]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d245459) | patch
subversion: fix for Security Advisory CVE-2013-4131
authorYue Tao <Yue.Tao@windriver.com>
Tue, 15 Apr 2014 07:57:31 +0000 (15:57 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 29 May 2014 12:42:11 +0000 (13:42 +0100)
commit0cb67304f5b124d21468fcbc2928c7cb1f37c5f6
treeea01679aaa2a197888fb2510d879fdd14363f40etree | snapshot
parentd245459306939aef078a89e671ec093e3d6321cdcommit | diff
subversion: fix for Security Advisory CVE-2013-4131

The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through
1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause
a denial of service (assertion failure or out-of-bounds read) via a
certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision
root.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4131

(From OE-Core rev: ce41ed3ca5b6ef06c02c5ca65f285e5ee8c04e7f)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4131.patch [new file with mode: 0644] blob
meta/recipes-devtools/subversion/subversion_1.7.10.bb diff | blob | history
Mirror of the official openembedded-core repository