3.0 Release Notes WIP: Difference between revisions

From Yocto Project
Jump to navigationJump to search
(Tidy up CVEs)
No edit summary
 
(5 intermediate revisions by 2 users not shown)
Line 3: Line 3:
|}
|}


-----------------------
yocto-3.0 Release Notes
-----------------------
----------
Downloads
----------
---------------------------
New Features / Enhancements
---------------------------
* Linux kernel 5.2/4.19, gcc 9.2, glibc 2.30 and ~260 other recipe upgrades
* Build change equivalence is detected and used to avoid rebuilding unchanged components (BETA)
* Architecture / machine-specific enhancements:
  - New "qemuriscv64" emulated RISC-V 64-bit machine
  - qemu: Add ppc64 to QEMU_TARGETS
  - qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
  - New tune file for ARM Cortex-A53-Cortex-A57
  - New tune file for arm1176jz-s CPU
  - meson.bbclass: Handle microblaze* mapping to cpu family
  - meson.bbclass: Make meson support aarch64_be.
  - libffi: added RISC-V support
  - icu: added armeb support
  - runqemu: added support for kvm on aarch64
  - beaglebone-yocto machine now set up to support booting images with runqemu
  - qemux86: make it possible to use higher tunes using DEFAULTTUNE
* Kernel improvements:
  - kernel-fitimage: introduce FIT_HASH_ALG
  - kernel-module-split.bbclass: support CONFIG_MODULE_COMPRESS=y
  - kernel-yocto: import security fragments from meta-security
  - linux-yocto: add drm-bochs support
  - linux-yocto: bsp/beaglebone: support qemu -machine virt
* multiconfig builds now reach their full potential:
  - Many bugfixes and improvements
  - sstate cache is now shared between configurations being built concurrently
  - multiconfig configurations can be contained in layers
* Significant removal of old/obsolete software/patches ensuring we have a modern and up to date core Linux software stack:
  - LSB support removed
  - GTK+ 2 moved out to meta-oe
  - Python 2 dependencies minimised
  - Many obsolete patches dropped
* CVE checking enhancements:
  - New cve-update-db recipe that reads from NVD JSON data feeds and supports network proxies
  - Support for CVSSv3 scoring
  - CVE_PRODUCT entries can now contain strings to match the vendor as well as product (vendor:product syntax)
* New INIT_MANAGER variable to make it easy to select the init manager (sysvinit, systemd, mdev-busybox)
* New recipes: binutils-cross-testsuite, core-image-sato-ptest-fast, dejagnu, efibootmgr, efivar, ell, glibc-testsuite, libcap-ng-python, libedit, libmodule-build-perl, libx11-compose-data, libxcrypt-compat, lsb-release, musl-obstack, opensbi, python3-pygments, python3-scons, python3-scons-native, stress-ng, vulkan-headers, vulkan-loader, vulkan-tools, wireless-regdb
* Added native variant to: glib-networking, grub, libsoup, python3-dbus
* BitBake improvements:
  - Merged setscene tasks into the main runqueue so they can run in parallel
  - fetch2/git: added sanity checking for git-lfs
  - fetch2/svn: prevent from directly pulling from an externals w/o fetcher
  - fetch2/npm: use npm pack to download node modules instead of wget
  - Added --skip-setscene option
  - Respect -f/--force option in conjunction with --runall or --runonly
  - bitbake -e now supports showing base multiconfig configuration (using mc: prefix)
  - "mc:" prefix now supported as a shorter version of multiconfig:
  - Print more information when basehashes are mismatched
  - Show task elapsed time in hours, minutes, and seconds
  - Report all nonexistent directories in BBLAYERS in error message instead of just the first
  - Improve validation of addtask and deltask arguments
  - Added support for custom progress handlers injected via OE_EXTRA_IMPORTS
  - Enable console keepalive to help usage with remote sessions
  - Symlink the current cache file
* systemd-related improvements:
  - serial-getty@.service: Allow device to fast fail if it does not exist
  - Rewrote systemctl-native in Python supporting preset-all and mask
  - Added partial support of drop-in configuration files to systemd-systemctl-native
  - systemd-conf: added default configuration for wired network with DHCP
  - systemd-conf: simplified creation of machine-specific configuration
  - Create preset files and allow systemd to populate /etc/systemd/system instead of populating explicitly
  - Added systemd helper unit to load/restore iptables rules
* runqemu improvements:
  - Added support to pass multiple ports to tcpserial parameter
  - Added support for a BIOS command-line variable (consistent with KERNEL)
  - New QB_FSINFO variable supporting "wic:no-kernel-in-fs" and "wic:kernel-in-fs" for wic images
  - Added support to handle EnrollDefaultKeys PK/KEK1 certificate
  - Decoupled gtk and gl options
* wic improvements:
  - New partition type for msdos partition tables
  - New "bootimg-biosplusefi" source type that supports both BIOS and EFI
  - Support for kernel with initramfs bundled
  - bootimg-efi: add label source parameter
  - bootimg-efi: allow multiple initrd
  - bootimg-efi: replace hardcoded volume name with label
  - Include .wks.in in wic search and list
  - Use KERNEL_IMAGETYPE instead of hardcoding bzImage
  - Added global debug option
* Other image-related improvements:
  - Centralised default UEFI image configuration in conf/distro/image-uefi.conf
  - Make gzipped images rsyncable
  - initramfs-framework: support PARTLABEL option
  - New bash-completion IMAGE_FEATURES item to add bash-completion support for all installed packages
* devtool/recipetool improvements:
  - New "devtool menuconfig" subcommand
  - devtool build now also runs do_deploy if applicable
  - devtool finish now supports a --no-clean option
  - devtool finish now warns if multiple layers have the same base name
  - recipetool now supports creating recipes for Python 3
* Other script improvements:
  - buildstats-diff: added option to filter tasks
  - bitbake-layers: added several options to to make it easier to get plain output (for scripting)
  - ddimage: replaced target device blacklist with mount check
  - yocto-check-layer: Allow any case for README file detection
* SDK-related changes:
  - New SDK_ARCHIVE_TYPE variable to control SDK archive format
  - Introduce mechanism to keep nativesdk* sstate in eSDK
  - Added nativesdk variant to: dnf, gzip, libtasn1, python3-dbus
  - Use the best xz compression for the SDK
* buildhistory improvements:
  - Record sysroot changes in addition to runtime content
  - Show time spent writing buildhistory
* Recipe sanity checking improvements:
  - Added check to ensure perllocal.pod is not installed by non-CPAN perl recipes
  - Added sanity checks for ${PN} vs ${BPN} and github archives in SRC_URI
  - Check if a recipe incorrectly uses DEPENDS_${PN}
  - Improved buildpath warning messages
  - Simplified paths in host contamination warnings
* Automated testing improvements:
  - Enabled test suites for gcc, glibc, binutils
  - Add ptest ptest support to elfutils, m4, gettext
  - Fixes for many ptest test failures
  - testimage: consider QB_DEFAULT_FSTYPE
  - oe-selftest: implement console keepalive output
  - Support for LTP / LTP compliance
  - Added core-image-sato-ptest-fast image to execute 'fast' subset of ptests
  - resulttool: Add log subcommand
  - resulttool: enable loading results directly from an http/https URL
  - resulttool: add manual test case configuration option
  - resulttool: Add option to dump all ptest logs
* poky-lsb replaced by poky-altcfg for alternate configurations to be tested on the autobuilder (as well as an example of subclassing a distro config)
* Added minver and maxver parameters for patches in SRC_URI for more flexibility in bbappends and common inc files
* PRIVATE_LIBS variable now supports shell-style wildcards for matching libraries
* Adoption of SPDX license identifiers throughout Yocto Project's components
* Added bbverbnote shell log command (consistent with bbwarn, bberror etc.)
* New OE_EXTRA_IMPORTS variable to make it easier to import custom modules into BitBake python environment
* busybox: enabled unicode support by default
* cmake: Use compiler launcher variable when ccache is enabled so that it can be disabled by build scripts if needed
* db: add new "verify" PACKAGECONFIG option for enabling database verification with db_verify command (default disabled)
* distcc: split into client and server packages
* dropbear: new "disable-weak-ciphers" PACKAGECONFIG option to disable older weak ciphers
* grub-efi-native: install grub-editenv
* lttng-modules: added git based recipe
* opkg: allow overriding OPKGLIBDIR
* ovmf: Generate test Platform key and first Key Exchange Key
* New PKGDATA_VARS variable to specify variables written out to pkgdata
* Obsolete stress recipe replaced by stress-ng
* uboot-sign: add support for different u-boot configurations
* update-rc.d: support enable/disable options
* waffle: support building without x11
* weston-init: Add possibility to run weston as non-root user
* python3: support recommends in manifest
* package_deb: add DPKG_BUILDCMD variable to allow customising dpkg command
* chrpath.bbclass: Add break_hardlinks parameter to allow breaking hardlinks when processing rpaths
* New "Apache-2.0-with-LLVM-exception" common license file
* screen: add /etc/screenrc as global config file
* utils/multiprocess_launch: Improve failing subprocess output
* Added local.conf/auto.conf into error report submitted by report-error.bbclass
* Added OpenEmbedded logo .svg file to repository (from OE-Classic)
------------
Known Issues
------------
*Bug 13594: mpc8315e-rdb: the stap oeqa test causes OOM.
This issue is on a platform with minimal support and works outside the framework.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13594
*Bug 13595: strace ptest failed .
strace issue is two individual test regressions which is an improvement on the test timeouts we had previously.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13595
---------------
Recipe Licenses
---------------
The following corrections have been made to the LICENSE values set by recipes:
* cairo: MPL-1 -> MPL-1.1
* dbus / dbus-glib / dbus-test: AFL-2 -> AFL-2.1
* iw: BSD -> BSD-2-Clause
* libical: MPL-1 -> MPL-1.0
* openssh: some files are licensed under ISC or MIT license, so add these to LICENSE
* taglib: MPL-1 -> MPL-1.1
* vte: several files in libvte source are LGPLv3+, so add to LICENSE and set LGPLv3+ as the libvte package LICENSE
----------------------
Migration instructions
----------------------
For details on changes that you might need to make when migrating to the Yocto Project 3.0
release from previous releases, please see the following manual section:
http://www.yoctoproject.org/docs/3.0/ref-manual/ref-manual.html#moving-to-the-yocto-project-3.0-release
--------------
Security Fixes
Security Fixes
--------------
--------------
Line 34: Line 232:




 
---------------
New Features / Enhancements
---------------------------
* Linux kernel 5.2/4.19, gcc 9.2, glibc 2.30 and ~260 other recipe upgrades
* New INIT_MANAGER variable to make it easy to select the init manager (sysvinit, systemd, mdev-busybox)
* poky-lsb replaced by poky-altcfg for alternate configurations to be tested on the autobuilder (as well as an example of subclassing a distro config)
* New recipes: binutils-cross-testsuite, core-image-sato-ptest-fast, dejagnu, efibootmgr, efivar, ell, glibc-testsuite, libcap-ng-python, libedit, libmodule-build-perl, libx11-compose-data, libxcrypt-compat, lsb-release, musl-obstack, opensbi, python3-pygments, python3-scons, python3-scons-native, stress-ng, vulkan-headers, vulkan-loader, vulkan-tools, wireless-regdb
* Significant removal of old/obsolete software/patches ensuring we have a modern and up to date core Linux software stack.
  - LSB support moved to separate layer [was it??]
  - GTK+ 2 moved out to meta-oe
  - Python 2 dependencies minimised
  - many obsolete patches dropped
* Build change equivalence is detected and used to avoid rebuilding unchanged components
* Adoption of SPDX license identifiers throughout Yocto Project's components
* "Multi-Config" builds reaching their full potential
  - Many bugfixes and improvements
  - sstate cache is now shared between configurations being built concurrently
  - multiconfig configurations can be contained in layers
* CVE checking enhancements:
  - New cve-update-db recipe that reads from NVD JSON data feeds and supports network proxies
  - Support for CVSSv3 scoring
  - CVE_PRODUCT entries can now contain strings to match the vendor as well as product (vendor:product syntax)
* Add nativesdk variant to: dnf, gzip, libtasn1, python3-dbus
* Add native variant to: glib-networking, grub, libsoup, python3-dbus
 
 
* Added bbverbnote shell log command
* Added support for arm1176jz-s CPU specific tuning
* Apache-2.0-with-LLVM-exception: Add new license file
* base.bbclass: Add OE_EXTRA_IMPORTS
* bash-completion: add image feature
* binutils-cross-testsuite: Create recipe for test suite execution
* bitbake: BBHandler: Fix addtask and deltask
* bitbake: bb: siggen: Make dump_sigfile and compare_sigfiles print uuid4
* bitbake: bb: siggen: Print more info when basehash are mis-matched
* bitbake: bitbake: Add --skip-setscene option
* bitbake: bitbake: fetch2/git: git-lfs check
* bitbake: bitbake-layers: show-recipes: Enable bare output
* bitbake: bitbake-layers: show-recipes: Select recipes from selected layer
* bitbake: bitbake-layers: show-recipes: Show recipes only
* bitbake: bitbake: respect force flag in runall and runonly
* bitbake: bitbake: Rework hash equivalence
* bitbake: bitbake: Show base multiconfig environment
* bitbake: build: implement custom progress handlers injected via OE_EXTRA_IMPORTS
* bitbake: build.py: check dependendent task for addtask
* bitbake: cache: Add SimpleCache class
* bitbake: cache: Create a symlink for current cachefile
* bitbake.conf: add git-lfs to HOSTTOOLS_NONFATAL
* bitbake: cooker/hashserv: Allow autostarting of a local hash server using BB_HASHSERVE
* bitbake: cooker: list all nonexistent bblayer directories
* bitbake: fetch2/git: add git-lfs toggle option
* bitbake: fetch2/npm: Use npm pack to download node modules instead of wget
* bitbake: knotty: Implement console 'keepalive' output
* bitbake: knotty: Pretty print task elapsed time
* bitbake: runqueue: Enable dynamic task adjustment to hash equivalency
* bitbake: runqueue: Merge scenequeue and real task queue code together
* bitbake: runqueue: Merge the queues and execute setscene and normal tasks in parallel
* bitbake: siggen: Use unique hashes for tasks
* bitbake: svn.py: Stop SVN from directly pulling from an external layer w/o fetcher
* buildhistory: report sysroot changes
* buildhistory: show time spent writting buildhistory
* buildhistory: write the contents of the sysroot
* busybox: enable unicode support
* chrpath.bbclass: Add break_hardlinks kwarg to allow breaking hardlinks
* cmake: Use compiler launcher variable when ccache is enabled
* db: add switch for building database verification
* deb: allow custom dpkg command
* devtool: build: Also run deploy for devtool build if applicable
* devtool: finish: Add suppport for the --no-clean option
* devtool: provide support for devtool menuconfig command
* devtool/standard.py: Create a copy of kernel source within work-shared if not present
* devtool/standard.py: Update devtool modify to copy source from work-shared if its already downloaded
* devtool: warn user about multiple layer having the same base name
* distcc: split into client and server packages
* dropbear: new feature: disable-weak-ciphers
* gcc-runtime: Add do_check task for executing gcc test suites
* glibc-testsuite: Create a recipe to implement glibc test suite
* grub-efi-native: Install grub-editenv
* icu: Added armeb support.
* image_types.bbclass: make gzipped images rsyncable
* image-uefi.conf: add config file holding configuration for UEFI images
* initramfs-framework: support PARTLABEL option
* insane: add check for perllocal.pod
* insane: add sanity checks to SRC_URI
* insane: check if the recipe incorrectly uses DEPENDS_${PN}
* insane: improve buildpath warning messages
* insane: use clean_path for the host contamination warnings
* iptables: add systemd helper unit to load/restore rules
* kernel-fitimage: introduce FIT_HASH_ALG
* kernel-module-split.bbclass: support CONFIG_MODULE_COMPRESS=y
* kernel-yocto: import security fragments from meta-security
* libffi: Add RISC-V support
* libmodule-build-perl: move from meta-perl
* linux-yocto/4.19: make drm-bochs feature available
* linux-yocto/5.0: bsp: add basic xilinx zynqmp support
* linux-yocto/5.0: make scsi-debug include scsi core configs
* linux-yocto/5.2: config tweaks and kallsyms fix
* linux-yocto: add drm-bochs support
* linux-yocto: bsp/beaglebone: support qemu -machine virt
* live-vm-common.bbclass: provide efi population functions for live images
* local.conf.sample: Add Hash Equivalence
* logparser: Add decoding ltp logs
* logparser: Add LTP compliance section
* ltp: add runtime test
* ltp_compliance: add new runtime
* lttng-modules: Add git based recipe
* meson.bbclass: Handle microblaze* mapping to cpu family
* meson.bbclass: Make meson support aarch64_be.
* oe-selftest: Implement console 'keepalive' output
* oe.svg: Copy artwork from openembedded-classic.
* opensbi: Initial commit of OpenSBI
* opkg/package/rootfs_ipk: allow overwriting OPKGLIBDIR
* ovmf: Generate test Platform key and first Key Exchange Key
* package.bbclass: allow shell-style wildcards in PRIVATE_LIBS
* package.bbclass: Clean up writing of runtime pkgdata files
* patch: add minver and maxver parameters
* populate_sdk_base: provide options to set sdk type
* populate_sdk_ext: Introduce mechanism to keep nativesdk* sstate in esdk
* python3-scons-{native}: add recipe
* python3: support recommends in manifest
* qemu: Add ppc64 to QEMU_TARGETS
* qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
* qemuriscv64: Add the QEMU RISC-V 64-bit machine
* qemurunner.py: Be more verbose about problems
* qemux86: Allow higher tunes
* recipetool: add python3 support
* report-error.bbclass: add local.conf/auto.conf into error report
* resulttool: Add log subcommand
* resulttool: add LTP compliance section
* resulttool: add ltp test support
* resulttool: Load results from URL
* resulttool/manualexecution: Enable test case configuration option
* runqemu: Add support for kvm on aarch64
* runqemu: Add support to handle EnrollDefaultKeys PK/KEK1 certificate
* runqemu: Add the support to pass multi ports to tcpserial parameter
* runqemu: decouple gtk and gl options
* runqemu: QB_FSINFO to support fstype wic images
* screen: add /etc/screenrc as global config file
* scripts/buildstats-diff: Add option to filter tasks
* scripts/contrib/ddimage: replace blacklist with mount check
* scripts/runqemu: Add support for the BIOS variable
* serial-getty@.service: Allow device to fast fail if it does not exist
* stress-ng: add a recipe that replaces the original stress
* systemctl-native: Rewrite in Python supporting preset-all and mask
* systemd: Add partial support of drop-in configuration files to systemd-systemctl-native
* systemd-conf: configure wired network with dhcp
* systemd-conf: simplify creation of machine-specific configuration
* systemd: create preset files instead of installing in image
* testimage: consider QB_DEFAULT_FSTYPE
* tune-cortexa57-cortexa53: add tunes for ARM Cortex-A53-Cortex-A57
* uboot-sign: add support for different u-boot configurations
* update-rc.d: support enable/disable options
* utils/multiprocess_launch: Improve failing subprocess output
* waffle: supprt build waffle without x11
* weston-init: Add possibility to run weston as non-root user
* weston-init: Add support for non-root start
* wic: add global debug option
* wic: Add partition type for msdos partition tables
* wic: add support for kernel with initramfs bundled
* wic: bootimg-efi: add label source parameter
* wic/bootimg-efi: allow multiple initrd
* wic/bootimg-efi: replace hardcoded volume name with label
* wic/engine: include .wks.in in wic search and list
* wic/plugins: kernel image refer to KERNEL_IMAGETYPE
* wic/plugins: Source that support both EFI and BIOS
* wireless-regdb: Add recipe
* yocto-bsp: runqemu runs beaglebone-yocto
* yocto-check-layer: Allow any case for README file detection
 
 
 
Recipe Upgrades
Recipe Upgrades
---------------
---------------
Line 475: Line 503:
* xtrans: upgrade 1.3.5 -> 1.4.0
* xtrans: upgrade 1.3.5 -> 1.4.0
* xwininfo: upgrade 1.1.4 -> 1.1.5
* xwininfo: upgrade 1.1.4 -> 1.1.5
license
-------
Known Issues
------------
*Bug 13594: mpc8315e-rdb: the stap oeqa test causes OOM.
This issue is on a platform with minimal support and works outside the framework.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13594
*Bug 13595: strace ptest failed .
strace issue is two individual test regressions which is an improvement on the test timeouts we had previously.
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13595

Latest revision as of 15:08, 18 October 2019

NOTE: The formatting in this page is not meant to look good in the wiki - it's just a convenient place to collaborate. We need to stick to the text formatting that will end up in the actual release notes.

yocto-3.0 Release Notes



Downloads



New Features / Enhancements


  • Linux kernel 5.2/4.19, gcc 9.2, glibc 2.30 and ~260 other recipe upgrades
  • Build change equivalence is detected and used to avoid rebuilding unchanged components (BETA)
  • Architecture / machine-specific enhancements:
 - New "qemuriscv64" emulated RISC-V 64-bit machine
 - qemu: Add ppc64 to QEMU_TARGETS
 - qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
 - New tune file for ARM Cortex-A53-Cortex-A57
 - New tune file for arm1176jz-s CPU
 - meson.bbclass: Handle microblaze* mapping to cpu family
 - meson.bbclass: Make meson support aarch64_be.
 - libffi: added RISC-V support
 - icu: added armeb support
 - runqemu: added support for kvm on aarch64
 - beaglebone-yocto machine now set up to support booting images with runqemu
 - qemux86: make it possible to use higher tunes using DEFAULTTUNE
  • Kernel improvements:
 - kernel-fitimage: introduce FIT_HASH_ALG
 - kernel-module-split.bbclass: support CONFIG_MODULE_COMPRESS=y
 - kernel-yocto: import security fragments from meta-security
 - linux-yocto: add drm-bochs support
 - linux-yocto: bsp/beaglebone: support qemu -machine virt
  • multiconfig builds now reach their full potential:
 - Many bugfixes and improvements
 - sstate cache is now shared between configurations being built concurrently
 - multiconfig configurations can be contained in layers
  • Significant removal of old/obsolete software/patches ensuring we have a modern and up to date core Linux software stack:
 - LSB support removed
 - GTK+ 2 moved out to meta-oe
 - Python 2 dependencies minimised
 - Many obsolete patches dropped
  • CVE checking enhancements:
 - New cve-update-db recipe that reads from NVD JSON data feeds and supports network proxies
 - Support for CVSSv3 scoring
 - CVE_PRODUCT entries can now contain strings to match the vendor as well as product (vendor:product syntax)
  • New INIT_MANAGER variable to make it easy to select the init manager (sysvinit, systemd, mdev-busybox)
  • New recipes: binutils-cross-testsuite, core-image-sato-ptest-fast, dejagnu, efibootmgr, efivar, ell, glibc-testsuite, libcap-ng-python, libedit, libmodule-build-perl, libx11-compose-data, libxcrypt-compat, lsb-release, musl-obstack, opensbi, python3-pygments, python3-scons, python3-scons-native, stress-ng, vulkan-headers, vulkan-loader, vulkan-tools, wireless-regdb
  • Added native variant to: glib-networking, grub, libsoup, python3-dbus
  • BitBake improvements:
 - Merged setscene tasks into the main runqueue so they can run in parallel
 - fetch2/git: added sanity checking for git-lfs
 - fetch2/svn: prevent from directly pulling from an externals w/o fetcher
 - fetch2/npm: use npm pack to download node modules instead of wget
 - Added --skip-setscene option
 - Respect -f/--force option in conjunction with --runall or --runonly
 - bitbake -e now supports showing base multiconfig configuration (using mc: prefix)
 - "mc:" prefix now supported as a shorter version of multiconfig:
 - Print more information when basehashes are mismatched
 - Show task elapsed time in hours, minutes, and seconds
 - Report all nonexistent directories in BBLAYERS in error message instead of just the first
 - Improve validation of addtask and deltask arguments
 - Added support for custom progress handlers injected via OE_EXTRA_IMPORTS
 - Enable console keepalive to help usage with remote sessions
 - Symlink the current cache file
  • systemd-related improvements:
 - serial-getty@.service: Allow device to fast fail if it does not exist
 - Rewrote systemctl-native in Python supporting preset-all and mask
 - Added partial support of drop-in configuration files to systemd-systemctl-native
 - systemd-conf: added default configuration for wired network with DHCP
 - systemd-conf: simplified creation of machine-specific configuration
 - Create preset files and allow systemd to populate /etc/systemd/system instead of populating explicitly
 - Added systemd helper unit to load/restore iptables rules
  • runqemu improvements:
 - Added support to pass multiple ports to tcpserial parameter
 - Added support for a BIOS command-line variable (consistent with KERNEL)
 - New QB_FSINFO variable supporting "wic:no-kernel-in-fs" and "wic:kernel-in-fs" for wic images
 - Added support to handle EnrollDefaultKeys PK/KEK1 certificate
 - Decoupled gtk and gl options
  • wic improvements:
 - New partition type for msdos partition tables
 - New "bootimg-biosplusefi" source type that supports both BIOS and EFI
 - Support for kernel with initramfs bundled
 - bootimg-efi: add label source parameter
 - bootimg-efi: allow multiple initrd
 - bootimg-efi: replace hardcoded volume name with label
 - Include .wks.in in wic search and list
 - Use KERNEL_IMAGETYPE instead of hardcoding bzImage
 - Added global debug option
  • Other image-related improvements:
 - Centralised default UEFI image configuration in conf/distro/image-uefi.conf
 - Make gzipped images rsyncable
 - initramfs-framework: support PARTLABEL option
 - New bash-completion IMAGE_FEATURES item to add bash-completion support for all installed packages
  • devtool/recipetool improvements:
 - New "devtool menuconfig" subcommand
 - devtool build now also runs do_deploy if applicable
 - devtool finish now supports a --no-clean option
 - devtool finish now warns if multiple layers have the same base name
 - recipetool now supports creating recipes for Python 3
  • Other script improvements:
 - buildstats-diff: added option to filter tasks
 - bitbake-layers: added several options to to make it easier to get plain output (for scripting)
 - ddimage: replaced target device blacklist with mount check
 - yocto-check-layer: Allow any case for README file detection
  • SDK-related changes:
 - New SDK_ARCHIVE_TYPE variable to control SDK archive format
 - Introduce mechanism to keep nativesdk* sstate in eSDK
 - Added nativesdk variant to: dnf, gzip, libtasn1, python3-dbus
 - Use the best xz compression for the SDK
  • buildhistory improvements:
 - Record sysroot changes in addition to runtime content
 - Show time spent writing buildhistory
  • Recipe sanity checking improvements:
 - Added check to ensure perllocal.pod is not installed by non-CPAN perl recipes
 - Added sanity checks for ${PN} vs ${BPN} and github archives in SRC_URI
 - Check if a recipe incorrectly uses DEPENDS_${PN}
 - Improved buildpath warning messages
 - Simplified paths in host contamination warnings
  • Automated testing improvements:
 - Enabled test suites for gcc, glibc, binutils
 - Add ptest ptest support to elfutils, m4, gettext
 - Fixes for many ptest test failures
 - testimage: consider QB_DEFAULT_FSTYPE
 - oe-selftest: implement console keepalive output
 - Support for LTP / LTP compliance
 - Added core-image-sato-ptest-fast image to execute 'fast' subset of ptests
 - resulttool: Add log subcommand
 - resulttool: enable loading results directly from an http/https URL
 - resulttool: add manual test case configuration option
 - resulttool: Add option to dump all ptest logs
  • poky-lsb replaced by poky-altcfg for alternate configurations to be tested on the autobuilder (as well as an example of subclassing a distro config)
  • Added minver and maxver parameters for patches in SRC_URI for more flexibility in bbappends and common inc files
  • PRIVATE_LIBS variable now supports shell-style wildcards for matching libraries
  • Adoption of SPDX license identifiers throughout Yocto Project's components
  • Added bbverbnote shell log command (consistent with bbwarn, bberror etc.)
  • New OE_EXTRA_IMPORTS variable to make it easier to import custom modules into BitBake python environment
  • busybox: enabled unicode support by default
  • cmake: Use compiler launcher variable when ccache is enabled so that it can be disabled by build scripts if needed
  • db: add new "verify" PACKAGECONFIG option for enabling database verification with db_verify command (default disabled)
  • distcc: split into client and server packages
  • dropbear: new "disable-weak-ciphers" PACKAGECONFIG option to disable older weak ciphers
  • grub-efi-native: install grub-editenv
  • lttng-modules: added git based recipe
  • opkg: allow overriding OPKGLIBDIR
  • ovmf: Generate test Platform key and first Key Exchange Key
  • New PKGDATA_VARS variable to specify variables written out to pkgdata
  • Obsolete stress recipe replaced by stress-ng
  • uboot-sign: add support for different u-boot configurations
  • update-rc.d: support enable/disable options
  • waffle: support building without x11
  • weston-init: Add possibility to run weston as non-root user
  • python3: support recommends in manifest
  • package_deb: add DPKG_BUILDCMD variable to allow customising dpkg command
  • chrpath.bbclass: Add break_hardlinks parameter to allow breaking hardlinks when processing rpaths
  • New "Apache-2.0-with-LLVM-exception" common license file
  • screen: add /etc/screenrc as global config file
  • utils/multiprocess_launch: Improve failing subprocess output
  • Added local.conf/auto.conf into error report submitted by report-error.bbclass
  • Added OpenEmbedded logo .svg file to repository (from OE-Classic)

Known Issues


  • Bug 13594: mpc8315e-rdb: the stap oeqa test causes OOM.

This issue is on a platform with minimal support and works outside the framework. https://bugzilla.yoctoproject.org/show_bug.cgi?id=13594

  • Bug 13595: strace ptest failed .

strace issue is two individual test regressions which is an improvement on the test timeouts we had previously. https://bugzilla.yoctoproject.org/show_bug.cgi?id=13595



Recipe Licenses


The following corrections have been made to the LICENSE values set by recipes:

  • cairo: MPL-1 -> MPL-1.1
  • dbus / dbus-glib / dbus-test: AFL-2 -> AFL-2.1
  • iw: BSD -> BSD-2-Clause
  • libical: MPL-1 -> MPL-1.0
  • openssh: some files are licensed under ISC or MIT license, so add these to LICENSE
  • taglib: MPL-1 -> MPL-1.1
  • vte: several files in libvte source are LGPLv3+, so add to LICENSE and set LGPLv3+ as the libvte package LICENSE



Migration instructions


For details on changes that you might need to make when migrating to the Yocto Project 3.0 release from previous releases, please see the following manual section:

http://www.yoctoproject.org/docs/3.0/ref-manual/ref-manual.html#moving-to-the-yocto-project-3.0-release



Security Fixes


  • binutils: CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-9070, CVE-2019-9071, CVE-2019-9074, CVE-2019-9075, CVE-2019-9076, CVE-2019-9077
  • dbus: CVE-2019-12749
  • gcc: CVE-2019-14250, CVE-2018-12886, CVE-2018-18484, CVE-2019-15847
  • gdb: CVE-2017-9778
  • ghostscript: CVE-2019-14811, CVE-2019-14817
  • glib-2.0: CVE-2019-12450
  • glibc: CVE-2018-20796 (same as CVE-2019-9169)
  • gnupg: CVE-2019-13050
  • gnutls: GNUTLS-SA-2019-03-27
  • iptables: CVE-2019-11360
  • libid3tag: CVE-2017-11550, CVE-2017-11551 (same as CVE-2004-2779)
  • libxslt: CVE-2019-11068, CVE-2019-13117, CVE-2019-13118
  • linux-yocto/4.19: CVE-2019-3887
  • linux-yocto/5.0: CVE-2019-3887
  • ltp: CVE-2017-17052
  • nasm: CVE-2018-19755
  • openssh: CVE-2018-20685, CVE-2019-6109, CVE-2019-6111
  • patch: CVE-2018-1000156 (improved fix), CVE-2019-13636, CVE-2019-13638
  • python3: CVE-2019-9740, CVE-2019-9948
  • python: CVE-2018-20852, CVE-2019-9740, CVE-2019-9947 (same as CVE-2019-9740), CVE-2019-9948, CVE-2019-9636
  • qemu: CVE-2019-12155, CVE-2019-15890
  • rsync: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
  • squashfs-tools: CVE-2015-4645, CVE-2015-4646
  • tiff: CVE-2019-6128, CVE-2019-7663, CVE-2019-14973
  • u-boot: CVE-2019-13103, CVE-2019-13104, CVE-2019-13105, CVE-2019-13106, CVE-2019-14192, CVE-2019-14193, CVE-2019-14194, CVE-2019-14195, CVE-2019-14196, CVE-2019-14197, CVE-2019-14198, CVE-2019-14199, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203, CVE-2019-14204
  • unzip: CVE-2019-13232
  • vim: CVE-2019-12735



Recipe Upgrades


  • acpica: update to 20190816
  • acpid: upgrade 2.0.31 -> 2.0.32
  • adwaita-icon-theme: upgrade 3.30.1 -> 3.32.0
  • alsa-lib: upgrade 1.1.8 -> 1.1.9
  • alsa-plugins: upgrade 1.1.8 -> 1.1.9
  • alsa-utils: upgrade 1.1.8 -> 1.1.9
  • apr: upgrade 1.6.5 -> 1.7.0
  • apt: update to 1.2.31
  • aspell: update to 0.60.7
  • atk: upgrade 2.30.0 -> 2.32.0
  • at-spi2-atk: upgrade 2.30.0 -> 2.32.0
  • at-spi2-core: upgrade 2.30.0 -> 2.32.1
  • autoconf-archive: update to 2019.01.06
  • babeltrace: update to 1.5.7
  • bash-completion: upgrade 2.8 -> 2.9
  • bash: upgrade 4.4.18 -> 5.0
  • bison: upgrade 3.0.4 -> 3.4.1
  • boost: update to 1.71.0
  • btrfs-tools: upgrade 4.20.1 -> 5.2.2
  • build-compare: 2015.02.10 -> 2019.08.14
  • busybox: 1.30.1 -> 1.31.0
  • bzip2: update to 1.0.8
  • ccache: upgrade 3.6 -> 3.7.3
  • cmake: 3.14.1 -> 3.15.3
  • cogl: upgrade 1.22.2 -> 1.22.4
  • connman: update to 1.37
  • coreutils: update to 8.31
  • createrepo-c: update to 0.15.0
  • cronie: update to 1.5.4
  • cups: update to 2.2.12
  • curl: update to 7.66.0
  • dbus-test: Upgrade 1.12.12 -> 1.12.16
  • dbus: Upgrade 1.12.12 -> 1.12.16
  • debianutils: upgrade 4.8.6.1 -> 4.8.6.3
  • desktop-file-utils: upgrade 0.23 -> 0.24
  • distcc: upgrade 3.3.2 -> 3.3.3
  • dnf: upgrade 4.1.0 -> 4.2.2
  • dpkg: update to 1.19.7
  • dropbear: update to 2019.78
  • dtc: upgrade 1.4.7 -> 1.5.1
  • e2fsprogs: 1.44.5 -> 1.45.3
  • elfutils: 0.176 -> 0.177
  • ell: update to 0.22
  • encodings: update to 1.0.5
  • epiphany: update to 3.32.4
  • ethtool: update to 5.2
  • eudev: update to 3.2.8
  • expat: update to 2.2.8
  • ffmpeg: update to 4.2.1
  • file: update to 5.37
  • flac: Upgrade 1.3.2 -> 1.3.3
  • fontconfig: update to 2.13.1
  • font-util: update to 1.3.2
  • freetype: upgrade 2.9.1 -> 2.10.1
  • gawk: upgrade 4.2.1 -> 5.0.1
  • gcc-9: Upgrade to 9.2
  • gdb: Upgrade from 8.2.1 to 8.3.1
  • gdk-pixbuf: update 2.38.0 -> 2.38.2
  • ghostscript: 9.26 -> 9.27
  • git: update to 2.23.0
  • glib-2.0: udpate 2.58.3 -> 2.60.7
  • glibc: Update to glibc 2.30
  • glib-networking: upgrade 2.60.1 -> 2.60.3
  • gnu-config: Update to latest SHA
  • gnupg: update to 2.2.17
  • gnutls: upgrade 3.6.5 -> 3.6.8
  • go-1.12: update to 1.12.9 minor release
  • gobject-introspection: update to 1.60.2
  • go-dep: update to 0.5.4
  • go: update 1.12.1->1.12.6
  • gpgme: upgrade 1.12.0 -> 1.13.1
  • groff: upgrade 1.22.3 -> 1.22.4
  • grub: upgrade 2.02 -> 2.04
  • gsettings-desktop-schemas: upgrade 3.28.1 -> 3.32.0
  • gst-examples: upgrade to 1.16.0
  • gstreamer1.0-libav: upgrade to version 1.16.0
  • gstreamer1.0-omx: upgrade to version 1.16.0
  • gstreamer1.0-plugins-bad: upgrade to version 1.16.0
  • gstreamer1.0-plugins-base: upgrade to version 1.16.0
  • gstreamer1.0-plugins-good: upgrade to version 1.16.0
  • gstreamer1.0-plugins-ugly: upgrade to version 1.16.0
  • gstreamer1.0-python: upgrade to version 1.16.0
  • gstreamer1.0-rtsp-server: upgrade to version 1.16.0
  • gstreamer1.0: upgrade to version 1.16.0
  • gstreamer1.0-vaapi: upgrade to version 1.16.0
  • gst-validate: upgrade to version 1.16.0
  • gtk+3: update 3.24.5 -> 3.24.8
  • gtk-doc: upgrade 1.29 -> 1.31
  • harfbuzz: upgrade 2.3.1 -> 2.6.1
  • help2man-native: update to 1.47.11
  • icu: update to 64.2
  • ifupdown: update to 0.8.22
  • iproute2: update to 5.2.0
  • iptables: upgrade 1.6.2 -> 1.8.3
  • iputils: upgrade to s20190709
  • iso-codes: upgrade 4.2 -> 4.3
  • iw: upgrade 4.14 -> 5.3
  • kmscube: Bump revision to f632b23
  • less: upgrade 550 -> 551
  • libarchive: upgrade 3.3.3 -> 3.4.0
  • libatomic-ops: upgrade 7.6.8 -> 7.6.10
  • libbsd: upgrade 0.9.1 -> 0.10.0
  • libcap: update to 2.27
  • libcomps: upgrade 0.1.10 -> 0.1.11
  • libcroco: update to 0.6.13
  • libdazzle: update to 3.32.3
  • libdnf: update to 0.28.1
  • libdrm: update to 2.4.99
  • libevdev: upgrade 1.6.0 -> 1.8.0
  • libevent: upgrade 2.1.8 -> 2.1.11
  • libffi: Upgrade to 3.3-rc0
  • libglu: upgrade 9.0.0 -> 9.0.1
  • libgpg-error: upgrade 1.35 -> 1.36
  • libgudev: upgrade 232 -> 233
  • libical: upgrade to 3.0.6
  • libice: upgrade 1.0.9 -> 1.0.10
  • libidn2: upgrade to 2.2.0
  • libinput: update to 1.14.1
  • libjpeg-turbo: upgrade 2.0.2 -> 2.0.3
  • libmodule-build-perl: upgrade 0.4224 -> 0.4229
  • libmodulemd: update to 2.6.0
  • libnewt: upgrade 0.52.20 -> 0.52.21
  • libnl: upgrade to 3.5.0
  • libnotify: update to 0.7.8
  • libnss-nis: upgrade 3.0 -> 3.1
  • libogg: upgrade 1.3.3 -> 1.3.4
  • libpam: Upgrade 1.3.0 -> 1.3.1
  • libpcap: upgrade 1.9.0 -> 1.9.1
  • libpciaccess: upgrade 0.14 -> 0.16
  • libpcre2: upgrade 10.32 -> 10.33
  • libpng: update to 1.6.37
  • libpsl: update to 0.21.0
  • librepo: update to 1.10.5
  • libsdl2: upgrade 2.0.9 -> 2.0.10
  • libsecret: 0.19.0
  • libsolf: update to 0.7.5
  • libsolv: update to 0.7.6
  • libsoup-2.4: upgrade 2.66.1 -> 2.66.2
  • libsoup: Upgrade from 2.64.2 to 2.66.1
  • libtasn1: upgrade 4.13 -> 4.14
  • libtest-needs-perl: upgrade 0.002005 -> 0.002006
  • libtirpc: upgrade 1.0.3 -> 1.1.4
  • liburcu: update to 0.11.1
  • libva: upgrade 2.4.0 -> 2.5.0
  • libva-utils: upgrade 2.4.0 -> 2.5.0
  • libwebp: upgrade 1.0.2 -> 1.0.3
  • libx11-compose-data: upgrade 1.6.7 -> 1.6.8
  • libx11: update to 1.6.8
  • libxcrypt: update to 4.4.8
  • libxdmcp: update to 1.1.3
  • libxext: update to 1.3.4
  • libxft: upgrade 2.3.2 -> 2.3.3
  • libxi: update to 1.7.10
  • libxkbfile: update 1.1.0
  • libxml2: upgrade 2.9.8 -> 2.9.9
  • libxml-sax-perl: upgrade 1.00 -> 1.02
  • libxmu: update to 1.1.3
  • libxrandr: update to 1.5.2
  • libxt: update to 1.2.0
  • libxvmc: update to 1.0.11
  • libyaml: update to 0.2.2
  • lighttpd: Upgrade 1.4.53 -> 1.4.54
  • linux-firmware: Upgrade to 20190815
  • linux-libc-headers: update to v5.2 headers
  • linux-yocto/4.19: update to 4.19.72 and -rt22
  • linux-yocto-dev: bump to 5.3-rcX
  • linux-yocto: introduce 5.2.17 recipes
  • linux-yocto-rt: update to 5.0.5-rt9
  • llvm: Update to 8.0.1
  • logrotate: upgrade 3.15.0 -> 3.15.1
  • ltp: upgrade 20190115 -> 20190517
  • lttng-modules: upgrade 2.10.8 -> 2.10.11
  • lttng-tools: update to 2.10.7
  • lttng-ust: upgrade 2.10.3 -> 2.10.5
  • lz4: update to 1.9.2
  • makedepend: update to 1.0.6
  • man-db: upgrade 2.8.4 -> 2.8.7
  • man-pages: upgrade 4.16 -> 5.01
  • mc: update to 4.8.23
  • mesa-demos: update to 8.4.0
  • mesa: Update 19.0.1 -> 19.1.6
  • meson: update to 0.51.2
  • mmc-utils: update to the latest upstream code
  • mobile-broadband-provider-info: upgrade 20190116 -> 20190618
  • mpg123: upgrade 1.25.10 -> 1.25.11
  • msmtp: 1.6.6 -> 1.8.5
  • mtd-utils: Upgrade to 2.1.1
  • mtools: update to 4.0.23
  • musl: Update to latest master
  • ncurses: upgrade 6.1+20181013 -> 6.1+20190803
  • nettle: upgrade 3.4.1 -> 3.5.1
  • newlib: Upgrade to 3.1.0
  • nfs-utils: 2.3.3 -> 2.4.1
  • nss: upgrade 3.42.1 -> 3.45
  • ofono: upgrade 1.25 -> 1.30
  • opensbi: Update from 0.3 to 0.4
  • openssh: Upgrade 7.9p1 -> 8.0p1
  • openssl: Upgrade 1.1.1b -> 1.1.1d
  • opkg: upgrade to version 0.4.1
  • opkg-utils: upgrade to version 0.4.1
  • orc: update to 0.4.29
  • ovmf: Update to version edk2-stable201905
  • p11-kit: update to 0.23.16.1
  • pango: upgrade 1.42.4 -> 1.44.6
  • patchelf: Upgrade 0.9 -> 0.10
  • perl: Move perl-sanity -> perl
  • perl: update to 5.30.0
  • piglit: upgrade to latest revision
  • pixman: update to 0.38.4
  • pkgconf: upgrade 1.6.0 -> 1.6.3
  • ptest-runner: update from 2.3.1 to 2.3.2
  • python3-dbus: upgrade 1.2.8 -> 1.2.12
  • python3-docutils: update to 0.15
  • python3-git: update to 3.0.2
  • python3-mako: update to 1.1.0
  • python3-numpy: update to 1.17.0
  • python3-pbr: update to 5.4.3
  • python3-pip: update to 19.2.3
  • python3-pycairo: update to 1.18.1
  • python3-pygobject: update to 3.34.0
  • python3-scons: update to 3.1.1
  • python3: upgrade 3.7.3 -> 3.7.4
  • python-numpy: update to 1.16.3
  • python-scons: update to 3.1.0
  • python-setuptools: update to 41.2.0
  • python: update to 3.7.3
  • qemu: Upgrade from 3.1.0 to 4.1
  • quilt: update to 0.66
  • quota: update to 4.05
  • rng-tools: 6.6 -> 6.7
  • ruby: update to 2.5.5
  • socat: upgrade 1.7.3.2 -> 1.7.3.3
  • sqlite3: update to 3.29.0
  • squashfs-tools: upgrade to commit f95864afe883
  • strace: Upgrade to 5.3
  • subversion: upgrade 1.11.1 -> 1.12.2
  • sysprof: upgrade 3.30.2 -> 3.32.0
  • sysstat: 12.1.3 -> 12.1.6
  • systemd: upgrade to 243
  • systemtap: update to 57c9aca9f1ff32a6add10e02ecd33b7314fad499
  • tar: update to 1.32
  • timezone: update to 2019c
  • u-boot: Upgrade from 2019.01 to 2019.07
  • uninative: Update to 2.7 release
  • usbutils: upgrade 010->012
  • util-linux: upgrade to 2.34
  • vala: update to 0.44.7
  • valgrind: update from 3.14.0 to 3.15.0
  • vim: Update to 8.1.1240
  • virglrenderer: update 0.7.0 -> 0.8.0
  • vte: upgrade 0.52.2 -> 0.56.3
  • waffle: upgrade 1.5.2 -> 1.6.0
  • wayland-protocols: upgrade 1.17 -> 1.18
  • webkitgtk: update to 2.24.4
  • weston: upgrade 5.0.0 -> 7.0.0
  • wget: update to 1.20.3
  • wpa-supplicant: update to 2.9
  • x11perf: update to 1.6.1
  • x264: upgrade to latest revision
  • xauth: upgrade 1.0.10 -> 1.1
  • xf86-input-libinput: update to 0.29.0
  • xinput: update to 1.6.3
  • xkeyboard: upgrade 2.26 -> 2.27
  • xorgproto: update to 2019.1
  • xrandr: update to 1.5.1
  • xserver-xorg: update to 1.20.5
  • xtrans: upgrade 1.3.5 -> 1.4.0
  • xwininfo: upgrade 1.1.4 -> 1.1.5