upstream/oracle/userland-gate: components/subversion/patches/002-CVE-2013-1849.patch@d5b2d81eeedc

summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help


# CVE-2013-1849
# http://subversion.apache.org/security/CVE-2013-1849-advisory.txt

--- subversion/mod_dav_svn/liveprops.c	2012-02-03 12:04:00.000000000 -0800
+++ subversion/mod_dav_svn/liveprops.c	2014-01-22 09:29:53.399158026 -0800
@@ -429,7 +429,8 @@
         svn_filesize_t len = 0;
 
         /* our property, but not defined on collection resources */
-        if (resource->collection || resource->baselined)
+        if (resource->type == DAV_RESOURCE_TYPE_ACTIVITY ||
+            resource->collection || resource->baselined)
           return DAV_PROP_INSERT_NOTSUPP;
 
         serr = svn_fs_file_length(&len, resource->info->root.root,
@@ -453,7 +454,9 @@
         svn_string_t *pval;
         const char *mime_type = NULL;
 
-        if (resource->baselined && resource->type == DAV_RESOURCE_TYPE_VERSION)
+        if ((resource->type == DAV_RESOURCE_TYPE_ACTIVITY) ||
+            (resource->baselined &&
+             resource->type == DAV_RESOURCE_TYPE_VERSION))
           return DAV_PROP_INSERT_NOTSUPP;
 
         if (resource->type == DAV_RESOURCE_TYPE_PRIVATE

author	Mike Sullivan <Mike.Sullivan@Oracle.COM>
	Mon, 03 Mar 2014 16:21:45 -0800
changeset 1740	d5b2d81eeedc
parent 1675	0eb3c8a5ca75
permissions	-rw-r--r--