]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 0cb6730) | patch
subversion: fix for Security Advisory CVE-2013-1845
authorYue Tao <Yue.Tao@windriver.com>
Tue, 15 Apr 2014 05:21:25 +0000 (13:21 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Thu, 29 May 2014 12:42:11 +0000 (13:42 +0100)
commit890cbced4c2bc45db3b5ec493d5f390f2de70bc2
tree07e4103877f9df2215366ede32541b71e914dd8dtree | snapshot
parent0cb67304f5b124d21468fcbc2928c7cb1f37c5f6commit | diff
subversion: fix for Security Advisory CVE-2013-1845

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to
cause a denial of service (memory consumption) by (1) setting or (2)
deleting a large number of properties for a file or directory.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1845

(From OE-Core rev: 432666b84b80f8b0d13672aa94855369f577c56d)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1845.patch [new file with mode: 0644] blob
meta/recipes-devtools/subversion/subversion_1.6.15.bb diff | blob | history
Mirror of the official openembedded-core repository