openembedded-core.git/meta/recipes-devtools/subversion, branch krogoth Mirror of openembedded-core subversion: Upgrade 1.9.2 -> 1.9.3 2016-01-13T00:03:52+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2016-01-11T15:01:01+00:00 7423386923a37bca21aef99eea8dddf572d51a13 Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
subversion: update to 1.9.2 2015-12-12T23:31:43+00:00 Alexander Kanavin alexander.kanavin@linux.intel.com 2015-12-07T17:46:49+00:00 b57f57ea092f93bd7e1268b04c7d3c4af2149a77 Drop backported CVE fix patches libtool2.patch has been rebased and renamed to 0001-Fix-libtool-name-in-configure.ac.patch LICENSE checksum has been updated because more 3rd party attributions have been added to it, it's otherwise still Apache 2. Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Drop backported CVE fix patches
libtool2.patch has been rebased and renamed to 0001-Fix-libtool-name-in-configure.ac.patch
LICENSE checksum has been updated because more 3rd party attributions have been added to it,
it's otherwise still Apache 2.

Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
subversion: fix CVE-2015-3187 2015-12-01T21:30:56+00:00 Wenzong Fan wenzong.fan@windriver.com 2015-11-17T05:38:42+00:00 6da25614edcad30fdb4bea8ff47b81ff81cdaed2 The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
The svn_repos_trace_node_locations function in Apache Subversion before
1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used,
allows remote authenticated users to obtain sensitive path information
by reading the history of a node that has been moved from a hidden path.

Patch is from:
http://subversion.apache.org/security/CVE-2015-3187-advisory.txt

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
subversion: fix CVE-2015-3184 2015-12-01T21:30:56+00:00 Wenzong Fan wenzong.fan@windriver.com 2015-11-17T05:38:41+00:00 29eb921ed074d86fa8d5b205a313eb3177473a63 mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before
1.8.14, when using Apache httpd 2.4.x, does not properly restrict
anonymous access, which allows remote anonymous users to read hidden
files via the path name.

Patch is from:
http://subversion.apache.org/security/CVE-2015-3184-advisory.txt

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
subversion: add explicit dependency on file-replacement-native for native builds 2015-10-24T11:42:39+00:00 Ross Burton ross.burton@intel.com 2015-10-19T21:48:08+00:00 656f09accfd7651f179e02c12f40f4d3bec0be0c 






subversion_1.8.13.bb: Upstream-Status updated to Accepted
2015-07-20T09:39:00+00:00

Jose Lamego
jose.a.lamego@linux.intel.com

2015-07-14T09:01:38+00:00

7785c496df839bd811cb33aef4b54158e81aa2c5

Upstream-Status changed to Accepted due to [1]

[1] http://svn.apache.org/viewvc/subversion/trunk/build/ac-macros/serf.m4?r1=1594156&r2=1689824

Signed-off-by: Ross Burton <ross.burton@intel.com>





Upstream-Status changed to Accepted due to [1]

[1] http://svn.apache.org/viewvc/subversion/trunk/build/ac-macros/serf.m4?r1=1594156&r2=1689824

Signed-off-by: Ross Burton <ross.burton@intel.com>







subversion_1.8.13.bb: Regex modified to allow '-D' in paths
2015-07-07T22:57:13+00:00

Jose Lamego
jose.a.lamego@linux.intel.com

2015-07-03T07:34:50+00:00

04554b128c358e3c10f6581fd4506764a65240b8

Modified the regex sed in serf.m4 to allow the use of '-D' characters
in project folder names without having compilation error from
subversion-native.

[YOCTO #7874]

Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>





Modified the regex sed in serf.m4 to allow the use of '-D' characters
in project folder names without having compilation error from
subversion-native.

[YOCTO #7874]

Signed-off-by: Jose Lamego <jose.a.lamego@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>







subversion: Fix subversion-native on Fedora22
2015-06-27T21:42:00+00:00

Richard Purdie
richard.purdie@linuxfoundation.org

2015-06-26T22:40:41+00:00

a5e7a1e597e7bbe3bbc547f43a89d00a8a9a9924

Similarly to:
http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=9b19d6548a345009a6de79a6820c07a72054d961

we also need to fix the subversion-native case with gcc5 by using
the same fix to the BUILD_CPPFLAGS.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>





Similarly to:
http://git.yoctoproject.org/cgit.cgi/poky/commit/?id=9b19d6548a345009a6de79a6820c07a72054d961

we also need to fix the subversion-native case with gcc5 by using
the same fix to the BUILD_CPPFLAGS.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>







subversion: remove 1.6.X recipes
2015-04-30T22:01:29+00:00

Roy Li
rongqing.li@windriver.com

2015-04-28T00:24:59+00:00

65c4dcbefbe118eb1b04335d7d6171236a1315c2

Removing the 1.6.X recipes, since there is a new version 1.8.X recipes,
and hope that all projects already upgraded their premirror caches to
use new format

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>





Removing the 1.6.X recipes, since there is a new version 1.8.X recipes,
and hope that all projects already upgraded their premirror caches to
use new format

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>







subversion: upgrade it from 1.8.11 to 1.8.13
2015-04-28T06:55:59+00:00

Roy Li
rongqing.li@windriver.com

2015-04-27T08:12:29+00:00

cb00b9e0330970b5c768aae9ddd4703a7172acbe

upgrade to fix two CVE defects: CVE-2015-0248 and CVE-2015-0251

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>





upgrade to fix two CVE defects: CVE-2015-0248 and CVE-2015-0251

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>