Zephyr's v1.13 release and improvements to the reference applications.
OSF Unified Linux Kernel updated to the 4.18.10 stable release. Core layer updates based on the latest OE/Yocto master changes.
Not addressed in this update
Not addressed in this update
Support for the Central Address Resolution characteristic was added.
Sanitycheck footprint data for the v1.13.0 release was added.
The crypto tests were converted to use config-tls- generic.h, an mbedTLS configuration file that is part of Zephyr which is configurable with Kconfig.
The release's documentation was finalized.
A fix was merged for ADC on SAM E70.
mbedTLS was updated to version 2.12.0 from 2.9.0. This includes various security fixes and functional improvements. These come at the cost of increased resource requirements.
Various attempts to support interrupts when CONFIG_MULTITHREADING=n were postponed until after v1.13.0, resolving some observed scheduler issues.
A couple of fixes were made to Zephyr's CMSIS RTOS v1 support shim.
A C++-related warning fix was merged to the stack checking feature.
The latest mbedTLS increased resource requirements; the drivers/crypto sample was adjusted. The main stack size was increased to a rather large 4096 B; the minimum target RAM required to run the sample increased from 16 KB to 20 KB.
Various final adjustments and fixes were made to the tests to get to release readiness.
The helper hawkbit.py script now supports Python 3, has "rollout" parameters for controlling a hawkBit-based firmware update to multiple devices, was updated for compatibility with the latest hawkBit release, and has improved help text.
The help text for the hawkbit.py script was fixed, along with internal fixes for control of hawkBit's REST API.
The helper script now uses mgmt.foundries.io as the default host, supports multithreading with a --threads option, device type filtering with a --device option, logs with the standard logging module, updating of all connected clients, and has quieter output.
Numerous fixes for error handling were merged to the leshan.py helper script.
Acpid updated to 2.0.30. Binutils updated to 2.31.1. Boost updated to 1.68.0. Busybox updated to 1.29.2. Ca-certificates updated to 20180409. Cmake updated to 3.12.1. Dbus updated to 1.12.10. Distcc updated to 3.3.2. Dtc updated to 1.4.7. Elfutils updated to 0.173. Expat updated to 2.2.6. File updated to 5.34. Freetype updated to 2.9.1. Gdb updated to 8.2. Gdbm updated to 1.18. Glib updated to 2.58.0. Glibc updated to 2.28. Gnutls updated to 3.6.3. Gobject-introspection updated to 1.58.0. Gptfdisk updated to 1.0.4. Gtk-doc updated to 1.29. Icu updated to 61.1. Iproute2 updated to 4.18.0. Libc-headers updated to 4.18. Libpng updated to 1.6.35. Libsolv updated to 0.6.35. Libxcrypt updated to 4.1.1. Linux-firmware updated to the feb25f3e revision. Meson updated to 0.47.2. Mpfr updated to 4.0.1. Musl updated to 1.1.20. OpenSSH updated to 7.8p1+git. OpenSSL updated to 1.1.1 and 1.0.2p. Pciutils updated to 3.6.2. Pcmciautils removed from OE-Core, now available in meta-openembedded. Python3 updated to 3.5.6. Python3-pip updated to 18.0. Qemu updated to 3.0. Re2c updated to 1.0.1. Rpm updated to 4.14.2. SERIAL_CONSOLE updated to SERIAL_CONSOLES. Strace updated to 4.24. Sysprof updated to 3.30.0 and enabled for aarch64. Util-linux updated to 2.32.1. Vala updated to 0.42.0. Yasm removed from OE-core.
Multiple issues.
Multiple issues.
Client DoS due to large DH parameter.
Heap-based buffer overflow in password protected ZIP archives.
Multiple issues.
Fix memory leak in stream_decoder.c.
Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot.
Multiple issues.
Multiple issues.
Multiple issues.
Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
Double free in the another_hunk function in pch.c
Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle.
Out-of-bounds read in the way elfutils reads DWARF address ranges information.
User enumeration vulnerability in authentication requests.
qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.
Named could crash during recursive processing of DNAME records when "deny-answer-aliases" was in use.
Integer overflow in src/zm.c:zsdata causes crash in sz and can leak information to receiver.
Buffer overrun in the NTLM authentication code.
Efibootmgr updated to 0.16. Efivar updated to 0.36. Fuse updated to 2.9.8. Python3-certifi updated to 2018.8.13. Python3-cython updated to 0.28.5. Python3-pip updated to 18.0.
Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle.
Added i.MX 8 support for imx-kobs, imx-test, pulseaudio, u-boot-imx, imx-gpu-viv, alsa-state and gstreamer1.0. EULA updated to the v24 revision. Firmware-imx updated to 7.6, with support for BCM4356 and BCM89359. Imx-codec, imx-vpuwrap and imx-parser updated to v4.4.0. Imx-dpu-g2d updated to 1.4.6. Imx-gpu-g2d updated to 6.2.4.p1.6. Imx-gpu-viv updated to 6.2.4.p1.6. Imx-vpu-hantro updated to 1.7.0. Kernel-module-imx-gpu-viv updated to 6.2.4.p1.6. New machine definition for imx8mqevk, imx8qmmek and imx8qxpmek. U-boot-fslc updated to the 1e13b91a revision.
Not addressed in this update
Intel-microcode updated to 20180807.
Not addressed in this update
Updated bootrr, qmic, qrtr and rmtfs to the latest revision available.
Not addressed in this update
Firmware updated to 20180817.
Not addressed in this update
Gdb updated to the latest RISC-V fork. Qemu-riscv removed in favor of the upstream version.
Not addressed in this update
OSF Unified Linux Kernel updated to 4.18.10. U-boot autoboot disabled for DragonBoard 410c and 820c to avoid boot failures caused by serial noise without the UART adapter.
Not addressed in this update