subversion: fix CVE-2017-9800

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server(to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. Backport patch from: http://svn.apache.org/viewvc?view=revision&sortby=rev&revision=1804691 Reference: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt (From OE-Core rev: 6e1f8001a0f3c26cce9c692d25987a3c47ff2f74) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Wenzong Fan <wenzong.fan@windriver.com> 2017-09-07 02:49:06 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2017-09-11 17:30:30 +0100
commit: 3f5906e086d904f48e1790c59cf01c0c94b31b64 (patch)
tree: 7492f28d8b921c4b2b7424ffe6b4bbdd299875d2 /meta/recipes-devtools/subversion/subversion_1.9.6.bb
parent: f2a8f94430c8d101cd4344d7099b3ada021d4af6 (diff)
download: poky-3f5906e086d904f48e1790c59cf01c0c94b31b64.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-devtools/subversion/subversion_1.9.6.bb b/meta/recipes-devtools/subversion/subversion_1.9.6.bb
index f49e26a5c8..532edeb080 100644
--- a/meta/recipes-devtools/subversion/subversion_1.9.6.bb
+++ b/meta/recipes-devtools/subversion/subversion_1.9.6.bb
@@ -15,6 +15,7 @@ SRC_URI = "${APACHE_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \
           file://serf.m4-Regex-modified-to-allow-D-in-paths.patch \
           file://0001-Fix-libtool-name-in-configure.ac.patch \
           file://serfmacro.patch \
+           file://CVE-2017-9800.patch;striplevel=0 \
           "
 SRC_URI[md5sum] = "f27e00338d4a9f7f9aec9d4a3f8b418b"
author	Wenzong Fan <wenzong.fan@windriver.com>	2017-09-07 02:49:06 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-11 17:30:30 +0100
commit	3f5906e086d904f48e1790c59cf01c0c94b31b64 (patch)
tree	7492f28d8b921c4b2b7424ffe6b4bbdd299875d2 /meta/recipes-devtools/subversion/subversion_1.9.6.bb
parent	f2a8f94430c8d101cd4344d7099b3ada021d4af6 (diff)
download	poky-3f5906e086d904f48e1790c59cf01c0c94b31b64.tar.gz

diff --git a/meta/recipes-devtools/subversion/subversion_1.9.6.bb b/meta/recipes-devtools/subversion/subversion_1.9.6.bb index f49e26a5c8..532edeb080 100644 --- a/meta/recipes-devtools/subversion/subversion_1.9.6.bb +++ b/meta/recipes-devtools/subversion/subversion_1.9.6.bb
@@ -15,6 +15,7 @@ SRC_URI = "${APACHE_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \
15	file://serf.m4-Regex-modified-to-allow-D-in-paths.patch \	15	file://serf.m4-Regex-modified-to-allow-D-in-paths.patch \
16	file://0001-Fix-libtool-name-in-configure.ac.patch \	16	file://0001-Fix-libtool-name-in-configure.ac.patch \
17	file://serfmacro.patch \	17	file://serfmacro.patch \
		18	file://CVE-2017-9800.patch;striplevel=0 \
18	"	19	"
19		20
20	SRC_URI[md5sum] = "f27e00338d4a9f7f9aec9d4a3f8b418b"	21	SRC_URI[md5sum] = "f27e00338d4a9f7f9aec9d4a3f8b418b"