| Archive |
on 2014-10-01 (3609 reads)
* Security Update
A security vulnerability ("shellshock") is discovered in bash package provided in BSP v4 and v4.5.
Related Information
- -----------------
- Vulnerability Summary for CVE-2014-6271
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
- Vulnerability Summary for CVE-2014-7169
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169 -----------------
- (Japanese)
- http://www.ipa.go.jp/security/ciadr/vul/20140926-bash.html -----------------
- (Japanese)
- https://www.jpcert.or.jp/at/2014/at140037.html -----------------
NVD - Detail
IPA:INFORMATION-TECHNOLOGY PROMOTION AGENCY, JAPAN
JPCERT: Japan Computer Emergency Response Team Coordination Center
Bash packages in question
Carry out one of two corrective actions below depending on your usage environment on a target.
- bash-3.0-31u3 (BSP v4)
- bash-3.2-32u1 (BSP v4.5)
- bash-3.2-32u1.1 (BSP v4.5)
Carry out one of two corrective actions below depending on your usage environment on a target.
* Note that procedure indicated here is either add package or change project setting on generated project, so a project must be ready in advance.
1) Use fixed package
- bash-3.2-33u.4.src.rpm
- Procedure
- 1) Select [Add Package] from the [Edit] menu on a Package List.
- 2) Select bash package you wish to add.
- 3) Click [View] to open the Choose Package window.
- 4) Select SRPM file to add and click [Decision].
- Added package appears in read on the Package List.
- 5) Click [Decision] on the Package List.
- Existing packages are integrated and sorted as diverse versions. "Version" field becomes greenish yellow and selectable pull-down.
- 6) Click [Close] to exit.
- Once procedures above are completed, carry out bash package build, quick build, RFS generation and deploy to update your system on a target.
- For more details, refer to "Adding Packages" in Chapter 4 of Lineo uLinux ELITE User Guide.
2) Use substitute shell (Not to use bash package)
- e.g.) Change /bin/bash and /bin/sh to the ones that of busybox package
- Procedure
- 1) Open Target Image Editor.
- 2) Select "Conflict View" tab.
- 3) Select /bin/bash from the list and change package from bash to busybox.
- 4) elect /bin/sh from the list and change package from bash to busybox.
- Once procedures above are completed, carry out RFS generation and deploy to update your system on a target.
- For more details, refer to "Eliminating Conflicts" in Chapter 4 of Lineo uLinux ELITE User Guide.
on 2014-09-30 (2327 reads)
The following 2 items are added to FAQ.
[ELITE]
- General
- Q: How to find out product license key of ELITE?
- Q: How to find out product serial number of ELITE?
FAQ
on 2014-07-31 (2280 reads)
23 packages are updated for the BSPv4.5 package.
- [BSPv4.5 Package Update]
- bash-3.2-32u1.1
- cups-1.3.7-30u.3
- foomatic-4.0.4-3u
- freetype-2.2.1-32u.1
- hplip-3.12.4-4u.1
- initscripts-8.45.42-2.u.1
- libjpeg-6b-38u
- libtirpc-0.2.1-6u
- libxml2-2.7.6-14u.2
- net-snmp-5.3.2.2-22u.1
- nfs-utils-1.2.3-36u
- nfs-utils-lib-1.1.5-6u
- openssh-5.3p1-94u
- openssl-1.0.1e-16u.14
- perl-5.8.8-40u
- php-5.1.6-44u
- python-2.6.6-52u
- rpcbind-0.2.0-11u
- ruby-1.8.7.352-13u
- samba-3.0.33-3.40u
- sqlite-3.3.6-7u
- sudo-1.7.2p1-29u
- tzdata-2014d-1u
on 2014-06-04 (2902 reads)
eglibc-2.13-38u1 is added to the BSP v4/v4.5 package.
Process to create locale info is added to the previous version (eglibc-2.13-38u).
- Choose [eglibc-2.13-38u1] either from [List of packages provided by BSP v4]
or [List of packages provided by BSP v4.5] in [Package Information].
Related Information
- FAQ -- Technical Information -- Application Development
- Q Can Japanese be displayed on console?
on 2014-04-25 (2569 reads)
BSP v4.5 is now available on eldmicc.
BSP v4.5
Customized for C Controller module based on the CentOS5 packages.
[Package Information - BSP v4.5]
Packages are downloadable from http://eldmicc.lineo.co.jp/packagelist/v45/.
[Update BSP]
ISO (Japanese/English) is downloadable from http://eldmicc.lineo.co.jp/bsp/.
