aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLeo <thinkabit.ukim@gmail.com>2021-02-11 07:54:16 -0300
committerLeo <thinkabit.ukim@gmail.com>2021-02-11 07:56:59 -0300
commit9ca259a3a37d2c12c9ea0bae1d8aa92813e9b232 (patch)
tree8e0d20161a7d39cae5ce9346283a6ccf1052933d
parente93c60b9e12d2d76fdaaa1b39e4223a9e38b3258 (diff)
downloadaports-9ca259a3a37d2c12c9ea0bae1d8aa92813e9b232.tar.gz
aports-9ca259a3a37d2c12c9ea0bae1d8aa92813e9b232.tar.bz2
aports-9ca259a3a37d2c12c9ea0bae1d8aa92813e9b232.tar.xz
main/subversion: fix CVE-2020-17525
See: #12421
-rw-r--r--main/subversion/APKBUILD9
-rw-r--r--main/subversion/CVE-2020-17525.patch15
2 files changed, 22 insertions, 2 deletions
diff --git a/main/subversion/APKBUILD b/main/subversion/APKBUILD
index 207cf611c2..e98f90e040 100644
--- a/main/subversion/APKBUILD
+++ b/main/subversion/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=subversion
pkgver=1.13.0
-pkgrel=2
+pkgrel=3
pkgdesc="Replacement for CVS, another versioning system (svn)"
url="https://subversion.apache.org/"
arch="all"
@@ -18,10 +18,14 @@ source="https://archive.apache.org/dist/subversion/$pkgname-$pkgver.tar.bz2
subversion-1.7.0-deplibs.patch
subversion-perl-deplibs.patch
subversion-1.12.0-linking.patch
+ CVE-2020-17525.patch
svnserve.confd
- svnserve.initd"
+ svnserve.initd
+ "
# secfixes:
+# 1.13.0-r3:
+# - CVE-2020-17525
# 1.12.2-r0:
# - CVE-2019-0203
# - CVE-2018-11782
@@ -132,5 +136,6 @@ sha512sums="36f390b412bf772bf894efc2aadc247f12ca30ac407e04f664c14411c3519e1bb242
fb219c45b80602d919176cc191394df09f90d0f5c7d24e6a36b166bd92777ecae67eeac1e49c0ffbb0e724396b3d2094dbb0bef17d01dc87d418b1cd554bd7c4 subversion-1.7.0-deplibs.patch
fd6e5f45cff4d3cf0d885a34c822b32141b13b199d99ad8e1b04d641c9c1ee27e73f5c556a4ad54a900b6d39cc14afad17b6738d8af44c76758f1a27b4d49f9a subversion-perl-deplibs.patch
7d46f2ee0bbba53b6dc9312b35000b1433a46edb09f61030da1ff66951bc204fc90598e5b07ce2554d46508d5a9e8193152131ae21050901c7b40cb034fb5cc3 subversion-1.12.0-linking.patch
+85fceca6bf92fb816263a2846e932b47e15920cb87183135e2a1218f2ea44d810810700cb2dd1a892508af4f08c298f688baa191c7e987280843cf01afb6f335 CVE-2020-17525.patch
7fe993443d4d3ef5e1e75f60e85036ee0b2bb2636c2c830210e64f525f95ae4c10ca1dc4504fc36915ec9391815becbe7cbf5f589c28609386d8d079ed02c630 svnserve.confd
f6392193cc65aaceee9b6e5e66f80af4b095ba4007e8536e8b1c4e8b2c75610d7f5596b83e5edd504672f021c074887fc6464cf4fc1dfe9446741105f11cd855 svnserve.initd"
diff --git a/main/subversion/CVE-2020-17525.patch b/main/subversion/CVE-2020-17525.patch
new file mode 100644
index 0000000000..ca59b7914a
--- /dev/null
+++ b/main/subversion/CVE-2020-17525.patch
@@ -0,0 +1,15 @@
+Index: subversion/libsvn_repos/config_file.c
+===================================================================
+--- a/subversion/libsvn_repos/config_file.c (revision 1883994)
++++ b/subversion/libsvn_repos/config_file.c (working copy)
+@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream,
+ {
+ /* Search for a repository in the full path. */
+ repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool);
++ if (repos_root_dirent == NULL)
++ return svn_error_trace(handle_missing_file(stream, checksum, access,
++ url, must_exist,
++ svn_node_none));
+
+ /* Attempt to open a repository at repos_root_dirent. */
+ SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL,