aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2021-02-11 07:54:16 -0300
committerLeo <thinkabit.ukim@gmail.com>2021-02-11 07:58:58 -0300
commit070159de54712c6fc7f968d2bcc647baa0869f70 (patch)
tree6c7f0d24589a3561d1568c43810104ed1d5ed25d
parent1e126c2186a56490e15750b30b0c66ba8eb68e54 (diff)
downloadaports-070159de54712c6fc7f968d2bcc647baa0869f70.tar.gz
aports-070159de54712c6fc7f968d2bcc647baa0869f70.tar.bz2
aports-070159de54712c6fc7f968d2bcc647baa0869f70.tar.xz
main/subversion: fix CVE-2020-17525
See: #12421
-rw-r--r--main/subversion/APKBUILD9
-rw-r--r--main/subversion/CVE-2020-17525.patch15
2 files changed, 22 insertions, 2 deletions
diff --git a/main/subversion/APKBUILD b/main/subversion/APKBUILD
index 6b68a146fc..505a924858 100644
--- a/main/subversion/APKBUILD
+++ b/main/subversion/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=subversion
pkgver=1.12.2
-pkgrel=1
+pkgrel=2
pkgdesc="Replacement for CVS, another versioning system (svn)"
url="https://subversion.apache.org/"
arch="all"
@@ -17,10 +17,14 @@ subpackages="$pkgname-dev $pkgname-doc mod_dav_svn
source="https://archive.apache.org/dist/subversion/$pkgname-$pkgver.tar.bz2
subversion-1.7.0-deplibs.patch
subversion-perl-deplibs.patch
+ CVE-2020-17525.patch
svnserve.confd
- svnserve.initd"
+ svnserve.initd
+ "
# secfixes:
+# 1.12.2-r2:
+# - CVE-2020-17525
# 1.12.2-r0:
# - CVE-2019-0203
# - CVE-2018-11782
@@ -121,5 +125,6 @@ py() {
sha512sums="b1f859b460afa54598778d8633f648acb4fa46138f7d6f0c1451e3c6a1de71df859233cd9ac7f19f0f20d7237ed3988f0a38da7552ffa58391e19d957bc7c136 subversion-1.12.2.tar.bz2
fb219c45b80602d919176cc191394df09f90d0f5c7d24e6a36b166bd92777ecae67eeac1e49c0ffbb0e724396b3d2094dbb0bef17d01dc87d418b1cd554bd7c4 subversion-1.7.0-deplibs.patch
fd6e5f45cff4d3cf0d885a34c822b32141b13b199d99ad8e1b04d641c9c1ee27e73f5c556a4ad54a900b6d39cc14afad17b6738d8af44c76758f1a27b4d49f9a subversion-perl-deplibs.patch
+85fceca6bf92fb816263a2846e932b47e15920cb87183135e2a1218f2ea44d810810700cb2dd1a892508af4f08c298f688baa191c7e987280843cf01afb6f335 CVE-2020-17525.patch
7fe993443d4d3ef5e1e75f60e85036ee0b2bb2636c2c830210e64f525f95ae4c10ca1dc4504fc36915ec9391815becbe7cbf5f589c28609386d8d079ed02c630 svnserve.confd
f6392193cc65aaceee9b6e5e66f80af4b095ba4007e8536e8b1c4e8b2c75610d7f5596b83e5edd504672f021c074887fc6464cf4fc1dfe9446741105f11cd855 svnserve.initd"
diff --git a/main/subversion/CVE-2020-17525.patch b/main/subversion/CVE-2020-17525.patch
new file mode 100644
index 0000000000..ca59b7914a
--- /dev/null
+++ b/main/subversion/CVE-2020-17525.patch
@@ -0,0 +1,15 @@
+Index: subversion/libsvn_repos/config_file.c
+===================================================================
+--- a/subversion/libsvn_repos/config_file.c (revision 1883994)
++++ b/subversion/libsvn_repos/config_file.c (working copy)
+@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream,
+ {
+ /* Search for a repository in the full path. */
+ repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool);
++ if (repos_root_dirent == NULL)
++ return svn_error_trace(handle_missing_file(stream, checksum, access,
++ url, must_exist,
++ svn_node_none));
+
+ /* Attempt to open a repository at repos_root_dirent. */
+ SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL,