Linux microPlatform
Highlights
- Aktualizr-Lite updated to the latest Aktualizr 2020.7 release
- Support for pre-loading container images as part of the LmP image
- Linux-lmp updated to the 5.4.54 stable release
- Linux-lmp-dev for mx8mm updated to the 5.4.51 stable release
- Wireguard Module updated to the 20200712 snapshot
- SPL and OP-TEE support now available for the imx6ullevk target
- Python3 updated to the 3.8.5 release
Layer Updates
Meta LMP
- base: aktualizr-lite: bump to 1b50571, ak 2020.7+fio
- base: docker-ce: Systemd service to pre-load container images
- base: fioconfig: bump to 5553f08
- base: kernel-lmp-fitimage: add support for FIT_LOADABLES
- base: linux-lmp: bump kernel to 5.4.54
- base: linux-lmp-dev-mfgtool: add lzop-native to depends
- base: lmp-device-register: bump rev to 633b11b
- base: optee-os: bump to 70035ca3
- base: optee-sks: bump to e098eeb7
- base: softhsm: add release 2.6.1
- base: u-boot-fio: bump revision to 954fb028
- base: wireguard-module: upgrade 20200506 -> 20200712
- bsp: base-files: imx6ullevk: add fstab
- bsp: linux-lmp-dev-mfgtool: add defconfig for imx6ullevk
- bsp: lmp-machine-custom: imx6ullevk: update build settings
- bsp: lmp-machine-custom: mx6ull: enable sota ubootenv
- bsp: lmp-machine-custom: mx8mm: bump kernel to 5.4.51
- bsp: mfgtool-files: add support for imx6ullevk
- bsp: optee-os: add configuration for imx6ullevk
- bsp: u-boot-fio: imx6ullevk: fix fw_env size
- bsp: u-boot-fio: imx6ullevk: update config fragment
- bsp: u-boot-fio-mfgtool: imx6ullevk: introduce mfgtool config fragment
- bsp: u-boot-ostree-scr-fit: add support for imx6ullevk
- bsp: u-boot-ostree-scr-fit: imx6ullevk: save env on init
- bsp: wic: add sdimage-imx6-spl-fit-sota.wks
- Revert "base: linux-lmp-dev: add workaround for oe-core e684532"
- Revert "base: sudo: set with-rundir to /run/sudo"
Meta Freescale
- linux-fslc: upgrade kernel to v5.4.51 from korg
- Revert "weston-init: use g2d for i.MX8M Nano SoC"
Meta Intel
- gmmlib: upgrade 20.1.1 -> 20.2.2
- intel-compute-runtime: 20.24.17065 -> 20.27.17231
- intel-graphics-compiler: drop llvm9/clang9 support
- intel-graphics-compiler: upgrade 1.0.4154 -> 1.0.4241
- intel-media-driver: upgrade 20.1.1 -> 20.2.0
- intel-mediasdk: upgrade 20.1.1 -> 20.2.0
- ixgbe: upgrade 5.7.1 -> 5.8.1
- ixgbevf: upgrade 4.7.1 -> 4.8.1
- layer.conf: drop zeus compatibility
- llvm-project-source: apply llvm-patches for llvm10 as well
- llvm-project-source: drop llvm9 support
- opencl-clang: drop llvm9/clang9 support
Meta OpenEmbedded
- ace: Upgrade to 6.5.10
- babeld: upgrade 1.9.1 -> 1.9.2
- freeradius: fix the existed certificate error
- glmark2: don't build full OpenGL backends by default
- graphene: upgrade 1.10.0 -> 1.10.2
- lvm2: reproducible binaries
- memcached: Upgrade to 1.6.6
- netkit-telnetd: Fix buffer overflow in netoprintf
- net-snmp, openjpeg: add proper CVE tags to patches
- network-manager-applet: Add missing dependency on libgudev
- networkmanager: Fix udev dependency
- networkmanager: Package nmcli separately
- nss: upgrade 3.51.1 -> 3.54
- python3-bitarray: Upgrade 1.2.2 -> 1.4.1
- python3-bitstruct: Added recipe
- python3-cantools: Added recipe
- python3-cbor2: Upgrade 5.1.0 -> 5.1.1
- python3-coverage: Upgrade 5.1 -> 5.2
- python3-dateparser: Added recipe
- python3-diskcache: Added recipe
- python3-ecdsa: add package
- python3-gmpy2: add new package
- python3-gnupg: add new package
- python3-isort: Upgrade 4.3.21 -> 5.1.4
- python3-mock: Upgrade 4.0.1 -> 4.0.2
- python3-netaddr: Upgrade 0.7.20 -> 0.8.0
- python3-obd: Add missing setuptools RDEPENDS
- python3-packaging: add -native version
- python3-pint: add setuptools and packaging to RDEPENDS
- python3-psutil: Upgrade 5.7.0 -> 5.7.2
- python3-pychromecast: Upgrade 7.1.1 -> 7.1.2
- python3-pymysql: Upgrade 0.9.3 -> 0.10.0
- python3-qrcode: add package
- python3-requests-file: Enable ptest
- python3-rsa: add new package
- python3-semver: Enable ptest
- python3-simplejson: Upgrade 3.17.0 -> 3.17.2
- python3-smpplib: Enable ptest
- python3-soupsieve: Enable ptest
- python3-stevedore: Upgrade 2.0.1 -> 3.2.0
- python3-typeguard: Enable ptest
- python3-xlsxwriter: add recipe for v 1.2.9
- radvd: add /etc/radvd.conf
- recipes-graphics: add Khronos OpenGL ES and Vulkan CTS recipes
- Remmina: Upgrade to 1.4.7
- samba: Fix conflicts with nss.h from glibc
- toybox-inittab: unpack to S
- wireguard-module: upgrade 1.0.20200401 -> 1.0.20200712
- wireguard-tools: upgrade 1.0.20200319 -> 1.0.20200513
- xfce4-time-out-plugin: upgrade 1.1.0 -> 1.1.1
- xfce4-whiskermenu-plugin: upgrade 2.4.4 -> 2.4.5
Meta RISC-V
- Add a CONTRIBUTORS file
- README.md: Minor fix to using wayland image for HiFive Unleashed board
Meta Security
- add gitlab framework and qemu machine
- bastille: Deleted redundant inherit to fix error when enable multilib.
- cryptsetup-tpm-incubator: RPROVIDES cryptsetup and cryptsetup-dev
- drop ci-build: it is hiding errors
- ibmswtpm2: upgrade 1563 -> 1628
- kas: add ima, tpm and tpm2 build configs
- layer.conf: add dynamic-layer for strongswan
- lynis: update to 3.0.0
- meta-integrity: add dynamic-layer for strongswan
- packagegroup-core-security: remove clamav for riscv
- packagegroup-security-tpm2: Depend on preferred provider for cryptsetup
- packagegroup-security-tpm: add more packages for building
- python3-oauth2client: add recipe
- python3-privacyidea: adding initial support for mfa
- security images: Move to recipe-core
- security packagegroups: move to recipes-core
- strongswan: Add bbappends for ima changes
- strongswan: add bbappends for tpm changes
Meta Updater
- Update garage-push invocation for new cli
Meta Virtualization
- conmon: uprev 2.0.11 > 2.0.18
- qemu: Remove duplicated xen PACKAGECONFIG
- xen, arm32: filter out unwanted tune flags from CPP as per CC
- xen: drop vars that duplicate hvc console from the r-pi4 config
- xen-tools: packaging for new files in Xen 4.14
- xen, xen-tools: add recipes for Xen 4.14
OpenEmbedded Core
- arch-armv8-2a.inc: add tune include for armv8.2a
- asciidoc: upgrade 9.0.0 -> 9.0.1
- autotools: don't special-case help2man-native for dependencies
- bash-completion: update to 2.11
- bind: upgrade 9.11.19 -> 9.11.21
- btrfs-tools: upgrade 5.6.1 -> 5.7
- buildhistory: use pid for temporary txt file name
- busybox: make hwclock compatible with glibc 2.31
- ccache: Upgrade to 3.7.11
- checklayer: check layer in BBLAYERS before test
- classes/cmake: Fix host detection
- classes/package: Use HOST_OS for runtime dependencies
- classes/reproducible: Move to library code
- createrepo-c: upgrade 0.15.11 -> 0.16.0
- cryptodev-module: Backport a patch to fix build failure with kernel v5.8
- cve-check.bbclass: always save cve report
- cve-update: handle baseMetricV2 as optional
- diffoscope: upgrade 150 -> 151
- dpkg: upgrade 1.20.0 -> 1.20.5
- e2fsprogs: fix up check for hardlinks always false if inode > 0xFFFFFFFF
- epiphany: upgrade 3.36.2 -> 3.36.3
- expat: Added ptest
- ffmpeg: upgrade 4.3 -> 4.3.1
- flex: fix build with autoconf 2.70
- gcc-10.1: add fix for PR 96130
- gcc: mitigate the Straight-line Speculation attack
- gconf: use python3
- glibc: Secruity fix for CVE-2020-6096
- glibc: whitelist CVE-2010-10029
- gnupg: upgrade 2.2.20 -> 2.2.21
- gtk-immodules-cache.bbclass: fix post install scriptlet error
- image.bbclass: improve wording when image size exceeds the specified limit
- init-ifupdown: always make machine-specific
- initscripts: Fix populate-volatile.sh bug when file/dir exists
- initscripts: Fix various shellcheck warnings in populate-volatile.sh
- init-system-helpers: upgrade 1.57 -> 1.58
- insane: improve arch test messages
- kernel-devsrc: fix on-target module build for v5.8+
- kernel-yocto: account for extracted defconfig in elements check
- kmod: add packageconfig for xz and ssl
- libdnf: allow reproducible binary builds
- libevdev:upgrade 1.9.0 -> 1.9.1
- libevent: upgrade 2.1.11 -> 2.1.12
- libgcrypt: upgrade 1.8.5 -> 1.8.6
- libnsl2: upgrade 1.2.0 -> 1.3.0
- lib/oe/reproducible: Fix error when no git HEAD
- libuv: upgrade 1.38.0 -> 1.38.1
- libva-initial: upgrade 2.7.1 -> 2.8.0
- libva: upgrade 2.7.1 -> 2.8.0
- libva-utils: upgrade 2.7.1 -> 2.8.0
- linux-firmware: add ibt-20 package
- linux-yocto/5.4: update to v5.4.51
- linux-yocto-rt/5.4: fix mmdrop stress test issues
- ltp: remove --with-power-management-testsuite from EXTRA_OECONF
- mesa: enable freedreno Vulkan driver if freedreno is enabled
- mpfr: upgrade 4.0.2 -> 4.1.0
- mpg123: upgrade 1.26.1 -> 1.26.3
- mtd-utils: upgrade 2.1.1 -> 2.1.2
- musl: Update to latest tip
- nasm: fix build with autoconf 2.70
- net-tools: upgrade to latest revision in upstream repo instead of old debian snapshot
- oeqa/qemurunner: Add priority/nice information for running processes
- oeqa/utils/qemurunner: Fix missing pid file tracebacks
- openssl: openssl-bin requires openssl-conf to run
- perf: add PACKAGECONFIG for CoreSight support
- perl: Avoid race continually rebuilding miniperl
- pseudo: Update to add OFC fcntl lock updates
- pulseaudio: improve the Thumb frame pointer fix
- python3-cython: upgrade 0.29.20 -> 0.29.21
- python3-git: upgrade 3.1.3 -> 3.1.7
- python3-pycryptodome: upgrade 3.9.7 -> 3.9.8
- python3-pycryptodomex: upgrade 3.9.7 -> 3.9.8
- python3-setuptools: update to 49.2.0
- python3: update to 3.8.5
- qemu: fix CVE-2020-13362
- qemu: fix CVE-2020-13659
- qemu: fix CVE-2020-13791
- qemu: fix CVE-2020-13800
- qemu: fix for virtfs configuration error in qemu 5.0.0
- Revert "python3: define a profile directory path"
- rootfs-post: remove traling blanks from tasks
- rpcsvc-proto: upgrade 1.4.1 -> 1.4.2
- rpm: fix nativesdk's default var location
- site: Make sys_siglist default to no
- startup-notification: add time_t type mismatch patch from upstream
- stress-ng: create a symlink for /usr/bin/stress
- stress-ng: upgrade 0.11.14 -> 0.11.15
- sudo: set with-rundir to /run/sudo
- tune-cortexa55.inc: switch to using armv8.2a include file
- webkitgtk: upgrade 2.28.2 -> 2.28.3
- wic/bootimg-efi: Add support for IMAGE_BOOT_FILES
- wic/filemap: Drop the unused block_is_unmapped()
- wic/filemap: Drop the unused get_unmapped_ranges()
- wic/filemap: Fall back to standard copy when no way to get the block map