The following defect(s) have been fixed in this cumulative patch for the Wind River sudo:
WIND00232098 Security Advisory - sudo - CVE-2010-2956
WIND00254780 Security Advisory - sudo - CVE-2011-0008
WIND00254781 Security Advisory - sudo - CVE-2011-0010
------------------------------------------------------------------------------------------------------------------------------------------
Change List:
/layers/wrll-userspace/core/dist/sudo/Makefile
/layers/wrll-userspace/core/dist/sudo/patches/sudo-1.7.1-CVE-2010-2956.patch
/layers/wrll-userspace/core/dist/sudo/patches/sudo-1.7.1-CVE-2011-0008.patch
/layers/wrll-userspace/core/dist/sudo/patches/sudo-1.7.1-CVE-2011-0010.patch
/layers/wrll-userspace/core/dist/sudo/sudo.spec
1. Unzip this patch under [install_dir]/updates.
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller".
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the
sudo package. This can be done by executing the command "make
-C build sudo.distclean" followed by "make -C build
sudo.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 08 Mar 2011
REVISION: Add file WRL_4_0-layers-wrll_userspace-tgt-sudo-20110301-spin2.zip and includes fix to defect WIND00254781
DATE: 08 Mar 2011
REVISION: Add file WRL_4_0-layers-wrll_userspace-tgt-sudo-20110301-spin1.zip and includes fix to defect WIND00254780
DATE: 22 Oct 2010
REVISION: Add file WRL_4_0-layers-wrll_userspace-tgt-sudo-20101019-spin1.zip and includes fix to defect WIND00232098
