This file highlights changes to the product made in RCPLs that may be of interest to the user. The features are grouped by the RCPL in which they were made available. BSP specific changes are located in the BSP section. General Changes: 5.0.1.40: We add new ntp 4.2.8.p10 to fix a bundle of CVEs. The default version is still 4.2.6p5. configure ... --with-template=feature/ntp428p10 to enable ntp 4.2.8.p10. 5.0.1.36: We add new version ntp 4.2.8p8 in order to fix a bundle of CVEs The default version is still 4.2.6p5. configure ... --with-template=feature/ntp428p8 to enable ntp 4.2.8.p8. 5.0.1.35: 1)Disable SSLv2 default build, default negotiation and weak ciphers. FYI http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800 Technical details can be found in the published paper "DROWN: Breaking TLS using SSLv2": https://www.drownattack.com/drown-attack-paper.pdf The packages 'monit', 'python-m2crypto', 'ace' call SSLv2_method() by default, so disable the SSLv2 in both pacakges. 2) We add new version ntp 4.2.8p6 in order to fix following CVEs CVE-2015-7974 CVE-2015-8158 CVE-2015-7976 CVE-2015-7973 CVE-2015-7978 CVE-2015-8138 CVE-2015-7977 CVE-2015-7979 CVE-2015-8139 CVE-2015-8140 CVE-2015-5300 The default version is still 4.2.6p5. configure ... --with-template=feature/ntp428p6 to enable ntp 4.2.8.p6. Note: we will change the default version to 4.2.8.p6 in 5.0.1.36. 5.0.1.24: a)We add new version rpm 5.4.14. The default version is still 5.4.9, if you want to apply the new version, you need to add the option in your project configuration. --with-template=feature/rpm5414 b)We add new version db 5.3.28. The default version is still 5.3.15, if you want to apply the new version, you need to add the option in your project configuration. --with-template=feature/db5328 5.0.1.23: Update DPDK 1.7.1 5.0.1.21: 1) The linux kernel is updated to v3.4.91 2) Security issues update The 2 critical vulerabilities "SSLv3 POODLE" and "bash shellshock" have been fixed in 5.0.1.20. 3) A build issue with Ubuntu 14.04 32bit and other distributions (gcc 4.8 on i686) The qemu-native doesn't build with gcc 4.8 on i686, that is work/qemu-0.11.1/target-ppc/op_helper.c: In function 'helper_fmadd': work/qemu-0.11.1/target-ppc/op_helper.c:1250:10: error: frame pointer required, but reserved The workaround is downgrading the host gcc to 4.7, for example on Ubuntu 14.04 $sudo apt-get install gcc-4.7 gcc-4.7-multilib g++-4.7 g++-4.7-multilib $cd /usr/bin/ $sudo rm gcc g++ $sudo ln -s g++-4.7 g++ $sudo ln -s gcc-4.7 gcc 5.0.1.20: Support EMGD 1.18 Use default EMGD 1.14: ../wrlinux/configure --enable-board=intel-atom \ --with-template=feature/intel-emgd ... Use EMGD 1.18: ../wrlinux/configure --enable-board=intel-atom-emgd118 \ --with-template=feature/intel-emgd119 ... 5.0.1.19: We plan to add a new feature in 5.0.1.20: Support EMGD 1.18 5.0.1.18: We plany to sync up yocto kernel 3.4 (3.4.91) stable tree in 5.0.1.21 FYI: http://git.yoctoproject.org/cgit/cgit.cgi/linux-yocto-3.4/ 5.0.1.16: Linux kernel is updated to v3.4.88. 5.0.1.15: We plan to sync up yocto 3.4 (3.4.88) stable tree. Current kernel version is 3.4.43. FYI: http://git.yoctoproject.org/cgit/cgit.cgi/linux-yocto-3.4/ 5.0.1.14: We upgraded mysql to 5.1.73. The default version is still 5.1.40. Switching to 5.1.73 is configure with --with-template=feature/mysql5173. 5.0.1.13: We plan to add mysql 5.1.73 in 5.0.1.14 due to fix a bundle of CVE issues, and we keep the mysql 5.1.40 as the default package. If you want to apply mysql 5.1.73, configure with --with-template=feature/mysql5173. CVE list: CVE-2014-0412 CVE-2014-0386 CVE-2014-0437 CVE-2014-0402 CVE-2014-0401 CVE-2014-0393 CVE-2014-0386 CVE-2013-5908 ... Note: we plan to switch the default version of syslog-ng to 3.4.2 in 5.0.1.14. 5.0.1.10: We upgraded syslog-ng to 3.4.2 in 5.0.1.8 and removed the old version 3.3.5. In 5.0.1.10, we restore syslog-ng 3.3.5 as default version, and keep the new version sylog-ng 3.4.2. The default configuration will select 3.3.5. If you want to use the 3.4.2, please enable RCFL by --enable-addons=wr-rcfl --with-layer=rcfl --with-template=feature/syslog-ng342 5.0.1.8: A new configure option --enable-ldconfig: Stick a postinstall script to rpms to update ldconfig cache during the installation, as well as "/etc/ld.so.conf" and "/etc/ld.so.conf.d" are generated at system level. The environment variable ENABLE_LDCONFIG=[1|0] will override any setting of this argument. Beginning with 5.0.1.8 the Experimental Layer is available for download for customers interested in some of these new features. Please refer to https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=042478 for more details on what is available and how to install the Experimental Layer. 5.0.1.5: Absolute paths are removed from the platform project. The paths are now referenced from the ${WRL_TOP_BUILD_DIR} macro. This allows users to copy and compare platform projects. A new configuration option was created called --enable-stand-alone-project=yes that allows a platform project to stand completely on it's own. Note that this option will result in a very large project directory as it copies parts of the installation directory into the project directory instead of using symbolic links, so be prepared when using this option. If you move a project directory you must run: rm -rf bitbake_build/tmp 5.0.1.3 It is recommended that to control package lists it is best to start with smaller sized rootfs options and add packages that are needed then to start with a large rootfs type and remove packages. The glibc-small is a busybox based rootfs that is a good rootfs to start with and then add packages. The glibc-core rootfs type is a similar non-busybox rootfs to start from. If you do need to remove packages, target options have been added that provide control over the package list that ultimately gets loaded on the target rootfs. The "make fs-expand", "make fs-expand-rm", and\ "make fs-expand-rm-dryrun" have been added and can be used to modify the default-image.bb file to control the package list. See the "File system modification specific" section of the "make help" target for more specific information. A new configure option --enable-rm-oldimgs: Remove the old images in order to reduce disk space occupation. This option is recommended if your disk space is limited or --enable-target-installer=yes is used. The "make iso-image" target was added to create a hybrid iso image type. This option is not the same as --enable-bootimage=iso. This option takes whatever contents you have in export/dist and makes a ISO/USB hybrid. This image is created significantly faster. To use this option the kernel must have iso9660, unionfs, and whatever devices to read from the optical or usb media enabled. Allow additional feature templates in rootfs.cfg. This allows users to create a custom rootfs that uses additional templates automatically by defining a rootfs.cfg file in a layer. The default-image.bb file is linked to a copy in the local project directory. References to IMAGE_INSTALL_append were converted to IMAGE_INSTALL += using image.inc files in the template directory. This allows more control over the image file by modifying the project directory's image.bb file. 5.0.1.1 The default RCPL version at configure time changed from "auto" to "latest". The configure command locks the project directory to the latest RCPL available at configure time and saves this number. Subsequent "make reconfig" commands will not change the RCPL value. To change the RCPL used by an existing project use the "make upgrade" target to upgrade the project to the latest installed RCPL. BSP Updates: 5.0.1.24: mv-armada-38x: Add support of new board DB-88F6820-GP 5.0.1.21: mv-armada-38x: Add the mv-arada-38x BSP support mv-armada-xp: Upgrade u-boot and add LPAE support 5.0.1.15: altera-socfpga: Add USB OTG support lsi-acp34xx: add new target AXM3500 support 5.0.1.14: Add DPDK 1.6 altera-socfpga: Add arria V soc support xilinx_zynq: add Avnet MicroZed support mv-armada-xp: enable spi-orion driver 5.0.1.13: xilinx_zynq: Add support of zc702 rev 1.1 5.0.1.12: fsl-p10xx: update fsl-p10xx to FSL SDK 1.4 and also add support for p1024rdb 5.0.1.11: fsl-b4xxx: UPDATE Freescale B4xxx (SDK 1.4.5 Uprev) 5.0.1.10: mv-armada-xp: Add Marvell DB-784MP-GP Rev 1.4 Board support lsi-axm55xx: UPDATE LSI AXM55xx (Cortex-A15)[Real Hardware Support lsi-acp34xx: UPDATE LSI ACP3xxx (Add 3421) 5.0.1.9: intel-quark: add Intel Quark fsl-p50xx: Update Freescale P50xx (SDK 1.4 Rebase) fsl-t4xxx: Update Freescale T4240 (Add Rev 2 silicion support) mv-armada-xp: Update Marvell Armada XP (Add MV78260 support) 5.0.1.8: intel-atom: add Intel Rangeley/Avoton intel-atom: add Valleyview2 mv-armada-pxa2128: Initial BSP support includes standard/preempt-rt kernel support 5.0.1.7: ti-66ak2hxx: Initial BSP support includes standard/preempt-rt/cgl kernel support fsl-e600: Initial BSP support includes standard/preempt-rt/cgl kernel support fsl-e500mc: Update Freescale e500mc (SDK 1.4 Rebase) fsl-t4xxx: Update Freescale t4xxx (SDK 1.4 Rebase) fsl-b4xxx: Update Freescale b4xxx (SDK 1.4 Rebase) intel-xeon-core: Add Wilkin Peak 2 WIFI cards Support 5.0.1.6: wrs-powerquiccii-82xx: Initial BSP support including includes standard/preempt-rt/cgl kernel support fsl-imx6: Update Freescale i.MX6 (add SD board + Sabre Lite Rev D board) intel-atom: Update Intel Atom (add: Intel Rangeley/Avoton) 5.0.1.5: Add standard/preempt-rt/cgl support for Altera Cyclone V SOCFPGA Rev C board bcm-xlp: Initial BSP support including standard/preempt-rt/CGL kernel types intel-xeon-core: Add Ivy Bridge Romley Refresh support intel-atom: Add Minnow Board support xilinx-zynq: Add PCIe RC support 5.0.1.4: cav-octeon2: Updated to SDK 3.0, and add cgl kernel support fsl-b4xxx: Initial BSP support includes standard/preempt-rt/cgl kernel support arm-coretile-express-a15-a7: add cgp kernel support intel-xeon-core: Add Haswell with gcc 4.7 toolchain support : Add Oak Creek Canyon support lsi-axm55xx: Initial BSP support includes standard/preempt_rt kernel support xilinx-zynq: Add cgl kernel and CPU hotplug support fsl-p2020: Add p2020 Rev 2.1 support lsi-acp34xx: Rebase to Yocto upstream 5.0.1.3: fsl-p10xx: Add p1020/p1021/p1022/p1023 support with standard/preempt-rt/cgl kernel support 5.0.1.2: fsl-t4xxx: Initial BSP with standard/preempt_rt/cgl kernel support fsl-imx28: Initial BSP for i.MX28. 5.0.1.1: fsl-mpc85xx: Update to SDK 1.3, add preempt_rt and cgl kernel support fsl-p10xx: Inital BSP to enable p1010/p1014 support with standard/preempt-rt/cgl kernel support mv-armada-xp: Initial BSP support with standard/preempt-rt kernel support arm-coretil-express-a15-a7: Initial BSP with standard/preempt_rt kernel support fsl-imx6: Initial BSP support with i.MX6Q SABRE LITE and standard/preempt-rt kernel support intel-xeon-core: Add RAS and CPIC (Cave Creek C1 stepping) support -