rpms
/
subversion
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import subversion-1.10.2-4.module+el8.3.0+9886+ac338b6d

This commit is contained in:
CentOS Sources 2021-02-15 02:06:11 -05:00 committed by Andrew Lukoshko
parent 4f906e2ce8
commit 95b5899ae3
2 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
SOURCES/subversion-1.10.2-CVE-2020-17525.patch Normal file
View File

@ -0,0 +1,17 @@
https://bugzilla.redhat.com/show_bug.cgi?id=1922303
https://github.com/apache/subversion/commit/c83d9e5db564bdbbd91a7eb1c9399f66f481361c
--- a/subversion/libsvn_repos/config_file.c
+++ b/subversion/libsvn_repos/config_file.c
@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream,
{
/* Search for a repository in the full path. */
repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool);
+ if (repos_root_dirent == NULL)
+ return svn_error_trace(handle_missing_file(stream, checksum, access,
+ url, must_exist,
+ svn_node_none));
/* Attempt to open a repository at repos_root_dirent. */
SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL,

7
SPECS/subversion.spec
View File

@ -37,7 +37,7 @@
Summary: A Modern Concurrent Version Control System
Name: subversion
Version: 1.10.2
Release: 3%{?dist}
Release: 4%{?dist}
License: ASL 2.0
Group: Development/Tools
URL: https://subversion.apache.org/
@ -56,6 +56,7 @@ Patch4: subversion-1.8.0-rubybind.patch
Patch5: subversion-1.8.5-swigplWall.patch
Patch6: subversion-1.10.2-CVE-2019-0203.patch
Patch7: subversion-1.10.2-CVE-2018-11782.patch
Patch8: subversion-1.10.2-CVE-2020-17525.patch
BuildRequires: autoconf, libtool, texinfo, which
BuildRequires: swig >= 1.3.24, gettext
%if %{with bdb}
@ -224,6 +225,7 @@ This package includes supplementary tools for use with Subversion.
%patch5 -p1 -b .swigplWall
%patch6 -p1 -b .cve0203
%patch7 -p1 -b .cve11782
%patch8 -p1 -b .cve17525
%build
# Regenerate the buildsystem, so that:
@ -546,6 +548,9 @@ make check-javahl
%endif
%changelog
* Wed Feb 10 2021 Joe Orton <jorton@redhat.com> - 1.10.2-4
- add security fix for CVE-2020-17525
* Mon May 18 2020 Joe Orton <jorton@redhat.com> - 1.10.2-3
- add security fix for CVE-2018-11782