]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 8d52c07) | patch
subversion: fix for Security Advisory CVE-2013-4277
authorYue Tao <Yue.Tao@windriver.com>
Thu, 8 May 2014 10:16:24 +0000 (18:16 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 29 May 2014 12:42:11 +0000 (13:42 +0100)
commit0517d47172c68097e30a5063cd09c1da6158c71d
tree64f6fca521771e182dd559b6ff44cf5bf2de1ae1tree | snapshot
parent8d52c071e66ff02a9f5ea9d4a60f3e06905b01dbcommit | diff
subversion: fix for Security Advisory CVE-2013-4277

Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through
1.8.1 allows local users to overwrite arbitrary files or kill arbitrary
processes via a symlink attack on the file specified by the --pid-file
option.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277

(From OE-Core rev: e0e483c5b2f481240e590ebb7d6189a211450a7e)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4277.patch [new file with mode: 0644] blob
meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-4277.patch [new file with mode: 0644] blob
meta/recipes-devtools/subversion/subversion_1.6.15.bb diff | blob | history
meta/recipes-devtools/subversion/subversion_1.7.10.bb diff | blob | history
Mirror of the official openembedded-core repository