subversion: Security Advisory - subversion - CVE-2014-3528 - openembedded-core-contrib - OpenEmbedded Core user contribution trees

diff options

author	Yue Tao <Yue.Tao@windriver.com>	2014-10-22 03:37:29 -0400
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-11-04 10:19:53 +0000
commit	e0dc0432b13f38d16f642bdadf8ebc78b7a74806 (patch)
tree	4dcbb70d0c630139ba49bce0936a3d193eb27a35 /scripts
parent	06a33cd00ea11abec1ebe9d5883e44778075ccc6 (diff)
download	openembedded-core-contrib-e0dc0432b13f38d16f642bdadf8ebc78b7a74806.tar.gz

subversion: Security Advisory - subversion - CVE-2014-3528

Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1.8.10 uses an MD5 hash of the URL and authentication realm to store cached credentials, which makes it easier for remote servers to obtain the credentials via a crafted authentication realm. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3528 Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com>

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: