linux/poky.git/meta/recipes-devtools/subversion, branch krogoth Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=krogoth 2016-01-15T11:54:47+00:00 subversion: Upgrade 1.9.2 -> 1.9.3 2016-01-15T11:54:47+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2016-01-11T15:01:01+00:00 urn:sha1:b08dfb5d60607107a54db451b64cb65adaaeeb42 (From OE-Core rev: 7423386923a37bca21aef99eea8dddf572d51a13) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: update to 1.9.2 2015-12-12T23:42:54+00:00 Alexander Kanavin alexander.kanavin@linux.intel.com 2015-12-07T17:46:49+00:00 urn:sha1:21e35df191a88635b6cb829ebed52f5b94d5542c Drop backported CVE fix patches libtool2.patch has been rebased and renamed to 0001-Fix-libtool-name-in-configure.ac.patch LICENSE checksum has been updated because more 3rd party attributions have been added to it, it's otherwise still Apache 2. (From OE-Core rev: b57f57ea092f93bd7e1268b04c7d3c4af2149a77) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: fix CVE-2015-3187 2015-12-01T21:32:05+00:00 Wenzong Fan wenzong.fan@windriver.com 2015-11-17T05:38:42+00:00 urn:sha1:04034e75e0a75d97416d0e22c0a7028d14af011f The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt (From OE-Core rev: 6da25614edcad30fdb4bea8ff47b81ff81cdaed2) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: fix CVE-2015-3184 2015-12-01T21:32:05+00:00 Wenzong Fan wenzong.fan@windriver.com 2015-11-17T05:38:41+00:00 urn:sha1:f91aedfb56f121883f341958fe9228dc7e75cf2f mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt (From OE-Core rev: 29eb921ed074d86fa8d5b205a313eb3177473a63) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: add explicit dependency on file-replacement-native for native builds 2015-10-27T07:24:30+00:00 Ross Burton ross.burton@intel.com 2015-10-19T21:48:08+00:00 urn:sha1:9336e1fd80a4f55f8b19b0120b0748c225f556e8 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion_1.8.13.bb: Upstream-Status updated to Accepted 2015-07-20T09:40:40+00:00 Jose Lamego jose.a.lamego@linux.intel.com 2015-07-14T09:01:38+00:00 urn:sha1:873b8edd4100aa6a0d21e2bea20fbe7539de041a Upstream-Status changed to Accepted due to [1] [1] http://svn.apache.org/viewvc/subversion/trunk/build/ac-macros/serf.m4?r1=1594156&r2=1689824 (From OE-Core rev: 7785c496df839bd811cb33aef4b54158e81aa2c5) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion_1.8.13.bb: Regex modified to allow '-D' in paths 2015-07-07T23:01:23+00:00 Jose Lamego jose.a.lamego@linux.intel.com 2015-07-03T07:34:50+00:00 urn:sha1:d93171c060deb6b3d7ea6ccf07810fc523628219 Modified the regex sed in serf.m4 to allow the use of '-D' characters in project folder names without having compilation error from subversion-native. [YOCTO #7874] (From OE-Core rev: 04554b128c358e3c10f6581fd4506764a65240b8) Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: Fix subversion-native on Fedora22 2015-06-27T21:42:56+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2015-06-26T22:40:41+00:00 urn:sha1:b3fc3748a0789463942e06cf5761af0c142eba72 Similarly to: http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=9b19d6548a345009a6de79a6820c07a72054d961 we also need to fix the subversion-native case with gcc5 by using the same fix to the BUILD_CPPFLAGS. (From OE-Core rev: a5e7a1e597e7bbe3bbc547f43a89d00a8a9a9924) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: remove 1.6.X recipes 2015-04-30T22:04:17+00:00 Roy Li rongqing.li@windriver.com 2015-04-28T00:24:59+00:00 urn:sha1:24609d9b60f1c64b78c9989b0c6644f3c2895da0 Removing the 1.6.X recipes, since there is a new version 1.8.X recipes, and hope that all projects already upgraded their premirror caches to use new format (From OE-Core rev: 65c4dcbefbe118eb1b04335d7d6171236a1315c2) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> subversion: upgrade it from 1.8.11 to 1.8.13 2015-04-28T06:56:55+00:00 Roy Li rongqing.li@windriver.com 2015-04-27T08:12:29+00:00 urn:sha1:a03039caec29a158941b67fed676d0237ac06a14 upgrade to fix two CVE defects: CVE-2015-0248 and CVE-2015-0251 (From OE-Core rev: cb00b9e0330970b5c768aae9ddd4703a7172acbe) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>