Fixes the following security issues:
- CVE-2021-28544: SVN authz protected copyfrom paths regression
Subversion servers reveal 'copyfrom' paths that should be hidden according
to configured path-based authorization (authz) rules. When a node has
been copied from a protected location, users with access to the copy can
see the `copyfrom' path of the original. This also reveals the fact that
the node was copied. Only the 'copyfrom' path is revealed; not its
contents. Both httpd and svnserve servers are vulnerable.
https://subversion.apache.org/security/CVE-2021-28544-advisory.txt
- CVE-2022-24070: Subversion's mod_dav_svn is vulnerable to memory corruption
While looking up path-based authorization rules, mod_dav_svn servers may
attempt to use memory which has already been freed.
https://subversion.apache.org/security/CVE-2022-24070-advisory.txt
Drop no longer needed patch and autoreconf, as this is now fixed upstream:
https://svn.apache.org/viewvc?view=revision&revision=1881534
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
|
||
---|---|---|
arch | ||
board | ||
boot | ||
configs | ||
docs | ||
fs | ||
linux | ||
package | ||
support | ||
system | ||
toolchain | ||
utils | ||
.clang-format | ||
.defconfig | ||
.flake8 | ||
.gitignore | ||
.gitlab-ci.yml | ||
CHANGES | ||
Config.in | ||
Config.in.legacy | ||
COPYING | ||
DEVELOPERS | ||
Makefile | ||
Makefile.legacy | ||
README |
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches