openembedded-core.git - Mirror of openembedded-core

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2015-11-17 00:38:42 -0500
committer	Robert Yang <liezhi.yang@windriver.com>	2015-12-08 00:18:12 -0800
commit	e1e277bf51c6f00268358f6bf8623261b1b9bc22 (patch)
tree	a02eae184c4ff64c127156631f61c572531a2b3a /scripts/lib/wic/3rdparty/pykickstart/base.py
parent	7af7a3e692a6cd0d92768024efe32bfa7d83bc8f (diff)
download	openembedded-core-e1e277bf51c6f00268358f6bf8623261b1b9bc22.tar.gz openembedded-core-e1e277bf51c6f00268358f6bf8623261b1b9bc22.tar.bz2 openembedded-core-e1e277bf51c6f00268358f6bf8623261b1b9bc22.zip

subversion: fix CVE-2015-3187

The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt (From OE-Core master rev: 6da25614edcad30fdb4bea8ff47b81ff81cdaed2) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>

Diffstat (limited to 'scripts/lib/wic/3rdparty/pykickstart/base.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: