Releases

92 (v. 2488)

Jan 7, 2024

Highlights

  • NEW: Support for encrypted rootfs images with on-line re-encryption using TPM 2.0 or PKCS#11
  • NEW: Common configuration fragment for u-boot now available as part of meta-lmp-base
  • NEW: Manufacturing tool support for TI AM62XX/AM64XX devices is now available
  • NEW: Boot firmware version can now be exposed in both U-Boot proper and SPL
  • NEW: Support for nvidia-container-runtime on Tegra devices
  • NEW: Support for dynamic generation of flashlayout files on STM32MP15 based devices
  • LMP release based on the OE/Yocto 4.0.15 Kirkstone release
  • Bitbake updated to the 2.0.15 release
  • ContainerD updated to the 1.7.3 release
  • Docker-CE updated to the 24.0.6 release
  • Docker-Compose updated to the v2.21.0 release
  • Clang updated to the 14.0.6 stable release
  • GCC updated to the v11.4 stable release
  • Go updated to the 1.20.12 stable release
  • OpenSSL updated to the 3.0.12 stable release
  • Runc updated to the 1.1.8 release
  • Linux-firmware updated to the 20230804 snapshot
  • NXP BSP updated to the lf-6.1.36-2.1.0 release
  • NVIDIA Tegra BSP updated to the L4T R35.4.1 release
  • TI BSP updated to the 09.00.00.009 release
  • OP-TEE updated to the 3.21.0+fio release
  • U-boot-fio rebased on top of the upstream 2023.04 release
  • Linux-lmp updated to the v6.1.59 stable release
  • Linux-lmp-rt updated to the v6.1.59-rt16 stable release
  • Linux-lmp-fslc-imx updated to the 6.1.36-2.1.0 BSP release
  • Linux-lmp-fslc-imx-rt updated to the v6.1.38 stable release
  • Linux-lmp-ti-staging updated to the v6.1.33 stable release

Layer Updates

Meta LmP

  • base: add cryptsetup 2.7.0+git
  • base: Add lmp-signing
  • base: aktualizr: Add User to Unit file
  • base: aktualizr: Split the aklite-lite-apps and aklite-lite-offline from main aktualizr package.
  • base: base-files: drop do_install_basefilesissue
  • base: base-files-issue: add recipe
  • base: bluetooth-attach: introduce hci-based attach service
  • base/bsp: optee: update fio and imx to 3.21.0
  • base: Bump optee-fiovb to 2c20a4a
  • base: classes: introduce flashlayout-stm32mp-archiver
  • base: compose-apps-early-start: Add runtime dependency
  • base: compose-apps-early-start: update compose apps early start
  • base: connectivity: introduce docker-network-ref implementation
  • base: containerd-opencontainers: update to 1.7.3
  • base: cryptfs: additions to online re-encryption
  • base: cryptfs: handle encryption and online re-encryption
  • base: cryptfs: luks header backup
  • base: cryptsetup: TPM/PKCS11 online re-encryption
  • base: distro: add gcc and libdrm to bbmask
  • base: distro: lmp: keep ext4 image
  • base: distro: mask gcc-source_12.3
  • base: distro: mask st-image-bootfs-efi recipe
  • base: distro: use gcc 11 by default
  • base: docker-ce: allow custom line for daemon.json.in
  • base: docker-compose: branch change from v2 to main
  • base: docker-compose: update to v2.21.0
  • base: docker-credential-helper: Handle leading spaces
  • base: docker: update to v24.0.5
  • base: docker: update to v24.0.6
  • base: efidisk-sota.wks: rename default EFI label to boot
  • base: fioconfig: bump rev to 63231cd
  • base: fioconfig: Bump version
  • base: fioconfig: Bump version to support SOTA_CLIENT in script handler.
  • base: fip-utils: use the DEPLOY_DIR_IMAGE
  • base: flashlayout-stm32mp-archiver: add task with stm32mp15common
  • base: flashlayout-stm32mp-archiver: prepend flashlayouts-stm32mp1
  • base: initramfs-module-install-efi: switch to gdisk from parted
  • base: jool: update to 4.1.10
  • base: kmeta-linux-lmp-5-15.y: bump to 613da241
  • base: kmeta-linux-lmp-6.1.y: bump to e08273d8
  • base: layer.conf: add base-files-issue to SIGGEN_EXCLUDERECIPES_ABISAFE
  • base: layer.conf: cleanup SIGGEN_EXCLUDERECIPES_ABISAFE
  • base: layer.conf: override compat for stm-st-stm32mp
  • base: linux-lmp: 6.1: bump to v6.1.59
  • base: linux-lmp-dev: Update to 6.5.0-rc2
  • base: linux-lmp-rt: 6.1: bump to v6.1.59-rt16
  • base: lmp: add distro features to buildcfg vars
  • base: lmp: add support for encrypting ota-ext4 image
  • base: lmp: bump version for the 4.0.15 yocto release
  • base: lmp: clang: disable -mbranch-protection=standard
  • base: lmp-device-auto-register: add support for tag
  • base: lmp-device-register: bump to 2557b25
  • base: lmp-device-register: support configurable oauth url
  • base: lmp-disable-gplv3: Disable wg-quick and bash-completion
  • base: lmp-el2go-auto-register: move code out of the layer
  • base: lmp-el2go-auto-register: re-add default.env and root.crt placeolders
  • base: lmp-image-common: intel: also create wic.qcow2
  • base: lmp-image-common: luks-reencryption service
  • base: lmp: inherit lmp-signing
  • base: lmp: meta-ti-extras: mask jailhouse
  • base: lmp: ota-esp is only needed when sota is enabled
  • base: lmp: pn-cryptsetup: drop ssh-token
  • base: lmp: remove ptest from distro feauture
  • base: lmp-staging: k3: switch mcdepends from do_image_complete
  • base: lmp-staging: lmp_sstate_checkhashes: remove multiple spaces
  • base: luks-reencryption: luks header backup
  • base: luks-reencryption: systemd re-encryption service
  • base: mfgtool-files: update UUU 1.5.109 -> 1.5.141
  • base: mxm-mwifiex-setup: fix moal parameters
  • base: nerdctl: fix installed-vs-shipped with usrmerge
  • base: non-clangable: add optee-examples
  • base: non-clangable: add qoriq-atf
  • base: non-clangable: apalis-imx6: drop comment
  • base: non-clangable: jailhouse-imx: force gcc
  • base: non-clangable: tegra: force gcc on container tools and gcc
  • base: optee-os-fio: 3.20: bump to aca0ad781
  • base: optee-os-fio: 3.21: bump to 33d9bf3fc
  • base: rc: Patch docker to load image optimally
  • base: rc: Patch docker to sync layer files
  • base: rc: Patch to write layer metadata atomically
  • base: resize-helper: after the re-encryption service
  • base: rs: aktualizr: bump version to f290020
  • base: rs: custom-sota-client: Add User to Unit file
  • base: rs: Remove app register from app early start
  • base: runc-opencontainers: update to 1.1.8
  • base: systemd: use filter to get tpm2
  • base: u-boot-fio: 2022.04: bump to 4719130d43b
  • base: u-boot-fio: add recipe for imx-2023.04
  • base: u-boot-fio: beaglebone-yocto: fix FIT_SIGNATURE options
  • base: u-boot-fio: collect FIT_SIGNATURE options in common configs
  • base: u-boot-fio-common: change config include order
  • base: u-boot-fio: common: disable VIDEO
  • base: u-boot-fio: enable bootfirmware info for all targets
  • base: u-boot-fio: imx: update to the lf-6.1.36-2.1.0 tag
  • base: u-boot-fio: lmp-common.cfg: disable CONFIG_ENV_MMC_USE_DT
  • base: u-boot-fio-mfgtool: common: disable VIDEO
  • base: u-boot-fio/mfgtool: disable CONFIG_BOOTSTD
  • base: u-boot-fio-mfgtool: lmp-common: disable watchdog by default
  • base: u-boot-fio: reduce boot delay for unsigned u-boot
  • base: u-boot-fio: upgrade 2022.04+fio to 2023.04+fio
  • base: uboot-fitimage: add boot firmware version to spl dtb
  • base: uboot-fitimage: fix getting TEST_BASE address
  • base: uboot-fitimage: use SPL_BINARYNAME
  • base: u-boot: introduce common base and common ebbr configs
  • base: u-boot-lmp-common: handle config and sit.bin links with multiconfig
  • base: u-boot-ostree-scr-fit: add var for enabling rb protection
  • base: u-boot: rename common base and ebbr configs
  • base: wireguard-tools: Use PACKAGECONFIG to configure the build
  • bsp: am62xx: deploy tiboot3.bin for all versions of evm boards
  • bsp: base-files: fstab: enable file system check on boot
  • bsp: bluetooth-attach: support hci attach for imx8mm-lpddr4-evk
  • bsp: bluetooth-attach: support hci attach for imx8mp-lpddr4-evk
  • bsp: dynamic-layers: flashlayouts-stm32mp1: deploy signed binaries
  • bsp: dynamic-layers: imx-atf: adjust power off logic
  • bsp: dynamic-layers: imx-atf: drop invalid patches
  • bsp: dynamic-layers: imx-atf: fix build issue
  • bsp: dynamic-layers: imx-atf: obtain boot set from bootrom event log
  • bsp: dynamic-layers: introduce u-boot-ti-staging-mfgtool
  • bsp: dynamic-layers: stm32-mfgtool-files: deploy signed binaries
  • bsp: dynamic-layers: stm32-mfgtool-files: use lazy assigments
  • bsp: dynamic-layers: stm32mp: drop legacy flashlayouts-stm32mp1 recipe
  • bsp: dynamic-layers: stm32mp-mfgtool-files: change flashlayout variable
  • bsp: dynamic-layers: ti-mfgtool-files: add support for fastboot cmd
  • bsp: dynamic-layers: ti-mfgtool-files: extend delay
  • bsp: dynamic-layers: ti-mfgtool-files: improve flash.sh
  • bsp: dynamic-layers: ti-mfgtool-files: introduce new recipe
  • bsp: dynamic-layers: u-boot-ti-staging: am62xx-evm: enable fastboot
  • bsp: dynamic-layers: u-boot-ti-staging: device_type env var
  • bsp: dynamic-layers: u-boot-ti-staging: introduce config for lmp-mfgtool
  • bsp: edk2-firmware-tegra: ostree support sent upstream
  • bsp: flashlayouts-stm32mp1: add default flash layout template
  • bsp: flashlayouts-stm32mp1: add layout for stm32mp15-disco
  • bsp: flashlayouts-stm32mp1: adjust tsv file for sec machines
  • bsp: flashlayouts-stm32mp1: change layout name for stm32mp15-eval
  • bsp: flashlayouts-stm32mp1: use STM32_BOOTIMAGE_SUFFIX
  • bsp: freescale-layer: jailhouse: Remove bbappend version
  • bsp: fstab: apalis-imx6: move out toradex support
  • bsp: fstab: apalis-imx8: move out toradex support
  • bsp: imx8mp-lpddr4-evk: add required dtb
  • bsp: imx-boot: install all signed fw
  • bsp: imx-boot: make it compatible with multi config and lf-6.1.36-2.1.0
  • bsp: imx-boot: refresh imx9 patch
  • bsp: imx-boot: refresh patches
  • bsp: imx-m33-demos: Remove the recipe as it is upstreamed now
  • bsp: imx-sc-firmware-toradex: move out toradex support
  • bsp: imx: update u-boot imx-2023.04 override to be nxp-bsp based
  • bsp: initramfs-ostree-lmp-recovery: stm32mp15-disco: fix env address
  • bsp: ixm8mn-lpddr4-evk: enable wlan driver on boot
  • bsp: layer.conf: add meta-ti-extras to BBFILES_DYNAMIC
  • bsp: linux-firmware: avoid conflict when wl18xx-fw is used instead
  • bsp: linux-firmware: drop custom logic for wilink firmware
  • bsp: linux-lmp: apalis-imx6: move out toradex support
  • bsp: linux-lmp-dev-mfgtool: upgrade to kernel 6.1-2.0.x-imx
  • bsp: linux-lmp-fslc-imx: imx8mm-evk: fix compatible node on evka
  • bsp: linux-lmp-fslc-imx-rt: update kernel to nxp real-time-edge version
  • bsp: linux-lmp-fslc-imx-rt: update kernel to the 6.1-2.0.x-imx branch
  • bsp: linux-lmp-fslc-imx: update to include the lf-6.1.36-2.1.0 tag
  • bsp: linux-lmp-fslc: upgrade to kernel 6.1-2.0.x-imx
  • bsp: linux-lmp: stm32mp15-disco: add patch to auto enable i2c5 with se05x
  • bsp: linux-lmp-ti-staging: update to 09.00.00.007
  • bsp: linux-lmp-ti-staging: update to cicd.kirkstone.202307061739
  • bsp: linux-lmp-toradex-imx: move out toradex support
  • bsp: linux-tegra: deploy kernel config
  • bsp: lmp-machine-custom: beagle: add bt and wlan firmware
  • bsp: lmp-machine-custom: beagleplay: add wlan firmware
  • bsp: lmp-machine-custom: beagleplay: enable overlays for OV5640
  • bsp: lmp-machine-custom: imx: switch from u-boot machine to config
  • bsp: lmp-machine-custom: move out toradex support
  • bsp: lmp-machine-custom: remove sota override from UBOOT_SIGN_KEYDIR for TI k3
  • bsp: lmp-machine-custom: stm32: update preferred version for gcc-arm-none-eabi
  • bsp: lmp-machine-custom: UBOOT_SIGN_KEYDIR for TI k3 should be weak assinged
  • bsp: lmp-machine-custom: Use weaker assign for UBOOT_SIGN_ENABLE
  • bsp: lmp-machine/mfgtool-custom: imx8mp-lpddr4-evk: use flash_evk for imx-boot
  • bsp: lmp-mfgtool: add support for am62xx-evm
  • bsp: lmp-mfgtool-machine-custom: move out toradex support
  • bsp: lmp-mfgtool: stm32mp1: provide specific machines for layout vars
  • bsp: machine: move out toradex support
  • bsp: mfgtool-files: apalis-imx6: move out toradex support
  • bsp: mfgtool-files: apalis-imx8: move out toradex support
  • bsp: mfgtool-files: imx8mp: drop u-boot-mfgtool.itb
  • bsp: move linux-lmp-ti-staging under dynamic-layers
  • bsp: optee-os-fio: apalis-imx6: move out toradex support
  • bsp: optee-os-fio: apalis-imx8: move out toradex support
  • bsp: optee-os-fio-bsp: increase heap size to 128k
  • bsp: optee-os-fio: imx: update to lf-6.1.36-2.1.0
  • bsp: optee-os-fio-mfgtool: apalis-imx6: move out toradex support
  • bsp: optee-os-fio-mfgtool: apalis-imx8: move out toradex support
  • bsp: stm32-mfgtool-files: adjust paths in flashlayout
  • bsp: stm32-mfgtool-files: adjust tsv file for sec machines
  • bsp: stm32-mfgtool-files: don't flash emmc from provision.sh
  • bsp: stm32-mfgtool-files: extend provision script
  • bsp: stm32-mfgtool-files: remove trailing spaces in provision script
  • bsp: stm32-mfgtool-files: set common name for usb layout
  • bsp: stm32-mfgtool-files: use STM32_BOOTIMAGE_SUFFIX
  • bsp: stm32mp15-disco: enable flashlayout
  • bsp: stm32mp15-disco: provide dynamic flashlayouts configuration
  • bsp: stm32mp15-disco-sec: introduce machine definition
  • bsp: stm32mp15-disco-sec: set suffix only when signing is enabled
  • bsp: stm32mp15-eval: correct flash layout name
  • bsp: stm32mp15-eval-sec: introduce STM32_BOOTIMAGE_SUFFIX
  • bsp: stm32mp15-eval-sec: set suffix only when signing is enabled
  • bsp: stm32mp1: disable build of alsa-state-stm32mp1
  • bsp: stm32mp1: discard build of stm32mp157f device trees
  • bsp: stm32mp1: use softer asigments for flashlayout vars
  • bsp: stm-st-stm32mp: flashlayouts-stm32mp1: fix padding
  • bsp: support: mfgtool-files: imx8qm-mek: replace "reboot" command
  • bsp: tegra: docker-ce: enable nvidia-container-runtime
  • bsp: tegra-helper-scripts: update initrd-flash.sh based on R35.4.1
  • bsp: tegra: linux-tegra-rt: bump to e0710cf2c0217a
  • bsp: tegra: linux-tegra-rt: bump to r35.4.ga
  • bsp: tegra: optee-os: 3.19.0-l4t-r35.3.1 -> 3.21.0-l4t-r35.4.1
  • bsp: tegra: optee-test: 3.19.0-l4t-r35.3.1 -> 3.21.0-l4t-r35.4.1
  • bsp: tegra: tegra-helper-scripts-native: 35.3.1 -> 35.4.1
  • bsp: tf-a-fio: add signing support for stm32mp15-disco-sec
  • bsp: tf-a-fio-st: add signing steps for -sec targets
  • bsp: tf-a-fio-st: check the signing tool instaed of the path
  • bsp: tf-a-fio-st: create combo images for eval board
  • bsp: tf-a-fio-st: drop the STM32_ROT_KEY_PATH/STM32_ROT_KEY_PASSWORD check
  • bsp: tf-a-fio: st: remove old signed binary before signing
  • bsp: tf-a-fio-st: run the sign_binaries using a postfuncs
  • bsp: tf-a-fio-st: run the signing tool in silent mode
  • bsp: u-boot-base-scr: apalis-imx6: move out toradex support
  • bsp: u-boot-base-scr: apalis-imx8: move out toradex support
  • bsp: u-boot-fio: apalis-imx6: move out toradex support
  • bsp: u-boot-fio: apalis-imx8: move out toradex support
  • bsp: u-boot-fio-bsp-common: handle multiconfig on deploy imx (dtb and sit)
  • bsp: u-boot-fio: imx6ulevk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx6ul/imx6ull: enable boot firmware info
  • bsp: u-boot-fio: imx6ul/imx6ull: restore config options
  • bsp: u-boot-fio: imx6ullevk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8mm-lpddr4-evk: remove unused options
  • bsp: u-boot-fio: imx8mm-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8mn-ddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8mn: fix CONFIG_SECONDARY_BOOT_SECTOR_OFFSET
  • bsp: u-boot-fio: imx8mn-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8mn-mp: use disable runtime detection
  • bsp: u-boot-fio: imx8mp: fix CONFIG_SECONDARY_BOOT_SECTOR_OFFSET
  • bsp: u-boot-fio: imx8mp-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8mq-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8qm-mek: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx8ulp-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio: imx93-11x11-lpddr4x-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: apalis-imx6: move out toradex support
  • bsp: u-boot-fio-mfgtool: apalis-imx8: move out toradex support
  • bsp: u-boot-fio-mfgtool: fix malloc pool size
  • bsp: u-boot-fio-mfgtool: imx6ulevk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx6ullevk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx8mm-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx8mn-[lp]ddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx8mp-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx8mp-lpddr4-evk: use imx-2022.04
  • bsp: u-boot-fio-mfgtool: imx8mp-lpddr4-evk: use standard imx-boot
  • bsp: u-boot-fio-mfgtool: imx8mq-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx8qm-mek: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx8ulp-lpddr4-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: imx93-11x11-lpddr4x-evk: switch u-boot to imx-2023.04
  • bsp: u-boot-fio-mfgtool: stm32mp15-disco: introduce config
  • bsp: u-boot-fio: rename options renamed in 2023.04
  • bsp: u-boot-fio: stm32mp15-disco: align configs with eval board
  • bsp: u-boot-fio: stm32mp15-disco: fix env offset
  • bsp: u-boot-fio: sync stm32mp15-eval non-sec and sec configs
  • bsp: u-boot-ostree-scr-fit: add boot firmware updates for am62xx-evm
  • bsp: u-boot-ostree-scr-fit: apalis-imx6: move out toradex support
  • bsp: u-boot-ostree-scr-fit: apalis-imx8: move out toradex support
  • bsp: u-boot-ostree-scr-fit: imx8mn: switch to alternative
  • bsp: u-boot-ostree-scr-fit: imx8mn: use imx_secondary_boot
  • bsp: u-boot-ostree-scr-fit: imx8mp-lpddr4-evk: switch to alternative
  • bsp: u-boot-ostree-scr-fit: imx8mp: use imx_secondary_boot
  • bsp: wic: stm32mp15: adjust ubootenv offset
  • bsp: wic: stm32mp15-disco: add support for signed images
  • bsp: wic: stm32mp15: fix align param
  • bsp: wic: stm32mp1: wks file improvements
  • bsp: wlconf: add production wl18xx-conf for beaglebone
  • lmp-base: fio-se05x-cli: bump to 6fd9c93
  • lmp-el2go-auto-register: allow to disable "composeapp"
  • lmp-el2go-auto-register: automatically determine imported key type
  • lmp-el2go-auto-register: generic support for keypair import
  • lmp-el2go-auto-register: remove HANDLERS environment variable
  • lmp-el2go-auto-register: use fio-se05x-cli for import_key
  • lmp-el2go-auto-register: use int instead of str for OIDs
  • mfgtool-files: Use compressed image for the full_image script
  • README: add contributing guidelines
  • recipes-support: make early-start only run to completion once
  • Revert "base: nerdctl: install the binaries in OE standard places"
  • Revert "bsp: u-boot-fio-mfgtool: imx8mp-lpddr4-evk: use imx-2022.04"
  • tpm2-tss: fix Upstream-Status of patch

Meta Clang

  • clang.bbclass: Check for INHIBIT_DEFAULT_DEPS in creating ld->lld symlink
  • clang.bbclass: fix a typo
  • clang.bbclass: Simplify check when to enable lld
  • clang: Update to 14.0.4+
  • clang: Update to 14.0.6
  • Fix packaging error for libclang
  • recipe_sysroot_check_ld_is_lld: Do not create symlink for allarch recipes
  • recipe_sysroot_check_ld_is_lld: Use STAGING_BINDIR_TOOLCHAIN to find compiler installation

Meta OpenEmbedded

  • c-ares: CVE-ID correction for CVE-2022-4904
  • emlog: Add PV
  • emlog: ignore CVE-2022-3968 & CVE-2023-43291
  • Fix groupname gid change warning
  • freeglut: Add packageconfigs for x11/wayland/gles
  • frr: Fix CVE-2023-38802 and CVE-2023-41358
  • frr: Fix CVE-2023-41909
  • frr: fix for CVE-2023-31489
  • frr: fix for CVE-2023-31490
  • frr: Fix for multiple CVE's
  • grpc: ignore CVE-2023-32732
  • grubby: Update branchname to match upstream
  • hdf5: Fix CVE-2021-37501
  • hwloc: fix CVE-2022-47022
  • indent: fix CVE-2023-40305
  • iperf3: upgrade 3.11 -> 3.14
  • krb5: Fix CVE-2023-36054
  • libiio: use main branch instead of master
  • libqb: upgrade 2.0.6 -> 2.0.8
  • libssh: CVE-2020-16135 Fix NULL pointer dereference in sftpserver.c
  • libwebsockets: Support building for native
  • libyang: fix CVE-2023-26917
  • lmsensors: do not pull in unneeded perl modules for run-time dependencies
  • mbedtls: add support for v3.x
  • mbedtls: build with v2 version by default
  • mbedtls: set up /usr/bin/hello as alternative
  • mbedtls: upgrade 2.28.2 -> 2.28.5
  • mbedtls: upgrade 3.4.0 -> 3.5.0
  • meta-networking: Drop broken BBCLASSEXTEND variants
  • meta-oe-components: Avoid usage of nobranch=1
  • meta-oe: Drop broken BBCLASSEXTEND variants
  • meta-perl: Drop broken BBCLASSEXTEND variants
  • meta-python: Drop broken BBCLASSEXTEND variants
  • mosquitto: add missing Upstream-Status
  • mosquitto: do not automatically depend on dlt-daemon, it's a non-mandatory logging system
  • mosquitto: upgrade 2.0.14 -> 2.0.18
  • nginx: add configure option
  • nginx: Mitigate HTTP/2 Stream Resets Flood impact
  • nginx: upgrade to 1.24.0 release
  • nlohmann-json: Add ptest support
  • nlohmann-json: Avoid usage of nobranch=1
  • nodejs: fix CVE-2022-25883
  • nodejs: upgrade 16.19.1 -> 16.20.2
  • ntfs-3g-ntfsprogs: Upgrade 2022.5.17 to 2022.10.3
  • ntp: backport patch for 5 CVEs CVE-2023-26551/2/3/4/5
  • opencv: fix for CVE-2023-2618
  • openldap: update to 2.5.16
  • opensc: Fix CVE-2023-2977
  • opensc: ignore CVE-2021-34193
  • open-vm-tools: fix CVE-2023-20867
  • open-vm-tools: fix CVE-2023-20900
  • open-vm-tools: fix CVE-2023-34058
  • packagegroup-meta-multimedia: restore x11 restriction for projucer
  • packagegroup-meta-oe-extended: RDEPENDS on an existing mozjs-91 package
  • php: upgrade 8.1.16 -> 8.1.22
  • poppler: fix CVE-2023-34872
  • postgresql: fix CVE-2023-2454 & CVE-2023-2455
  • postgresql: fix CVE-2023-5868 CVE-2023-5869 CVE-2023-5870
  • postgresql: Update to 14.9
  • python3-aiohttp: upgrade 3.8.1 -> 3.8.5
  • python3-can: Add missing runtime dependencies
  • python3-cson: fix run-time dependencies
  • python3-django: fix CVE-2023-36053
  • python3-django: fix CVE-2023-41164
  • python3-django: upgrade 3.2.19 -> 3.2.21
  • python3-django: upgrade 4.2.1 -> 4.2.5
  • python3-gcovr: Fix parsing of gcc-11 gcov metadata
  • python3-gcovr: switch to main branch
  • python3-gevent: fix CVE-2023-41419
  • python3-kivy: Require X11 or Wayland in DISTRO_FEATURES
  • python3-soupsieve: Break circular dependency with beautifulsoup4
  • python3-werkzeug: fix for patch-fuzz
  • python-blivet: Adapt to upstream branch name changes
  • rabbitmq-c: Fix CVE-2023-35789
  • rapidjson: Avoid usage of nobranch=1
  • redis: upgrade 7.0.11 -> 7.0.13
  • samba: fix CVE-2022-2127
  • samba: fix CVE-2023-34966
  • samba:fix CVE-2023-34967
  • samba: fix CVE-2023-34968
  • samba: fix CVE-2023-4091
  • sdbus-c++: Update ptest path
  • spice-protocol: fix populate_sdk error when spice is installed
  • squid: fix CVE-2023-46847 Denial of Service in HTTP Digest Authentication
  • suiteparse: Adapt to upstream branch name changes
  • tcpdump: upgrade 4.99.1 -> 4.99.4
  • tcpreplay: upgrade 4.4.2 -> 4.4.4
  • traceroute: upgrade 2.1.0 -> 2.1.3
  • webserver: nginx: Add stream
  • wireshark: Fix CVE-2023-2906
  • wireshark: Fix Multiple CVEs
  • yajl: CVE-2023-33460 memory leak in yajl_tree_parse function
  • yaml-cpp: Fix cmake export
  • yasm: fix CVE-2023-31975
  • zabbix: fix CVE-2023-29449
  • zabbix: fix CVE-2023-29450

Meta LTS Mixins Go

  • go-helloworld: update to latest revision
  • go-helloworld: Upgrade to tip of trunk
  • go: update 1.20.5 -> 1.20.12
  • README: remove Alex from maintainers

Meta LTS Mixins Rust

  • Fix RISC-V support
  • gitignore: add pyc files
  • librsvg: upgrade to 2.54.6
  • rust-common.bbclass: move musl-specific linking fix from rust-source.inc

Meta Security

  • smack-test: more py3 covertion
  • smack-test: switch to python3

Meta Updater

  • Remove option to send a manifest in garage-push
  • Tell Yocto that garage push needs network access

Meta Virtualization

  • containerd: upgrade to 1.6.19
  • container-host-config: extend to native and nativesdk
  • container-host-config: provide /etc/containers/policy.json
  • containers: add container-host-config recipe
  • containers: introduce container-host class
  • cri-o: create /var/lib/crio
  • cri-o: update crio.conf to match the current version 1.23
  • cri-o: use PACKAGECONFIG to handle selinux
  • docker-ce: bump SRCREV_docker
  • docker-distribution: fix for CVE-2023-2253
  • docker: update to v20.10.25 + 58 commits to fix compatibility with go currently in kirkstone
  • go-context: Switch to main branch
  • go-mux: Switch to main branch
  • kubernetes: update to v1.23.17
  • libvirt: CVE-2023-2700 Memory leak in virPCIVirtualFunctionList cleanup
  • lxc: add -L and -f for curl in templates-use-curl-instead-of-wget.patch
  • lxc: backport changes from master for templates-use-curl-instead-of-wget.patch
  • nerdctl: fix installed-vs-shipped with usrmerge
  • nerdctl: update branch to main
  • ovs: update to 2.17.6
  • packagegroup-container: require ipv6 for podman
  • README: remove some cri-o specific layer dependencies
  • skopeo: use container-host bbclass to provide configuration
  • xtf: chang the old override syntax

OpenEmbedded-Core

  • acl/attr: ptest fixes and improvements
  • apt: add missingfor uint16_t
  • automake: fix buildtest patch
  • avahi: backport CVE-2023-1981 & CVE's follow-up patches
  • avahi: fix CVE-2023-38469
  • avahi: fix CVE-2023-38470
  • avahi: fix CVE-2023-38471
  • avahi: fix CVE-2023-38472
  • avahi: fix CVE-2023-38473
  • babeltrace2: Always use BFD linker when building tests with ld-is-lld distro feature
  • bash: changes to SIGINT handler while waiting for a child
  • bind: 9.18.11 -> 9.18.17
  • bind : fix CVE-2023-2828 & CVE-2023-2911
  • bind: update to 9.18.19
  • binutils: CVE-2022-48063
  • binutils: Fix CVE-2022-44840
  • binutils: Fix CVE-2022-45703
  • binutils: Fix CVE-2022-47007
  • binutils: Fix CVE-2022-47008
  • binutils: Fix CVE-2022-47010
  • binutils: Fix CVE-2022-47011
  • binutils: Fix CVE-2022-47695
  • binutils: Fix CVE-2022-48064
  • binutils: Fix CVE-2022-48065
  • binutils: Mark CVE-2022-47673 as patched
  • binutils: Mark CVE-2022-47696 as patched
  • binutils: stable 2.38 branch updates
  • bitbake.conf: add unzstd in HOSTTOOLS
  • bluez5: fix CVE-2023-45866
  • build-appliance-image: Update to kirkstone head revision
  • build-sysroots: Add SUMMARY field
  • busybox: fix CVE-2022-48174
  • cargo.bbclass: set up cargo environment in common do_compile
  • ccache: fix build with gcc-13
  • cmake: Fix CMAKE_SYSTEM_PROCESSOR setting for SDK
  • cml1: Fix KCONFIG_CONFIG_COMMAND not conveyed fully in do_menuconfig
  • cpio: Replace fix wrong CRC with ASCII CRC for large files with upstream backport
  • cups: fix CVE-2023-32360
  • cups: fix CVE-2023-34241 use-after-free in cupsdAcceptClient() in scheduler/client.c
  • cups: Fix CVE-2023-4504
  • curl: Added CVE-2023-28320 Follow-up patch
  • curl: Backport fix CVE-2023-32001
  • curl: fix CVE-2023-38545
  • curl: fix CVE-2023-38546
  • curl: Fix CVE-2023-46218
  • cve-check: don't warn if a patch is remote
  • cve-check: slightly more verbose warning when adding the same package twice
  • cve-check: sort the package list in the JSON report
  • cve-exclusion_5.10.inc: update for 5.10.197
  • cve-exclusion_5.10.inc: update for 5.10.202
  • cve-update-nvd2-native: actually use API keys
  • cve-update-nvd2-native: always pass str for json.loads()
  • cve-update-nvd2-native: fix cvssV3 metrics
  • cve-update-nvd2-native: handle all configuration nodes, not just first
  • cve-update-nvd2-native: increase retry count
  • cve-update-nvd2-native: log a little more
  • cve-update-nvd2-native: retry all errors and sleep between retries
  • cve-update-nvd2-native: use exact times, don't truncate
  • dbus: Specify runstatedir configure option
  • devtool: Fix the wrong variable in srcuri_entry
  • diffutils: update 3.9 -> 3.10
  • dmidecode: fix CVE-2023-30630
  • dmidecode: fixup for CVE-2023-30630
  • dropbear: fix CVE-2023-36328
  • efivar: backport 5 patches to fix build with gold
  • externalsrc: Ensure SRCREV is processed before accessing SRC_URI
  • externalsrc: fix dependency chain issues
  • ffmpeg: add CVE_CHECK_IGNORE for CVE-2023-39018
  • ffmpeg: fix for CVE-2022-3964
  • ffmpeg: fix for CVE-2022-3965
  • file: fix CVE-2022-48554
  • flac: fix CVE-2020-22219
  • fontcache.bbclass: avoid native recipes depending on target fontconfig
  • gawk: backport Debian patch to fix CVE-2023-4156
  • gcc: don't pass --enable-standard-branch-protection
  • gcc: Fix -fstack-protector issue on aarch64
  • gcc: fix runpath errors in cc1 binary
  • gcc-testsuite: Fix ppc cpu specification
  • gcc : upgrade to v11.4
  • gdb: Fix CVE-2023-39128
  • ghostscript: Backport fix for CVE-2023-46751
  • ghostscript: fix CVE-2023-36664
  • ghostscript: fix CVE-2023-38559
  • ghostscript: fix CVE-2023-43115
  • ghostscript: ignore GhostPCL CVE-2023-38560
  • glib-2.0: Fix CVE-2023-29499 and CVE-2023-32611
  • glib-2.0: Fix CVE-2023-32643 and CVE-2023-32636
  • glib-2.0: Fix CVE-2023-32665
  • glibc/check-test-wrapper: don't emit warnings from ssh
  • glibc: ignore CVE-2023-4527
  • glibc-locale: use stricter matching for metapackages' runtime dependencies
  • glibc: stable 2.35 branch updates
  • glibc: Update to latest on stable 2.35 branch
  • gnutls: Backport fix for CVE-2023-5981
  • goarch: Move Go architecture mapping to a library
  • go: fix CVE-2023-24531
  • go: fix CVE-2023-24536
  • go: fix CVE-2023-29406 net/http insufficient sanitization of Host header
  • go: Fix CVE-2023-29409
  • go: Fix CVE-2023-39318
  • go: Fix CVE-2023-39319
  • go: Fix CVE-2023-39326
  • go: Fix issue in DNS resolver
  • go: ignore CVE-2023-45283 and CVE-2023-45284
  • go: Update fix for CVE-2023-24538 & CVE-2023-39318
  • grub: fix CVE-2023-4692
  • grub: fix CVE-2023-4693
  • grub: submit determinism.patch upstream
  • gstreamer1.0-plugins-bad: fix CVE-2023-40474
  • gstreamer1.0-plugins-bad: fix CVE-2023-40475
  • gstreamer1.0-plugins-bad: fix CVE-2023-40476
  • gstreamer1.0-plugins-bad: fix CVE-2023-44429
  • gstreamer1.0-plugins-base: enable glx/opengl support
  • gstreamer1.0: upgrade 1.20.6 -> 1.20.7
  • image_types: Fix reproducible builds for initramfs and UKI img
  • inetutils: Backport fix for CVE-2023-40303
  • json-c: define CVE_VERSION
  • json-c: fix CVE-2021-32292
  • kernel: add missing path to search for debug files
  • kernel.bbclass: Add force flag to rm calls
  • kernel-fitImage: Strip path component from dtb
  • kernel: Fix path comparison in kernel staging dir symlinking
  • libarchive: ignore CVE-2023-30571
  • libassuan: upgrade 2.5.5 -> 2.5.6
  • libcap: fix CVE-2023-2603 Integer Overflow in _libcap_strdup()
  • libdnf: resolve cstdint inclusion for newer gcc versions
  • libjpeg-turbo: patch CVE-2023-2804
  • libksba: upgrade 1.6.3 -> 1.6.4
  • libnss-nis: upgrade 3.1 -> 3.2
  • lib/package_manager: Improve repo artefact filtering
  • libpcre2: patch CVE-2022-41409
  • libpng: Add ptest for libpng
  • librsvg: 2.52.7 -> 2.52.10
  • libsndfile: fix CVE-2022-33065 Signed integer overflow in src/mat4.c
  • libssh2: fix CVE-2020-22218
  • libtiff: Add fix for tiffcrop CVE-2023-1916
  • libtiff: fix CVE-2022-40090 improved IFD-Loop handling
  • libtiff: fix CVE-2023-26965 heap-based use after free
  • libtiff: fix CVE-2023-26966 Buffer Overflow
  • libwebp: Fix CVE-2023-1999
  • libwebp: Fix CVE-2023-4863
  • libwebp: Fix CVE-2023-5129
  • libx11: Fix CVE-2023-3138 for kirkstone branch
  • libx11: Security Fix for CVE-2023-43785, CVE-2023-43786 and CVE-2023-43787
  • libxcrypt: fix build with perl-5.38 and use master branch
  • libxcrypt: fix hard-coded ".so" extension
  • libxcrypt: update PV to match SRCREV
  • libxml2: Fix CVE-2023-39615
  • libxml2: Patch CVE-2023-45322
  • libxpm: upgrade to 3.5.17
  • linux/cve-exclusion: add generated CVE_CHECK_IGNORES.
  • linux/cve-exclusion: remove obsolete manual entries
  • linux-firmware : Add firmware of RTL8822 serie
  • linux-firmware: create separate package for cirrus and cnm firmwares
  • linux-firmware: create separate packages
  • linux-firmware: Fix mediatek mt7601u firmware path
  • linux-firmware: package firmare for Dragonboard 410c
  • linux-firmware: split platform-specific Adreno shaders to separate packages
  • linux-firmware: upgrade 20230404 -> 20230515
  • linux-firmware: upgrade 20230515 -> 20230625
  • linux-firmware: upgrade 20230625 -> 20230804
  • linux-yocto/5.10: update to v5.10.202
  • linux-yocto/5.15: cfg: fix DECNET configuration warning
  • linux-yocto/5.15: update to v5.15.124
  • linux-yocto: add script to generate kernel CVE_CHECK_IGNORE entries
  • linux-yocto: update CVE exclusions
  • logrotate: Do not create logrotate.status file
  • lttng-ust: upgrade 2.13.5 -> 2.13.6
  • machine/arch-arm64: add -mbranch-protection=standard
  • maintainers.inc: unassign Adrian Bunk from wireless-regdb
  • maintainers.inc: unassign Alistair Francis from opensbi
  • maintainers.inc: unassign Ricardo Neri from ovmf
  • mdadm: add util-linux-blockdev ptest dependency
  • mdadm: fix 07revert-inplace ptest
  • mdadm: fix segfaults when running ptests
  • mdadm: fix util-linux ptest dependency
  • mdadm: skip running known broken ptests
  • meson.bbclass: Point to llvm-config from native sysroot
  • meta: lib: oe: npm_registry: Add more safe caracters
  • nasm: fix CVE-2020-21528
  • native: Clear TUNE_FEATURES/ABIEXTENSION
  • ncurses: fix CVE-2023-29491
  • nghttp2: fix CVE-2023-35945
  • npm.bbclass: avoid DeprecationWarning with new python
  • oe-depends-dot: Handle new format for task-depends.dot
  • oeqa/runtime/cases/rpm: fix wait_for_no_process_for_user failure case
  • oeqa/runtime/ltp: Increase ltp test output timeout
  • oeqa/selftest/bbtests: add non-existent prefile/postfile tests
  • oeqa/selftest/devtool: add unit test for "devtool add -b"
  • oeqa/ssh: Further improve process exit handling
  • oeqa/target/ssh: Ensure EAGAIN doesn't truncate output
  • oeqa/utils/gitarchive: fix tag computation when creating archive
  • oeqa/utils/nfs: allow requesting non-udp ports
  • openssh: backport Debian patch for CVE-2023-48795
  • openssh: drop sudo from ptest dependencies
  • openssh: fix CVE-2023-38408
  • openssl: add PERLEXTERNAL path to test its existence
  • openssl: fix CVE-2023-5678 Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow
  • openssl: Upgrade 3.0.9 -> 3.0.12
  • openssl: use a glob on the PERLEXTERNAL to track updates on the path
  • package.bbclass: moving field data process before variable process in process_pkgconfig
  • package_rpm: Allow compression mode override
  • perl: Fix CVE-2023-31486
  • perl: update 5.34.1 -> 5.34.3
  • pixman: Remove duplication of license MIT
  • procps: patch CVE-2023-4016
  • pseudo: Fix to work with glibc 2.38
  • pybootchartgui: show elapsed time for each task
  • python3-certifi: fix CVE-2023-37920
  • python3-cryptography: fix CVE-2023-49083
  • python3: fix missing comma in get_module_deps3.py
  • python3-git: upgrade 3.1.27 -> 3.1.37
  • python3: ignore CVE-2023-36632
  • python3-jinja2: Fixed ptest result output as per the standard
  • python3-jinja2: fix for the ptest result format
  • python3-ptest: skip test_storlines
  • python3-pygments: Fix CVE-2022-40896
  • python3: upgrade 3.10.9 -> 3.10.12
  • python3: upgrade to 3.10.13
  • python3-urllib3: upgrade 1.26.9 -> 1.26.17
  • qemu 6.2.0: Fix CVE-2023-1544
  • qemu: backport Debian patch to fix CVE-2023-0330
  • qemu: fix CVE-2020-14394
  • qemu: fix CVE-2021-3638
  • qemu: fix CVE-2023-2861
  • qemu: fix CVE-2023-3180
  • qemu: fix CVE-2023-3255
  • qemu: fix CVE-2023-3301
  • qemu: fix CVE-2023-3354 VNC: improper I/O watch removal in TLS handshake can lead to remote unauthenticated denial of service
  • qemu: Fix CVE-2023-5088
  • qemu: ignore RHEL specific CVE-2023-2680
  • Qemu: Resolve undefined reference issue in CVE-2023-2861
  • recipetool: Fix inherit in created -native recipes
  • resulttool/report: Avoid divide by zero
  • resulttool/resultutils: allow index generation despite corrupt json
  • Revert "kernel-fitImage: Strip path component from dtb"
  • Revert "oeqa/utils/gitarchive: fix tag computation when creating archive"
  • rootfs: Add debugfs package db file copy and cleanup
  • rpm2cpio.sh: update to the last 4.x version
  • rpm: Pick debugfs package db files/dirs explicitly
  • ruby: fix CVE-2023-36617
  • rust-common: Set llvm-target correctly for cross SDK targets
  • rust-cross-canadian: Fix ordering of target json config generation
  • rust-cross/rust-common: Merge arm target handling code to fix cross-canadian
  • rust-cross: Simplfy the rust_gen_target calls
  • rust-llvm: Allow overriding LLVM target archs
  • rust-llvm: backport a fix for build with gcc-13
  • scripts/create-pull-request: update URLs to git repositories
  • scripts/rpm2cpio.sh: Use bzip2 instead of bunzip2
  • scripts/runqemu: allocate unfsd ports in a way that doesn't race or clash with unrelated processes
  • scripts/runqemu: split lock dir creation into a reusable function
  • sdk.py: error out when moving file fails
  • sdk.py: fix moving dnf contents
  • selftest/cases/glibc.py: fix the override syntax
  • selftest/cases/glibc.py: increase the memory for testing
  • selftest/cases/glibc.py: switch to using NFS over TCP
  • selftest/reproducible: Allow chose the package manager
  • selftest reproducible.py: support different build targets
  • serf: upgrade 1.3.9 -> 1.3.10
  • shadow: Fix CVE-2023-4641
  • shadow-sysroot: add license information
  • sqlite3: CVE-2023-36191 CLI fault on missing -nonce
  • strace: Disable failing test
  • strace: Merge two similar patches
  • strace: Update patches/tests with upstream fixes
  • sudo: upgrade 1.9.13p3 -> 1.9.15p2
  • sysfsutils: fetch a supported fork from github
  • sysklogd: fix integration with systemd-journald
  • systemd: Backport nspawn: make sure host root can write to the uidmapped mounts we prepare for the container payload
  • systemd-systemctl: fix errors in instance name expansion
  • systemtap_git: fix used uninitialized error
  • target/ssh: Ensure exit code set for commands
  • tar: upgrade 1.34 -> 1.35
  • tcl: prevent installing another copy of tzdata
  • testimage: Exclude wtmp from target-dumper commands
  • tiff: Backport fix for CVE-2023-41175
  • tiff: CVE patch correction for CVE-2023-3576
  • tiff: fix CVE-2023-2908,CVE-2023-3316,CVE-2023-3618
  • tiff: fix multiple CVEs
  • tiff: fix multiple CVEs
  • tiff: Security fix for CVE-2023-40745
  • tzdata: upgrade to 2023c
  • uboot-extlinux-config.bbclass: fix missed override syntax migration
  • uboot-extlinux-config.bbclass: fix old override syntax in comment
  • unzip: fix configure check for cross compilation
  • useradd-staticids.bbclass: improve error message
  • util-linux: add alternative links for ipcs,ipcrm
  • v86d: Improve kernel dependency
  • vim: Improve locale handling
  • vim: update obsolete comment
  • vim: upgrade 9.0.1527 -> 9.0.2130
  • vim: use upstream generated .po files
  • webkitgtk: fix CVE-2022-48503
  • webkitgtk: fix CVE-2023-23529
  • webkitgtk: fix CVE-2023-32439
  • wget: upgrade 1.21.3 -> 1.21.4
  • wic: Add dependencies for erofs-utils
  • wic: fix wrong attempt to create file system in upartitioned regions
  • wireless-regdb: upgrade 2023.02.13 -> 2023.05.03
  • xdg-utils: Fix CVE-2022-4055
  • xserver-xorg: Fix for CVE-2023-5367 and CVE-2023-5380
  • xserver-xorg: ignore CVE-2022-3553 as it is XQuartz-specific
  • xwayland: fix CVE-2023-5367
  • yocto-uninative: Update hashes for uninative 4.1
  • yocto-uninative: Update to 4.2 for glibc 2.38
  • yocto-uninative: Update to 4.3
  • zip: fix configure check by using _Static_assert
  • zlib: patch CVE-2023-45853

Meta Freescale

  • alsa-lib, mesa-demos: patch typo fixes for QA Issue: Malformed Upstream-Status
  • ARM 32-bit device-tree reorganization
  • basler-camer: Upgrade to 4.2.2.22.0
  • ceetm: Change license to GPL-2.0-only
  • classes: make localversion classes deterministic
  • conf/machine: remove unsupported dtb for imx8mp-lpddr4-evk machine
  • dce_git.bb: Set SRCREV_FORMAT variable as multiple SCMs are used
  • dp-firmware-cadence: Upgrade to 22.04
  • EULA,SCR: Update for NXP release 6.1.22-2.0.0
  • EULA,SCR: Update for NXP release 6.1.36-2.1.0
  • firmware-nxp-wifi: Drop UART firmware now in linux-firmware
  • firmware-nxp-wifi: Fix overlap with linux-firmware
  • firmware-nxp-wifi: install NXP wlan and bt only firmware blobs
  • firmware-nxp-wifi: make it compatible with imx-generic-bsp
  • firmware-nxp-wifi: Update to the version of NXP 6.1.22-2.0.0 release
  • firmware-sentinel: Upgrade 0.8 -> 0.11
  • fmc: Update to commit 63c8ac9
  • fmlib: Update to commit 9fb916f
  • fm-ucode: Update license file to LICENSE
  • Freescale-EULA: Drop old, unused license
  • fsl-eula-unpack.bbclass: Add v44 EULA sum
  • fsl-eula-unpack.bbclass: Update EULA for NXP release 6.1.22-2.0.0 EULA is V45 now.
  • fsl-kernel-localversion: fix SRCREV_machine and AUTOREV use cases
  • fsl-u-boot-localversion.bbclass: fix SRCREV_machine and AUTOREV use cases
  • gstreamer1.0-plugins-base: Fix build with musl
  • gstreamer1.0-plugins-base: Fix viv-fb usage and extract PACKAGECONFIG_GL
  • gstreamer1.0-plugins-imx: Upgrade to version 2.2.0
  • gstreamer1.0-vaapi: Use egl for all i.MX GPU
  • gstreamer: Upgrade 1.20.3.imx -> 1.22.0.imx
  • image_types_fsl.bbclass: Drop use of IMAGE_NAME_SUFFIX
  • imx8dxlevk: Add rev B0 support
  • imx8mp-lpddr4-evk: Include dts for lf-6.1.36_2.1.0
  • imx8mq-lpddr4-wevk: Add i.MX 8 MQ LPDDR4 WEVK machine
  • imx8qxp-mek: Include dts for lf-6.1.36_2.1.0
  • imx93-14x14-lpddr4x-evk: Add i.MX 93 14x14 EVK machine
  • imx93-9x9-lpddr4-qsb: Include dts for lf-6.1.36_2.1.0
  • imx93-evk: use correct name for the iw612 machine feature
  • imx-alsa-plugins: Upgrade to 6.1.22-2.0.0
  • imx-atf: Explicitly demand BFD linker
  • imx-atf: Update 6.1.1-1.0.0 to 6.1.22-2.0.0
  • imx-atf: Update 6.1.22-2.0.0 to 6.1.36-2.1.0
  • imx-base.inc: Add PREFERRED_RPROVIDER_linux-firmware
  • imx-base.inc: Add support NXP Wi-Fi module IW416 and IW612
  • imx-base.inc: Fix MACHINEOVERRIDES_EXTENDER:mx8dxl:use-nxp-bsp priority
  • imx-base.inc: Implement generic SOC revision design
  • imx-base.inc: Update 8ULP default rev to A2
  • imx-base.inc: Update 93 default Rev to A1
  • imx-base.inc: Use gstreamer forks for i.MX 9
  • imx-boot: allow deploy multiple u-boot
  • imx-boot-container: Create only one imx-boot
  • imx-boot: Copy UBOOT_DTB_NAME_EXTRA instead of UBOOT_DTB_NAME to BOOT_STAGING in compile_mx8 to fix 'Can't find u-boot DTB file, please copy from u-boot' error
  • imx-boot: Prevent unnecessary cp of UBOOT_DTB_NAME_EXTRA if UBOOT_SIGN_ENABLE is set
  • imx-boot: sync with upstream recipe
  • imx-codec: Upgrade 4.7.2 -> 4.8.0
  • imx.conf: Drop unused UBOOT_CONFIG[mfgtool]
  • imx-dpu-g2d: 2.1.6 -> 2.1.8
  • imx-dpu-g2d: Upgrade 2.1.8 -> 2.1.10
  • imx-dsp-codec-ext: fix missing gnu_hash
  • imx-dsp-codec-ext: Upgrade 2.0.2 -> 2.0.5
  • imx-dsp: Upgrade 2.0.2 -> 2.0.5
  • imx-g2d-samples: Bump revision to 4391dcda4
  • imx-gpu-g2d: 6.4.11.p1.0 -> 6.4.11.p1.2
  • imx-gpu-g2d: Upgrade 6.4.11.p1.2 -> 6.4.11.p2.0
  • imx-gpu-viv: 6.4.11.p1.0 -> 6.4.11.p1.2
  • imx-gpu-viv: Skip file-rdeps checks on musl
  • imx-gpu-viv: Upgrade 6.4.11.p1.2 -> 6.4.11.p2.0
  • imx-lib: Update lf-6.1.1_1.0.0 to lf-6.1.22_2.0.0
  • imx-mcore-demos: Fix install for multilib
  • imx-mkimage: Update for NXP release 6.1.36-2.1.0
  • imx-mkimage: Update lf-6.1.1_1.0.0 to lf-6.1.22_2.0.0
  • imx-parser: Upgrade 4.7.2 -> 4.8.0
  • imx-pxp-g2d: Bump revision to 667c4ccbb
  • imx-pxp-g2d: Update to latest
  • imx-sc-firmware: Remove -fcanon-prefix-map
  • imx-sw-pdm: Upgrade 1.0.2 -> 1.0.3
  • imx-test: Update from lf-6.1.1_1.0.0 to lf-6.1.22_2.0.0
  • imx-uboot-mxs-bootpart.wks.in: drop extra 'rootfs'
  • imx-vpuwrap: fix license checksum
  • imx-vpuwrap: Upgrade to 6.1.22-2.0.0
  • isp-imx: fix compile with boost 1.83.0
  • isp-imx: Upgrade to 4.2.2.22.0
  • jailhouse: add imx version
  • jailhouse-imx: Add MODLIB to build option to set right module install path
  • jailhouse: mx93: drop cortex-a55 tune
  • jailhouse: Update to lf-6.1.22_2.0.0
  • kernel-module-imx-gpu-viv: 6.4.11.p1.0+fslc -> 6.4.11.p1.2+fslc
  • kernel-module-imx-gpu-viv: Upgrade 6.4.11.p1.0 -> 6.4.11.p2.0
  • kernel-module-imx-gpu-viv: Upgrade 6.4.11.p1.2+fslc -> 6.4.11.p2.0+fslc
  • kernel-module-isp-vvcam: Upgrade to 4.2.2.22.0
  • kernel-module-nxp89xx: Upgrade NXP Wi-Fi driver to L6.1.22-2.0.0 BSP version
  • kernel-module-nxp-wlan: Fix REGULATORY_IGNORE_STALE_KICKOFF build break
  • kernel-module-nxp-wlan: Rename it from kernel-module-nxp89xx
  • layer.conf: update LAYERSERIES_COMPAT for nanbield
  • libdrm: Bump revision to 3660ea0fe
  • libdrm: Upgrade 2.4.114.imx -> 2.4.115.imx
  • libimxdmabuffer: Upgrade to version 1.1.3
  • libimxvpuapi2: Upgrade to version 2.3.0
  • linux: Add compatibility logic for 32-bit dtb move
  • linux-fslc: designate 6.1.y kernel as LTS
  • linux-fslc-imx: Merge NXP changes from lf-6.1.36-2.1.0
  • linux-fslc-imx: Update to 6.1-2.0.x-imx
  • linux-fslc-imx: Update to lf-6.1.36-2.1.0
  • linux-fslc-lts: update to v6.1.60
  • linux-fslc: update to v6.1.38
  • linux-fslc: update to v6.1.57
  • linux-fslc: upgrade to 6.6.x+fslc
  • linux-imx: Add patch to fix build issue
  • linux-imx-headers: Update lf-6.1.1_1.0.0 to lf-6.1.22_2.0.0
  • linux-imx-headers: update to lf-6.1.36-2.1.0
  • linux-imx: Update lf-6.1.1_1.0.0 to lf-6.1.22_2.0.0
  • linux-imx: Update lf-6.1.22_2.0.0 to lf-6.1.36_2.1.0
  • ls1021atwr: drop as it is unbuildable for too long
  • ls2080ardb: drop as it is unbuildable for too long
  • management-complex: Upgrade to v10.37.0
  • mcore-demos: imx-m33-demos: Add package based on 6.1.22-2.0.0
  • mcore-demos: imx-m33-demos: update to 2.14.1 (6.1.36-2.1.0)
  • mcore-demos: imx-m4-demos: Add package based on 6.1.22-2.0.0
  • mcore-demos: imx-m4-demos: update to 6.1.36-2.1.0
  • mcore-demos: imx-m4-demos: update to 6.1.36-2.1.0
  • mcore-demos: imx-m7-demos: Add package based on 6.1.22-2.0.0
  • mc-utils: Update to commit 8efeeac
  • mfgtool-initramfs-image: IMAGE_NAME_SUFFIX should by empty for initramfs
  • mx27: remove platform settings
  • odp.inc: Set SRCREV_FORMAT variable as multiple SCMs are used
  • opencv: Integrate https://github.com/openembedded/meta-openembedded/commit/225ce6a14a8110ab6b573b4dc9f5297a03d17e0f to fix build protobuf v22 and dnn enabled
  • optee-client: Upgrade to lf-6.1.22-2.0.0 (3.21)
  • optee-client: Upgrade to lf-6.1.36-2.1.0 (3.21)
  • optee-os: Upgrade to lf-6.1.22-2.0.0 (3.21)
  • optee-os: Upgrade to lf-6.1.36-2.1.0 (3.21)
  • optee-test: Upgrade to lf-6.1.22-2.0.0 (3.21)
  • optee-test: Upgrade to lf-6.1.36-2.1.0 (3.21)
  • pulseaudio: Configure for i.MX 9 series
  • rcw: Update to commit 020dcf0
  • recipes-multimedia: Update for NXP release 6.1.36-2.1.0
  • recipes-security: fix SMW direcrory name changing from swm to smw
  • recipes: Update github.com urls to use https
  • restool: Rename license file to LICENSE
  • Revert "firmware-nxp-wifi: Drop UART firmware now in linux-firmware"
  • Revert "imx-atf: Explicitly demand BFD linker"
  • smw: Add "Security Middleware Library" recipe.
  • spc: Update to commit d624b78
  • spir: Downgrade to 1.3.239.0.imx
  • u-boot-fslc: upgrade to v2023.10
  • u-boot-imx: deploy multiple boot images for i.MX 8M
  • u-boot-imx: Fix the file permission during the installation
  • u-boot-imx: Update to lf-6.1.36-2.1.0
  • u-boot-imx: Upgrade 2022.04 to 2023.04
  • u-boot-imx: Use local common.inc
  • uefi: Update to commit 15deb92
  • uuu: Add missing zstd dependency
  • uuu: Update nxp repository links
  • vulkan-loader: Do not limit to x11 or wayland
  • vulkan: Update the downgrade 1.2.182.0.imx -> 1.3.239.0.imx
  • wayland-protocols: add native and nativesdk to BBCLASSEXTEND
  • wayland-protocols: Upgrade 1.31.imx -> 1.32.imx
  • webkitgtk: Remove x11 from packageconfigs
  • weston: 10.0.3: Synchronize with 11.0.1 recipe base
  • weston: 11.0.1: Bump revision 12875cd94
  • weston: Fix xwayland.weston-start code identation
  • weston-init: Don't add use-g2d where not supported
  • weston-init: Set gbm-format for 93
  • weston: Upgrade 10.0.3.imx -> 10.0.4.imx
  • weston: Upgrade 11.0.1.imx -> 11.0.2.imx
  • xserver-xorg: Replace glamor inverse color patch

Meta Freescale 3rdparty

  • ARM 32-bit device-tree reorganization
  • imx-atf-boundary: unexport variables instead of set in compile task
  • imx-atf-boundary: Update to boundary-lf-6.1.22-2.0.0 branch (v2.8)
  • layer.conf: update LAYERSERIES_COMPAT for nanbield
  • linux-boundary: bump revision to 2ada7473
  • linux-boundary: bump revision to ba56160e
  • linux-boundary: bump revision to f6aefb45
  • linux-boundary: fix LOCALVERSION
  • nitrogen8mm: add 8mm smarc uboot support
  • nitrogen8mm: add device trees
  • nitrogen8mp: add 8mp smarc uboot support
  • nitrogen8mp: add more smarc uboot variants
  • nitrogen8m: remove 3g UBOOT_CONFIG
  • u-boot-boundary: bump revision to 4c491b47
  • u-boot-boundary: bump revision to 7e7eff74
  • u-boot-boundary: bump revision to 89df34f4

Meta Intel

  • intel-microcode: upgrade 20230512 -> 20230808
  • intel-microcode: upgrade 20230808 -> 20231114
  • ipmctl : upgrade 03.00.00.0438 -> 03.00.00.0485
  • linux-intel/5.10: update to tag lts-v5.10.184-yocto-230626T081427Z
  • linux-intel/5.15: update to include latest commits
  • linux-intel/5.15: update to tag lts-v5.15.113-linux-230530T032538Z
  • linux-intel/5.15: update to tag lts-v5.15.119-linux-230725T101957Z
  • linux-intel/5.15: update to v5.15.137
  • linux-intel-rt/5.10: update to tag lts-v5.10.179-rt87-preempt-rt-230518T034556Z
  • linux-intel-rt/5.10: update to tag lts-v5.10.184-rt90-preempt-rt-230626T172256Z
  • linux-intel-rt/5.15: update to include latest commits
  • linux-intel-rt/5.15: update to tag lts-v5.15.113-rt64-preempt-rt-230530T192215Z
  • linux-intel-rt/5.15: update to tag lts-v5.15.119-rt65-preempt-rt-230725T210238Z
  • linux-intel-rt/5.15: update to v5.15.137-rt71
  • onednn: upgrade 2.6.1 -> 2.6.3
  • opencl-clang/14.0: update to latest

Meta ST STM32MP

  • Adaptation for mickledore
  • ALSA-STATE: use service instead of generators
  • CLASSES: Add class to generate vfat partitions
  • CLASSES: allow specific partition list for multiubi volume
  • CLASSES: init issue in multiubi_mkfs() for images_types-stubi.bbclass
  • Cleanup unused recipes
  • CONF: add OSTL compatibility for v5.0
  • CONF: enable flashlayout generation for efi
  • CONF: manage multiple device name alias for single device storage type
  • CVE: Add CVE_PRODUCT
  • DRM: use default version of mickledore
  • EXTLINUX: boot.scr: update boot nand sequence
  • GCC-ARM-NONE-EABI: bump to gcc 11
  • GCC-ARM-NONE-EABI: update to 11.3
  • GCC: make symbols are dynamically available and plugins work
  • GCC none eabi: correct qa buildpaths
  • GCC: update to gcc12.3
  • GCNANO: release new stack 6.4.13
  • GCNANO-USERLAND: add libglesv3 standalone package
  • GDB-CROSS: use PACKAGECONFIG to enable tui
  • IMAGES: add new bootfs image dedicated to EFI
  • IMAGES: enable metadata_csum on vendorfs
  • KERNEL: align kernel fragment with systemd and rename fragment nosmp
  • LIBDRM: bump to 2.4.115
  • LINUX-FIRMWARE: add symlinks for new kernel compatibility
  • LINUX-STM32MP: stm32-mdma: correct desc prep when channel running
  • LINUX-STM32MP: v6.1-stm32mp-r1
  • LINUX-STM32MP: v6.1-stm32mp-r1.1
  • LTTNG: temporary disabled
  • m4-projects: correct qa buildpaths
  • MACHINE: add support of generation of CVE summary
  • MACHINE: add support of new binary types for flashlayout file
  • MACHINE: split device tree files by supported storage
  • OPENOCD: allow empty commit
  • Optee: correct issue with GCC12 and LOAD segment with RWX permissions
  • OPTEE-OS-STM32MP: 3.19.0-stm32mp-r1
  • OPTEE-OS-STM32MP: 3.19.0-stm32mp-r1.1
  • PERF: remove obsolete bbappend
  • Revert "DRM: use default version of mickledore"
  • SDCARD-TOOLS: several evolutions
  • SDK: add Pod perl module
  • STM32MP-EFI: add configuration file to boot with U-BOOT as EFI-FIRMWARE
  • SYSTEMD: watchdog: limit time for shutdown watchdog
  • TF-A: correct issue with GCC12 and LOAD segment with RWX permissions
  • TF-A-STM32MP: enable sign and encrypt fsbl and fip binaries
  • TF-A-STM32MP: v2.8-stm32mp-r1
  • TF-A-STM32MP: v2.8-stm32mp-r1.1
  • TIFF: remove obsolete bbappend
  • U-BOOT: correct qa buildpaths
  • U-BOOT-STM32MP: v2022.10-stm32mp-r1
  • U-BOOT-STM32MP: v2022.10-stm32mp-r1.1

Meta Yocto

  • poky.conf: bump version for 4.0.13
  • poky.conf: bump version for 4.0.14
  • poky.conf: update SANITY_TESTED_DISTROS to match autobuilder
  • SECURITY.md: Add file

Meta Tegra

  • Adds deploy task for capsules
  • conf/machine: add Jetson Orin AGX Industrial support
  • conf/machine: add p3768-0000-p3767-0001.conf
  • conf/machine: fix DTB overlay settings for p3768 carrier
  • conf/machine: update KERNEL_ARGS for all machines
  • conf/machine: update partition layout settings for Orin Nano/NX modules
  • cuda.bbclass: filter TUNE_CCARGS for CUDA builds
  • cuda.bbclass: update EXTRA_OECMAKE setting
  • cuda-target-environment: update arch_flags function
  • cupva: add recipe
  • edk2-basetools-tegra-native_35.3.1.bb: new recipe to
  • edk2-firmware-tegra: refresh patches
  • edk2-firmware-tegra: update to r35.4.1
  • external/sota: edk2-firmware-tegra: adds ostree support
  • gcc-for-nvcc: fix breakage in libgcc-8 with upstream TUNE_CCARGS change
  • gstreamer1.0-plugins-nvvideo4linux2-1.14.0-r35.4.1: restore patch headers
  • gstreamer: update plugins recipes for L4T R35.4.1
  • image_types_tegra.bbclass: correct typo in copy_dtbs function
  • image_types_tegra.bbclass: update copy_dtb_overlays function
  • image_types_tegra.bbclass: updates for L4T R35.4.1
  • jetson-orin-nano-devkit-nvme: set TNSPEC_BOOTDEV instead of TNSPEC_BOOTDEV_DEFAULT
  • jetson-xavier-nx-devkit-emmc: update TEGRA_BUPGEN_SPECS
  • l4t-graphics-demos: update R35.3.1 -> R35.4.1
  • libgstnvcustomhelper: add recipe
  • libnvidia-container-tools: rdepend on ldconfig
  • libnvvpi2: update from version 2.2.6 -> 2.3.9
  • meta: make UefiUpdateSecurityKeys optional
  • meta: move definition of EMMC_BCTS
  • meta: refactor uefi-signing
  • meta: update BSP recipes from L4T R35.3.1 -> R35.4.1
  • nvdisp-init: refresh patch with update from L4T R35.3.1
  • optee: update NVIDIA optee recipes 3.19.0 -> 3.21.0 for L4T R35.4.1
  • p3768-0000-p3767-0004: set TNSPEC_BOOTDEV for Orin Nano 4GB
  • README.md: update for L4T R35.4.1
  • recipes-bsp/uefi: factor out core edk2 source info
  • setup-nv-boot-control_1.0.bb: add script to set OsIndications
  • tegra-bootfiles: updates for L4T R35.4.1
  • tegra-bup.bbclass: move logic to bbclass for reuse
  • tegra-configs: update l4t.csv for R35.4.1
  • tegra-flashvars: settings for p3768-0000-p3767-0001
  • tegra-flashvars: update Orin NX flashvars files
  • tegra-helper-scripts: fix AGX Orin 64GB handling in t234 helper
  • tegra-helper-scripts: updates for L4T R35.4.1
  • tegra-mmapi-samples: fix build issues
  • tegra-mmapi: update R35.3.1 -> R35.4.1
  • tegra-nvpmodel: update nvpmodel.service unit file
  • tegra-nvpower: fix nvpower.service to run only once during boot
  • tegra-redundant-boot-rollback: drop TNSPEC_MACHINE length check
  • tegra-uefi-capsule: add TEGRA_UEFI_CAPSULE_SIGNING_EXTRA_DEPS
  • tegra-uefi-capsules_35.3.1.bb: new recipe for
  • tegra-uefi-keys: add support for update keys
  • tools/setup-nv-boot-control: factor out common logic
  • uefi_common.func.in: fix efi variable existence check
  • uefi: refactor uefi capsule signing
  • Update find-jetson-usb.sh
  • Upgrade nsight-systems to 2023.2.4

Meta TI

  • conf: am335x-evm and am437x-evm: bump max_leb_cnt
  • conf/am65xx-hs-evm: Fix UBOOT_MACHINE to match u-boot config
  • conf/k3: switch mcdepends from do_image_complete
  • conf: machine: am65xx: Remove SYSFW_SUFFIX from non-k3r5 configs
  • conf: machine: k3: Use ARM64 kernel load address in FIT
  • conf: Remove leftover UIO Device Tree overlay files
  • conf: Remove old and no longer used MACHINE_FEATURES
  • conf: ti33x: Add earlycon parameter to kernel command line
  • k3conf: CI/CD Auto-Merger: cicd.kirkstone.202308080400
  • k3conf: Update SRCREV and move to cmake
  • linux-ti-next,conf/machine: Add support for new vendored dts dir
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307061739
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307130400
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307132041
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307192152
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202308080400
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202308201800
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202308231800
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202309041800
  • linux-ti-staging_6.1: CI/CD Auto-Merger: cicd.kirkstone.202309061800
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307061739
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307130400
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307132041
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202307192152
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202308080400
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202308201800
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202308231800
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202309041800
  • linux-ti-staging-rt_6.1: CI/CD Auto-Merger: cicd.kirkstone.202309061800
  • meta-ti: conf: am62xx-lp-evm: Use common include am62xx.inc
  • pru-icss_git.bb: update to PSSP v6.2.0
  • pru-icss: update QA checks
  • ti-img-rogue: bump srcrev for jacinto fixes
  • ti-kernel-devicetree-prefix: Add search function for DTBMERGE
  • ti-linux-fw: CI/CD Auto-Merger: cicd.kirkstone.202307061739
  • ti-linux-fw: CI/CD Auto-Merger: cicd.kirkstone.202308080400
  • ti-rtos-firmware: Add missing links and reformat file for consistency
  • trusted-firmware-a: Update to v2.9 release tag
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202307061739
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202307130400
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202307191052
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202308080400
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202308091222
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202309041800
  • u-boot-ti-staging_2023.04: CI/CD Auto-Merger: cicd.kirkstone.202309061800

Keep up to date with Foundries.io