The following defect(s) have been fixed in this cumulative patch for the Wind River ruby:
WIND00262185 Security Advisory - Ruby - CVE-2011-1004
WIND00262186 Security Advisory - Ruby - CVE-2011-1005
WIND00266369 Security Advisory - ruby - CVE-2011-0188
----------------------------------------------------------------------------------------
Change List:
/layers/wrll-wrlinux/dist/ruby/Makefile
/layers/wrll-wrlinux/dist/ruby/patches/ruby-fix-CVE-2011-1005.patch
/layers/wrll-wrlinux/dist/ruby/patches/ruby-fix-CVE-2011-1004.patch
/layers/wrll-wrlinux/dist/ruby/patches/ruby-fix-CVE-2011-0188.patch
/layers/wrll-wrlinux/dist/ruby/patches/patches.list
Requires Wind River Linux Secure 1.0 to be installed
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the ruby package. This can be done by executing the command "make -C build ruby.distclean" followed by "make -C build ruby.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 11 Apr 2012
REVISION: file WRLS_1_0-base-tgt-ruby-20120131-spin1.zip replaced with WRLS_1_0-base-tgt-ruby-20120215-spin1.zip and includes fix to defect WIND00266369
DATE: 03 Feb 2012
REVISION: file WRLS_1_0-base-tgt-ruby-20110502-spin1.zip replaced with WRLS_1_0-base-tgt-ruby-20120131-spin1.zip and includes fix to defect WIND00262186
DATE: 31 May 2011
REVISION: Add file WRLS_1_0-base-tgt-ruby-20110502-spin1.zip and includes fix to defect WIND00262185
