upstream/oracle/userland-gate: components/subversion/patches/002-CVE-2013-1849.patch@a20504fc0f7b

summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help


# CVE-2013-1849
# http://subversion.apache.org/security/CVE-2013-1849-advisory.txt

--- subversion/mod_dav_svn/liveprops.c	2012-02-03 12:04:00.000000000 -0800
+++ subversion/mod_dav_svn/liveprops.c	2014-01-22 09:29:53.399158026 -0800
@@ -429,7 +429,8 @@
         svn_filesize_t len = 0;
 
         /* our property, but not defined on collection resources */
-        if (resource->collection || resource->baselined)
+        if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY ||
+            resource->collection || resource->baselined)
           return DAV_PROP_INSERT_NOTSUPP;
 
         serr = svn_fs_file_length(&len, resource->info->root.root,
@@ -453,7 +454,9 @@
         svn_string_t *pval;
         const char *mime_type = NULL;
 
-        if (resource->baselined && resource->type == DAV_RESOURCE_TYPE_VERSION)
+        if ((resource->type == DAV_RESOURCE_TYPE_ACTIVITY) ||
+            (resource->baselined &&
+             resource->type == DAV_RESOURCE_TYPE_VERSION))
           return DAV_PROP_INSERT_NOTSUPP;
 
         if (resource->type == DAV_RESOURCE_TYPE_PRIVATE

author	Stefan Teleman <stefan.teleman@oracle.com>
	Wed, 29 Jan 2014 21:34:24 -0800
branch	s11-update
changeset 2922	a20504fc0f7b
permissions	-rw-r--r--