The following defect(s) have been fixed in this cumulative patch for the Wind River python:
WIND00194772 Security Advisory - Expat - CVE-2009-3560
WIND00217141 Security Advisory - Python - CVE-2010-1634
WIND00217144 Security Advisory - Python - CVE-2010-2089
WIND00234377 Security Advisory - python - CVE-2010-3493
WIND00211613 Security Advisory - python - CVE-2010-1450
WIND00211612 Security Advisory - python - CVE-2009-4134
WIND00211614 Security Advisory - python - CVE-2010-1449
WIND00277751 Security Advisory - Python - CVE-2011-1015
WIND00281609 Security Advisory - Python - CVE-2011-1521
WIND00374015 Security Advisory - python - CVE-2012-2135
----------------------------------------------------------------------------------------
Change List:
/wrlinux/dist/python/Makefile
/wrlinux/dist/python/patches/rpm_patches.list
/wrlinux/dist/python/patches/python-2.4.4-CVE-2010-2089.patch
/wrlinux/dist/python/patches/python-wr-integration.patch
/wrlinux/dist/python/patches/python-2.4.4-CVE-2011-1015.patch
/wrlinux/dist/python/patches/python-2.4.2-CVE-2009-3560.patch
/wrlinux/dist/python/patches/python-2.4.4-CVE-2010-1634.patch
/wrlinux/dist/python/patches/python-2.4.3-CVE-2011-1521.patch
/wrlinux/dist/python/patches/python-2.4.4-CVE-2009-4134-CVE-2010-1449-CVE-2010-1450.patch
/wrlinux/dist/python/patches/python-2.4.4-CVE-2010-3493.patch
/wrlinux/dist/python/patches/python-2.4.4-CVE-2012-2135.patch
Requires Wind River Linux 2.0 Update Pack 4 (2.0.4) to be installed. This dependent on templates, URL:https://support.windriver.com/olsPortal/faces/maintenance/downloadDetails.jspx?docId=28857&contentId=021913
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/mtool/mtool_linux"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the python package.
This can be done by executing the command "make -C build python
.distclean"followed by "make -C build python.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up
DATE: 21 Nov 2012
REVISION: file WRL_2_0_4-base-tgt-python-20111220-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20121118-spin1.zip and includes fix to defect WIND00374015
DATE: 21 Dec 2011
REVISION: file WRL_2_0_4-base-tgt-python-20110816-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20111220-spin1.zip and includes fix to defect WIND00281609
DATE: 08 Nov 2011
REVISION: Update "Change List" section
DATE: 19 Aug 2011
REVISION: file WRL_2_0_4-base-tgt-python-20101116-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20110816-spin1.zip and includes fix to defect WIND00277751
DATE: 18 Nov 2010
REVISION: file WRL_2_0_4-base-tgt-python-20101027-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20101116-spin1.zip and includes fix to defect WIND00211613 WIND00211612 WIND00211614
DATE: 28 Oct 2010
REVISION: file WRL_2_0_4-base-tgt-python-20100708-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20101027-spin1.zip and includes fix to defect WIND00234377
DATE: 20 July 2010
REVISION: file WRL_2_0_4-base-tgt-python-20100630-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20100708-spin1.zip and includes fix to defect WIND00217144
DATE: 06 July 2010
REVISION: file WRL_2_0_4-base-tgt-python-20100112-spin1.zip replaced with WRL_2_0_4-base-tgt-python-20100630-spin1.zip and includes fix to defect WIND00217141
