You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ph...@apache.org on 2015/08/13 13:39:35 UTC
svn commit: r1695681 - in /subversion/trunk: build/ac-macros/apache.m4
subversion/mod_authz_svn/mod_authz_svn.c
Author: philip
Date: Thu Aug 13 11:39:34 2015
New Revision: 1695681
URL: http://svn.apache.org/r1695681
Log:
Change the mod_authz_svn CVE reference from httpd to Subversion
as Subversion's has more detail and refers to httpd.
* build/ac-macros/apache.m4
* subversion/mod_authz_svn/mod_authz_svn.c
Change CVE reference.
Modified:
subversion/trunk/build/ac-macros/apache.m4
subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
Modified: subversion/trunk/build/ac-macros/apache.m4
URL: http://svn.apache.org/viewvc/subversion/trunk/build/ac-macros/apache.m4?rev=1695681&r1=1695680&r2=1695681&view=diff
==============================================================================
--- subversion/trunk/build/ac-macros/apache.m4 (original)
+++ subversion/trunk/build/ac-macros/apache.m4 Thu Aug 13 11:39:34 2015
@@ -188,12 +188,12 @@ if test -n "$APXS" && test "$APXS" != "n
elif test "$enable_broken_httpd_auth" = "yes"; then
AC_MSG_WARN([==============================================])
AC_MSG_WARN([Apache httpd $HTTPD_VERSION MMN $MMN_MAJOR.$MMN_MINOR])
- AC_MSG_WARN([Subversion will be vulnerable to CVE-2015-3185])
+ AC_MSG_WARN([Subversion will be vulnerable to CVE-2015-3184])
AC_MSG_WARN([==============================================])
AC_DEFINE(SVN_ALLOW_BROKEN_HTTPD_AUTH, 1,
[Defined to build against httpd 2.4 with broken auth])
else
- AC_MSG_ERROR([Apache httpd $HTTPD_VERSION MMN $MMN_MAJOR.$MMN_MINOR has broken auth (CVE-2015-3185)])
+ AC_MSG_ERROR([Apache httpd $HTTPD_VERSION MMN $MMN_MAJOR.$MMN_MINOR has broken auth (CVE-2015-3184)])
fi
fi
Modified: subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c?rev=1695681&r1=1695680&r2=1695681&view=diff
==============================================================================
--- subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c (original)
+++ subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c Thu Aug 13 11:39:34 2015
@@ -95,7 +95,7 @@ typedef struct authz_svn_config_rec {
# else
/* ap_some_auth_required() is busted and no viable alternative exists */
# ifndef SVN_ALLOW_BROKEN_HTTPD_AUTH
-# error This Apache httpd has broken auth (CVE-2015-3185)
+# error This Apache httpd has broken auth (CVE-2015-3184)
# else
/* user wants to build anyway */
# define USE_FORCE_AUTHN 0