[Buildroot] [PATCH] package/subversion: security bump to version 1.14.1
Peter Korsgaard
peter at korsgaard.com
Sun Feb 14 16:52:01 UTC 2021
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issue:
> CVE-2020-17525: Remote unauthenticated denial-of-service in Subversion
> mod_authz_svn
> Subversion's mod_authz_svn module will crash if the server is using
> in-repository authz rules with the AuthzSVNReposRelativeAccessFile option
> and a client sends a request for a non-existing repository URL.
> For more details, see the advisory:
> https://subversion.apache.org/security/CVE-2020-17525-advisory.txt
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed to 2020.02.x and 2020.11.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list