mirrors/poky - poky - zepto initiative

mirror of https://git.yoctoproject.org/poky synced 2026-03-25 10:02:22 +01:00

Author	SHA1	Message	Date
Yue Tao	09f471bfd0	subversion: fix for Security Advisory CVE-2013-4277 Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1.8.1 allows local users to overwrite arbitrary files or kill arbitrary processes via a symlink attack on the file specified by the --pid-file option. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4277 (From OE-Core rev: e0e483c5b2f481240e590ebb7d6189a211450a7e) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	722ff438b3	subversion: fix for Security Advisory CVE-2013-4131 The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service (assertion failure or out-of-bounds read) via a certain (1) COPY, (2) DELETE, or (3) MOVE request against a revision root. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4131 (From OE-Core rev: ce41ed3ca5b6ef06c02c5ca65f285e5ee8c04e7f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Yue Tao	e8d6c874a7	subversion: fix for Security Advisory CVE-2013-4505 The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service (resource consumption) via a relative URL in a REPORT request. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505 (From OE-Core rev: 02314673619f44e5838ddb65bbe22f9342ee6167) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-21 09:09:00 +01:00
Chen Qi	3c94bfe8c5	subversion: fix build problem when sysroot contains '-D' or '-I' If sysroot contains '-D' or '-I' characters, the SVN_NEON_INCLUDES and the corresponding CFLAGS will not get the correct value. This will cause build failures. This patch fixes the above problem. [YOCTO #5458] (From OE-Core rev: 7078397ef39de43244fca7e24683b2a83913cbbf) Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2013-12-03 17:45:53 +00:00
Saul Wold	f63e7f4323	subversion: Add patch to use neon 0.30 The neon update is not recognized but subversion, so we need to patch the configure.ac to know about 0.30, otherwise we don't have http/https support in subversion. (From OE-Core rev: 291ab168fac15eae0e4c9234e16f394b0e1547a0) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2013-08-07 07:43:47 +01:00
Bogdan Marinescu	2ee07173a6	subversion: upgraded to 1.7.10 (From OE-Core rev: 6866fd80ec59ef1e2d24263827237be8ff21584f) Signed-off-by: Bogdan Marinescu <bogdan.a.marinescu@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2013-06-07 16:48:24 +01:00

6 Commits