The following defect(s) have been fixed in this cumulative patch for the dhcp:
WIND00254763 Security Advisory - DHCP - CVE-2011-0413
WIND00266989 Security Advisory - DHCP - CVE-2011-0997
WIND00322935 Security Advisory - DHCP - CVE-2011-4539
WIND00366779 Security Advisory - dhcp - CVE-2012-3571
WIND00376775 Security Advisory - dhcp - CVE-2012-3955
----------------------------------------------------------------------------------------
Change List:
/layers/wrll-wrlinux/dist/dhcp/Makefile
/layers/wrll-wrlinux/dist/dhcp/dhcp.spec
/layers/wrll-wrlinux/dist/dhcp/patches/dhcp-Fix-CVE-2011-0413.patch
/layers/wrll-wrlinux/dist/dhcp/patches/dhcp-4.1.0-CVE-2011-0997.patch
/layers/wrll-wrlinux/dist/dhcp/patches/rpm_patches.list
/layers/wrll-wrlinux/dist/dhcp/patches/dhcp-CVE-2012-3955.patch
/layers/wrll-wrlinux/dist/dhcp/patches/dhcp-Fix-CVE-2012-3571.patch
/layers/wrll-wrlinux/dist/dhcp/patches/dhcp-Fix-CVE-2011-4539.patch
Requires Wind River Linux Secure 1.0 to be installed
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the dhcp package. This can be done by executing the command "make -C build dhcp.distclean" followed by "make -C build dhcp.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 23 Oct 2012
REVISION: file WRLS_1_0-base-tgt-dhcp-20120216-spin1.zip replaced with WRLS_1_0-base-tgt-dhcp-20121011-spin1.zip and includes fix to defect WIND00366779 WIND00376775
DATE: 22 Feb 2012
REVISION: file WRLS_1_0-base-tgt-dhcp-20120131-spin1.zip replaced with WRLS_1_0-base-tgt-dhcp-20120216-spin1.zip and includes fix to defect WIND00266989 WIND00322935
DATE: 03 Feb 2012
REVISION: Add file WRLS_1_0-base-tgt-dhcp-20120131-spin1.zip and includes fix to defect WIND00254763
