The following defect(s) have been fixed in this cumulative patch for the Wind River openssl:
WIND00202807 Security Advisory - OpenSSL - CVE-2010-0433
WIND00204144 Security Advisory - OpenSSL - CVE-2009-3245
WIND00206486 Security Advisory - OpenSSL - CVE-2010-0740
WIND00247364 Security Advisory - OpenSSL - CVE-2008-7270
WIND00247372 Security Advisory - OpenSSL - CVE-2010-4180
WIND00311487 Security Advisory - OpenSSL - CVE-2011-3207
WIND00311488 Security Advisory - OpenSSL - CVE-2011-3210
WIND00327996 Security Advisory - openssl - CVE-2011-4576
WIND00327998 Security Advisory - openssl - CVE-2011-4619
WIND00339930 Security Advisory - openssl - CVE-2012-0884
WIND00337491 Security Advisory - openssl - CVE-2006-7250
WIND00343415 Security Advisory - openssl - CVE-2012-1165
WIND00347673 Security Advisory - openssl - CVE-2012-2131
WIND00347671 Security Advisory - openssl - CVE-2012-2110
--------------------------------------------------------------------------------
Change List:
/wrlinux/dist/openssl/Makefile
/wrlinux/dist/openssl/patches/openssl-0.9.7m-CVE-2010-4180.patch
/wrlinux/dist/openssl/patches/openssl-0.9.7m-CVE-2010-0740.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2006-7250.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2011-3207.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2011-4619.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2012-0884.patch
/wrlinux/dist/openssl/patches/openssl-0.9.8g-CVE-2009-3245.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2012-2110.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2011-3210.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2012-2131.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2011-4576.patch
/wrlinux/dist/openssl/patches/openssl-0.9.8g-CVE-2010-0433.patch
/wrlinux/dist/openssl/patches/openssl-CVE-2012-1165.patch
/wrlinux/dist/openssl/patches/openssl-0.9.7m-CVE-2008-7270.patch
/wrlinux/dist/openssl/patches/patches.list
Requires Wind River Linux 2.0 Update Pack 4 (2.0.4) to be installed.
1. Unzip this patch under [install_dir]/updates
2. From the [install_dir]/updates directory, run the command "../maintenance/mtool/mtool_linux"
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the openssl package.
This can be done by executing the command "make -C build openssl
.distclean"followed by "make -C build openssl.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up
DATE: 22 May 2012
REVISION: file WRL_2_0_4-base-tgt-openssl-20120405-spin1.zip replaced with WRL_2_0_4-base-tgt-openssl-20120508-spin1.zip and includes fix to defect WIND00347673 WIND00347671
DATE: 11 Apr 2012
REVISION: file WRL_2_0_4-base-tgt-openssl-20120321-spin1.zip replaced with WRL_2_0_4-base-tgt-openssl-20120405-spin1.zip and includes fix to defect WIND00343415
DATE: 05 Apr 2012
REVISION: file WRL_2_0_4-base-tgt-openssl-20120118-spin1.zip replaced with WRL_2_0_4-base-tgt-openssl-20120321-spin1.zip and includes fix to defect WIND00339930 WIND00337491
DATE: 29 Jan 2012
REVISION: file WRL_2_0_4-base-tgt-openssl-20111116-spin1.zip replaced with WRL_2_0_4-base-tgt-openssl-20120118-spin1.zip and includes fix to defect WIND00327996 WIND00327998
DATE: 17 Nov 2011
REVISION: file WRL_2_0_4-base-tgt-openssl-20100428-spin1.zip replaced with WRL_2_0_4-base-tgt-openssl-20111116-spin1.zip and includes fix to defect WIND00311487 WIND00311488
DATE: 04 May 2010
REVISION: file WRL_2_0_4-base-tgt-openssl-20100323-spin2.zip replaced with WRL_2_0_4-base-tgt-openssl-20100428-spin1.zip and includes fix to defect WIND00206486
DATE: 25 March 2010
REVISION: Add file WRL_2_0_4-base-tgt-openssl-20100323-spin2.zip and includes fix to defect WIND00202807 WIND00204144
