summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended
diff options
context:
space:
mode:
authorWenzong Fan <wenzong.fan@windriver.com>2015-11-17 00:38:42 -0500
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-12-01 21:32:05 +0000
commit04034e75e0a75d97416d0e22c0a7028d14af011f (patch)
treef7c20598fa72029b2230a9a02949fd84d2c417ca /meta/recipes-extended
parentf91aedfb56f121883f341958fe9228dc7e75cf2f (diff)
downloadpoky-04034e75e0a75d97416d0e22c0a7028d14af011f.tar.gz
subversion: fix CVE-2015-3187
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt (From OE-Core rev: 6da25614edcad30fdb4bea8ff47b81ff81cdaed2) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended')
0 files changed, 0 insertions, 0 deletions