Wind River Support Network

HomeSecurity NoticesSecurity Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016
Recommended

Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016

Released: Sep 25, 2016     Updated: Sep 28, 2016

Summary

Security Advisory - 16 CVE issues of OpenSSL Security Advisory of 22 and 26 Sep 2016


Affected Product Versions

Wind River Linux 6, Wind River Linux 7, Wind River Linux 8, Wind River Linux 5

Downloads


Defects


CVEs


Description

Openssl new release on 22 & 26 Sep 2016 fixed 16 new CVE issues, they are: CVE-2016-6302, CVE-2016-6303, CVE-2016-6304, CVE-2016-6305, CVE-2016-6306, CVE-2016-6307, CVE-2016-6308, CVE-2016-2177, CVE-2016-2178, CVE-2016-2179, CVE-2016-2180, CVE-2016-2181, CVE-2016-2182, CVE-2016-2183, CVE-2016-7052, CVE-2016-6309.

Details: https://www.openssl.org/news/secadv/20160922.txt https://www.openssl.org/news/secadv/20160926.txt

CVE-2016-6305, CVE-2016-6307, CVE-2016-6308, CVE-2016-6309 and CVE-2016-7052 have no effect on all WRL releasees.


Installation Notes

Installation for 5.0.1/6.0/7.0/8.0

1. Unpack realted tar package under your build project
$ cd PATH_2_PROJ/layers/oe-core/meta/recipes-connectivity/
$ rm -rf openssl
$ tar jxvf openssl-WRL5[6,7,8].tar.bz2

2. rebuild openssl
$make bbs
$bitbake openssl -c cleansstate
$bitbake openssl

3. Run "make fs" to update rootfs.

Live chat
Online