The following defect(s) have been fixed in this cumulative patch for the Wind River apache-ssl:
WIND00169092 Security Advisory - Apache - CVE-2009-1195
WIND00173956 Security Advisory - Apache - CVE-2009-1890
WIND00173955 Security Advisory - Apache - CVE-2009-1891
WIND00182764 Security Advisory - apache - CVE-2009-3094
WIND00182767 Security Advisory - apache - CVE-2009-3095
WIND00187712 Security Advisory - Apache - CVE-2009-2699
WIND00190505 Security Advisory - Apache OpenSSL GnuTLS - CVE-2009-3555
-----------------------------------------------------------------------------------------------------------------------------------------------------
Change List:
/layers/wrll-wrlinux/dist/apache-ssl/patches/apache-mod_proxy-CVE-2009-1890.patch
/layers/wrll-wrlinux/dist/apache-ssl/patches/patches.list
/layers/wrll-wrlinux/dist/apache-ssl/patches/httpd-2.2.3-CVE-2009-1195.patch
/layers/wrll-wrlinux/dist/apache-ssl/patches/httpd-2.2.10-CVE-2009-1891.patch
/layers/wrll-wrlinux/dist/apache-ssl/patches/mod_proxy_ftp-CVE-2009-3094.patch
/layers/wrll-wrlinux/dist/apache-ssl/patches/mod_proxy_ftp-CVE-2009-3095.patch
/layers/wrll-wrlinux/dist/apache-ssl/patches/httpd-apr-CVE-2009-2699.patch
/layers/wrll-wrlinux/dist/apache-ssl/patches/apache-mod-ssl-CVE-2009-3555.patch
/layers/wrll-wrlinux/dist/apache-ssl/apache-ssl.spec
Requires Wind River Linux 3.0 Update Pack 1 (3.0.1) to be installed.
1. Unzip this patch under [install_dir]/updates.
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller".
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the
apache-ssl package. This can be done by executing the command "make
-C build apache-ssl.distclean" followed by "make -C build
apache-ssl.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.