linux/poky.git - Mirror of git.yoctoproject.org/poky

	Commit message (Collapse)	Author	Age	Files	Lines
*	subversion: fix CVE-2017-9800	Wenzong Fan	2017-09-11	1	-0/+1
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server(to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://. Backport patch from: http://svn.apache.org/viewvc?view=revision&sortby=rev&revision=1804691 Reference: http://subversion.apache.org/security/CVE-2017-9800-advisory.txt (From OE-Core rev: 6e1f8001a0f3c26cce9c692d25987a3c47ff2f74) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
*	subversion: inherit pkgconfig, so that serf can be found	Alexander Kanavin	2017-08-30	1	-1/+1
\| \| \| \| \| \| \|	(From OE-Core rev: 079b765c6ce7032fa2ad429d80090d7531f174a9) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
*	subversion: Upgrade 1.9.5-> 1.9.6	Richard Purdie	2017-07-21	1	-0/+55
	(From OE-Core rev: 5212d88104b7a53d4bd8bf2320aca9455099ac80) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>