This file highlights changes to the product made in RCPLs that may be of
interest to the user. The features are grouped by the RCPL in which they were
made available.  BSP specific changes are located in the BSP section.

8.0.0.17:

We plan to upgrade MariaDB 5.5.55 in 8.0.0.18 to fix the CVEs:

CVE-2017-3329
CVE-2017-3453
CVE-2017-3309
CVE-2017-3600
CVE-2017-3308
CVE-2017-3305
CVE-2017-3456
CVE-2017-3462
CVE-2017-3463
CVE-2017-3461
CVE-2017-3464

8.0.0.15:

1) We upgrade MariaDB 5.5.54

2) We forgot to mention we added the new version ntp 4.2.8p9 in 8.0.0.12

The default version is still 4.2.6p5. 

configure ... --with-template=feature/ntp428p9 to enable ntp 4.2.8.p9.

3) We plan to add new ntp 4.2.8.p10 in 8.0.0.16 to fix a bundle of CVEs

8.0.0.14:

1) Rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=a9db40da62c13b0010ce5afc1fde16d987bdfbc6

2) We plan to upgrade MariaDB 5.5.54 in 8.0.0.15 to fix a bundle of CVEs.

8.0.0.12:

We upgrade MariaDB 5.5.53

8.0.0.11:

1) Rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=39ef8e22b52d3f5daa853aa7866145e9c5469d4b

8.0.0.9:

1) Rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=a27b907dd3ad20fc60b7732c19012793aaaba2df

8.0.0.8:

1) Rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=1f4bfa33073584c25396d74f3929f263f3df188b

8.0.0.6:

1) Rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=69b1e25a53255433262178b91ab3e328768ad725

2) We plant to upgrade MariaDB 5.5.49 in RCPL 7

8.0.0.5:

1) Upgrade linux kernel version from 4.1.18 to 4.1.21

2) Rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=28032d8c3122b75ceb3f4a664a2b478c9a9a6a2c

[YOCTO #9379]
[YOCTO #9357]
[YOCTO #9265]

3) Add X server resource database utility - xrdb 1.1.0

8.0.0.4:

1) Disable SSLv2 default build, default negotiation and weak ciphers.

FYI
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800

Technical details can be found in the published paper "DROWN: Breaking TLS using SSLv2":

https://www.drownattack.com/drown-attack-paper.pdf

The packages 'monit' and 'python-m2crypto' call SSLv2_method() by default, so disable the
SSLv2 in both pacakges.

2) We rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=883c38cf0e59082276f933f9b47e276b6b88270f

3) We add new version ntp 4.2.8p6 in order to fix following CVEs

CVE-2015-7974
CVE-2015-8158 
CVE-2015-7976
CVE-2015-7973
CVE-2015-7978
CVE-2015-8138
CVE-2015-7977
CVE-2015-7979
CVE-2015-8139
CVE-2015-8140
CVE-2015-5300

The default version is still 4.2.6p5. 

configure ... --with-template=feature/ntp428p6 to enable ntp 4.2.8.p6.

Note: we will change the default version to 4.2.8.p6 in 8.0.0.6.

4) We add new version webkitgtk 2.10.9 to fix many CVEs

FYI
http://webkitgtk.org/security/WSA-2016-0002.html

The default version is still 2.8.5. 

configure ... --with-template=feature/webkitgtk2109 to enable webkitgtk 2.10.9.

8.0.0.3:

1) We rebase the Yocto 2.0 stable tree

Update to the commit

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=c99ed6b73f397906475c09323b03b53deb83de55

[YOCTO #9197]
[YOCTO #9067]
[YOCTO #8553]
[YOCTO #8693]
[YOCTO #8854]

2) We upgrade linux kernel version from 4.1.17 to 4.1.18

8.0.0.2:

1) We upgrade linux kernel version from 4.1.15 to 4.1.17

2) We rebase the Yocto 2.0 stable tree. The last commit we merged from upstream is

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=824a43c30b99971a382abd5edcf126f96cf4d485

[YOCTO #8739]
[YOCTO #8739]
[YOCTO #8869]
[YOCTO #8611]
[YOCTO #8243]
[YOCTO #8971]
[YOCTO 8966]
[YOCTO #8028]
[YOCTO #8509]
[YOCTO #8825]
[YOCTO #8839]
[YOCTO #8625]
[YOCTO #8658]
[YOCTO #8661]
[YOCTO #8639]
[YOCTO #8639]
[YOCTO #8645]
[YOCTO #8124]
[YOCTO #8562]

3) We upgrade mariadb 5.5.47 in order to integrate following CVE fixes:
CVE-2016-0505
CVE-2016-0546
CVE-2016-0596
CVE-2016-0597
CVE-2016-0598
CVE-2016-0600
CVE-2016-0606
CVE-2016-0608
CVE-2016-0609
CVE-2016-0616

8.0.0.1:

1) We upgrade linux kernel version from 4.1.13 to 4.1.15

2) We rebase the Yocto 2.0 stable tree. The last commit we merged from upstream is

http://git.openembedded.org/openembedded-core/commit/?h=jethro&id=224bcc2ead676600bcd9e290ed23d9b2ed2f481e

[YOCTO #8709]
[YOCTO #8710]
[YOCTO #8448]

BSP Updates:

8.0.0.17:
     nxp-imx7: EPIC: [NEW] Add NXP i.MX7 support in WRL8
     intel-apollolake-i: [update] Intel Apollo Lake BSP update to yocto MR2 version

8.0.0.12:
     rose-apple-pi: EPIC: [NEW] Add Roseapple Pi support - WRL8

8.0.0.11:
     fsl-imx6: Freescale i.MX6 rebase to kernel 4.1 SDK
     intel-apollolake-i: EPIC: [update] intel-x86: update Apollo Lake (Broxton) to Yocto gold release - WRL8
     xilinx-zynqmp: EPIC: [NEW] Xilinx Ultrascale MPSoC? - ZCU102

8.0.0.10:
     mv-armada-38x: Marvell Armada 385

8.0.0.9:
     fsl-t4xxx: Freescale T4240 (FSL SDK 2.0 based)
     fsl-p2020: Freescale e500v2 fsl-p2020 BSP (SDK 1.8 Based)
     fsl-ls1043: Freescale LS1043 - based on SDK 2.0

8.0.0.7:
     altera-socfpga: Altera Arria 10
     fsl-ls20xx: EPIC: [CF] Freescale LS2085

8.0.0.5:
     fsl-t4xxx: Freescale T4240 (FSL SDK 1.8 based)
     axxiaarm64: add BSP axxiaarm64
     ti-am335x: add TI AM335X

8.0.0.4:
     fsl-imx6: Freescale i.MX6
     intel-x86: add support for Intel Compute Stick
                Add Broadwell-DE support

8.0.0.3:
     fsl-ls10xx: Freescale LS1021 

8.0.0.2:
     altera-socfpga: Add BSP altera-socfpga
     fsl-e500mc: add fsl-e500mc BSP

8.0.0.1:
     xilinx-zynq: [Update] Add Avnet Mini-ITX, MicroZED?, PicoZED
     axxiaarm: [Add] LSI AXM55xx