The following defect(s) have been fixed in this cumulative patch for the Wind River openssl:
WIND00169089 Security Advisory - OpenSSL - CVE-2009-1377
WIND00169093 Security Advisory - OpenSSL - CVE-2009-1379
WIND00175292 Security Advisory - nss - CVE-2009-2409
WIND00190505 Security Advisory - Apache OpenSSL GnuTLS - CVE-2009-3555
-----------------------------------------------------------------------------------------------------------------------------------------------
Change List:
/layers/wrll-wrlinux/dist/openssl/patches/rpm_patches.list
/layers/wrll-wrlinux/dist/openssl/patches/openssl-wr-integration.patch
/layers/wrll-wrlinux/dist/openssl/patches/openssl-0.9.8g-CVE-2009-2409.patch
/layers/wrll-wrlinux/dist/openssl/patches/openssl-0.9.8g-CVE-2009-1377.patch
/layers/wrll-wrlinux/dist/openssl/patches/openssl-0.9.8g-CVE-2009-1379.patch
/layers/wrll-wrlinux/dist/openssl/patches/openssl-0.9.8g-CVE-2009-3555.patch
Requires Wind River Linux 3.0 Update Pack 1 (3.0.1) to be installed.
1. Unzip this patch under [install_dir]/updates.
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller".
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the
openssl package. This can be done by executing the command "make
-C build openssl.distclean" followed by "make -C build
openssl.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
