The following defect(s) have been fixed in this cumulative patch for the Wind River wrll-linux-2.6.27:
WIND00370229 Security Advisory - qemu - CVE-2012-2652
WIND00392008 Security Advisory - qemu - CVE-2012-3515
----------------------------------------------------------------------------------------
Change List:
/layers/wrll-linux-2.6.27/dist/kvm/Makefile
/layers/wrll-linux-2.6.27/dist/kvm/patches/e1000-bounds-packet-size-against-buffer-size.patch
/layers/wrll-linux-2.6.27/dist/kvm/patches/fix-CVE-2012-2652.patch
/layers/wrll-linux-2.6.27/dist/kvm/patches/qemu-CVE-2012-3515.patch
/layers/wrll-linux-2.6.27/dist/kvm/patches/patches.list
Requires Wind River Linux Secure 1.0 to be installed WRLS_1_0-layer-wrll-linux-2.6.27-20130107-spin1.zip depends on WRLS_1_0-base-hst-qemu-20130107-spin1.zip on page https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?contentId=041464
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the kvm package. This can be done by executing the command "make -C build kvm.distclean" followed by "make -C build kvm.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 25 Mar 2013
REVISION: file WRLS_1_0-layer-wrll-linux-2.6.27-20121007-spin1.zip replaced with WRLS_1_0-layer-wrll-linux-2.6.27-20130107-spin1.zip and includes fix to defect WIND00392008
DATE: 10 Oct 2012
REVISION: Add file WRLS_1_0-layer-wrll-linux-2.6.27-20121007-spin1.zip and includes fix to defect WIND00370229
