Wind River Support Network

HomeSafety and Security NoticesSecurity Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016
Recommended

Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016

Released: Sep 25, 2016     Updated: Sep 28, 2016

Summary

Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016

Affected Product Versions

Wind River Linux 6, Wind River Linux 7, Wind River Linux 8, Wind River Linux 5

Downloads

Defects

CVEs

Description

Openssl new release on 22 & 26 Sep 2016 fixed 16 new CVE issues, they are: CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-7052, CVE-2016-6309.

Details: https://www.openssl.org/news/secadv/20160922.txt https://www.openssl.org/news/secadv/20160926.txt

CVE-2016-6305, CVE-2016-6307, CVE-2016-6308, CVE-2016-6309 and CVE-2016-7052 have no effect on all WRL releasees.

Installation Notes

Installation for 5.0.1/6.0/7.0/8.0

1. Unpack realted tar package under your build project
$ cd PATH_2_PROJ/layers/oe-core/meta/recipes-connectivity/
$ rm -rf openssl
$ tar jxvf openssl-WRL5[6,7,8].tar.bz2

2. rebuild openssl
$make bbs
$bitbake openssl -c cleansstate
$bitbake openssl

3. Run "make fs" to update rootfs.
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube