Commit Graph

26 Commits

Author SHA1 Message Date
Jiaying Song
8f8989071a subversion: fix CVE-2024-46901
Insufficient validation of filenames against control characters in
Apache Subversion repositories served via mod_dav_svn allows
authenticated users with commit access to commit a corrupted revision,
leading to disruption for users of the repository. All versions of
Subversion up to and including Subversion 1.14.4 are affected if serving
repositories via mod_dav_svn. Users are recommended to upgrade to
version 1.14.5, which fixes this issue. Repositories served via other
access methods are not affected.

References:
https://nvd.nist.gov/vuln/detail/CVE-2024-46901

Upstream patches:
https://subversion.apache.org/security/CVE-2024-46901-advisory.txt

(From OE-Core rev: 16c212bd9a9e9c35256ff308da72a518c76ce11d)

Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-12-23 05:46:32 -08:00
Ross Burton
7bd13c6a08 subversion: upgrade to 1.14.2
This release is primarily to fix two CVEs:
- CVE-2021-28544
- CVE-2022-24070

It also rewrites the macOS autoconf macros to be cross-compile friendly,
so we don't need to delete them anymore.

(From OE-Core rev: ecfbc2ef45a76ab96d215954ca0a109545e6ff02)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-04-26 18:25:08 +01:00
Ross Burton
cd5aa858a8 subversion: remove obsolete support for renamed libtool
libtool is now longer renamed to ${host}-libtool, so remove the changes
to support this.

(From OE-Core rev: 0610df3e56e350493731d49fe67261b62d346573)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-12-12 18:10:22 +00:00
Adrian Bunk
b0efa1952c subversion: Upgrade 1.12.0 -> 1.12.2
Remove backported patch.

(From OE-Core rev: 947828b8e9c4f332533d1d6bd0750ff018d51295)

Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-08-28 11:31:21 +01:00
Hongxu Jia
8e7b9685d2 subversion: upgrade 1.11.1 -> 1.12.0
- Backport a patch to fix build failure while APR 1.7.0
...
checking for apr_int64_t Python/C API format string...
configure: error: failed to recognize APR_INT64_T_FMT on this platform
...

- Rebase disable_macos.patch and serfmacro.patch

License-update: no change, declare two new added file
* in build/ac-macros/ax_boost_base.m4
* in build/ac-macros/ax_boost_unit_test_framework.m4

(From OE-Core rev: 68ae5e624642218e7e01805c096da09098a8706f)

Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-05-12 17:55:11 +01:00
Ruslan Bilovol
fd4bb0f753 subversion: drop lost patch
Commit 5bb47984af79 "subversion: 1.9.7 -> 1.10.0" dropped
serf.m4-Regex-modified-to-allow-D-in-paths.patch
from recipe, but left the patch itself in source tree.
Remove this patch since nobody uses it.

Cc: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 803d834780cb9380e19209f2bb93953ac3cb6165)

Signed-off-by: Ruslan Bilovol <ruslan.bilovol@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2019-01-27 13:05:17 +00:00
Richard Purdie
f0cb5fe07c subversion: upgrade 1.9.6 -> 1.9.7
(From OE-Core rev: d3973d787c8af417b6f4d433c3a8a60b5333778e)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2018-01-18 12:50:36 +00:00
Wenzong Fan
3f5906e086 subversion: fix CVE-2017-9800
A maliciously constructed svn+ssh:// URL would cause Subversion clients
before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3
to run an arbitrary shell command. Such a URL could be generated by a
malicious server, by a malicious user committing to a honest server(to
attack another user of that server's repositories), or by a proxy
server.

The vulnerability affects all clients, including those that use
file://, http://, and plain (untunneled) svn://.

Backport patch from:
http://svn.apache.org/viewvc?view=revision&amp;sortby=rev&amp;revision=1804691

Reference:
http://subversion.apache.org/security/CVE-2017-9800-advisory.txt

(From OE-Core rev: 6e1f8001a0f3c26cce9c692d25987a3c47ff2f74)

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2017-09-11 17:30:30 +01:00
Dengke Du
971fc29713 Revert "subversion: fix "svnadmin create" fail on x86"
This reverts commit cfe6f3e251.

This is because the apr configure wrong, when the apr configure meets the
cross compiling, it pass 8 bytes to "off_t", in apr source code configure.in,
it was hardcoded:

	APR_CHECK_SIZEOF_EXTENDED([#include <sys/types.h>], off_t, 8)

The macro "APR_CHECK_SIZEOF_EXTENDED" was defined in build/apr_common.m4,
it use the "AC_TRY_RUN" macro, this macro let the off_t to 8, when cross
compiling enable.

But in glibc on the x86 or multilib target the "off_t" was 4 bytes, so this
cases dismatch for softwares which use the apr.h, such as subversion, run this:

	svnadmin create test

It failed because the "APR_OFF_T_FMT" was "lld" in apr.h when apr configure,
but the "apr_off_t" was 4 bytes, in the apr source code: apr_snprintf.c

	i_quad = va_arg(ap, apr_int64_t);

When the function apr_vformatter meets "lld", it would use the above to parse,
but the above read 8 bytes, so the follow-up data go to wrong.

So we should configure the apr correct when cross compiling. I do this on the
following patchs.

(From OE-Core rev: fbdfb39c011676fe61a4d58b62226126e0e9ec62)

Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-12-22 08:50:16 +00:00
Richard Purdie
862d6db9d3 subversion: Fix issues in LDFLAGS sed manipulation
The existing sed expression can match expressions like
--sysroot=/some/path/xxx-linux/ which clearly isn't intended and
injects incorrect paths into LDFLAGS.

Fix this in the same way we address the problem in CFLAGS. This fixes corrupt
build paths and incorrect paths in .la files amongst other issues.

(From OE-Core rev: 9a8382422ddbb0972dc25b752204f4908bb9857c)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-12-08 10:31:29 +00:00
Dengke Du
cfe6f3e251 subversion: fix "svnadmin create" fail on x86
When run the following command on x86:

        svnadmin create /var/test_repo

It cause segmentation fault error like the following:

        [16499.751837] svnadmin[21117]: segfault at 83 ip 00000000f74bf7f6 sp 00000000ffdd9b34 error 4 in libc-2.24.so[f7441000+1af000]
        Segmentation fault (core dumped)

This is because in source code ./subversion/libsvn_fs_fs/low_level.c,
function svn_fs_fs__unparse_footer, when:

        target arch:    x86
        apr_off_t:      4 bytes

if the "APR_OFF_T_FMT" is "lld", it still use type "apr_off_t" to pass
data to apr, but in apr source code file apr_snprintf.c the function
apr_vformatter meet "lld", it would use the:

        i_quad = va_arg(ap, apr_int64_t);

It uses the apr_int64_t to deal data, it read 8 bytes, so the follow-up
data may be error.

(From OE-Core rev: 7ea7e3db7801b58495b89a95ec2751d618d3a29f)

Signed-off-by: Dengke Du <dengke.du@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-11-06 23:35:36 +00:00
Alexander Kanavin
21e35df191 subversion: update to 1.9.2
Drop backported CVE fix patches
libtool2.patch has been rebased and renamed to 0001-Fix-libtool-name-in-configure.ac.patch
LICENSE checksum has been updated because more 3rd party attributions have been added to it,
it's otherwise still Apache 2.

(From OE-Core rev: b57f57ea092f93bd7e1268b04c7d3c4af2149a77)

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-12-12 23:42:54 +00:00
Roy Li
24609d9b60 subversion: remove 1.6.X recipes
Removing the 1.6.X recipes, since there is a new version 1.8.X recipes,
and hope that all projects already upgraded their premirror caches to
use new format

(From OE-Core rev: 65c4dcbefbe118eb1b04335d7d6171236a1315c2)

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-04-30 23:04:17 +01:00
Yue Tao
a64e37ac0e subversion: Security Advisory - subversion - CVE-2014-3528
Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before
1.8.10 uses an MD5 hash of the URL and authentication realm to store
cached credentials, which makes it easier for remote servers to obtain
the credentials via a crafted authentication realm.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3528

(From OE-Core rev: e0dc0432b13f38d16f642bdadf8ebc78b7a74806)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-11-04 10:27:08 +00:00
Yue Tao
514a91df49 subversion: Security Advisory - subversion - CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18
and 1.8.x before 1.8.10 does not properly handle wildcards in the Common
Name (CN) or subjectAltName field of the X.509 certificate, which allows
man-in-the-middle attackers to spoof servers via a crafted
certificate.<a href=http://cwe.mitre.org/data/definitions/297.html
target=_blank>CWE-297: Improper Validation of Certificate with Host
Mismatch</a>

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522

(From OE-Core rev: 06a33cd00ea11abec1ebe9d5883e44778075ccc6)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-11-04 10:27:07 +00:00
Yue Tao
09f471bfd0 subversion: fix for Security Advisory CVE-2013-4277
Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through
1.8.1 allows local users to overwrite arbitrary files or kill arbitrary
processes via a symlink attack on the file specified by the --pid-file
option.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277

(From OE-Core rev: e0e483c5b2f481240e590ebb7d6189a211450a7e)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21 09:09:00 +01:00
Yue Tao
ab6c3223a6 subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21
and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of
service (NULL pointer dereference and crash) via a LOCK on an activity URL.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20
and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service
(NULL pointer dereference and crash) via an anonymous LOCK for a URL that does
not exist.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847

(From OE-Core rev: 3962b76185194fa56be7f1689204a1188ea44737)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21 09:09:00 +01:00
Yue Tao
128adcb714 subversion: fix for Security Advisory CVE-2013-1845
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to
cause a denial of service (memory consumption) by (1) setting or (2)
deleting a large number of properties for a file or directory.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1845

(From OE-Core rev: 432666b84b80f8b0d13672aa94855369f577c56d)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21 09:09:00 +01:00
Yue Tao
e8d6c874a7 subversion: fix for Security Advisory CVE-2013-4505
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0
through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass
intended access restrictions and possibly cause a denial of service
(resource consumption) via a relative URL in a REPORT request.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505

(From OE-Core rev: 02314673619f44e5838ddb65bbe22f9342ee6167)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21 09:09:00 +01:00
Yue Tao
4fc1cff43b subversion: fix for Security Advisory CVE-2013-1849
Reject operations on getcontentlength and getcontenttype properties
if the resource is an activity.

(From OE-Core rev: 94e8b503e8a5ae476037d4aa86f8e27d4a8c23ea)

Signed-off-by: Yue Tao <Yue.Tao@windriver.com>
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-21 09:08:59 +01:00
Robert Yang
5142a1e95e subversion: do_install failed (parallel issue)
install-neon-lib needs libsvn_delta-1.la which will be regenerated
during libsvn_delta-1.la's installation, if libsvn_delta-1.la is
in regenerating and at the same time install-neon-lib links it, the
error willl happen.

The error message is:
/bin/ld: cannot find -lsvn_delta-1
collect2: error: ld returned 1 exit status

This is a parallel issue, so it doesn't happen often.

Note:
The autoreconf doesn't generate build-outputs.mk, it would be generated
by autogen.sh (use build.conf as the input), but autogen.sh isn't
suitable for cross compiling, so both modified build-outputs.mk and
build.conf.

[YOCTO #2727]

(From OE-Core rev: ce37c45abb4cf43e5009867f695982de2eb33450)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-07-10 20:35:11 +01:00
Martin Jansa
e6706bf559 subversion: remove neon-detection.patch and --with-neon option
* upstream detection seems to be doing its job right now
* I don't see how this is supposed to work
  --      neon_config="$withval/bin/neon-config"
  -+      neon_config="env env PKG_CONFIG_PATH=${withval}:${PKG_CONFIG_PATH} pkg-config neon"
  when neon_config should be sysroots/nokia900/usr/bin/crossscripts/neon-config
"

(From OE-Core rev: 6466de31048260089b8988280f77efdb14ac2f21)

Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-09-16 13:30:23 +01:00
Nitin A Kamble
2e4518bf18 recipes: Fix the Upstream-Status format
(From OE-Core rev: d7237140554ad076be12edf915d6d15206c9b8c7)

Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-05-11 17:14:26 +01:00
Nitin A Kamble
22d6a13849 subversion: update upstream status for patches
(From OE-Core rev: 634649e150af01e303553295d0fbdab48efecae7)

Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2011-05-09 14:09:04 +01:00
Nitin A Kamble
32121906e7 subversion: upgrade from 1.6.13 to 1.6 15
Rebased this patch to the newer code
	modified:   subversion/disable-revision-install.patch

Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
2011-02-02 17:55:01 +00:00
Nitin A Kamble
bc02b535ed subversion: upgrade from 1.5.5 to 1.6.13
And update recipe checksums

rebased neon-detection.patch:
upstream code has some of the changes similar to the changes in the
patch. Removing the duplicate changes from the patch file.

subversion: update LIC_CHKSUM_FILES field

Noticed this change in the COPYING file:

$ diff -u COPYING /tmp/COPYING
--- COPYING	2006-05-28 07:41:18.000000000 -0700
+++ /tmp/COPYING	2010-12-03 11:16:15.000000000 -0800
@@ -10,7 +10,7 @@
 on), you may use a newer version instead, at your option.

 ================================================================
-Copyright (c) 2000-2006 CollabNet.  All rights reserved.
+Copyright (c) 2000-2009 CollabNet.  All rights reserved.

 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions

Signed-off-by: Nitin A Kamble <nitin.a.kamble@intel.com>
2010-12-06 22:02:26 +00:00