Yep 4.0.4 Fix Apr 2026

: Confirm you are targeting the 4.0.4 branch in your configuration files.

: Re-initialize and reinstall dependencies to ensure all pinned versions reflect the new security patches. Release notes for Yocto-4.0.4 (Kirkstone) Yep 4.0.4 fix

: Run a clean command (e.g., npm cache clean or your build system's equivalent) to prevent old, vulnerable artifacts from persisting. : Confirm you are targeting the 4

: Includes fixes for libxml2 , libtiff , zlib , and gnutls to mitigate various memory and processing exploits. Recommended Actions for Developers : Includes fixes for libxml2 , libtiff ,

If you are managing an environment using these packages, follow these remediation steps to ensure a clean update:

: Resolves three vulnerabilities (CVE-2022-30552, CVE-2022-33967, and CVE-2022-33103) impacting bootloader security.

: Fixes multiple vulnerabilities, including CVE-2021-3695 and CVE-2022-28733, which could potentially allow for unauthorized boot access.