code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Yue Tao <Yue.Tao@windriver.com>
	Wed, 22 Oct 2014 07:37:29 +0000 (03:37 -0400)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Tue, 4 Nov 2014 10:19:53 +0000 (10:19 +0000)
commit	e0dc0432b13f38d16f642bdadf8ebc78b7a74806
tree	4dcbb70d0c630139ba49bce0936a3d193eb27a35	tree \| snapshot
parent	06a33cd00ea11abec1ebe9d5883e44778075ccc6	commit \| diff

subversion: Security Advisory - subversion - CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before
1.8.10 uses an MD5 hash of the URL and authentication realm to store
cached credentials, which makes it easier for remote servers to obtain
the credentials via a crafted authentication realm.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3528

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>

meta/recipes-devtools/subversion/subversion/subversion-CVE-2014-3528.patch	[new file with mode: 0644]	blob
meta/recipes-devtools/subversion/subversion_1.6.15.bb		diff \| blob \| history
meta/recipes-devtools/subversion/subversion_1.8.9.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom