The following defect(s) have been fixed in this cumulative patch for the Wind River gzip:
WIND00197971 Security Advisory - gzip - CVE-2009-2624
WIND00197985 Security Advisory - gzip - CVE-2010-0001
----------------------------------------------------------------------------------------
Change List:
/wrlinux/dist/gzip/patches/gzip-1.3.12-cve-2010-0001.patch
/wrlinux/dist/gzip/patches/gzip-wr-integration.patch
/wrlinux/dist/gzip/patches/rpm_patches.list
/wrlinux/dist/gzip/patches/gzip-1.3.12-cve-2009-2624.patch
/wrlinux/dist/gzip/Makefile
Requires Wind River Linux 2.0 Update Pack 4 (2.0.4) to be installed.
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/mtool/mtool_linux"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the gzip package.
This can be done by executing the command "make -C build gzip
.distclean"followed by "make -C build gzip.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up
DATE: 08 Nov 2011
REVISION: Update "Change List" section
DATE: 04 Feb 2010
REVISION: Add file WRL_2_0_4-base-tgt-gzip-20100203-spin1.zip and includes fix to defect WIND00197985
