Wind River Support Network

HomeSafety and Security NoticesWind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176)
Recommended

Wind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176)

Released: May 3, 2016     Updated: May 3, 2016

Summary

Wind River Linux Security Alert for 6 openssl security issues (CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2108 CVE-2016-2109 CVE-2016-2176)

Affected Product Versions

Wind River Linux 7, Wind River Linux 4, Wind River Linux 5, Wind River Linux 6, Wind River Linux 8

Downloads

Description


CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109 and CVE-2016-2176 these five CVEs effect on WRL4.3/5.0.1/6.0/7.0/8.0



While CVE-2016-2107 only effects on openssl-1.0.1e of WRL5 and later release. WRL4 and openssl-1.0.0i of WRL5 are not effected.

Installation Notes

Installation for 5.0.1/6.0/7.0/8.0

$ cd project/layers/oe-core
$ git am 0001-openssl-six-security-issue-on-WRL?.patch
$ cd project/
$ make -C build openssl.distclean
$ make -C build openssl
$ make fs

Installation for 4.3

$ cd product/wrlinux-4/layers/updates/RCPL-4.3-WRL.0032/wrll-userspace/core/
$ patch -p1 < 0001-openssl-Five-security-issue-on-WRL4.patch

create a new project

$ configure
$ make -C build openssl
$ make fs
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube