subversion: fix CVE-2015-3187 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2015-11-17 00:38:42 -0500
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-12-01 21:30:56 +0000
commit	6da25614edcad30fdb4bea8ff47b81ff81cdaed2 (patch)
tree	3243859f4b1f4bffb8887d8e9bc27e112f6f242a /meta/recipes-extended/rpcbind
parent	29eb921ed074d86fa8d5b205a313eb3177473a63 (diff)
download	openembedded-core-contrib-6da25614edcad30fdb4bea8ff47b81ff81cdaed2.tar.gz

subversion: fix CVE-2015-3187

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>

Diffstat (limited to 'meta/recipes-extended/rpcbind')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: