The following defect(s) have been fixed in this cumulative patch for the Wind River dhcp:
WIND00237848 wrlinux 4.0 GA : RPMs with wrong release strings. stringset with --with-package-release is not set for every RPM name
WIND00242274 Security Advisory - dhcp - CVE-2010-3611
WIND00254763 Security Advisory - DHCP - CVE-2011-0413
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Change List:
/layers/wrll-userspace/networking/dist/dhcp/dhcp.spec
/layers/wrll-userspace/networking/dist/dhcp/patches/dhcp-4.1.1-P1-CVE-2010-3611.patch
/layers/wrll-userspace/networking/dist/dhcp/patches/dhcp-Fix-CVE-2011-0413.patch
1. Unzip this patch under [install_dir]/updates.
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller".
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the
dhcp package. This can be done by executing the command "make
-C build dhcp.distclean" followed by "make -C build
dhcp.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 02 Nov 2010
REVISION: Add file WRL_4_0-layers-wrll_userspace_networking-tgt-dhcp-20101028-spin1.zip and includes fix to defect WIND00237848
DATE: 25 Feb 2011
REVISION: Add file WRL_4_0-layers-wrll_userspace_networking-tgt-dhcp-20110222-spin1.zip and includes fix to defect WIND00254763