kumquat-buildroot/package/subversion
Peter Korsgaard cf454846b5 package/subversion: security bump to version 1.14.5
Fixes the following security vulnerabilities:

CVE-2024-46901: mod_dav_svn denial-of-service via control characters in
paths

It has been discovered that the patch for CVE-2013-1968 was incomplete
and unintentionally left mod_dav_svn vulnerable to control characters
in filenames.

https://subversion.apache.org/security/CVE-2024-46901-advisory.txt

Subversion 1.14.4 also fixed a Windows-only vulnerability:
https://subversion.apache.org/security/CVE-2024-45720-advisory.txt

For change log, see:
https://svn.apache.org/repos/asf/subversion/tags/1.14.5/CHANGES

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[Julien: add link to change log]
Signed-off-by: Julien Olivain <ju.o@free.fr>
(cherry picked from commit 9975d28aa3ffbda2b727979b2e322fc8986d6d1b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-12-19 09:24:31 +01:00
..
Config.in
subversion.hash
subversion.mk