The following defect(s) have been fixed in this cumulative patch for the Wind River qemu:
WIND00199116 Security Advisory - Linux - CVE-2010-0309
WIND00232308 Security Advisory - qemu - CVE-2010-2784
WIND00392008 Security Advisory - qemu - CVE-2012-3515
----------------------------------------------------------------------------------------
Change List:
/wrlinux/tools/qemu/patches/kvm-kernel-KVM-PIT-control-word-is-write-only-CVE-2010-0309.patch
/wrlinux/tools/qemu/patches/fix-segfault-in-mmio-subpage-handling-code-CVE-2010-2784.patch
/wrlinux/tools/qemu/patches/qemu-CVE-2012-3515.patch
/wrlinux/tools/qemu/patches/patches.list
Requires Wind River Linux 2.0 Update Pack 4 (2.0.4) to be installed.
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/mtool/mtool_linux"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the qemu package.
This can be done by executing the command "make -C build-tools qemu
.distclean"followed by "make -C build-tools qemu.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up
DATE: 05 Jan 2013
REVISION: file WRL_2_0_4-base-hst-qemu-20100928-spin1.zip replaced with WRL_2_0_4-base-hst-qemu-20121210-spin1.zip and includes fix to defect WIND00392008
DATE: 30 Sep 2010
REVISION: file WRL_2_0_4-base-hst-qemu-20100221-spin1.zip replaced with WRL_2_0_4-base-hst-qemu-20100928-spin1.zip and includes fix to defect WIND00232308
DATE: 08 April 2010
REVISION: Add file WRL_2_0_4-base-hst-qemu-20100221-spin1.zip and includes fix to defect WIND00199116
