CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2013/04/05 09:06:21
Modified files:
devel/subversion: Tag: OPENBSD_5_2 Makefile
Added files:
devel/subversion/patches: Tag: OPENBSD_5_2
patch-subversion_mod_authz_svn_mod_authz_svn_c
patch-subversion_mod_dav_svn_deadprops_c
patch-subversion_mod_dav_svn_liveprops_c
patch-subversion_mod_dav_svn_lock_c
patch-subversion_mod_dav_svn_reports_log_c
patch-subversion_mod_dav_svn_repos_c
Log message:
For 5.2-stable:
Add patches for CVE-2013-1884, CVE-2013-1845, CVE-2013-1846, CVE-2013-1847,
and CVE-2013-1849. All of these are denial-of-service vulnerabilities
which affect Subversion servers using mod_dav_svn (Apache HTTPD) only.
For good measure throw in two additional fixes which were made after SVN 1.7.5,
fixing a crash in mod_dav_svn and unbound memory use in mod_authz_svn.
These fixes are already in 5.3 and -current.
