diff --git a/backport-CVE-2020-17525.patch b/backport-CVE-2020-17525.patch new file mode 100644 index 0000000000000000000000000000000000000000..7bdf0b0d629ca8815bb0eedcd4b13dd994bed640 --- /dev/null +++ b/backport-CVE-2020-17525.patch @@ -0,0 +1,26 @@ +From: Stefan Sperling +Date: Fri, 29 Jan 2021 13:17:15 +0000 +Subject: Fix a potential NULL dereference in the config file parser. + +* subversion/libsvn_repos/config_file.c + (get_repos_config): svn_repos_find_root_path() may return NULL. + Check the return value accordingly. +--- + subversion/libsvn_repos/config_file.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/subversion/libsvn_repos/config_file.c b/subversion/libsvn_repos/config_file.c +index 9187277..2414db9 100644 +--- a/subversion/libsvn_repos/config_file.c ++++ b/subversion/libsvn_repos/config_file.c +@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream, + { + /* Search for a repository in the full path. */ + repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool); ++ if (repos_root_dirent == NULL) ++ return svn_error_trace(handle_missing_file(stream, checksum, access, ++ url, must_exist, ++ svn_node_none)); + + /* Attempt to open a repository at repos_root_dirent. */ + SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL, diff --git a/subversion.spec b/subversion.spec index 9db0684f207f862c409687bc5ecfea7ecb62a25b..e4083b44a9068d297570e2ebcf1bf4106120853e 100644 --- a/subversion.spec +++ b/subversion.spec @@ -10,12 +10,14 @@ Summary: Subversion, a version control system. Name: subversion Version: 1.14.0 -Release: 1 +Release: 2 License: ASL 2.0 URL: https://subversion.apache.org/ Source0: https://www.apache.org/dist/subversion/subversion-%{version}.tar.bz2 +Patch1: backport-CVE-2020-17525.patch + BuildRequires: autoconf libtool texinfo which swig gettext libdb-devel apr-devel apr-util-devel libserf-devel cyrus-sasl-devel sqlite-devel file-devel utf8proc-devel lz4-devel apr-util-openssl dbus-devel, libsecret-devel httpd-devel git Requires: httpd @@ -310,6 +312,12 @@ make check-javahl %endif %changelog +* Mon Feb 22 2021 yixiangzhike - 1.14.0-2 +- Type:bugfix +- ID:NA +- SUG:NA +- DESC:Fix CVE-2020-17525 + * Sat Aug 1 2020 yang_zhuang_zhuang - 1.14.0-1 - Type:enhancement - ID:NA