summaryrefslogtreecommitdiff
path: root/scripts/lib/wic/utils/fs_related.py
diff options
context:
space:
mode:
authorWenzong Fan <wenzong.fan@windriver.com>2015-11-17 00:38:42 -0500
committerRobert Yang <liezhi.yang@windriver.com>2015-12-08 00:18:12 -0800
commite1e277bf51c6f00268358f6bf8623261b1b9bc22 (patch)
treea02eae184c4ff64c127156631f61c572531a2b3a /scripts/lib/wic/utils/fs_related.py
parent7af7a3e692a6cd0d92768024efe32bfa7d83bc8f (diff)
downloadopenembedded-core-e1e277bf51c6f00268358f6bf8623261b1b9bc22.tar.gz
openembedded-core-e1e277bf51c6f00268358f6bf8623261b1b9bc22.tar.bz2
openembedded-core-e1e277bf51c6f00268358f6bf8623261b1b9bc22.zip
subversion: fix CVE-2015-3187
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path. Patch is from: http://subversion.apache.org/security/CVE-2015-3187-advisory.txt (From OE-Core master rev: 6da25614edcad30fdb4bea8ff47b81ff81cdaed2) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Diffstat (limited to 'scripts/lib/wic/utils/fs_related.py')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-23 21:01:25 +0000