subversion: fix for Security Advisory CVE-2013-1849

Reject operations on getcontentlength and getcontenttype properties if the resource is an activity. (From OE-Core rev: 94e8b503e8a5ae476037d4aa86f8e27d4a8c23ea) (From OE-Core rev: 4a67bb2a27c1c32b2a912b603e1c543db9e1810e) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Yue Tao <Yue.Tao@windriver.com> 2014-04-04 13:35:31 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-05-29 13:43:28 +0100
commit: 01c613e4bc93655054ca1a58c86b164001ce9f34 (patch)
tree: d291b2bcba735e3579a27bdaf27ab96ca50bc3c6 /meta/recipes-devtools
parent: 295dd76931dc4a72dc362403bfe8e07f96d55743 (diff)
download: poky-01c613e4bc93655054ca1a58c86b164001ce9f34.tar.gz
2 files changed, 26 insertions, 0 deletions
diff --git a/meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch b/meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch
new file mode 100644
index 0000000000..734f9b02e4
--- /dev/null
+++ b/meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch
@@ -0,0 +1,25 @@
+Upstream-Status: Backport
+--- a/subversion/mod_dav_svn/liveprops.c
+++ b/subversion/mod_dav_svn/liveprops.c
+@@ -410,7 +410,8 @@ insert_prop(const dav_resource *resource
+         svn_filesize_t len = 0;
+ 
+         /* our property, but not defined on collection resources */
+-        if (resource->collection || resource->baselined)
+        if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY
+            || resource->collection || resource->baselined)
+           return DAV_PROP_INSERT_NOTSUPP;
+ 
+         serr = svn_fs_file_length(&len, resource->info->root.root,
+@@ -434,7 +435,9 @@ insert_prop(const dav_resource *resource
+         svn_string_t *pval;
+         const char *mime_type = NULL;
+ 
+-        if (resource->baselined && resource->type == DAV_RESOURCE_TYPE_VERSION)
+        if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY
+            || (resource->baselined
+                && resource->type == DAV_RESOURCE_TYPE_VERSION))
+           return DAV_PROP_INSERT_NOTSUPP;
+ 
+         if (resource->type == DAV_RESOURCE_TYPE_PRIVATE
diff --git a/meta/recipes-devtools/subversion/subversion_1.6.15.bb b/meta/recipes-devtools/subversion/subversion_1.6.15.bb
index f225671d0f..74cd149750 100644
--- a/meta/recipes-devtools/subversion/subversion_1.6.15.bb
+++ b/meta/recipes-devtools/subversion/subversion_1.6.15.bb
@@ -13,6 +13,7 @@ SRC_URI = "http://subversion.tigris.org/downloads/${BPN}-${PV}.tar.bz2 \
           file://disable-revision-install.patch \
           file://libtool2.patch \
           file://fix-install-depends.patch \
+           file://subversion-CVE-2013-1849.patch \
          "
 SRC_URI[md5sum] = "113fca1d9e4aa389d7dc2b210010fa69"
author	Yue Tao <Yue.Tao@windriver.com>	2014-04-04 13:35:31 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-05-29 13:43:28 +0100
commit	01c613e4bc93655054ca1a58c86b164001ce9f34 (patch)
tree	d291b2bcba735e3579a27bdaf27ab96ca50bc3c6 /meta/recipes-devtools
parent	295dd76931dc4a72dc362403bfe8e07f96d55743 (diff)
download	poky-01c613e4bc93655054ca1a58c86b164001ce9f34.tar.gz

diff --git a/meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch b/meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch new file mode 100644 index 0000000000..734f9b02e4 --- /dev/null +++ b/meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch
@@ -0,0 +1,25 @@
		1	Upstream-Status: Backport
		2
		3	--- a/subversion/mod_dav_svn/liveprops.c
		4	+++ b/subversion/mod_dav_svn/liveprops.c
		5	@@ -410,7 +410,8 @@ insert_prop(const dav_resource *resource
		6	svn_filesize_t len = 0;
		7
		8	/* our property, but not defined on collection resources */
		9	- if (resource->collection \|\| resource->baselined)
		10	+ if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY
		11	+ \|\| resource->collection \|\| resource->baselined)
		12	return DAV_PROP_INSERT_NOTSUPP;
		13
		14	serr = svn_fs_file_length(&len, resource->info->root.root,
		15	@@ -434,7 +435,9 @@ insert_prop(const dav_resource *resource
		16	svn_string_t *pval;
		17	const char *mime_type = NULL;
		18
		19	- if (resource->baselined && resource->type == DAV_RESOURCE_TYPE_VERSION)
		20	+ if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY
		21	+ \|\| (resource->baselined
		22	+ && resource->type == DAV_RESOURCE_TYPE_VERSION))
		23	return DAV_PROP_INSERT_NOTSUPP;
		24
		25	if (resource->type == DAV_RESOURCE_TYPE_PRIVATE


diff --git a/meta/recipes-devtools/subversion/subversion_1.6.15.bb b/meta/recipes-devtools/subversion/subversion_1.6.15.bb index f225671d0f..74cd149750 100644 --- a/meta/recipes-devtools/subversion/subversion_1.6.15.bb +++ b/meta/recipes-devtools/subversion/subversion_1.6.15.bb
@@ -13,6 +13,7 @@ SRC_URI = "http://subversion.tigris.org/downloads/${BPN}-${PV}.tar.bz2 \
13	file://disable-revision-install.patch \	13	file://disable-revision-install.patch \
14	file://libtool2.patch \	14	file://libtool2.patch \
15	file://fix-install-depends.patch \	15	file://fix-install-depends.patch \
		16	file://subversion-CVE-2013-1849.patch \
16	"	17	"
17		18
18	SRC_URI[md5sum] = "113fca1d9e4aa389d7dc2b210010fa69"	19	SRC_URI[md5sum] = "113fca1d9e4aa389d7dc2b210010fa69"