Please view an important message (at the Online Support link above) related to the serious CVE-2014-0160 OpenSSL vulnerability; aka"The Heartbleed Bug". For more information please contact Wind River Support at +1-800-872-4977 or your local Wind River representative.
↧
Wind River Security Alert for Wind River Linux 4.x
↧
Wind River Security Alert for Wind River Linux 4.x/5.0.1.x/6.0.0.x
This alert confirms that theWind River Linux releases 4.3.0.x/5.0.1.x/6.0.0.x ARE SUSCEPTIBLEto the following Vulnerabilities CVE-2014-5139, CVE-2014-3512,CVE-2014-3511,CVE-2014-3510,CVE-2014-3509, CVE-2014-3508,CVE-2014-3507,CVE-2014-3506,CVE-2014-3505
↧
↧
Wind River SecurityAlert for Wind River Linux Shellshock Bash Vulnerabilties
This advisory has been obsoleted by a new advisory. Please refresh your feed to view the updated notice.
↧
Wind River Security Alert for Wind River Linux SSLv3 POODLE vulnerability
This alert confirms that all version of Wind River Linux are considered susceptible to SSLv3 POODLE vulnerability. Wind River is closely monitoring the dynamic situation resulting from this issue and will provide additional information, and fixes as required, as the situation changes.
↧
Wind River Linux 7
Wind River has introduced the latest version of its market-leading, Yocto Project Compatible commercial Linux distribution. Wind River Linux is the industry standard for embedded Linux software, providing maximum flexibility and control over run time as well as interoperability with the community's building technology. The new version is updated with the current Yocto Project Linux kernel (3.14), GNU 4.9 toolchain (BINUTILS 2.24, GLIBC 2.20, GDB 7.7.1) and Bitbake build system. Please see the Wind River Linux 7 web page for more information. You can also reach out to your Wind River representative with any questions.
↧
↧
Wind River Security Alert for Wind River Linux several critical NTP vulnerabilities
This alert confirms that all version of Wind River Linux are considered susceptible to NTP vulnerabilities(CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296). Wind River is closely monitoring the dynamic situation resulting from this issue and will provide additional information, and fixes as required, as the situation changes.
↧
Wind River Linux Mid-January 2015 Security Bulletin
Status of Wind River Linux against all publicly announced security vulnerabilities.
↧
Wind River Security Alert for GHOST gethostbyname heap overflow in glibc (CVE-2015-0235)
This alert confirms which Wind River Linux releases ARE SUSCEPTIBLE to the GHOST gethostbyname
heap overflow in glibc (CVE-2015-0235).
↧
Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298)
Wind River Security Alert for 2 NTP vulnerabilities (CVE-2014-9297 & CVE-2014-9298)
↧
↧
Wind River Security Alert for CVE-2015-3456
This alert confirms this vulnerability impacts WRLinux 4.3/5.0.1/6.0/7.0, and we will fix it in WRLinux 4.3 RCPL 30/5.0.1.27/6.0.0.21/7.0.0.6. Before you get the official release, you can use following source patch.
http://git.qemu.org/?p=qemu.git;a=commitdiff;h=e907746266721f305d67bc0718795fedee2e824c
The description of the vulnerability is
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456
↧
Wind River Security Alert for Logjam Attack
There is a new security vulnerability called Logjam focused on Diffie–Hellman.
This vulnerability allows a man-in-the-middle network attacker to downgrade
a TLS connection to use export-grade cryptography, allowing him to read the
exchanged data and inject data into the connection.
↧
The leap second handling in WRLinux (update 07/22/2015)
A new issue LIN4-32844 (Leap Second Isssue and Deadlock) has been found. A system dead lock can be triggered by certain system configuration and workload after the leap second insertion because of a recursive locking of the time keeper lock.
↧
Wind River Linux Mid-January 2016 Security Bulletin
Status of Wind River Linux against all publicly announced security vulnerabilities.
↧
↧
Rolling Cumulative Patch Layer 32 for Wind River Linux 4.0 + Update Pack 3
The Rolling Cumulative Patch Layer (RCPL) was developed by Wind River to simplify patch management of Wind River Linux. The expected usage is that customers install the latest RCPL for their release. Base Wind River Linux 4.0 + Update Pack 3 + RCPL is the default supported configuration. Please install this RCPL at your earliest convenience.
↧
Wind River Linux 4 Legacy state Announcement
Wind River Linux 4 has completed its transition into Legacy state. This milestone marks the end of standard support and maintenance, and RCPL 32 will be the last generally available patch level for the release.
↧
Wind River Linux 8
Wind River has introduced the latest version of Wind River Linux. Wind River Linux 8 brings together the flexibility and interoperability of open source along with an improved user experience that allows customers to kick-start the development of their platforms with available options such as the minimal install for a quicker and more efficient build process. Based on the Yocto Project 2.0 release, it uses the latest LTSI Linux kernel (version 4.1) as its upstream source and also provides expanded hardware support for the latest ARM®, Intel®, MIPS, and PowerPC® architectures. For more information please contact your Wind River representative or visit our website http://www.windriver.com/products/linux/.
↧
Wind River Linux 4.3 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547
↧
↧
Wind River Linux 4.3 Security Notice SSLv2 Protocol
Please view an important message http://windriver.com/announces/sslv2_protocol_notice/ regarding recent SSLv2
protocol
vulnerabilities. For more information please contact Wind River Support at +1-800-872-4977 or your local Wind River
representative.
↧
Wind River Linux 4.3 Security Alert for glibc getaddrinfo() stack-based buffer overflow -- CVE-2015-7547
↧
Wind River Linux Security Alert for several openssl security issues (CVE-2016-2105, CVE-2016-2106, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176.)
There are five new reported and fixed CVE issues in OpenSSL. They are: CVE-2016-2105, CVE-2016-2106, CVE- 2016-2108,
CVE-2016-2109, CVE-2016-2176.
↧