This file highlights changes to the product made in RCPLs that may be of
interest to the user. The features are grouped by the RCPL in which they were
made available.  BSP specific changes are located in the BSP section.

8.0.0.4:

1) Disable SSLv2 default build, default negotiation and weak ciphers.

FYI
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800

Technical details can be found in the published paper "DROWN: Breaking TLS using SSLv2":

https://www.drownattack.com/drown-attack-paper.pdf

The packages 'monit' and 'python-m2crypto' call SSLv2_method() by default, so disable the
SSLv2 in both pacakges.

2) We rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=883c38cf0e59082276f933f9b47e276b6b88270f

3) We add new version ntp 4.2.8p6 in order to fix following CVEs

CVE-2015-7974
CVE-2015-8158 
CVE-2015-7976
CVE-2015-7973
CVE-2015-7978
CVE-2015-8138
CVE-2015-7977
CVE-2015-7979
CVE-2015-8139
CVE-2015-8140
CVE-2015-5300

The default version is still 4.2.6p5. 

configure ... --with-template=feature/ntp428p6 to enable ntp 4.2.8.p6.

Note: we will change the default version to 4.2.8.p6 in 8.0.0.6.

4) We add new version webkitgtk 2.10.9 to fix many CVEs

FYI
http://webkitgtk.org/security/WSA-2016-0002.html

The default version is still 2.8.5. 

configure ... --with-template=feature/webkitgtk2109 to enable webkitgtk 2.10.9.

8.0.0.3:

1) We rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=c99ed6b73f397906475c09323b03b53deb83de55

[YOCTO #9197]
[YOCTO #9067]
[YOCTO #8553]
[YOCTO #8693]
[YOCTO #8854]

2) We upgrade linux kernel version from 4.1.17 to 4.1.18

8.0.0.2:

1) We upgrade linux kernel version from 4.1.15 to 4.1.17

2) We rebase the Yocto 2.0 stable tree. The last commit we merged from upstream is

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=824a43c30b99971a382abd5edcf126f96cf4d485

[YOCTO #8739]
[YOCTO #8739]
[YOCTO #8869]
[YOCTO #8611]
[YOCTO #8243]
[YOCTO #8971]
[YOCTO 8966]
[YOCTO #8028]
[YOCTO #8509]
[YOCTO #8825]
[YOCTO #8839]
[YOCTO #8625]
[YOCTO #8658]
[YOCTO #8661]
[YOCTO #8639]
[YOCTO #8639]
[YOCTO #8645]
[YOCTO #8124]
[YOCTO #8562]

3) We upgrade mariadb 5.5.47 in order to integrate following CVE fixes:
CVE-2016-0505
CVE-2016-0546
CVE-2016-0596
CVE-2016-0597
CVE-2016-0598
CVE-2016-0600
CVE-2016-0606
CVE-2016-0608
CVE-2016-0609
CVE-2016-0616

8.0.0.1:

1) We upgrade linux kernel version from 4.1.13 to 4.1.15

2) We rebase the Yocto 2.0 stable tree. The last commit we merged from upstream is

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=224bcc2ead676600bcd9e290ed23d9b2ed2f481e

[YOCTO #8709]
[YOCTO #8710]
[YOCTO #8448]

BSP Updates:

8.0.0.5:
     fsl-t4xxx: Freescale T4240 (FSL SDK 1.8 based)

8.0.0.4:
     fsl-imx6: Freescale i.MX6
     intel-x86: add support for Intel Compute Stick
                Add Broadwell-DE support

8.0.0.3:
     fsl-ls10xx: Freescale LS1021 

8.0.0.2:
     altera-socfpga: Add BSP altera-socfpga
     fsl-e500mc: add fsl-e500mc BSP

8.0.0.1:
     xilinx-zynq: [Update] Add Avnet Mini-ITX, MicroZED?, PicoZED
     axxiaarm: [Add] LSI AXM55xx