openembedded-core.git - Mirror of openembedded-core

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2015-11-17 00:38:41 -0500
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2015-12-01 21:30:56 +0000
commit	29eb921ed074d86fa8d5b205a313eb3177473a63 (patch)
tree	19f45263da958619043cccfb61c163a5f489d950 /meta/recipes-devtools/automake
parent	0f3fb5bbf2fd7db82898fed3281af143387316ff (diff)
download	openembedded-core-29eb921ed074d86fa8d5b205a313eb3177473a63.tar.gz openembedded-core-29eb921ed074d86fa8d5b205a313eb3177473a63.tar.bz2 openembedded-core-29eb921ed074d86fa8d5b205a313eb3177473a63.zip

subversion: fix CVE-2015-3184

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>

Diffstat (limited to 'meta/recipes-devtools/automake')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: