diff options
author | Leo <thinkabit.ukim@gmail.com> | 2021-02-11 07:54:16 -0300 |
---|---|---|
committer | Leo <thinkabit.ukim@gmail.com> | 2021-02-11 07:58:58 -0300 |
commit | 070159de54712c6fc7f968d2bcc647baa0869f70 (patch) | |
tree | 6c7f0d24589a3561d1568c43810104ed1d5ed25d | |
parent | 1e126c2186a56490e15750b30b0c66ba8eb68e54 (diff) | |
download | aports-070159de54712c6fc7f968d2bcc647baa0869f70.tar.gz aports-070159de54712c6fc7f968d2bcc647baa0869f70.tar.bz2 aports-070159de54712c6fc7f968d2bcc647baa0869f70.tar.xz |
main/subversion: fix CVE-2020-17525
See: #12421
-rw-r--r-- | main/subversion/APKBUILD | 9 | ||||
-rw-r--r-- | main/subversion/CVE-2020-17525.patch | 15 |
2 files changed, 22 insertions, 2 deletions
diff --git a/main/subversion/APKBUILD b/main/subversion/APKBUILD index 6b68a146fc0..505a9248581 100644 --- a/main/subversion/APKBUILD +++ b/main/subversion/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=subversion pkgver=1.12.2 -pkgrel=1 +pkgrel=2 pkgdesc="Replacement for CVS, another versioning system (svn)" url="https://subversion.apache.org/" arch="all" @@ -17,10 +17,14 @@ subpackages="$pkgname-dev $pkgname-doc mod_dav_svn source="https://archive.apache.org/dist/subversion/$pkgname-$pkgver.tar.bz2 subversion-1.7.0-deplibs.patch subversion-perl-deplibs.patch + CVE-2020-17525.patch svnserve.confd - svnserve.initd" + svnserve.initd + " # secfixes: +# 1.12.2-r2: +# - CVE-2020-17525 # 1.12.2-r0: # - CVE-2019-0203 # - CVE-2018-11782 @@ -121,5 +125,6 @@ py() { sha512sums="b1f859b460afa54598778d8633f648acb4fa46138f7d6f0c1451e3c6a1de71df859233cd9ac7f19f0f20d7237ed3988f0a38da7552ffa58391e19d957bc7c136 subversion-1.12.2.tar.bz2 fb219c45b80602d919176cc191394df09f90d0f5c7d24e6a36b166bd92777ecae67eeac1e49c0ffbb0e724396b3d2094dbb0bef17d01dc87d418b1cd554bd7c4 subversion-1.7.0-deplibs.patch fd6e5f45cff4d3cf0d885a34c822b32141b13b199d99ad8e1b04d641c9c1ee27e73f5c556a4ad54a900b6d39cc14afad17b6738d8af44c76758f1a27b4d49f9a subversion-perl-deplibs.patch +85fceca6bf92fb816263a2846e932b47e15920cb87183135e2a1218f2ea44d810810700cb2dd1a892508af4f08c298f688baa191c7e987280843cf01afb6f335 CVE-2020-17525.patch 7fe993443d4d3ef5e1e75f60e85036ee0b2bb2636c2c830210e64f525f95ae4c10ca1dc4504fc36915ec9391815becbe7cbf5f589c28609386d8d079ed02c630 svnserve.confd f6392193cc65aaceee9b6e5e66f80af4b095ba4007e8536e8b1c4e8b2c75610d7f5596b83e5edd504672f021c074887fc6464cf4fc1dfe9446741105f11cd855 svnserve.initd" diff --git a/main/subversion/CVE-2020-17525.patch b/main/subversion/CVE-2020-17525.patch new file mode 100644 index 00000000000..ca59b7914a5 --- /dev/null +++ b/main/subversion/CVE-2020-17525.patch @@ -0,0 +1,15 @@ +Index: subversion/libsvn_repos/config_file.c +=================================================================== +--- a/subversion/libsvn_repos/config_file.c (revision 1883994) ++++ b/subversion/libsvn_repos/config_file.c (working copy) +@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream, + { + /* Search for a repository in the full path. */ + repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool); ++ if (repos_root_dirent == NULL) ++ return svn_error_trace(handle_missing_file(stream, checksum, access, ++ url, must_exist, ++ svn_node_none)); + + /* Attempt to open a repository at repos_root_dirent. */ + SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL, |