...
- There are 93 Security Fixes
- Components where security fixes are added :- binutils, curl, epiphany, expat, ffmpeg, gcc, glibc, gmp, go, grub2, gzip, libarchive, libxml2, libxslt, lighttpd, linux-yocto, amdgpu, lua, openssl, qemu , rpm , seatd , speex , squashfs-tools , systemd , tiff , unzip , vim , virglrenderer , webkitgtk , xz , zlib
- There are 318 opensource component version upgrades
- Major opensource upgrades (Dunfell → Kirkstone) are :- GCC (9.3 → 11.3) , glibc (2.31 → 2.35) , glib-2.0 (2.62.4 → 2.72.3), systemd (244.3 → 250.5) , busybox (1.31.1 → 1.35.0)
- Netflix upgrade, youtube
- GCC compiler
- clang compiler, C++ 17
- Maintainability - Dunfell 4 years ; Kirkstone 2 years ; CVE Dunfell is sill open (Refer Yocto mailing list), Upstream dunfell 3.1.24 has open CVE
- Build time - reduce number of default dependency (make build faster in first/second time)
- meta-rust is in core
- software bill of material (security infrastructure)
- share state - c standard. faster sstsate performance due to decompression standard cstd (twice faster than xz)
- license management tool improvement (more accurate license compliance)
- Kirkstone need minimum 4.x kernel (refer systemd)
- linux_kernel_header does not mandate
...
{"serverDuration": 2014, "requestCorrelationId": "fede4235629eeb34"}