upstream/oracle/userland-gate: components/subversion/patches/002-CVE-2013-1849.patch@3644abf7d157

summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help


# CVE-2013-1849
# http://subversion.apache.org/security/CVE-2013-1849-advisory.txt

--- subversion/mod_dav_svn/liveprops.c	2012-02-03 12:04:00.000000000 -0800
+++ subversion/mod_dav_svn/liveprops.c	2014-01-22 09:29:53.399158026 -0800
@@ -429,7 +429,8 @@
         svn_filesize_t len = 0;
 
         /* our property, but not defined on collection resources */
-        if (resource->collection || resource->baselined)
+        if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY ||
+            resource->collection || resource->baselined)
           return DAV_PROP_INSERT_NOTSUPP;
 
         serr = svn_fs_file_length(&len, resource->info->root.root,
@@ -453,7 +454,9 @@
         svn_string_t *pval;
         const char *mime_type = NULL;
 
-        if (resource->baselined && resource->type == DAV_RESOURCE_TYPE_VERSION)
+        if ((resource->type == DAV_RESOURCE_TYPE_ACTIVITY) ||
+            (resource->baselined &&
+             resource->type == DAV_RESOURCE_TYPE_VERSION))
           return DAV_PROP_INSERT_NOTSUPP;
 
         if (resource->type == DAV_RESOURCE_TYPE_PRIVATE

author	Gabriel Carrillo <gabriel.carrillo@oracle.com>
	Fri, 20 Mar 2015 14:10:33 -0700
branch	s11u2-sru
changeset 4000	3644abf7d157
permissions	-rw-r--r--