subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846 - linux/poky.git

diff options

author	Yue Tao <Yue.Tao@windriver.com>	2014-04-15 15:22:17 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-29 13:43:29 +0100
commit	f3728065468d8ff0d3dceeecae8373416b10bd96 (patch)
tree	49b191156a502d9a472af00d516dd500ad7c857c /meta/recipes-devtools/autogen
parent	2361a8171b41c1d4a382256f06ea7439d599334e (diff)
download	poky-f3728065468d8ff0d3dceeecae8373416b10bd96.tar.gz

subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846

The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1846 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-1847 (From OE-Core rev: 3962b76185194fa56be7f1689204a1188ea44737) (From OE-Core rev: 8d52c071e66ff02a9f5ea9d4a60f3e06905b01db) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-devtools/autogen')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: