summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/subversion/subversion_1.6.15.bb
Commit message (Collapse)AuthorAgeFilesLines
* subversion: fix for Security Advisory CVE-2013-4277Yue Tao2014-05-291-1/+2
| | | | | | | | | | | | | | | | Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277 (From OE-Core rev: e0e483c5b2f481240e590ebb7d6189a211450a7e) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846Yue Tao2014-05-291-1/+2
| | | | | | | | | | | | | | | | | | | | The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847 (From OE-Core rev: 3962b76185194fa56be7f1689204a1188ea44737) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix for Security Advisory CVE-2013-1845Yue Tao2014-05-291-1/+2
| | | | | | | | | | | | | | | | The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1845 (From OE-Core rev: 432666b84b80f8b0d13672aa94855369f577c56d) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix for Security Advisory CVE-2013-4505Yue Tao2014-05-291-1/+1
| | | | | | | | | | | | | | | | The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505 (From OE-Core rev: 02314673619f44e5838ddb65bbe22f9342ee6167) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: fix for Security Advisory CVE-2013-1849Yue Tao2014-05-291-0/+1
| | | | | | | | | | | | Reject operations on getcontentlength and getcontenttype properties if the resource is an activity. (From OE-Core rev: 94e8b503e8a5ae476037d4aa86f8e27d4a8c23ea) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* Replace one-line DESCRIPTION with SUMMARYPaul Eggleton2014-01-021-1/+1
| | | | | | | | | | | A lot of our recipes had short one-line DESCRIPTION values and no SUMMARY value set. In this case it's much better to just set SUMMARY since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY is at least useful. I also took the opportunity to fix up a lot of the new SUMMARY values, making them concisely explain the function of the recipe / package where possible. Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
* subversion: add PACKAGECONFIG for saslMartin Jansa2013-07-231-0/+2
| | | | | | | * cyrus-sasl is in meta-networking Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* subversion: two small fixesRoy.Li2012-08-171-3/+4
| | | | | | | | | | | Add missing build dependency on sqlite3 Disable Ruby checking. we do not have Ruby, and subversion always checks ruby on host which leads to build error when ruby-dev is installed on host. Signed-off-by: Roy.Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
* subversion: do_install failed (parallel issue)Robert Yang2012-07-101-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | install-neon-lib needs libsvn_delta-1.la which will be regenerated during libsvn_delta-1.la's installation, if libsvn_delta-1.la is in regenerating and at the same time install-neon-lib links it, the error willl happen. The error message is: /bin/ld: cannot find -lsvn_delta-1 collect2: error: ld returned 1 exit status This is a parallel issue, so it doesn't happen often. Note: The autoreconf doesn't generate build-outputs.mk, it would be generated by autogen.sh (use build.conf as the input), but autogen.sh isn't suitable for cross compiling, so both modified build-outputs.mk and build.conf. [YOCTO #2727] Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion-1.6.15: add native support tooMartin Jansa2011-10-241-0/+2
| | | | Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* subversion: remove neon-detection.patch and --with-neon optionMartin Jansa2011-09-151-3/+2
| | | | | | | | | | | * upstream detection seems to be doing its job right now * I don't see how this is supposed to work -- neon_config="$withval/bin/neon-config" -+ neon_config="env env PKG_CONFIG_PATH=${withval}:${PKG_CONFIG_PATH} pkg-config neon" when neon_config should be sysroots/nokia900/usr/bin/crossscripts/neon-config " Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
* recipes: Delete patch=1, its default and replace pnum with striplevelKhem Raj2011-08-231-3/+3
| | | | | | | Some place pnum=1 is used which is removed as well since striplevel=1 is default Signed-off-by: Khem Raj <raj.khem@gmail.com>
* SRC_URI, S: use BPN instead of PN for multilib caseYu Ke2011-08-041-1/+1
| | | | | | | | | in multilibcase, PN has multilib prefix, so it is not correct to use PN in SRC_URI and S. instead, we've dedicately pruned multilib prefix in BPN, so BPN is the right alternative for PN. Signed-off-by: Yu Ke <ke.y@intel.com>
* License Field Cleanup: Non-standard field namesBeth Flanagan2011-05-271-1/+1
| | | | | | | | | | | | I've cleaned up some odd license fields, fixed some license names and corrected some incorrect licenses. LICENSE really needs a pass through by the maintainers as some of the licensing is incorrect. Also, every license with Artistic should be gone through and noted as which version of Artistic. Signed-off-by: Beth Flanagan <elizabeth.flanagan@intel.com>
* subversion: upgrade from 1.6.13 to 1.6 15Nitin A Kamble2011-02-021-0/+35
Rebased this patch to the newer code modified: subversion/disable-revision-install.patch Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>