summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/subversion/subversion_1.8.9.bb
Commit message (Collapse)AuthorAgeFilesLines
* subversion: Security Advisory - subversion - CVE-2014-3528Yue Tao2014-11-041-0/+1
| | | | | | | | | | | | | | | | Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3528 (From OE-Core rev: e0dc0432b13f38d16f642bdadf8ebc78b7a74806) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Security Advisory - subversion - CVE-2014-3522Yue Tao2014-11-041-0/+1
| | | | | | | | | | | | | | | | | | | The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.<a href=http://cwe.mitre.org/data/definitions/297.html target=_blank>CWE-297: Improper Validation of Certificate with Host Mismatch</a> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522 (From OE-Core rev: 06a33cd00ea11abec1ebe9d5883e44778075ccc6) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Disable make install parallelismRichard Purdie2014-07-191-0/+7
| | | | | | | | | | The Makefile generation for subversion is horrible, I can't figure out where the dependencies are missing, it looks like they might be missing everywhere. Give up and disable parallel make install. (From OE-Core rev: f5569d30b98418b201766ad07b177aac5fae4a41) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: neon support was dropped, switch to serfRichard Purdie2014-07-171-2/+2
| | | | | | (From OE-Core rev: 1838153de3a68ac391bdec139446e496ad093763) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* subversion: Upgrade 1.7.7 -> 1.8.9Richard Purdie2014-07-171-0/+42
Dropped neon patches as neon support was dropped. Dropped CVE patches as applied in later version Added patch to avoid OS-X check which doesn't cross compile Add PACKAGECONFIG for gnome-keyring Addition to license: For the file subversion/libsvn_subr/utf_width.c * Markus Kuhn -- 2007-05-26 (Unicode 5.0) * * Permission to use, copy, modify, and distribute this software * for any purpose and without fee is hereby granted. The author * disclaims all warranties with regard to this software. (From OE-Core rev: 99c3225cfe39f8de89555df5bd3f1e93cd731269) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-28 13:23:02 +0000