Patchwork [0/6] subversion: backport 6 CVE patches

login
register
mail settings
Submitter rongqing.li@windriver.com
Date May 16, 2014, 6 a.m.
Message ID <cover.1400219191.git.rongqing.li@windriver.com>
Download mbox
Permalink /patch/72269/
State New
Headers show

Pull-request

git://git.pokylinux.org/poky-contrib roy/subversion-1

Comments

rongqing.li@windriver.com - May 16, 2014, 6 a.m.
From: Roy Li <rongqing.li@windriver.com>

The following changes since commit e273301efa0037a13c3a60b4414140364d9c9873:

  gstreamer/lame: Better gcc 4.9 fix (2014-05-15 23:27:41 +0100)

are available in the git repository at:

  git://git.pokylinux.org/poky-contrib roy/subversion-1
  http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=roy/subversion-1

Yue Tao (6):
  subversion: fix for Security Advisory CVE-2013-1849
  subversion: fix for Security Advisory CVE-2013-4505
  subversion: fix for Security Advisory CVE-2013-4131
  subversion: fix for Security Advisory CVE-2013-1845
  subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
  subversion: fix for Security Advisory CVE-2013-4277

 .../subversion-CVE-2013-4131.patch                 |   42 +++++
 .../subversion-CVE-2013-4277.patch                 |   15 ++
 .../subversion-CVE-2013-4505.patch                 |  130 +++++++++++++++
 .../subversion/subversion-CVE-2013-1845.patch      |  171 ++++++++++++++++++++
 .../subversion-CVE-2013-1847-CVE-2013-1846.patch   |   53 ++++++
 .../subversion/subversion-CVE-2013-1849.patch      |   25 +++
 .../subversion/subversion-CVE-2013-4277.patch      |   13 ++
 .../subversion/subversion-CVE-2013-4505.patch      |  125 ++++++++++++++
 .../subversion/subversion_1.6.15.bb                |    8 +-
 .../subversion/subversion_1.7.10.bb                |    3 +
 10 files changed, 583 insertions(+), 2 deletions(-)
 create mode 100644 meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4131.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4277.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1845.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1847-CVE-2013-1846.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-4277.patch
 create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-4505.patch
Ross Burton - May 16, 2014, 10:39 a.m.
On 16 May 2014 07:00,  <rongqing.li@windriver.com> wrote:
>   subversion: fix for Security Advisory CVE-2013-1849
>   subversion: fix for Security Advisory CVE-2013-4505
>   subversion: fix for Security Advisory CVE-2013-4131
>   subversion: fix for Security Advisory CVE-2013-1845
>   subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
>   subversion: fix for Security Advisory CVE-2013-4277

Are these intended to be backported to daisy?  For master, presumably
we could upgrade to 1.7.16 or 1.8.9?

Ross
rongqing.li@windriver.com - May 19, 2014, 1:53 a.m.
On 05/16/2014 06:39 PM, Burton, Ross wrote:
> On 16 May 2014 07:00,  <rongqing.li@windriver.com> wrote:
>>    subversion: fix for Security Advisory CVE-2013-1849
>>    subversion: fix for Security Advisory CVE-2013-4505
>>    subversion: fix for Security Advisory CVE-2013-4131
>>    subversion: fix for Security Advisory CVE-2013-1845
>>    subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
>>    subversion: fix for Security Advisory CVE-2013-4277
>
> Are these intended to be backported to daisy?

These patches can be cherry-picked to daisy, no need to modification.

-Roy


>   For master, presumably
> we could upgrade to 1.7.16 or 1.8.9?
>
> Ross
>
>
Saul Wold - May 19, 2014, 3:10 a.m.
On 05/15/2014 11:00 PM, rongqing.li@windriver.com wrote:
> From: Roy Li <rongqing.li@windriver.com>
>
> The following changes since commit e273301efa0037a13c3a60b4414140364d9c9873:
>
>    gstreamer/lame: Better gcc 4.9 fix (2014-05-15 23:27:41 +0100)
>
> are available in the git repository at:
>
>    git://git.pokylinux.org/poky-contrib roy/subversion-1
>    http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=roy/subversion-1
>
> Yue Tao (6):
>    subversion: fix for Security Advisory CVE-2013-1849
>    subversion: fix for Security Advisory CVE-2013-4505


>    subversion: fix for Security Advisory CVE-2013-4131
>    subversion: fix for Security Advisory CVE-2013-1845
>    subversion: fix for Security Advisory CVE-2013-1847 and CVE-2013-1846
>    subversion: fix for Security Advisory CVE-2013-4277
>
>   .../subversion-CVE-2013-4131.patch                 |   42 +++++
>   .../subversion-CVE-2013-4277.patch                 |   15 ++
>   .../subversion-CVE-2013-4505.patch                 |  130 +++++++++++++++


>   .../subversion/subversion-CVE-2013-1845.patch      |  171 ++++++++++++++++++++
>   .../subversion-CVE-2013-1847-CVE-2013-1846.patch   |   53 ++++++
>   .../subversion/subversion-CVE-2013-1849.patch      |   25 +++
>   .../subversion/subversion-CVE-2013-4277.patch      |   13 ++

Needs an Upstream-Status tag in .patch file

>   .../subversion/subversion-CVE-2013-4505.patch      |  125 ++++++++++++++
Needs an Upstream-Status tag in .patch file

>   .../subversion/subversion_1.6.15.bb                |    8 +-
>   .../subversion/subversion_1.7.10.bb                |    3 +
>   10 files changed, 583 insertions(+), 2 deletions(-)
>   create mode 100644 meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4131.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4277.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion-1.7.10/subversion-CVE-2013-4505.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1845.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1847-CVE-2013-1846.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-1849.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-4277.patch
>   create mode 100644 meta/recipes-devtools/subversion/subversion/subversion-CVE-2013-4505.patch
>