Releases

79 (v. 1196)

23-02-2021

Highlights

  • Aktualizr-Lite updated to the revision be4532f (based on Aktualizr 2021.1+fio)
  • Binutils updated to the 2.35.1 stable release
  • Bitstream support now available for the uz3eg-iocc target
  • Clang/llvm updated to 11.1.0-rc2
  • Docker updated do the v20.10.3 stable release
  • Linux-lmp updated to the v5.10.17 stable release
  • Linux-lmp-fslc-imx updated to the v5.4.97 stable release
  • Linux-lmp-lts updated to the v5.4.97 stable release
  • Linux-lmp-rpi updated to the v5.4.81 stable release
  • Linux-lmp-toradex-imx updated to the 1266d0110fced revision
  • Linux-lmp-xlnx updated to the v5.4.97 stable release
  • OpenSSL updated to the 1.1.1i release
  • Secure boot support for iMX8MM targets
  • Sudo updated to the 1.9.5p2 stable release
  • SystemD updated to the 246.9 stable release

Layer Updates

Meta LMP

  • base: add sudo 1.9.5p2
  • base: aktualizr-lite: bump to be4532f
  • base: containerd-opencontainers: drop version update
  • base: dockerd: patch to reload images on signal
  • base: docker-moby: drop support for old .dockercfg
  • base: docker-moby: update to v20.10.3
  • base: kmeta-linux-lmp-5.4.y: bump to 58c846df
  • base: linux-lmp-lts: update to v5.4.97
  • base: linux-lmp: update to v5.10.17
  • base: lmp.inc: drop linux-stable bbmasks
  • base: optee: add 3.12.0 release
  • base: optee-client: consolidate recipes
  • base: optee-examples: consolidate recipes
  • base: optee-fiovb: leverage optee.inc
  • base: optee-os-fio: 3.10: bump to 915ee978d
  • base: optee-os-fio: consolidate recipes
  • base: optee-sks: leverage optee.inc
  • base: optee-test: consolidate recipes
  • base: preload: prepare for ostree-based preloading
  • base: u-boot-fio: 2020.04: bump to f0e3fc69
  • base: wireguard-module: update to v1.0.20210124
  • bsp: bitstream-extraction: generate and deploy bit.bin
  • bsp: device-tree: uz3eg-iocc: only drop axi_intc_0
  • bsp: imx-atf: add compatibility and deployment to use uboot-fitimage generation
  • bsp: imx-mkimage: imx8mm: support SPL-only build
  • bsp: imx-mkimage: mx8mm: guard deploy steps with IMXBOOT_TARGETS check
  • bsp: linux-lmp-fslc-imx: patch fix for QCA9377 SDIO hw params
  • bsp: linux-lmp-fslc-imx: update to v5.4.97
  • bsp: linux-lmp-toradex-imx: bump to rev 1266d0110fced
  • bsp: linux-lmp-xlnx: depend on bitstream-extraction deploy
  • bsp: linux-lmp-xlnx: update to v5.4.97
  • bsp: lmp-machine-custom: make SOTA_CLIENT_FEATURES machine specific
  • bsp: lmp-machine-custom: mx8mm: changes for imx-boot and uboot-fitmage class
  • bsp: lmp-machine-custom: mx8mm: fix lmp-base settings
  • bsp: mfgtool-files: flash separated imx-boot and U-Boot FIT
  • bsp: mfgtool-files: mx8mm: deploy u-boot.itb and kernel fit-image
  • bsp: optee-client: qemuarm64: enable rpmb emulation
  • bsp: optee-os-fio: 3.12.0: add initial bsp bbappend
  • bsp: u-boot-fio: imx8mmevk: lmp.cfg: enable signature verification in SPL
  • bsp: u-boot-fio: install spl-nodtb and UBOOT_MACHINE artifacts
  • bsp: u-boot-fio: lmp-base: add SPL_DM support
  • bsp: u-boot: mfgtool-files: install spl-nodtb and UBOOT_MACHINE artifacts
  • bsp: u-boot-ostree-scr-fit: uz: add fpga load support
  • bsp: uz3eg-iocc: add bitstream as fit loadable
  • bsp: uz3eg-iocc: sync dts from meta-avnet
  • bsp: uz3eg-iocc: update system.xsa from 2020.2
  • bsp: wic: imx8: introduce a separate SPL image layout
  • bsp: wic: sdimage-imx8-sota: fix comment to match reality
  • conf/layer.conf: add hardknott to LAYERSERIES_COMPAT
  • meta-lmp-bsp: conf: set bitstream packages as machine specific
  • meta-lmp: xilinx-tools: bitstream-extraction: Add bitstream support

Meta ARM

  • arm-autonomy/arm-autonomy-host-image-minimal: Added multiconfig support
  • arm-autonomy/autonomy-host: add user defined partition to wic image
  • arm-autonomy/documentation: Remove references to meta-kernel
  • arm-autonomy/juno-firmware: add compressed kernel support
  • arm-autonomy/juno-image-customization: add host wks file
  • arm-bsp: fix sgi575 kernel compile warning
  • ci: fail any build that emits warnings
  • ci: make bootstrap just another kas overlay
  • gitlab-ci: force git updates
  • kas: remove redundant env settings

Meta Freescale

  • conf/layer.conf: Add hardknott to LAYERSERIES_COMPAT
  • EULA: Update to LA_OPT_NXP_Software_License v15 August 2020
  • gstreamer1.0-plugins-bad: update to NXP's MM_04.05.06_2008_L5.4.47 branch
  • gstreamer1.0-plugins-base: update to NXP's MM_04.05.06_2008_L5.4.47 branch
  • gstreamer1.0-plugins-good: update to NXP's MM_04.05.06_2008_L5.4.47 branch
  • gstreamer1.0: update to NXP's MM_04.05.06_2008_L5.4.47 branch
  • imx-dpu-g2d: Upgrade to 1.8.9
  • imx-gpu-g2d: Upgrade to 6.4.3.p0.0
  • imx-gpu-viv: Fix rootfs conflict with libvulkan-dev
  • imx-gpu-viv: Update install for improved packaging design
  • imx-gpu-viv: Upgrade to 6.4.3.p0.0
  • imx-gst1.0-plugin: update to NXP's MM_04.05.06_2008_L5.4.47 branch
  • imx-vpuwrap: update to NXP's MM_04.05.06_2008_L5.4.47 branch
  • kernel-module-imx-gpu-viv: Upgrade to 6.4.3.p0.0
  • linux-fslc-imx: update to v5.4.94
  • linux-fslc-qoriq: update to LSDK-20.12 & 5.4.92
  • linux-fslc: update to v5.4.94
  • Provide u-boot-mfgtool and linux-mfgtool for fslc distros
  • restool: compiling with optimization (-O2)
  • restool: update to 8ddbe4c
  • vulkan-loader: Add runtime dependency for libvulkan-imx
  • xf86-video-armada: Fix no more working SRC_URI

Meta Freescale 3rdparty

  • linux-boundary: bump version to 5.4 2.2.0
  • linux-fslc-qoriq: apply SolidRun patches for LSDK-20.12
  • nitrogen8m: add BOUNDARY_DEVICES_UBOOT_DEFCONFIG variable
  • nitrogen8m: add uboot binary and upgrade script to boot part
  • nitrogen8mm: add BOUNDARY_DEVICES_UBOOT_DEFCONFIG variable
  • nitrogen8mm: add uboot binary and upgrade script to boot part
  • nitrogen8mm: update uboot binary to rev2
  • nitrogen8mn: add BOUNDARY_DEVICES_UBOOT_DEFCONFIG variable
  • nitrogen8mn: add uboot binary and upgrade script to boot part
  • u-boot-boundary: bump version to 2020.10

Meta Xilinx

  • Adding BOARD and BOARD_VARIANT level hierarchy
  • Cleanup QB_MACHINE for xilinx machines
  • linux-xlnx: Fix build with patch from upstream kernel for gcc-10.
  • linux-xlnx.inc: Update overlay config fragments
  • meta-xilinx-bsp: Move uboot-device-tree to meta-xilinx-tools layer
  • picozed-zynq7.dts: add marvell,88e1510 to eth phy
  • qemu-xilinx: Fix patch puzz warning during do_patch
  • u-boot-xlnx: Fix build error by applying patch from upstream u-boot.
  • ultra96: Using BOARD level hiearchy for ultra96 overrides
  • Update LICENSE_CHECKSUM for kernel-module-hdmi
  • weston: Update the weston patches to comply with weston-9.0
  • zcu102-zynqmp.conf: Fix qemuboot for zcu102-zynqmp

Meta Xilinx Tools

  • fpgamanger: Putting artifacts one layer deeper (/lib/firmware/xilinx)
  • machine-xilinx-versal.inc: Adding psm to xilinx-bootbin bif
  • uboot-device-tree.bb: Move uboot-device-tree from meta-xilinx-bsp layer
  • ultra96: Using BOARD level hiearchy for ultra96 overrides

Meta Clang

  • Add the target option to the CLANG environment variables.
  • clang.bbclass: Remove -mcpu option for the octeontx2 core
  • clang.bbclass: Set CCACHE_COMPILERCHECK as default value
  • clang: for x86_64, set Yocto GCC install search path
  • clang/llvm: Upgrade to 11.1.0-rc2
  • clang: Replace mtune with mcpu to match oe-core
  • clang: Update to 11.0.1 rc2
  • compiler-rt: Disable sanitizer builds
  • ppp: Mark non-clangable
  • pulseaudio: Remove -Qunused-arguments with clang
  • qemu: Link with latomic on clang/x86
  • redis: Mark non-clangable as of now
  • rpm: Use gcc for building rpm on all mips arches
  • yoe.yml: Use actions/checkout at v2

Meta Updater

  • image_repo_manifest.bbclass: Improvement for builds outside the .repo directory
  • image_types_ostree.bbclass: get lock before accessing OSTREE_REPO
  • image_types_ota.bbclass: add metadata_csum mkfs option
  • image_types_ota.bbclass: pass -t ext4 to mke2fs
  • image_types_ota.bbclass: use standard ext4 features
  • Use python3 to get repo working again.

Meta Virtualization

  • ceph: uprev v15.2.0 -> v15.2.8
  • containerd: bump to v1.4.3
  • docker-ce: update to v19.03.14
  • k8s: update to 1.20 release candidate
  • libvirt: fix host gcc can't recognized option -fmacro-prefix-map
  • linux-yocto: add cgroup-hugetlb config
  • moby: update to v19.03.14
  • xen, linux-yocto-dev, RPi4: weaker assign for KBRANCH and KMACHINE

Meta OpenEmbedded

  • colord: fix installed-vs-shipped error
  • dlt-daemon: add upstream patch to fix CVE-2020-29394
  • ebtables: do not install /etc/ethertypes
  • fbset: use DEBIAN_MIRROR in SRC_URI
  • flatbuffers: whitelist CVE-2020-35864
  • fuse: set CVE_PRODUCT to "fuse_project:fuse"
  • giflib: apply patch for CVE-2019-15133 and set CVE_PRODUCT
  • gssdp: Upgrade to 1.2.2 -> 1.2.3
  • gupnp: Upgrade to 1.2.2 -> 1.2.4
  • iscsi-initiator-utils: upgrade 2.1.2 -> 2.1.3
  • liboop: use upstream SRC_URI
  • libsdl2-mixer: Fix ogg/vorbis support in libsdl2-mixer
  • libsdl2-mixer: set --disable-music-ogg-shared to link statically
  • lmbench: Fix setting LDLIBS failure
  • lockfile-progs: use DEBIAN_MIRROR in SRC_URI
  • mcpp: Normalize the patch format of CVE
  • minifi-cpp: depend on nettle and lz4
  • multipath-tools: fix error handling for udev_monitor_set_receive_buffer_size
  • nanopb: move to dynamic-layers
  • networkmanager: Fix reallocarray check in meson and configure
  • nodejs: 12.19.0 -> 12.20.1
  • openct: use upstream SRC_URI
  • openldap: upgrade 2.4.51 -> 2.4.57
  • pcsc-lite: provide pcsc-lite-lib-native explicitly for native build
  • php: CVE-2020-7069
  • php: CVE-2020-7070
  • php: remove the failing ${D}/${TMPDIR} code
  • pidgin-sipe: Do not add native libdir to pkgconfig search path
  • postgresql: Update to 12.5
  • postgresql: Use /dev/urandom when openssl is not used
  • python3-aiohttp: added missing RDEPENDs
  • Revert "gnome-calendar: update to 3.38.1, add libhandy 1.x support"
  • samba: CVE-2020-14318 Security Advisory
  • samba: CVE-2020-14383 Security Advisory
  • sdbus-c++-libsystemd: Fix reallocarray check in meson
  • sip3: simplify recipe
  • spdlog: Fix recipe so other recipes can use spdlog with external fmt.
  • tclap: align version to tag v1.2.2
  • tclap: fix branch
  • tcpdump: Patch for CVE-2020-8037
  • wireshark: Several securtiy fixes
  • xmlsec1: Fix configure QA error caused by host lookup path
  • xterm: install xterm and uxterm desktop files
  • xterm: provide virtual/x-terminal-emulator
  • zabbix: CVE-2020-15803 Security Advisory
  • zram: fix sourcing of zram parameters

OpenEmbedded Core

  • binutils: Fix CVE-2020-35448
  • binutils: upgrade 2.35 -> 2.35.1
  • bitbake.conf: Add /run/ to PSEUDO_IGNORE_PATHS
  • bitbake.conf: Canonicalize paths in PSEUDO_IGNORE_PATHS
  • bitbake.conf: Prevent pyc file generation in pseudo context
  • boost: drop arm-intrinsics.patch
  • buildhistory.bbclass: avoid exception for empty BUILDHISTORY_FEATURES variable
  • ca-certificates: upgrade 20200601 -> 20210119
  • core-image-sato-sdk-ptest: these images need ptest
  • coreutils: enable xattrs by default for nativesdk
  • curl: Fix CVE-2020-8284, CVE-2020-8285, CVE-2020-8286
  • cve_check: add CVE_VERSION_SUFFIX to indicate suffix in versioning
  • cve-check: replace Looseversion with custom version class
  • devtool: Fix file:// fetcher symlink directory structure
  • devtool: Fix source extraction for gcc shared source
  • devtool: gitsm:// should be handled same as git:// in upgrades
  • diffstat: point the license checksum at the license
  • distutils3-base.bbclass: use python3targetconfig
  • dtc: improve reproducibility
  • externalsrc: Detect code changes in submodules
  • externalsrc: Fix parsing error with devtool non-git sources
  • ffmpeg: Fix CVE-2020-35964, CVE-2020-35965
  • flex: Fix --noline option behavior
  • gcc: Backport patch to resolve i86 tune configuration overrides
  • gdk-pixbuf: fix CVE-2020-29385
  • glib-2.0: fix CVE-2020-35457
  • glibc: CVE-2019-25013
  • glibc: update to latest release/2.32/master branch
  • gobject-introspection: Fix variable override order
  • gpgme: use python3targetconfig
  • grub: fix "CVE:" line in one of the patches
  • grub: Further reproducibility fix
  • gstreamer1.0: fix failing ptest
  • image_types.bbclass: tar: use posix format instead of gnu
  • image_types: Ensure tar archives are reproducible
  • image_types_wic: Move wic working directory
  • initscripts: use quotes for shell variable comparision
  • kernel.bbclass: fix deployment for initramfs images
  • libcroco: Added CVE
  • libexif: fix CVE-2020-0198; CVE-2020-0452
  • libgcrypt: Whitelisted CVEs
  • lib/oe/patch.py: Don't return command stderr from runcmd function
  • lib/oe/path: Add canonicalize()
  • lib/oe/utils: Return empty string in parallel_make
  • license.bbclass: Add COMMON_LICENSE_DIR and LICENSE_PATH dirs to PSEUDO_IGNORE_PATHS
  • license_image.bbclass: Don't attempt to symlink to the same file
  • linuxloader: Avoid confusing string concat errors
  • linux-yocto/5.4/cfg: fix FIRMWARE_LOADER warnings
  • linux-yocto/5.4/cfg: fix -tiny warnings
  • linux-yocto/5.4: update to v5.4.94
  • linux-yocto/5.8/cfg: fix -tiny warnings
  • linux-yocto/cfg: qemuarm64-gfx.cfg: add CONFIG_INPUT_UINPUT
  • linux-yocto/cfg: qemuppc: set CONFIG_SCSI to '=y'
  • linux-yocto-rt/5.4: fix 5.4-stable caused build breakage
  • man-db: Fix reproducibility issue
  • meta: drop _PYTHON_SYSCONFIGDATA_NAME hacks
  • meta: toolchain-shar-relocate.sh: Do not use $target_sdk_dir as regex
  • meta: toolchain-shar-relocate.sh: Filter out post-relocate-setup script
  • mobile-broadband-provider-info: upgrade 20190618 ->20201225
  • ncurses: Don't put terminfo into the sysroot
  • npm.bbclass: make shrinkwrap file optional
  • npm.bbclass: use python3 for npm config
  • oeqa/commands: Ensure sync can be found regardless of PATH
  • oeqa/selftest/cases/tinfoil.py: increase timeout 10->60s test_wait_event
  • openssh: Backport a fix to fix with glibc 2.33 on some platforms
  • openssl: set CVE_VERSION_SUFFIX
  • openssl: Update to 1.1.1i
  • ovmf-shell-image: image is only buildable on x86-64
  • p11-kit: upgrade 0.23.21 -> 0.23.22
  • package: Ensure do_packagedata is cleaned correctly
  • patch: fix CVE-2019-20633
  • pseudo: Add lchmod wrapper
  • pseudo: Drop patches merged into upstream branch
  • pseudo: Update for arm host and memleak fixes/cleanup
  • pseudo: Update to include passwd and file renaming fixes
  • pseudo: Update to print PSEUDO_LOGFILE in abort message on path mismatches
  • pseudo: Update to work with glibc 2.33
  • python3: Avoid installing test data into recipe-sysroot
  • python3: fix CVE-2021-3177
  • python3-pycairo: use python3targetconfig
  • python3: split python target configuration into own class
  • python3targetconfig.bbclass: Make py3 dep and tasks only for target recipes
  • python3: Use addtask statement instead of task dependencies
  • qemu: CVE-2020-25723
  • qemu: CVE-2020-28916
  • qemu.inc: Should depend on qemu-system-native, not qemu-native
  • recipetool: create: only add npmsw url if required
  • sanity.bbclass: Check if PSEUDO_IGNORE_PATHS and paths under pseudo control overlap
  • sanity.bbclass: sanity check for if bitbake is present in PATH
  • sanity: Verify that user isn't building in PSEUDO_IGNORE_PATHS
  • scripts: oe-run-native, fix -native directories
  • selftest: Add argument to keep build dir
  • sstatesig: Add descriptive error message to getpwuid/getgrgid "uid/gid not found" KeyError
  • staging: Clean up files installed into the sysroot
  • strace: increase ptest timeout duration 120->240s
  • sudo: fix CVE-2021-23239
  • sudo: fix CVE-2021-23240
  • sudo: fix CVE-2021-3156
  • systemd.bbclass: improve error message when a service unit specified in SYSTEMD_SERVICE is not found
  • systemd: change /bin/nologin to /sbin/nologin
  • systemd: upgrade 246.6 -> 246.9
  • timezone: upgrade to 2021a
  • toolchain-shar-extract.sh: Handle special characters in script path
  • toolchain-shar-relocate.sh: Fix handling files with colons
  • uninative: Upgrade to 2.10
  • wic: Add workdir argument
  • wic: Allow exec_native_cmd to run HOSTTOOLS
  • wic: Copy rootfs dir if fstab needs updating
  • wic/direct/kparser: ensure fsuuid for vfat and msdos align with format
  • wic: Ensure internal workdir is not reused
  • wic: Optimise fstab modification for ext2/3/4 and msdos partitions
  • wic: Pass canonicalized paths in PSEUDO_IGNORE_PATHS
  • wic/selftest: test_permissions also test bitbake image
  • wic: Update pseudo db when excluding content from rootfs
  • zip: whitelist CVE-2018-13410 and CVE-2018-13684

Keep up to date with Foundries.io