The following defect(s) have been fixed in this cumulative patch for the Wind River sudo:
WIND00201562 Security Advisory - sudo - CVE-2010-0426
WIND00209244 Security Advisory - Linux - CVE-2010-1163
WIND00215250 Security Advisory - sudo - CVE-2010-1646
Requires Wind River Linux 2.0 Update Pack 4 (2.0.4) to be installed.
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/mtool/mtool_linux"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the sudo package.
This can be done by executing the command "make -C build sudo
.distclean"followed by "make -C build sudo.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up
DATE: 26 July 2010
REVISION: file WRL_2_0_4-base-tgt-sudo-20100518-spin1.zip replaced with WRL_2_0_4-base-tgt-sudo-20100720-spin1.zip and includes fix to defect WIND00215250
DATE: 25 March 2010
REVISION: file WRL_2_0_4-base-tgt-sudo-20100324-spin1.zip replaced with WRL_2_0_4-base-tgt-sudo-20100518-spin1.zip and includes fix to defect WIND00209244
DATE: 25 March 2010
REVISION: Add file WRL_2_0_4-base-tgt-sudo-20100324-spin1.zip and includes fix to defect WIND00201562
