You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@subversion.apache.org by ph...@apache.org on 2015/08/13 13:39:35 UTC

svn commit: r1695681 - in /subversion/trunk: build/ac-macros/apache.m4 subversion/mod_authz_svn/mod_authz_svn.c

Author: philip
Date: Thu Aug 13 11:39:34 2015
New Revision: 1695681

URL: http://svn.apache.org/r1695681
Log:
Change the mod_authz_svn CVE reference from httpd to Subversion
as Subversion's has more detail and refers to httpd.

* build/ac-macros/apache.m4
* subversion/mod_authz_svn/mod_authz_svn.c
  Change CVE reference.

Modified:
    subversion/trunk/build/ac-macros/apache.m4
    subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c

Modified: subversion/trunk/build/ac-macros/apache.m4
URL: http://svn.apache.org/viewvc/subversion/trunk/build/ac-macros/apache.m4?rev=1695681&r1=1695680&r2=1695681&view=diff
==============================================================================
--- subversion/trunk/build/ac-macros/apache.m4 (original)
+++ subversion/trunk/build/ac-macros/apache.m4 Thu Aug 13 11:39:34 2015
@@ -188,12 +188,12 @@ if test -n "$APXS" && test "$APXS" != "n
       elif test "$enable_broken_httpd_auth" = "yes"; then
         AC_MSG_WARN([==============================================])
         AC_MSG_WARN([Apache httpd $HTTPD_VERSION MMN $MMN_MAJOR.$MMN_MINOR])
-        AC_MSG_WARN([Subversion will be vulnerable to CVE-2015-3185])
+        AC_MSG_WARN([Subversion will be vulnerable to CVE-2015-3184])
         AC_MSG_WARN([==============================================])
         AC_DEFINE(SVN_ALLOW_BROKEN_HTTPD_AUTH, 1,
                   [Defined to build against httpd 2.4 with broken auth])
       else
-        AC_MSG_ERROR([Apache httpd $HTTPD_VERSION MMN $MMN_MAJOR.$MMN_MINOR has broken auth (CVE-2015-3185)])
+        AC_MSG_ERROR([Apache httpd $HTTPD_VERSION MMN $MMN_MAJOR.$MMN_MINOR has broken auth (CVE-2015-3184)])
       fi
     fi
 

Modified: subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c?rev=1695681&r1=1695680&r2=1695681&view=diff
==============================================================================
--- subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c (original)
+++ subversion/trunk/subversion/mod_authz_svn/mod_authz_svn.c Thu Aug 13 11:39:34 2015
@@ -95,7 +95,7 @@ typedef struct authz_svn_config_rec {
 #  else 
      /* ap_some_auth_required() is busted and no viable alternative exists */
 #    ifndef SVN_ALLOW_BROKEN_HTTPD_AUTH
-#      error This Apache httpd has broken auth (CVE-2015-3185)
+#      error This Apache httpd has broken auth (CVE-2015-3184)
 #    else
        /* user wants to build anyway */
 #      define USE_FORCE_AUTHN 0