summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/watchdog/watchdog_5.14.bb
diff options
context:
space:
mode:
authorWenzong Fan <wenzong.fan@windriver.com>2016-02-06 15:14:48 -0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-02-07 17:23:04 +0000
commitf0ecaf46bb8e2a1bc0f22ee8650d10cbcc746a73 (patch)
tree343f92ccac68ee853cce06ed50d5cf6c4d75dce7 /meta/recipes-extended/watchdog/watchdog_5.14.bb
parent165fa6ce6213ab2b9610732a4926496b78ca4038 (diff)
downloadpoky-f0ecaf46bb8e2a1bc0f22ee8650d10cbcc746a73.tar.gz
subversion: fix CVE-2015-3184
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt (From OE-Core master rev: 29eb921ed074d86fa8d5b205a313eb3177473a63) (From OE-Core rev: 7af7a3e692a6cd0d92768024efe32bfa7d83bc8f) (From OE-Core rev: e4a1caecc5ae6b8488ec8ed7d303296af99146c0) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/watchdog/watchdog_5.14.bb')
0 files changed, 0 insertions, 0 deletions