3.0 Release Notes WIP: Difference between revisions

From Yocto Project
Jump to navigationJump to search
No edit summary
No edit summary
 
(9 intermediate revisions by 2 users not shown)
Line 3: Line 3:
|}
|}


Security Fixes
-----------------------
--------------
yocto-3.0 Release Notes
-----------------------


----------
Downloads
----------


 
---------------------------
New Features / Enhancements  
New Features / Enhancements
---------------------------
---------------------------
* Linux kernel 5.2/4.19, gcc 9.2, glibc 2.30 and ~260 other recipe upgrades
* Linux kernel 5.2/4.19, gcc 9.2, glibc 2.30 and ~260 other recipe upgrades
* New INIT_MANAGER variable to make it easy to select the init manager (sysvinit, systemd, mdev-busybox)
* Build change equivalence is detected and used to avoid rebuilding unchanged components (BETA)
* poky-lsb replaced by poky-altcfg for alternate configurations to be tested on the autobuilder (as well as an example of subclassing a distro config)
* Architecture / machine-specific enhancements:
* New recipes: binutils-cross-testsuite, core-image-sato-ptest-fast, dejagnu, efibootmgr, efivar, ell, glibc-testsuite, libcap-ng-python, libedit, libmodule-build-perl, libx11-compose-data, libxcrypt-compat, lsb-release, musl-obstack, opensbi, python3-pygments, python3-scons, python3-scons-native, stress-ng, vulkan-headers, vulkan-loader, vulkan-tools, wireless-regdb
  - New "qemuriscv64" emulated RISC-V 64-bit machine
* Significant removal of old/obsolete software/patches ensuring we have a modern and up to date core Linux software stack.
  - qemu: Add ppc64 to QEMU_TARGETS
   - LSB support moved to separate layer [was it??]
  - qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
  - GTK+ 2 moved out to meta-oe
  - New tune file for ARM Cortex-A53-Cortex-A57
   - Python 2 dependencies minimised
  - New tune file for arm1176jz-s CPU
   - many obsolete patches dropped
  - meson.bbclass: Handle microblaze* mapping to cpu family
* Build change equivalence is detected and used to avoid rebuilding unchanged components
  - meson.bbclass: Make meson support aarch64_be.
* Adoption of SPDX license identifiers throughout Yocto Project's components
  - libffi: added RISC-V support
* "Multi-Config" builds reaching their full potential
  - icu: added armeb support
  - runqemu: added support for kvm on aarch64
  - beaglebone-yocto machine now set up to support booting images with runqemu
  - qemux86: make it possible to use higher tunes using DEFAULTTUNE
* Kernel improvements:
  - kernel-fitimage: introduce FIT_HASH_ALG
  - kernel-module-split.bbclass: support CONFIG_MODULE_COMPRESS=y
   - kernel-yocto: import security fragments from meta-security
   - linux-yocto: add drm-bochs support
   - linux-yocto: bsp/beaglebone: support qemu -machine virt
* multiconfig builds now reach their full potential:
   - Many bugfixes and improvements
   - Many bugfixes and improvements
   - sstate cache is now shared between configurations being built concurrently
   - sstate cache is now shared between configurations being built concurrently
   - multiconfig configurations can be contained in layers
   - multiconfig configurations can be contained in layers
* Significant removal of old/obsolete software/patches ensuring we have a modern and up to date core Linux software stack:
  - LSB support removed
  - GTK+ 2 moved out to meta-oe
  - Python 2 dependencies minimised
  - Many obsolete patches dropped
* CVE checking enhancements:
* CVE checking enhancements:
   - New cve-update-db recipe that reads from NVD JSON data feeds and supports network proxies
   - New cve-update-db recipe that reads from NVD JSON data feeds and supports network proxies
   - Support for CVSSv3 scoring
   - Support for CVSSv3 scoring
   - CVE_PRODUCT entries can now contain strings to match the vendor as well as product (vendor:product syntax)
   - CVE_PRODUCT entries can now contain strings to match the vendor as well as product (vendor:product syntax)
* Add nativesdk variant to: dnf, gzip, libtasn1, python3-dbus
* New INIT_MANAGER variable to make it easy to select the init manager (sysvinit, systemd, mdev-busybox)
* Add native variant to: glib-networking, grub, libsoup, python3-dbus
* New recipes: binutils-cross-testsuite, core-image-sato-ptest-fast, dejagnu, efibootmgr, efivar, ell, glibc-testsuite, libcap-ng-python, libedit, libmodule-build-perl, libx11-compose-data, libxcrypt-compat, lsb-release, musl-obstack, opensbi, python3-pygments, python3-scons, python3-scons-native, stress-ng, vulkan-headers, vulkan-loader, vulkan-tools, wireless-regdb
 
* Added native variant to: glib-networking, grub, libsoup, python3-dbus
 
* BitBake improvements:
* Added bbverbnote shell log command
  - Merged setscene tasks into the main runqueue so they can run in parallel
* Added support for arm1176jz-s CPU specific tuning
  - fetch2/git: added sanity checking for git-lfs
* Apache-2.0-with-LLVM-exception: Add new license file
  - fetch2/svn: prevent from directly pulling from an externals w/o fetcher
* base.bbclass: Add OE_EXTRA_IMPORTS
  - fetch2/npm: use npm pack to download node modules instead of wget
* bash-completion: add image feature
  - Added --skip-setscene option
* binutils-cross-testsuite: Create recipe for test suite execution
  - Respect -f/--force option in conjunction with --runall or --runonly
* bitbake: BBHandler: Fix addtask and deltask
  - bitbake -e now supports showing base multiconfig configuration (using mc: prefix)
* bitbake: bb: siggen: Make dump_sigfile and compare_sigfiles print uuid4
  - "mc:" prefix now supported as a shorter version of multiconfig:
* bitbake: bb: siggen: Print more info when basehash are mis-matched
  - Print more information when basehashes are mismatched
* bitbake: bitbake: Add --skip-setscene option
  - Show task elapsed time in hours, minutes, and seconds
* bitbake: bitbake: fetch2/git: git-lfs check
  - Report all nonexistent directories in BBLAYERS in error message instead of just the first
* bitbake: bitbake-layers: show-recipes: Enable bare output
  - Improve validation of addtask and deltask arguments
* bitbake: bitbake-layers: show-recipes: Select recipes from selected layer
  - Added support for custom progress handlers injected via OE_EXTRA_IMPORTS
* bitbake: bitbake-layers: show-recipes: Show recipes only
  - Enable console keepalive to help usage with remote sessions
* bitbake: bitbake: respect force flag in runall and runonly
  - Symlink the current cache file
* bitbake: bitbake: Rework hash equivalence
* systemd-related improvements:
* bitbake: bitbake: Show base multiconfig environment
  - serial-getty@.service: Allow device to fast fail if it does not exist
* bitbake: build: implement custom progress handlers injected via OE_EXTRA_IMPORTS
  - Rewrote systemctl-native in Python supporting preset-all and mask
* bitbake: build.py: check dependendent task for addtask
  - Added partial support of drop-in configuration files to systemd-systemctl-native
* bitbake: cache: Add SimpleCache class
  - systemd-conf: added default configuration for wired network with DHCP
* bitbake: cache: Create a symlink for current cachefile
  - systemd-conf: simplified creation of machine-specific configuration
* bitbake.conf: add git-lfs to HOSTTOOLS_NONFATAL
  - Create preset files and allow systemd to populate /etc/systemd/system instead of populating explicitly
* bitbake: cooker/hashserv: Allow autostarting of a local hash server using BB_HASHSERVE
  - Added systemd helper unit to load/restore iptables rules
* bitbake: cooker: list all nonexistent bblayer directories
* runqemu improvements:
* bitbake: fetch2/git: add git-lfs toggle option
  - Added support to pass multiple ports to tcpserial parameter
* bitbake: fetch2/npm: Use npm pack to download node modules instead of wget
  - Added support for a BIOS command-line variable (consistent with KERNEL)
* bitbake: knotty: Implement console 'keepalive' output
  - New QB_FSINFO variable supporting "wic:no-kernel-in-fs" and "wic:kernel-in-fs" for wic images
* bitbake: knotty: Pretty print task elapsed time
  - Added support to handle EnrollDefaultKeys PK/KEK1 certificate
* bitbake: runqueue: Enable dynamic task adjustment to hash equivalency
  - Decoupled gtk and gl options
* bitbake: runqueue: Merge scenequeue and real task queue code together
* wic improvements:
* bitbake: runqueue: Merge the queues and execute setscene and normal tasks in parallel
  - New partition type for msdos partition tables
* bitbake: siggen: Use unique hashes for tasks
  - New "bootimg-biosplusefi" source type that supports both BIOS and EFI
* bitbake: svn.py: Stop SVN from directly pulling from an external layer w/o fetcher
  - Support for kernel with initramfs bundled
* buildhistory: report sysroot changes
  - bootimg-efi: add label source parameter
* buildhistory: show time spent writting buildhistory
  - bootimg-efi: allow multiple initrd
* buildhistory: write the contents of the sysroot
  - bootimg-efi: replace hardcoded volume name with label
* busybox: enable unicode support
  - Include .wks.in in wic search and list
* chrpath.bbclass: Add break_hardlinks kwarg to allow breaking hardlinks
  - Use KERNEL_IMAGETYPE instead of hardcoding bzImage
* cmake: Use compiler launcher variable when ccache is enabled
  - Added global debug option
* db: add switch for building database verification
* Other image-related improvements:
* deb: allow custom dpkg command
  - Centralised default UEFI image configuration in conf/distro/image-uefi.conf
* devtool: build: Also run deploy for devtool build if applicable
  - Make gzipped images rsyncable
* devtool: finish: Add suppport for the --no-clean option
  - initramfs-framework: support PARTLABEL option
* devtool: provide support for devtool menuconfig command
  - New bash-completion IMAGE_FEATURES item to add bash-completion support for all installed packages
* devtool/standard.py: Create a copy of kernel source within work-shared if not present
* devtool/recipetool improvements:
* devtool/standard.py: Update devtool modify to copy source from work-shared if its already downloaded
  - New "devtool menuconfig" subcommand
* devtool: warn user about multiple layer having the same base name
  - devtool build now also runs do_deploy if applicable
  - devtool finish now supports a --no-clean option
  - devtool finish now warns if multiple layers have the same base name
  - recipetool now supports creating recipes for Python 3
* Other script improvements:
  - buildstats-diff: added option to filter tasks
  - bitbake-layers: added several options to to make it easier to get plain output (for scripting)
  - ddimage: replaced target device blacklist with mount check
  - yocto-check-layer: Allow any case for README file detection
* SDK-related changes:
  - New SDK_ARCHIVE_TYPE variable to control SDK archive format
  - Introduce mechanism to keep nativesdk* sstate in eSDK
  - Added nativesdk variant to: dnf, gzip, libtasn1, python3-dbus
  - Use the best xz compression for the SDK
* buildhistory improvements:
  - Record sysroot changes in addition to runtime content
  - Show time spent writing buildhistory
* Recipe sanity checking improvements:
  - Added check to ensure perllocal.pod is not installed by non-CPAN perl recipes
  - Added sanity checks for ${PN} vs ${BPN} and github archives in SRC_URI
  - Check if a recipe incorrectly uses DEPENDS_${PN}
  - Improved buildpath warning messages
  - Simplified paths in host contamination warnings
* Automated testing improvements:
  - Enabled test suites for gcc, glibc, binutils
  - Add ptest ptest support to elfutils, m4, gettext
  - Fixes for many ptest test failures
  - testimage: consider QB_DEFAULT_FSTYPE
  - oe-selftest: implement console keepalive output
  - Support for LTP / LTP compliance
  - Added core-image-sato-ptest-fast image to execute 'fast' subset of ptests
  - resulttool: Add log subcommand
  - resulttool: enable loading results directly from an http/https URL
  - resulttool: add manual test case configuration option
  - resulttool: Add option to dump all ptest logs
* poky-lsb replaced by poky-altcfg for alternate configurations to be tested on the autobuilder (as well as an example of subclassing a distro config)
* Added minver and maxver parameters for patches in SRC_URI for more flexibility in bbappends and common inc files
* PRIVATE_LIBS variable now supports shell-style wildcards for matching libraries
* Adoption of SPDX license identifiers throughout Yocto Project's components
* Added bbverbnote shell log command (consistent with bbwarn, bberror etc.)
* New OE_EXTRA_IMPORTS variable to make it easier to import custom modules into BitBake python environment
* busybox: enabled unicode support by default
* cmake: Use compiler launcher variable when ccache is enabled so that it can be disabled by build scripts if needed
* db: add new "verify" PACKAGECONFIG option for enabling database verification with db_verify command (default disabled)
* distcc: split into client and server packages
* distcc: split into client and server packages
* dropbear: new feature: disable-weak-ciphers
* dropbear: new "disable-weak-ciphers" PACKAGECONFIG option to disable older weak ciphers
* gcc-runtime: Add do_check task for executing gcc test suites
* grub-efi-native: install grub-editenv
* glibc-testsuite: Create a recipe to implement glibc test suite
* lttng-modules: added git based recipe
* grub-efi-native: Install grub-editenv
* opkg: allow overriding OPKGLIBDIR
* icu: Added armeb support.
* image_types.bbclass: make gzipped images rsyncable
* image-uefi.conf: add config file holding configuration for UEFI images
* initramfs-framework: support PARTLABEL option
* insane: add check for perllocal.pod
* insane: add sanity checks to SRC_URI
* insane: check if the recipe incorrectly uses DEPENDS_${PN}
* insane: improve buildpath warning messages
* insane: use clean_path for the host contamination warnings
* iptables: add systemd helper unit to load/restore rules
* kernel-fitimage: introduce FIT_HASH_ALG
* kernel-module-split.bbclass: support CONFIG_MODULE_COMPRESS=y
* kernel-yocto: import security fragments from meta-security
* libffi: Add RISC-V support
* libmodule-build-perl: move from meta-perl
* linux-yocto/4.19: make drm-bochs feature available
* linux-yocto/5.0: bsp: add basic xilinx zynqmp support
* linux-yocto/5.0: make scsi-debug include scsi core configs
* linux-yocto/5.2: config tweaks and kallsyms fix
* linux-yocto: add drm-bochs support
* linux-yocto: bsp/beaglebone: support qemu -machine virt
* live-vm-common.bbclass: provide efi population functions for live images
* local.conf.sample: Add Hash Equivalence
* logparser: Add decoding ltp logs
* logparser: Add LTP compliance section
* ltp: add runtime test
* ltp_compliance: add new runtime
* lttng-modules: Add git based recipe
* meson.bbclass: Handle microblaze* mapping to cpu family
* meson.bbclass: Make meson support aarch64_be.
* oe-selftest: Implement console 'keepalive' output
* oe.svg: Copy artwork from openembedded-classic.
* opensbi: Initial commit of OpenSBI
* opkg/package/rootfs_ipk: allow overwriting OPKGLIBDIR
* ovmf: Generate test Platform key and first Key Exchange Key
* ovmf: Generate test Platform key and first Key Exchange Key
* package.bbclass: allow shell-style wildcards in PRIVATE_LIBS
* New PKGDATA_VARS variable to specify variables written out to pkgdata
* package.bbclass: Clean up writing of runtime pkgdata files
* Obsolete stress recipe replaced by stress-ng
* patch: add minver and maxver parameters
* uboot-sign: add support for different u-boot configurations
* populate_sdk_base: provide options to set sdk type
* update-rc.d: support enable/disable options
* populate_sdk_ext: Introduce mechanism to keep nativesdk* sstate in esdk
* waffle: support building without x11
* python3-scons-{native}: add recipe
* weston-init: Add possibility to run weston as non-root user
* python3: support recommends in manifest
* python3: support recommends in manifest
* qemu: Add ppc64 to QEMU_TARGETS
* package_deb: add DPKG_BUILDCMD variable to allow customising dpkg command
* qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
* chrpath.bbclass: Add break_hardlinks parameter to allow breaking hardlinks when processing rpaths
* qemuriscv64: Add the QEMU RISC-V 64-bit machine
* New "Apache-2.0-with-LLVM-exception" common license file
* qemurunner.py: Be more verbose about problems
* qemux86: Allow higher tunes
* recipetool: add python3 support
* report-error.bbclass: add local.conf/auto.conf into error report
* resulttool: Add log subcommand
* resulttool: add LTP compliance section
* resulttool: add ltp test support
* resulttool: Load results from URL
* resulttool/manualexecution: Enable test case configuration option
* runqemu: Add support for kvm on aarch64
* runqemu: Add support to handle EnrollDefaultKeys PK/KEK1 certificate
* runqemu: Add the support to pass multi ports to tcpserial parameter
* runqemu: decouple gtk and gl options
* runqemu: QB_FSINFO to support fstype wic images
* screen: add /etc/screenrc as global config file
* screen: add /etc/screenrc as global config file
* scripts/buildstats-diff: Add option to filter tasks
* scripts/contrib/ddimage: replace blacklist with mount check
* scripts/runqemu: Add support for the BIOS variable
* serial-getty@.service: Allow device to fast fail if it does not exist
* stress-ng: add a recipe that replaces the original stress
* systemctl-native: Rewrite in Python supporting preset-all and mask
* systemd: Add partial support of drop-in configuration files to systemd-systemctl-native
* systemd-conf: configure wired network with dhcp
* systemd-conf: simplify creation of machine-specific configuration
* systemd: create preset files instead of installing in image
* testimage: consider QB_DEFAULT_FSTYPE
* tune-cortexa57-cortexa53: add tunes for ARM Cortex-A53-Cortex-A57
* uboot-sign: add support for different u-boot configurations
* update-rc.d: support enable/disable options
* utils/multiprocess_launch: Improve failing subprocess output
* utils/multiprocess_launch: Improve failing subprocess output
* waffle: supprt build waffle without x11
* Added local.conf/auto.conf into error report submitted by report-error.bbclass
* weston-init: Add possibility to run weston as non-root user
* Added OpenEmbedded logo .svg file to repository (from OE-Classic)
* weston-init: Add support for non-root start
 
* wic: add global debug option
------------
* wic: Add partition type for msdos partition tables
Known Issues
* wic: add support for kernel with initramfs bundled
------------
* wic: bootimg-efi: add label source parameter
*Bug 13594: mpc8315e-rdb: the stap oeqa test causes OOM.
* wic/bootimg-efi: allow multiple initrd
This issue is on a platform with minimal support and works outside the framework.
* wic/bootimg-efi: replace hardcoded volume name with label
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13594
* wic/engine: include .wks.in in wic search and list
 
* wic/plugins: kernel image refer to KERNEL_IMAGETYPE
*Bug 13595: strace ptest failed .
* wic/plugins: Source that support both EFI and BIOS
strace issue is two individual test regressions which is an improvement on the test timeouts we had previously.
* wireless-regdb: Add recipe
https://bugzilla.yoctoproject.org/show_bug.cgi?id=13595
* yocto-bsp: runqemu runs beaglebone-yocto
 
* yocto-check-layer: Allow any case for README file detection
 
---------------
Recipe Licenses
---------------
The following corrections have been made to the LICENSE values set by recipes:
 
* cairo: MPL-1 -> MPL-1.1
* dbus / dbus-glib / dbus-test: AFL-2 -> AFL-2.1
* iw: BSD -> BSD-2-Clause
* libical: MPL-1 -> MPL-1.0
* openssh: some files are licensed under ISC or MIT license, so add these to LICENSE
* taglib: MPL-1 -> MPL-1.1
* vte: several files in libvte source are LGPLv3+, so add to LICENSE and set LGPLv3+ as the libvte package LICENSE
 
 
----------------------
Migration instructions
----------------------
 
For details on changes that you might need to make when migrating to the Yocto Project 3.0
release from previous releases, please see the following manual section:
 
http://www.yoctoproject.org/docs/3.0/ref-manual/ref-manual.html#moving-to-the-yocto-project-3.0-release
 
 


--------------
Security Fixes
--------------
* binutils: CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-9070, CVE-2019-9071, CVE-2019-9074, CVE-2019-9075, CVE-2019-9076, CVE-2019-9077
* dbus: CVE-2019-12749
* gcc: CVE-2019-14250, CVE-2018-12886, CVE-2018-18484, CVE-2019-15847
* gdb: CVE-2017-9778
* ghostscript: CVE-2019-14811, CVE-2019-14817
* glib-2.0: CVE-2019-12450
* glibc: CVE-2018-20796 (same as CVE-2019-9169)
* gnupg: CVE-2019-13050
* gnutls: GNUTLS-SA-2019-03-27
* iptables: CVE-2019-11360
* libid3tag: CVE-2017-11550, CVE-2017-11551 (same as CVE-2004-2779)
* libxslt: CVE-2019-11068, CVE-2019-13117, CVE-2019-13118
* linux-yocto/4.19: CVE-2019-3887
* linux-yocto/5.0: CVE-2019-3887
* ltp: CVE-2017-17052
* nasm: CVE-2018-19755
* openssh: CVE-2018-20685, CVE-2019-6109, CVE-2019-6111
* patch: CVE-2018-1000156 (improved fix), CVE-2019-13636, CVE-2019-13638
* python3: CVE-2019-9740, CVE-2019-9948
* python: CVE-2018-20852, CVE-2019-9740, CVE-2019-9947 (same as CVE-2019-9740), CVE-2019-9948, CVE-2019-9636
* qemu: CVE-2019-12155, CVE-2019-15890
* rsync: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
* squashfs-tools: CVE-2015-4645, CVE-2015-4646
* tiff: CVE-2019-6128, CVE-2019-7663, CVE-2019-14973
* u-boot: CVE-2019-13103, CVE-2019-13104, CVE-2019-13105, CVE-2019-13106, CVE-2019-14192, CVE-2019-14193, CVE-2019-14194, CVE-2019-14195, CVE-2019-14196, CVE-2019-14197, CVE-2019-14198, CVE-2019-14199, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203, CVE-2019-14204
* unzip: CVE-2019-13232
* vim: CVE-2019-12735




---------------
Recipe Upgrades
Recipe Upgrades
---------------
---------------
Line 448: Line 503:
* xtrans: upgrade 1.3.5 -> 1.4.0
* xtrans: upgrade 1.3.5 -> 1.4.0
* xwininfo: upgrade 1.1.4 -> 1.1.5
* xwininfo: upgrade 1.1.4 -> 1.1.5
license
-------
Known Issues
------------

Latest revision as of 15:08, 18 October 2019

NOTE: The formatting in this page is not meant to look good in the wiki - it's just a convenient place to collaborate. We need to stick to the text formatting that will end up in the actual release notes.

yocto-3.0 Release Notes

Downloads

New Features / Enhancements

  • Linux kernel 5.2/4.19, gcc 9.2, glibc 2.30 and ~260 other recipe upgrades
  • Build change equivalence is detected and used to avoid rebuilding unchanged components (BETA)
  • Architecture / machine-specific enhancements:
 - New "qemuriscv64" emulated RISC-V 64-bit machine
 - qemu: Add ppc64 to QEMU_TARGETS
 - qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
 - New tune file for ARM Cortex-A53-Cortex-A57
 - New tune file for arm1176jz-s CPU
 - meson.bbclass: Handle microblaze* mapping to cpu family
 - meson.bbclass: Make meson support aarch64_be.
 - libffi: added RISC-V support
 - icu: added armeb support
 - runqemu: added support for kvm on aarch64
 - beaglebone-yocto machine now set up to support booting images with runqemu
 - qemux86: make it possible to use higher tunes using DEFAULTTUNE
  • Kernel improvements:
 - kernel-fitimage: introduce FIT_HASH_ALG
 - kernel-module-split.bbclass: support CONFIG_MODULE_COMPRESS=y
 - kernel-yocto: import security fragments from meta-security
 - linux-yocto: add drm-bochs support
 - linux-yocto: bsp/beaglebone: support qemu -machine virt
  • multiconfig builds now reach their full potential:
 - Many bugfixes and improvements
 - sstate cache is now shared between configurations being built concurrently
 - multiconfig configurations can be contained in layers
  • Significant removal of old/obsolete software/patches ensuring we have a modern and up to date core Linux software stack:
 - LSB support removed
 - GTK+ 2 moved out to meta-oe
 - Python 2 dependencies minimised
 - Many obsolete patches dropped
  • CVE checking enhancements:
 - New cve-update-db recipe that reads from NVD JSON data feeds and supports network proxies
 - Support for CVSSv3 scoring
 - CVE_PRODUCT entries can now contain strings to match the vendor as well as product (vendor:product syntax)
  • New INIT_MANAGER variable to make it easy to select the init manager (sysvinit, systemd, mdev-busybox)
  • New recipes: binutils-cross-testsuite, core-image-sato-ptest-fast, dejagnu, efibootmgr, efivar, ell, glibc-testsuite, libcap-ng-python, libedit, libmodule-build-perl, libx11-compose-data, libxcrypt-compat, lsb-release, musl-obstack, opensbi, python3-pygments, python3-scons, python3-scons-native, stress-ng, vulkan-headers, vulkan-loader, vulkan-tools, wireless-regdb
  • Added native variant to: glib-networking, grub, libsoup, python3-dbus
  • BitBake improvements:
 - Merged setscene tasks into the main runqueue so they can run in parallel
 - fetch2/git: added sanity checking for git-lfs
 - fetch2/svn: prevent from directly pulling from an externals w/o fetcher
 - fetch2/npm: use npm pack to download node modules instead of wget
 - Added --skip-setscene option
 - Respect -f/--force option in conjunction with --runall or --runonly
 - bitbake -e now supports showing base multiconfig configuration (using mc: prefix)
 - "mc:" prefix now supported as a shorter version of multiconfig:
 - Print more information when basehashes are mismatched
 - Show task elapsed time in hours, minutes, and seconds
 - Report all nonexistent directories in BBLAYERS in error message instead of just the first
 - Improve validation of addtask and deltask arguments
 - Added support for custom progress handlers injected via OE_EXTRA_IMPORTS
 - Enable console keepalive to help usage with remote sessions
 - Symlink the current cache file
  • systemd-related improvements:
 - serial-getty@.service: Allow device to fast fail if it does not exist
 - Rewrote systemctl-native in Python supporting preset-all and mask
 - Added partial support of drop-in configuration files to systemd-systemctl-native
 - systemd-conf: added default configuration for wired network with DHCP
 - systemd-conf: simplified creation of machine-specific configuration
 - Create preset files and allow systemd to populate /etc/systemd/system instead of populating explicitly
 - Added systemd helper unit to load/restore iptables rules
  • runqemu improvements:
 - Added support to pass multiple ports to tcpserial parameter
 - Added support for a BIOS command-line variable (consistent with KERNEL)
 - New QB_FSINFO variable supporting "wic:no-kernel-in-fs" and "wic:kernel-in-fs" for wic images
 - Added support to handle EnrollDefaultKeys PK/KEK1 certificate
 - Decoupled gtk and gl options
  • wic improvements:
 - New partition type for msdos partition tables
 - New "bootimg-biosplusefi" source type that supports both BIOS and EFI
 - Support for kernel with initramfs bundled
 - bootimg-efi: add label source parameter
 - bootimg-efi: allow multiple initrd
 - bootimg-efi: replace hardcoded volume name with label
 - Include .wks.in in wic search and list
 - Use KERNEL_IMAGETYPE instead of hardcoding bzImage
 - Added global debug option
  • Other image-related improvements:
 - Centralised default UEFI image configuration in conf/distro/image-uefi.conf
 - Make gzipped images rsyncable
 - initramfs-framework: support PARTLABEL option
 - New bash-completion IMAGE_FEATURES item to add bash-completion support for all installed packages
  • devtool/recipetool improvements:
 - New "devtool menuconfig" subcommand
 - devtool build now also runs do_deploy if applicable
 - devtool finish now supports a --no-clean option
 - devtool finish now warns if multiple layers have the same base name
 - recipetool now supports creating recipes for Python 3
  • Other script improvements:
 - buildstats-diff: added option to filter tasks
 - bitbake-layers: added several options to to make it easier to get plain output (for scripting)
 - ddimage: replaced target device blacklist with mount check
 - yocto-check-layer: Allow any case for README file detection
  • SDK-related changes:
 - New SDK_ARCHIVE_TYPE variable to control SDK archive format
 - Introduce mechanism to keep nativesdk* sstate in eSDK
 - Added nativesdk variant to: dnf, gzip, libtasn1, python3-dbus
 - Use the best xz compression for the SDK
  • buildhistory improvements:
 - Record sysroot changes in addition to runtime content
 - Show time spent writing buildhistory
  • Recipe sanity checking improvements:
 - Added check to ensure perllocal.pod is not installed by non-CPAN perl recipes
 - Added sanity checks for ${PN} vs ${BPN} and github archives in SRC_URI
 - Check if a recipe incorrectly uses DEPENDS_${PN}
 - Improved buildpath warning messages
 - Simplified paths in host contamination warnings
  • Automated testing improvements:
 - Enabled test suites for gcc, glibc, binutils
 - Add ptest ptest support to elfutils, m4, gettext
 - Fixes for many ptest test failures
 - testimage: consider QB_DEFAULT_FSTYPE
 - oe-selftest: implement console keepalive output
 - Support for LTP / LTP compliance
 - Added core-image-sato-ptest-fast image to execute 'fast' subset of ptests
 - resulttool: Add log subcommand
 - resulttool: enable loading results directly from an http/https URL
 - resulttool: add manual test case configuration option
 - resulttool: Add option to dump all ptest logs
  • poky-lsb replaced by poky-altcfg for alternate configurations to be tested on the autobuilder (as well as an example of subclassing a distro config)
  • Added minver and maxver parameters for patches in SRC_URI for more flexibility in bbappends and common inc files
  • PRIVATE_LIBS variable now supports shell-style wildcards for matching libraries
  • Adoption of SPDX license identifiers throughout Yocto Project's components
  • Added bbverbnote shell log command (consistent with bbwarn, bberror etc.)
  • New OE_EXTRA_IMPORTS variable to make it easier to import custom modules into BitBake python environment
  • busybox: enabled unicode support by default
  • cmake: Use compiler launcher variable when ccache is enabled so that it can be disabled by build scripts if needed
  • db: add new "verify" PACKAGECONFIG option for enabling database verification with db_verify command (default disabled)
  • distcc: split into client and server packages
  • dropbear: new "disable-weak-ciphers" PACKAGECONFIG option to disable older weak ciphers
  • grub-efi-native: install grub-editenv
  • lttng-modules: added git based recipe
  • opkg: allow overriding OPKGLIBDIR
  • ovmf: Generate test Platform key and first Key Exchange Key
  • New PKGDATA_VARS variable to specify variables written out to pkgdata
  • Obsolete stress recipe replaced by stress-ng
  • uboot-sign: add support for different u-boot configurations
  • update-rc.d: support enable/disable options
  • waffle: support building without x11
  • weston-init: Add possibility to run weston as non-root user
  • python3: support recommends in manifest
  • package_deb: add DPKG_BUILDCMD variable to allow customising dpkg command
  • chrpath.bbclass: Add break_hardlinks parameter to allow breaking hardlinks when processing rpaths
  • New "Apache-2.0-with-LLVM-exception" common license file
  • screen: add /etc/screenrc as global config file
  • utils/multiprocess_launch: Improve failing subprocess output
  • Added local.conf/auto.conf into error report submitted by report-error.bbclass
  • Added OpenEmbedded logo .svg file to repository (from OE-Classic)

Known Issues

  • Bug 13594: mpc8315e-rdb: the stap oeqa test causes OOM.

This issue is on a platform with minimal support and works outside the framework. https://bugzilla.yoctoproject.org/show_bug.cgi?id=13594

  • Bug 13595: strace ptest failed .

strace issue is two individual test regressions which is an improvement on the test timeouts we had previously. https://bugzilla.yoctoproject.org/show_bug.cgi?id=13595


Recipe Licenses

The following corrections have been made to the LICENSE values set by recipes:

  • cairo: MPL-1 -> MPL-1.1
  • dbus / dbus-glib / dbus-test: AFL-2 -> AFL-2.1
  • iw: BSD -> BSD-2-Clause
  • libical: MPL-1 -> MPL-1.0
  • openssh: some files are licensed under ISC or MIT license, so add these to LICENSE
  • taglib: MPL-1 -> MPL-1.1
  • vte: several files in libvte source are LGPLv3+, so add to LICENSE and set LGPLv3+ as the libvte package LICENSE


Migration instructions

For details on changes that you might need to make when migrating to the Yocto Project 3.0 release from previous releases, please see the following manual section:

http://www.yoctoproject.org/docs/3.0/ref-manual/ref-manual.html#moving-to-the-yocto-project-3.0-release


Security Fixes

  • binutils: CVE-2019-12972, CVE-2019-14250, CVE-2019-14444, CVE-2019-9070, CVE-2019-9071, CVE-2019-9074, CVE-2019-9075, CVE-2019-9076, CVE-2019-9077
  • dbus: CVE-2019-12749
  • gcc: CVE-2019-14250, CVE-2018-12886, CVE-2018-18484, CVE-2019-15847
  • gdb: CVE-2017-9778
  • ghostscript: CVE-2019-14811, CVE-2019-14817
  • glib-2.0: CVE-2019-12450
  • glibc: CVE-2018-20796 (same as CVE-2019-9169)
  • gnupg: CVE-2019-13050
  • gnutls: GNUTLS-SA-2019-03-27
  • iptables: CVE-2019-11360
  • libid3tag: CVE-2017-11550, CVE-2017-11551 (same as CVE-2004-2779)
  • libxslt: CVE-2019-11068, CVE-2019-13117, CVE-2019-13118
  • linux-yocto/4.19: CVE-2019-3887
  • linux-yocto/5.0: CVE-2019-3887
  • ltp: CVE-2017-17052
  • nasm: CVE-2018-19755
  • openssh: CVE-2018-20685, CVE-2019-6109, CVE-2019-6111
  • patch: CVE-2018-1000156 (improved fix), CVE-2019-13636, CVE-2019-13638
  • python3: CVE-2019-9740, CVE-2019-9948
  • python: CVE-2018-20852, CVE-2019-9740, CVE-2019-9947 (same as CVE-2019-9740), CVE-2019-9948, CVE-2019-9636
  • qemu: CVE-2019-12155, CVE-2019-15890
  • rsync: CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843
  • squashfs-tools: CVE-2015-4645, CVE-2015-4646
  • tiff: CVE-2019-6128, CVE-2019-7663, CVE-2019-14973
  • u-boot: CVE-2019-13103, CVE-2019-13104, CVE-2019-13105, CVE-2019-13106, CVE-2019-14192, CVE-2019-14193, CVE-2019-14194, CVE-2019-14195, CVE-2019-14196, CVE-2019-14197, CVE-2019-14198, CVE-2019-14199, CVE-2019-14200, CVE-2019-14201, CVE-2019-14202, CVE-2019-14203, CVE-2019-14204
  • unzip: CVE-2019-13232
  • vim: CVE-2019-12735


Recipe Upgrades

  • acpica: update to 20190816
  • acpid: upgrade 2.0.31 -> 2.0.32
  • adwaita-icon-theme: upgrade 3.30.1 -> 3.32.0
  • alsa-lib: upgrade 1.1.8 -> 1.1.9
  • alsa-plugins: upgrade 1.1.8 -> 1.1.9
  • alsa-utils: upgrade 1.1.8 -> 1.1.9
  • apr: upgrade 1.6.5 -> 1.7.0
  • apt: update to 1.2.31
  • aspell: update to 0.60.7
  • atk: upgrade 2.30.0 -> 2.32.0
  • at-spi2-atk: upgrade 2.30.0 -> 2.32.0
  • at-spi2-core: upgrade 2.30.0 -> 2.32.1
  • autoconf-archive: update to 2019.01.06
  • babeltrace: update to 1.5.7
  • bash-completion: upgrade 2.8 -> 2.9
  • bash: upgrade 4.4.18 -> 5.0
  • bison: upgrade 3.0.4 -> 3.4.1
  • boost: update to 1.71.0
  • btrfs-tools: upgrade 4.20.1 -> 5.2.2
  • build-compare: 2015.02.10 -> 2019.08.14
  • busybox: 1.30.1 -> 1.31.0
  • bzip2: update to 1.0.8
  • ccache: upgrade 3.6 -> 3.7.3
  • cmake: 3.14.1 -> 3.15.3
  • cogl: upgrade 1.22.2 -> 1.22.4
  • connman: update to 1.37
  • coreutils: update to 8.31
  • createrepo-c: update to 0.15.0
  • cronie: update to 1.5.4
  • cups: update to 2.2.12
  • curl: update to 7.66.0
  • dbus-test: Upgrade 1.12.12 -> 1.12.16
  • dbus: Upgrade 1.12.12 -> 1.12.16
  • debianutils: upgrade 4.8.6.1 -> 4.8.6.3
  • desktop-file-utils: upgrade 0.23 -> 0.24
  • distcc: upgrade 3.3.2 -> 3.3.3
  • dnf: upgrade 4.1.0 -> 4.2.2
  • dpkg: update to 1.19.7
  • dropbear: update to 2019.78
  • dtc: upgrade 1.4.7 -> 1.5.1
  • e2fsprogs: 1.44.5 -> 1.45.3
  • elfutils: 0.176 -> 0.177
  • ell: update to 0.22
  • encodings: update to 1.0.5
  • epiphany: update to 3.32.4
  • ethtool: update to 5.2
  • eudev: update to 3.2.8
  • expat: update to 2.2.8
  • ffmpeg: update to 4.2.1
  • file: update to 5.37
  • flac: Upgrade 1.3.2 -> 1.3.3
  • fontconfig: update to 2.13.1
  • font-util: update to 1.3.2
  • freetype: upgrade 2.9.1 -> 2.10.1
  • gawk: upgrade 4.2.1 -> 5.0.1
  • gcc-9: Upgrade to 9.2
  • gdb: Upgrade from 8.2.1 to 8.3.1
  • gdk-pixbuf: update 2.38.0 -> 2.38.2
  • ghostscript: 9.26 -> 9.27
  • git: update to 2.23.0
  • glib-2.0: udpate 2.58.3 -> 2.60.7
  • glibc: Update to glibc 2.30
  • glib-networking: upgrade 2.60.1 -> 2.60.3
  • gnu-config: Update to latest SHA
  • gnupg: update to 2.2.17
  • gnutls: upgrade 3.6.5 -> 3.6.8
  • go-1.12: update to 1.12.9 minor release
  • gobject-introspection: update to 1.60.2
  • go-dep: update to 0.5.4
  • go: update 1.12.1->1.12.6
  • gpgme: upgrade 1.12.0 -> 1.13.1
  • groff: upgrade 1.22.3 -> 1.22.4
  • grub: upgrade 2.02 -> 2.04
  • gsettings-desktop-schemas: upgrade 3.28.1 -> 3.32.0
  • gst-examples: upgrade to 1.16.0
  • gstreamer1.0-libav: upgrade to version 1.16.0
  • gstreamer1.0-omx: upgrade to version 1.16.0
  • gstreamer1.0-plugins-bad: upgrade to version 1.16.0
  • gstreamer1.0-plugins-base: upgrade to version 1.16.0
  • gstreamer1.0-plugins-good: upgrade to version 1.16.0
  • gstreamer1.0-plugins-ugly: upgrade to version 1.16.0
  • gstreamer1.0-python: upgrade to version 1.16.0
  • gstreamer1.0-rtsp-server: upgrade to version 1.16.0
  • gstreamer1.0: upgrade to version 1.16.0
  • gstreamer1.0-vaapi: upgrade to version 1.16.0
  • gst-validate: upgrade to version 1.16.0
  • gtk+3: update 3.24.5 -> 3.24.8
  • gtk-doc: upgrade 1.29 -> 1.31
  • harfbuzz: upgrade 2.3.1 -> 2.6.1
  • help2man-native: update to 1.47.11
  • icu: update to 64.2
  • ifupdown: update to 0.8.22
  • iproute2: update to 5.2.0
  • iptables: upgrade 1.6.2 -> 1.8.3
  • iputils: upgrade to s20190709
  • iso-codes: upgrade 4.2 -> 4.3
  • iw: upgrade 4.14 -> 5.3
  • kmscube: Bump revision to f632b23
  • less: upgrade 550 -> 551
  • libarchive: upgrade 3.3.3 -> 3.4.0
  • libatomic-ops: upgrade 7.6.8 -> 7.6.10
  • libbsd: upgrade 0.9.1 -> 0.10.0
  • libcap: update to 2.27
  • libcomps: upgrade 0.1.10 -> 0.1.11
  • libcroco: update to 0.6.13
  • libdazzle: update to 3.32.3
  • libdnf: update to 0.28.1
  • libdrm: update to 2.4.99
  • libevdev: upgrade 1.6.0 -> 1.8.0
  • libevent: upgrade 2.1.8 -> 2.1.11
  • libffi: Upgrade to 3.3-rc0
  • libglu: upgrade 9.0.0 -> 9.0.1
  • libgpg-error: upgrade 1.35 -> 1.36
  • libgudev: upgrade 232 -> 233
  • libical: upgrade to 3.0.6
  • libice: upgrade 1.0.9 -> 1.0.10
  • libidn2: upgrade to 2.2.0
  • libinput: update to 1.14.1
  • libjpeg-turbo: upgrade 2.0.2 -> 2.0.3
  • libmodule-build-perl: upgrade 0.4224 -> 0.4229
  • libmodulemd: update to 2.6.0
  • libnewt: upgrade 0.52.20 -> 0.52.21
  • libnl: upgrade to 3.5.0
  • libnotify: update to 0.7.8
  • libnss-nis: upgrade 3.0 -> 3.1
  • libogg: upgrade 1.3.3 -> 1.3.4
  • libpam: Upgrade 1.3.0 -> 1.3.1
  • libpcap: upgrade 1.9.0 -> 1.9.1
  • libpciaccess: upgrade 0.14 -> 0.16
  • libpcre2: upgrade 10.32 -> 10.33
  • libpng: update to 1.6.37
  • libpsl: update to 0.21.0
  • librepo: update to 1.10.5
  • libsdl2: upgrade 2.0.9 -> 2.0.10
  • libsecret: 0.19.0
  • libsolf: update to 0.7.5
  • libsolv: update to 0.7.6
  • libsoup-2.4: upgrade 2.66.1 -> 2.66.2
  • libsoup: Upgrade from 2.64.2 to 2.66.1
  • libtasn1: upgrade 4.13 -> 4.14
  • libtest-needs-perl: upgrade 0.002005 -> 0.002006
  • libtirpc: upgrade 1.0.3 -> 1.1.4
  • liburcu: update to 0.11.1
  • libva: upgrade 2.4.0 -> 2.5.0
  • libva-utils: upgrade 2.4.0 -> 2.5.0
  • libwebp: upgrade 1.0.2 -> 1.0.3
  • libx11-compose-data: upgrade 1.6.7 -> 1.6.8
  • libx11: update to 1.6.8
  • libxcrypt: update to 4.4.8
  • libxdmcp: update to 1.1.3
  • libxext: update to 1.3.4
  • libxft: upgrade 2.3.2 -> 2.3.3
  • libxi: update to 1.7.10
  • libxkbfile: update 1.1.0
  • libxml2: upgrade 2.9.8 -> 2.9.9
  • libxml-sax-perl: upgrade 1.00 -> 1.02
  • libxmu: update to 1.1.3
  • libxrandr: update to 1.5.2
  • libxt: update to 1.2.0
  • libxvmc: update to 1.0.11
  • libyaml: update to 0.2.2
  • lighttpd: Upgrade 1.4.53 -> 1.4.54
  • linux-firmware: Upgrade to 20190815
  • linux-libc-headers: update to v5.2 headers
  • linux-yocto/4.19: update to 4.19.72 and -rt22
  • linux-yocto-dev: bump to 5.3-rcX
  • linux-yocto: introduce 5.2.17 recipes
  • linux-yocto-rt: update to 5.0.5-rt9
  • llvm: Update to 8.0.1
  • logrotate: upgrade 3.15.0 -> 3.15.1
  • ltp: upgrade 20190115 -> 20190517
  • lttng-modules: upgrade 2.10.8 -> 2.10.11
  • lttng-tools: update to 2.10.7
  • lttng-ust: upgrade 2.10.3 -> 2.10.5
  • lz4: update to 1.9.2
  • makedepend: update to 1.0.6
  • man-db: upgrade 2.8.4 -> 2.8.7
  • man-pages: upgrade 4.16 -> 5.01
  • mc: update to 4.8.23
  • mesa-demos: update to 8.4.0
  • mesa: Update 19.0.1 -> 19.1.6
  • meson: update to 0.51.2
  • mmc-utils: update to the latest upstream code
  • mobile-broadband-provider-info: upgrade 20190116 -> 20190618
  • mpg123: upgrade 1.25.10 -> 1.25.11
  • msmtp: 1.6.6 -> 1.8.5
  • mtd-utils: Upgrade to 2.1.1
  • mtools: update to 4.0.23
  • musl: Update to latest master
  • ncurses: upgrade 6.1+20181013 -> 6.1+20190803
  • nettle: upgrade 3.4.1 -> 3.5.1
  • newlib: Upgrade to 3.1.0
  • nfs-utils: 2.3.3 -> 2.4.1
  • nss: upgrade 3.42.1 -> 3.45
  • ofono: upgrade 1.25 -> 1.30
  • opensbi: Update from 0.3 to 0.4
  • openssh: Upgrade 7.9p1 -> 8.0p1
  • openssl: Upgrade 1.1.1b -> 1.1.1d
  • opkg: upgrade to version 0.4.1
  • opkg-utils: upgrade to version 0.4.1
  • orc: update to 0.4.29
  • ovmf: Update to version edk2-stable201905
  • p11-kit: update to 0.23.16.1
  • pango: upgrade 1.42.4 -> 1.44.6
  • patchelf: Upgrade 0.9 -> 0.10
  • perl: Move perl-sanity -> perl
  • perl: update to 5.30.0
  • piglit: upgrade to latest revision
  • pixman: update to 0.38.4
  • pkgconf: upgrade 1.6.0 -> 1.6.3
  • ptest-runner: update from 2.3.1 to 2.3.2
  • python3-dbus: upgrade 1.2.8 -> 1.2.12
  • python3-docutils: update to 0.15
  • python3-git: update to 3.0.2
  • python3-mako: update to 1.1.0
  • python3-numpy: update to 1.17.0
  • python3-pbr: update to 5.4.3
  • python3-pip: update to 19.2.3
  • python3-pycairo: update to 1.18.1
  • python3-pygobject: update to 3.34.0
  • python3-scons: update to 3.1.1
  • python3: upgrade 3.7.3 -> 3.7.4
  • python-numpy: update to 1.16.3
  • python-scons: update to 3.1.0
  • python-setuptools: update to 41.2.0
  • python: update to 3.7.3
  • qemu: Upgrade from 3.1.0 to 4.1
  • quilt: update to 0.66
  • quota: update to 4.05
  • rng-tools: 6.6 -> 6.7
  • ruby: update to 2.5.5
  • socat: upgrade 1.7.3.2 -> 1.7.3.3
  • sqlite3: update to 3.29.0
  • squashfs-tools: upgrade to commit f95864afe883
  • strace: Upgrade to 5.3
  • subversion: upgrade 1.11.1 -> 1.12.2
  • sysprof: upgrade 3.30.2 -> 3.32.0
  • sysstat: 12.1.3 -> 12.1.6
  • systemd: upgrade to 243
  • systemtap: update to 57c9aca9f1ff32a6add10e02ecd33b7314fad499
  • tar: update to 1.32
  • timezone: update to 2019c
  • u-boot: Upgrade from 2019.01 to 2019.07
  • uninative: Update to 2.7 release
  • usbutils: upgrade 010->012
  • util-linux: upgrade to 2.34
  • vala: update to 0.44.7
  • valgrind: update from 3.14.0 to 3.15.0
  • vim: Update to 8.1.1240
  • virglrenderer: update 0.7.0 -> 0.8.0
  • vte: upgrade 0.52.2 -> 0.56.3
  • waffle: upgrade 1.5.2 -> 1.6.0
  • wayland-protocols: upgrade 1.17 -> 1.18
  • webkitgtk: update to 2.24.4
  • weston: upgrade 5.0.0 -> 7.0.0
  • wget: update to 1.20.3
  • wpa-supplicant: update to 2.9
  • x11perf: update to 1.6.1
  • x264: upgrade to latest revision
  • xauth: upgrade 1.0.10 -> 1.1
  • xf86-input-libinput: update to 0.29.0
  • xinput: update to 1.6.3
  • xkeyboard: upgrade 2.26 -> 2.27
  • xorgproto: update to 2019.1
  • xrandr: update to 1.5.1
  • xserver-xorg: update to 1.20.5
  • xtrans: upgrade 1.3.5 -> 1.4.0
  • xwininfo: upgrade 1.1.4 -> 1.1.5
Retrieved from "https://wiki.yoctoproject.org/wiki/index.php?title=3.0_Release_Notes_WIP&oldid=61770"