ast2050-yocto-poky - Modified yocto poky sources to support the Aspeed AST2050 and ASUS KGPE-D16 / KCMA-D8

diff options

author	Wenzong Fan <wenzong.fan@windriver.com>	2016-02-06 15:14:48 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-02-07 17:23:04 +0000
commit	f0ecaf46bb8e2a1bc0f22ee8650d10cbcc746a73 (patch)
tree	343f92ccac68ee853cce06ed50d5cf6c4d75dce7 /meta/recipes-devtools/docbook-sgml-dtd
parent	165fa6ce6213ab2b9610732a4926496b78ca4038 (diff)
download	ast2050-yocto-poky-f0ecaf46bb8e2a1bc0f22ee8650d10cbcc746a73.zip ast2050-yocto-poky-f0ecaf46bb8e2a1bc0f22ee8650d10cbcc746a73.tar.gz

subversion: fix CVE-2015-3184

mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name. Patch is from: http://subversion.apache.org/security/CVE-2015-3184-advisory.txt (From OE-Core master rev: 29eb921ed074d86fa8d5b205a313eb3177473a63) (From OE-Core rev: 7af7a3e692a6cd0d92768024efe32bfa7d83bc8f) (From OE-Core rev: e4a1caecc5ae6b8488ec8ed7d303296af99146c0) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

Diffstat (limited to 'meta/recipes-devtools/docbook-sgml-dtd')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: