<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch, branch kirkstone-next</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone-next</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=kirkstone-next'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2014-07-17T11:28:50+00:00</updated>
<entry>
<title>subversion: Upgrade 1.7.7 -&gt; 1.8.9</title>
<updated>2014-07-17T11:28:50+00:00</updated>
<author>
<name>Richard Purdie</name>
<email>richard.purdie@linuxfoundation.org</email>
</author>
<published>2014-07-16T12:31:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=76f75e91ce1ad51a2c669d2b4d2fbddf1a113428'/>
<id>urn:sha1:76f75e91ce1ad51a2c669d2b4d2fbddf1a113428</id>
<content type='text'>
Dropped neon patches as neon support was dropped.
Dropped CVE patches as applied in later version
Added patch to avoid OS-X check which doesn't cross compile
Add PACKAGECONFIG for gnome-keyring

Addition to license:

For the file subversion/libsvn_subr/utf_width.c
* Markus Kuhn -- 2007-05-26 (Unicode 5.0)
*
* Permission to use, copy, modify, and distribute this software
* for any purpose and without fee is hereby granted. The author
* disclaims all warranties with regard to this software.

(From OE-Core rev: 99c3225cfe39f8de89555df5bd3f1e93cd731269)

Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>subversion: fix for Security Advisory CVE-2013-4505</title>
<updated>2014-05-21T08:09:00+00:00</updated>
<author>
<name>Yue Tao</name>
<email>Yue.Tao@windriver.com</email>
</author>
<published>2014-04-15T02:49:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e8d6c874a72a14e1b0850bef104caceb7fb7d0ad'/>
<id>urn:sha1:e8d6c874a72a14e1b0850bef104caceb7fb7d0ad</id>
<content type='text'>
The is_this_legal function in mod_dontdothat for Apache Subversion 1.4.0
through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass
intended access restrictions and possibly cause a denial of service
(resource consumption) via a relative URL in a REPORT request.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4505

(From OE-Core rev: 02314673619f44e5838ddb65bbe22f9342ee6167)

Signed-off-by: Yue Tao &lt;Yue.Tao@windriver.com&gt;
Signed-off-by: Roy Li &lt;rongqing.li@windriver.com&gt;
Signed-off-by: Saul Wold &lt;sgw@linux.intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
