: Run a clean command (e.g., npm cache clean or your build system's equivalent) to prevent old, vulnerable artifacts from persisting.
: Re-initialize and reinstall dependencies to ensure all pinned versions reflect the new security patches. Release notes for Yocto-4.0.4 (Kirkstone) Yep 4.0.4 fix
: Fixes multiple vulnerabilities, including CVE-2021-3695 and CVE-2022-28733, which could potentially allow for unauthorized boot access. : Run a clean command (e
: Patches CVE-2022-35252 to improve the security of data transfers. : Run a clean command (e.g.
: Includes fixes for libxml2 , libtiff , zlib , and gnutls to mitigate various memory and processing exploits. Recommended Actions for Developers
This write-up covers the key security and functional fixes for the release, which addresses several critical vulnerabilities across core components. Release Overview