subversion: fix CVE-2015-3184 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2015-11-17 00:38:41 -0500
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-12-01 21:32:05 +0000
commit	f91aedfb56f121883f341958fe9228dc7e75cf2f (patch)
tree	a9664a1e2d42c412f4264890f5cf28d76a810d5b /meta/recipes-devtools/pseudo
parent	40cd22815cd252811db46a6768b0ea32db766f52 (diff)
download	poky-f91aedfb56f121883f341958fe9228dc7e75cf2f.tar.gz

subversion: fix CVE-2015-3184

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt (From OE-Core rev: 29eb921ed074d86fa8d5b205a313eb3177473a63) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-devtools/pseudo')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: