1# OpenHarmony 4.0.3 Release
2
3
4## Version Description
5
6OpenHarmony 4.0.3 Release provides enhanced system security over OpenHarmony 4.0.2 Release by rectifying certain known vulnerabilities in open-source components such as Linux kernel, and system stability issues.
7
8
9## Mapping relationship
10
11**Table 1** Version mapping of software and tools
12
13| Software/Tool| Version| Remarks|
14| -------- | -------- | -------- |
15| OpenHarmony | 4.0.3 Release | NA |
16| Public SDK | Ohos_sdk_public 4.0.12.4 (API Version 10 Release) | This toolkit is intended for application developers and does not contain system APIs that require system permissions. It is provided as standard in DevEco Studio.|
17| (Optional) HUAWEI DevEco Studio| 4.0 Release | Recommended for developing OpenHarmony applications How to obtain:<br><br>SHA-256 checksum: 2c88cf43e1ef6ba722aac31eccc8ef92f07a9b72e43a9c1df127017828a22137<br><br>SHA-256 checksum: 25e491458eec50b4abddf5bed6aa85893801d70afbce02958f17bd904619405a<br><br>SHA-256 checksum: 284cb01f7b819e0da1d4fcacbbbbe8017ba220b5e3b9b1d5e4cc59ea30456acc |
18| (Optional) HUAWEI DevEco Device Tool| 4.0 Release | Recommended for developing OpenHarmony smart devices<br>[Click here](https://device.harmonyos.com/cn/develop/ide#download).|
19
20
21## Source Code Acquisition
22
23
24### Prerequisites
25
261. Register your account with Gitee.
27
282. Register an SSH public key for access to Gitee.
29
303. Install the [git client](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git) and [git-lfs](https://gitee.com/vcs-all-in-one/git-lfs?_from=gitee_search#downloading), and configure user information.
31   ```
32   git config --global user.name "yourname"
33   git config --global user.email "your-email-address"
34   git config --global credential.helper store
35   ```
36
374. Run the following commands to install the **repo** tool:
38   ```
39   curl -s https://gitee.com/oschina/repo/raw/fork_flow/repo-py3 > /usr/local/bin/repo  # If you do not have the permission, download the tool to another directory and configure it as an environment variable by running the chmod a+x /usr/local/bin/repo command.
40   pip3 install -i https://repo.huaweicloud.com/repository/pypi/simple requests
41   ```
42
43
44### Acquiring Source Code Using the repo Tool
45
46**Method 1 (recommended)**
47
48Use the **repo** tool to download the source code over SSH. (You must have an SSH public key for access to Gitee.)
49
50- Obtain the source code from the version branch. You can obtain the latest source code of the version branch, which includes the code that has been incorporated into the branch up until the time you run the following commands:
51   ```
52   repo init -u git@gitee.com:openharmony/manifest.git -b OpenHarmony-4.0.3-Release --no-repo-verify
53   repo sync -c
54   repo forall -c 'git lfs pull'
55   ```
56
57- Obtain the source code from the version tag, which is the same as that released with the version.
58   ```
59   repo init -u git@gitee.com:openharmony/manifest.git -b refs/tags/OpenHarmony-v4.0.3-Release --no-repo-verify
60   repo sync -c
61   repo forall -c 'git lfs pull'
62   ```
63
64**Method 2**
65
66Use the **repo** tool to download the source code over HTTPS.
67
68- Obtain the source code from the version branch. You can obtain the latest source code of the version branch, which includes the code that has been incorporated into the branch up until the time you run the following commands:
69   ```
70   repo init -u https://gitee.com/openharmony/manifest -b OpenHarmony-4.0.3-Release --no-repo-verify
71   repo sync -c
72   repo forall -c 'git lfs pull'
73   ```
74
75- Obtain the source code from the version tag, which is the same as that released with the version.
76   ```
77   repo init -u https://gitee.com/openharmony/manifest -b refs/tags/OpenHarmony-v4.0.3-Release --no-repo-verify
78   repo sync -c
79   repo forall -c 'git lfs pull'
80   ```
81
82
83### Acquiring Source Code from Mirrors
84
85
86**Table 2** Mirrors for acquiring source code
87
88| Source Code                               | Version| Mirror                                                | SHA-256 Checksum                                            | Software Package Size|
89| --------------------------------------- | ------------ | ------------------------------------------------------------ | ------------------------------------------------------------ | -------- |
90| Full code base (for mini, small, and standard systems)       | 4.0.3 Release  | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/code-v4.0.3-Release.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/code-v4.0.3-Release.tar.gz.sha256) | 31.5 GB |
91| Hi3861 solution (binary)       | 4.0.3 Release  | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/hispark_pegasus.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/hispark_pegasus.tar.gz.sha256) | 25.2 MB |
92| Hi3516 solution-LiteOS (binary)| 4.0.3 Release  | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/hispark_taurus_LiteOS.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/hispark_taurus_LiteOS.tar.gz.sha256) | 304.1 MB |
93| Hi3516 solution-Linux (binary) | 4.0.3 Release  | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/hispark_taurus_Linux.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/hispark_taurus_Linux.tar.gz.sha256) | 195.4 MB |
94| RK3568 standard system solution (binary)       | 4.0.3 Release  | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/dayu200_standard_arm32.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/dayu200_standard_arm32.tar.gz.sha256) | 5.2 GB |
95| Public SDK package for the standard system (macOS)            | 4.0.12.4 | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/ohos-sdk-mac-public.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/ohos-sdk-mac-public.tar.gz.sha256) | 1.1 GB |
96| Public SDK package for the standard system (macOS-M1)            | 4.0.12.4 | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/L2-SDK-MAC-M1-PUBLIC.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/L2-SDK-MAC-M1-PUBLIC.tar.gz.sha256) | 800.7 MB |
97| Public SDK package for the standard system (Windows\Linux)  | 4.0.12.4 | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/ohos-sdk-windows_linux-public.tar.gz) | [Download](https://repo.huaweicloud.com/openharmony/os/4.0.3-Release/ohos-sdk-windows_linux-public.tar.gz.sha256) | 2.0 GB |
98
99## Description
100
101This version has the following updates to OpenHarmony 4.0.2 Release.
102
103
104### API Changes
105
106N/A
107
108
109### Chip and Development Board Adaptation
110
111For details about the adaptation status, see [SIG_DevBoard](https://gitee.com/openharmony/community/blob/master/sig/sig_devboard/sig_devboard.md).
112
113
114## Resolved Issues
115
116**Table 3** Resolved issues
117
118| Issue No.| Description|
119| -------- | -------- |
120| [I9TEYD](https://e.gitee.com/open_harmony/issues/list?issue=I9TEYD) | Failed to compile the light kernel container test version.          |
121| [IAJDXD](https://e.gitee.com/open_harmony/issues/list?issue=IAJDXD) | The IPC_3_1346 thread in the composer_host process has encountered a C++ crash twice, and the crash stack involves the library libdisplay_composer_vdi_impl.z.so.|
122| [IA7R8Z](https://e.gitee.com/open_harmony/issues/list?issue=IA7R8Z) | The sensor_host thread in the sensor_host process has encountered a C++ crash once, and the crash stack involves the library libhdf_utils.z.so.|
123| [I9UEWK](https://e.gitee.com/open_harmony/issues/list?issue=I9UEWK) | The audio_host thread in the audio_host process has encountered a C++ crash five times, and the crash stack involves the library libhdi_audio_pnp_server.z.so.|
124| [I97YSN](https://e.gitee.com/open_harmony/issues/list?issue=I97YSN) | The **onStateChange** callback does not take effect when **NavRouter** redirects to or exits a page.|
125| [I93ZB9](https://e.gitee.com/open_harmony/issues/list?issue=I93ZB9) | During the installation, sys_installer crashes and fails to throw an installation timeout, and the page is suspended.|
126| [I9EWLM](https://e.gitee.com/open_harmony/issues/list?issue=I9EWLM) | When the text entered in the search field exceeds the allotted space, it will cover the clear (X) icon on the extreme right.                |
127| [I9F3MR](https://e.gitee.com/open_harmony/issues/list?issue=I9F3MR) | If you create a message and then delete the contact, the message content in the editing area below is deleted.    |
128| [I9FQD5](https://e.gitee.com/open_harmony/issues/list?issue=I9FQD5) | When the global animation is changed to 5X or 10X, the status bar in the download dialog box automatically exits.         |
129| [I9GRCL](https://e.gitee.com/open_harmony/issues/list?issue=I9GRCL) | When a user slides to the top of the SMS chat screen and receives a message from the peer device, the SMS chat screen does not automatically slide back to the latest message.|
130| [IAIKP6](https://e.gitee.com/open_harmony/issues/list?issue=IAIKP6) | The links in the Picker application of **FileShare**, **fileFs.ts**, and **show.ets** are invalid.          |
131| [IAFCN5](https://e.gitee.com/open_harmony/issues/list?issue=IAFCN5) | 4.0 Release UT failure.                                       |
132| [IAF9R7](https://e.gitee.com/open_harmony/issues/list?issue=IAF9R7) | 4.0 Release TDD.                                      |
133| [IADVF8](https://e.gitee.com/open_harmony/issues/list?issue=IADVF8) | After turning on the Wi-Fi toggle in Control Panel, the **Settings** page shows a successful Wi-Fi connection, but Control Panel temporarily does not display the connected Wi-Fi network.|
134| [IACY4V](https://e.gitee.com/open_harmony/issues/list?issue=IACY4V) | hmdfs fix skip tls init                                      |
135
136## Fixed Security Vulnerabilities
137
138**Table 4** Fixed security vulnerabilities
139
140| Issue No.                                                       | Description                                                   |
141| ------------------------------------------------------------ | ----------------------------------------------------------- |
142| [IAI3SL](https://e.gitee.com/open_harmony/issues/list?issue=IAI3SL) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36031        |
143| [IAI3YH](https://e.gitee.com/open_harmony/issues/list?issue=IAI3YH) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42161        |
144| [IAI3XW](https://e.gitee.com/open_harmony/issues/list?issue=IAI3XW) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42154        |
145| [IAI3VQ](https://e.gitee.com/open_harmony/issues/list?issue=IAI3VQ) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41012        |
146| [IAI3VA](https://e.gitee.com/open_harmony/issues/list?issue=IAI3VA) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41087        |
147| [IAI3TH](https://e.gitee.com/open_harmony/issues/list?issue=IAI3TH) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42160        |
148| [IAI3SZ](https://e.gitee.com/open_harmony/issues/list?issue=IAI3SZ) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52672        |
149| [IAEK1H](https://e.gitee.com/open_harmony/issues/list?issue=IAEK1H) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39495        |
150| [IAI3SZ](https://e.gitee.com/open_harmony/issues/list?issue=IAI3SZ) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52672        |
151| [IAEK1H](https://e.gitee.com/open_harmony/issues/list?issue=IAEK1H) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39495        |
152| [IABPBB](https://e.gitee.com/open_harmony/issues/list?issue=IABPBB) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36971        |
153| [IAAC06](https://e.gitee.com/open_harmony/issues/list?issue=IAAC06) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38577        |
154| [IAABZS](https://e.gitee.com/open_harmony/issues/list?issue=IAABZS) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38588        |
155| [IALLOV](https://e.gitee.com/open_harmony/issues/list?issue=IALLOV) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-825178265344806912|
156| [IALD0O](https://e.gitee.com/open_harmony/issues/list?issue=IALD0O) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-826547532216668160|
157| [IAKL82](https://e.gitee.com/open_harmony/issues/list?issue=IAKL82) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-26984         |
158| [IAJW6P](https://e.gitee.com/open_harmony/issues/list?issue=IAJW6P) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41035         |
159| [IAJW65](https://e.gitee.com/open_harmony/issues/list?issue=IAJW65) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41072         |
160| [IAJW5Y](https://e.gitee.com/open_harmony/issues/list?issue=IAJW5Y) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41063         |
161| [IAJW5T](https://e.gitee.com/open_harmony/issues/list?issue=IAJW5T) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-35947         |
162| [IAJW5L](https://e.gitee.com/open_harmony/issues/list?issue=IAJW5L) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42115         |
163| [IAJW4P](https://e.gitee.com/open_harmony/issues/list?issue=IAJW4P) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42084         |
164| [IAJW4H](https://e.gitee.com/open_harmony/issues/list?issue=IAJW4H) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42082         |
165| [IAJW3M](https://e.gitee.com/open_harmony/issues/list?issue=IAJW3M) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-35884         |
166| [IAJW2W](https://e.gitee.com/open_harmony/issues/list?issue=IAJW2W) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41020         |
167| [IAIRKT](https://e.gitee.com/open_harmony/issues/list?issue=IAIRKT) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-26966         |
168| [IAIKJM](https://e.gitee.com/open_harmony/issues/list?issue=IAIKJM) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42084         |
169| [IAI79Y](https://e.gitee.com/open_harmony/issues/list?issue=IAI79Y) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42068        |
170| [IAI79K](https://e.gitee.com/open_harmony/issues/list?issue=IAI79K) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42229         |
171| [IAI795](https://e.gitee.com/open_harmony/issues/list?issue=IAI795) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42226        |
172| [IAI3WS](https://e.gitee.com/open_harmony/issues/list?issue=IAI3WS) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39501        |
173| [IAI3W8](https://e.gitee.com/open_harmony/issues/list?issue=IAI3W8) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40959        |
174| [IAI3VH](https://e.gitee.com/open_harmony/issues/list?issue=IAI3VH) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40960         |
175| [IAI3UT](https://e.gitee.com/open_harmony/issues/list?issue=IAI3UT) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2022-48797         |
176| [IAI3UM](https://e.gitee.com/open_harmony/issues/list?issue=IAI3UM) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40961         |
177| [IAI3TM](https://e.gitee.com/open_harmony/issues/list?issue=IAI3TM) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40905         |
178| [IAHRT0](https://e.gitee.com/open_harmony/issues/list?issue=IAHRT0) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40912         |
179| [IAFG57](https://e.gitee.com/open_harmony/issues/list?issue=IAFG57) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36286         |
180| [IAFG4Y](https://e.gitee.com/open_harmony/issues/list?issue=IAFG4Y) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38780         |
181| [IAFG4I](https://e.gitee.com/open_harmony/issues/list?issue=IAFG4I) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36270         |
182| [IAE0GE](https://e.gitee.com/open_harmony/issues/list?issue=IAE0GE) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39475         |
183| [IAE0G7](https://e.gitee.com/open_harmony/issues/list?issue=IAE0G7) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2021-47582         |
184| [IAE0G0](https://e.gitee.com/open_harmony/issues/list?issue=IAE0G0) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39472         |
185| [IAE0FT](https://e.gitee.com/open_harmony/issues/list?issue=IAE0FT) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-34027         |
186| [IAE0FI](https://e.gitee.com/open_harmony/issues/list?issue=IAE0FI) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36489         |
187| [IABPAU](https://e.gitee.com/open_harmony/issues/list?issue=IABPAU) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38596         |
188| [IABPAG](https://e.gitee.com/open_harmony/issues/list?issue=IABPAG) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38601         |
189| [IAAC00](https://e.gitee.com/open_harmony/issues/list?issue=IAAC00) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38564         |
190| [IAA6AF](https://e.gitee.com/open_harmony/issues/list?issue=IAA6AF) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39276         |
191| [IA7RS0](https://e.gitee.com/open_harmony/issues/list?issue=IA7RS0) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36929         |
192| [IA7RRT](https://e.gitee.com/open_harmony/issues/list?issue=IA7RRT) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36941         |
193| [IA7RPQ](https://e.gitee.com/open_harmony/issues/list?issue=IA7RPQ) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-35984         |
194| [IA7RPD](https://e.gitee.com/open_harmony/issues/list?issue=IA7RPD) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52730         |
195| [IA7A3F](https://e.gitee.com/open_harmony/issues/list?issue=IA7A3F) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52791         |
196| [IA74SA](https://e.gitee.com/open_harmony/issues/list?issue=IA74SA) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36938         |
197| [IA74RC](https://e.gitee.com/open_harmony/issues/list?issue=IA74RC) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36905         |
198| [IA74QZ](https://e.gitee.com/open_harmony/issues/list?issue=IA74QZ) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36902         |
199| [IAJW57](https://e.gitee.com/open_harmony/issues/list?issue=IAJW57) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-42236         |
200| [IAJW4Y](https://e.gitee.com/open_harmony/issues/list?issue=IAJW4Y) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-41041         |
201| [IAI3X0](https://e.gitee.com/open_harmony/issues/list?issue=IAI3X0) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40942         |
202| [IAI3WV](https://e.gitee.com/open_harmony/issues/list?issue=IAI3WV) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-40971         |
203| [IAI3WK](https://e.gitee.com/open_harmony/issues/list?issue=IAI3WK) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-39509         |
204| [IAHRH2](https://e.gitee.com/open_harmony/issues/list?issue=IAHRH2) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-38615         |
205| [IA7RR1](https://e.gitee.com/open_harmony/issues/list?issue=IA7RR1) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52835         |
206| [IA7RQC](https://e.gitee.com/open_harmony/issues/list?issue=IA7RQC) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52739         |
207| [IA74VS](https://e.gitee.com/open_harmony/issues/list?issue=IA74VS) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2023-52881         |
208| [IA74RP](https://e.gitee.com/open_harmony/issues/list?issue=IA74RP) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2024-36883        |
209| [IAHB13](https://e.gitee.com/open_harmony/issues/list?issue=IAHB13) | [Vulnerability] [OpenHarmony 4.0 Release] CVE-2022-48805         |
210
211## Unfixed Vulnerabilities
212
213**Table 5** Known issues
214
215| Issue No.| Description| Impact| To Be Resolved By|
216| -------- | -------- | -------- | -------- |
217| /     | /        | /    | /            |
218
219 <!--no_check-->