summaryrefslogtreecommitdiff
path: root/meta/recipes-devtools/perl
diff options
context:
space:
mode:
authorYue Tao <Yue.Tao@windriver.com>2014-10-22 03:37:28 -0400
committerRichard Purdie <richard.purdie@linuxfoundation.org>2014-11-04 10:19:53 +0000
commit06a33cd00ea11abec1ebe9d5883e44778075ccc6 (patch)
tree69ed9389a6011d7ea1251bbfc2d9c6e6f6b0e326 /meta/recipes-devtools/perl
parentffc1c58809a2f5fef13484613d1b57c2d4c5ebfb (diff)
downloadopenembedded-core-06a33cd00ea11abec1ebe9d5883e44778075ccc6.tar.gz
openembedded-core-06a33cd00ea11abec1ebe9d5883e44778075ccc6.tar.bz2
openembedded-core-06a33cd00ea11abec1ebe9d5883e44778075ccc6.zip
subversion: Security Advisory - subversion - CVE-2014-3522
The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7.18 and 1.8.x before 1.8.10 does not properly handle wildcards in the Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.<a href=http://cwe.mitre.org/data/definitions/297.html target=_blank>CWE-297: Improper Validation of Certificate with Host Mismatch</a> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3522 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-devtools/perl')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-05 20:59:48 +0000