70.
External
mbedTLS was updated to version 2.12.0 from 2.9.0. This includes various security fixes and functional improvements. These come at the cost of increased resource requirements.
Kernel
Various attempts to support interrupts when CONFIG_MULTITHREADING=n were postponed until after v1.13.0, resolving some observed scheduler issues.
Libraries
A couple of fixes were made to Zephyr's CMSIS RTOS v1 support shim.
Miscellaneous
A C++-related warning fix was merged to the stack checking feature.
Samples
The latest mbedTLS increased resource requirements; the drivers/crypto sample was adjusted. The main stack size was increased to a rather large 4096 B; the minimum target RAM required to run the sample increased from 16 KB to 20 KB.
Testing
Various final adjustments and fixes were made to the tests to get to release readiness.
hawkBit and MQTT sample application
Features
Helper script improvements
The helper hawkbit.py script now supports Python 3, has "rollout" parameters for controlling a hawkBit-based firmware update to multiple devices, was updated for compatibility with the latest hawkBit release, and has improved help text.
Bugs
Helper script fixes
The help text for the hawkbit.py script was fixed, along with internal fixes for control of hawkBit's REST API.
LWM2M sample application
Features
Helper script improvements
The helper script now uses mgmt.foundries.io as the default host, supports multithreading with a --threads option, device type filtering with a --device option, logs with the standard logging module, updating of all connected clients, and has quieter output.
Bugs
Helper script fixes
Numerous fixes for error handling were merged to the leshan.py helper script.
Linux microPlatform
Highlights
- OSF Unified Linux Kernel updated to 4.18.10.
- Binutils updated to the 2.31.1 release.
- Busybox updated to the 1.29.2 release.
- Glibc updated to the 2.28 release.
- Openssl 1.1.x is now the default version.
- Python3 updated to the 3.5.6 release.
Components
OpenEmbedded-Core Layer
Features
Layer Update
Acpid updated to 2.0.30. Binutils updated to 2.31.1. Boost updated to 1.68.0. Busybox updated to 1.29.2. Ca-certificates updated to 20180409. Cmake updated to 3.12.1. Dbus updated to 1.12.10. Distcc updated to 3.3.2. Dtc updated to 1.4.7. Elfutils updated to 0.173. Expat updated to 2.2.6. File updated to 5.34. Freetype updated to 2.9.1. Gdb updated to 8.2. Gdbm updated to 1.18. Glib updated to 2.58.0. Glibc updated to 2.28. Gnutls updated to 3.6.3. Gobject-introspection updated to 1.58.0. Gptfdisk updated to 1.0.4. Gtk-doc updated to 1.29. Icu updated to 61.1. Iproute2 updated to 4.18.0. Libc-headers updated to 4.18. Libpng updated to 1.6.35. Libsolv updated to 0.6.35. Libxcrypt updated to 4.1.1. Linux-firmware updated to the feb25f3e revision. Meson updated to 0.47.2. Mpfr updated to 4.0.1. Musl updated to 1.1.20. OpenSSH updated to 7.8p1+git. OpenSSL updated to 1.1.1 and 1.0.2p. Pciutils updated to 3.6.2. Pcmciautils removed from OE-Core, now available in meta-openembedded. Python3 updated to 3.5.6. Python3-pip updated to 18.0. Qemu updated to 3.0. Re2c updated to 1.0.1. Rpm updated to 4.14.2. SERIAL_CONSOLE updated to SERIAL_CONSOLES. Strace updated to 4.24. Sysprof updated to 3.30.0 and enabled for aarch64. Util-linux updated to 2.32.1. Vala updated to 0.42.0. Yasm removed from OE-core.
Bugs
libxml2
Multiple issues.
libvorbis
Multiple issues.
openssl
Client DoS due to large DH parameter.
unzip
Heap-based buffer overflow in password protected ZIP archives.
nasm
Multiple issues.
flac
Fix memory leak in stream_decoder.c.
u-boot
Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot.
libsndfile1
Multiple issues.
libsndfile1
Multiple issues.
libarchive
Multiple issues.
perl
Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
patch
Double free in the another_hunk function in pch.c
wpa-supplicant
Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle.
elfutils
Out-of-bounds read in the way elfutils reads DWARF address ranges information.
busybox
User enumeration vulnerability in authentication requests.
qemu
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
bind
Named could crash during recursive processing of DNAME records when "deny-answer-aliases" was in use.
lrzsz
Integer overflow in src/zm.c:zsdata causes crash in sz and can leak information to receiver.
curl
Buffer overrun in the NTLM authentication code.
Meta OpenEmbedded Layer
Features
Layer Update
Efibootmgr updated to 0.16. Efivar updated to 0.36. Fuse updated to 2.9.8. Python3-certifi updated to 2018.8.13. Python3-cython updated to 0.28.5. Python3-pip updated to 18.0.
Bugs
hostapd
Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle.
Meta Freescale
Features
Layer Update
Added i.MX 8 support for imx-kobs, imx-test, pulseaudio, u-boot-imx, imx-gpu-viv, alsa-state and gstreamer1.0. EULA updated to the v24 revision. Firmware-imx updated to 7.6, with support for BCM4356 and BCM89359. Imx-codec, imx-vpuwrap and imx-parser updated to v4.4.0. Imx-dpu-g2d updated to 1.4.6. Imx-gpu-g2d updated to 6.2.4.p1.6. Imx-gpu-viv updated to 6.2.4.p1.6. Imx-vpu-hantro updated to 1.7.0. Kernel-module-imx-gpu-viv updated to 6.2.4.p1.6. New machine definition for imx8mqevk, imx8qmmek and imx8qxpmek. U-boot-fslc updated to the 1e13b91a revision.
Bugs
Not addressed in this update
Meta Intel
Features
Layer Update
Intel-microcode updated to 20180807.
Bugs
Not addressed in this update
Meta Qualcomm
Features
Layer Update
Updated bootrr, qmic, qrtr and rmtfs to the latest revision available.
Bugs
Not addressed in this update
Meta RaspberryPi
Features
Layer Update
Firmware updated to 20180817.
Bugs
Not addressed in this update
Meta RISC-V
Features
Layer Update
Gdb updated to the latest RISC-V fork. Qemu-riscv removed in favor of the upstream version.
Bugs
Not addressed in this update
Meta LMP Layer
Features
Layer Update
OSF Unified Linux Kernel updated to 4.18.10. U-boot autoboot disabled for DragonBoard 410c and 820c to avoid boot failures caused by serial noise without the UART adapter.
Bugs
Not addressed in this update