aboutsummaryrefslogtreecommitdiff
path: root/devel/subversion
diff options
context:
space:
mode:
authorJacques Vidrine <nectar@FreeBSD.org>2004-05-19 20:22:30 +0000
committerJacques Vidrine <nectar@FreeBSD.org>2004-05-19 20:22:30 +0000
commit0140554d033f4a84344a6ab7ac710238370c8f3c (patch)
tree59de131e3a8f917410dab15d9e96616c437564be /devel/subversion
parent343dd5f453e82c8699bf893fd1d25357cb0f89ed (diff)
downloadports-0140554d033f4a84344a6ab7ac710238370c8f3c.tar.gz
ports-0140554d033f4a84344a6ab7ac710238370c8f3c.zip
Correct a remotely exploitable vulnerability in subversion's date
parsing. http://vuxml.freebsd.org/5d36ef32-a9cf-11d8-9c6d-0020ed76ef5a.html The patch was supplied by Stefan Esser and verified by Ben Reser.
Notes
Notes: svn path=/head/; revision=109520
Diffstat (limited to 'devel/subversion')
-rw-r--r--devel/subversion/Makefile1
-rw-r--r--devel/subversion/files/patch-subversion::libsvn_subr::time.c13
2 files changed, 14 insertions, 0 deletions
diff --git a/devel/subversion/Makefile b/devel/subversion/Makefile
index bd12a551697a..13c38cf8eea8 100644
--- a/devel/subversion/Makefile
+++ b/devel/subversion/Makefile
@@ -6,6 +6,7 @@
PORTNAME= subversion
PORTVERSION= 1.0.2
+PORTREVISION= 1
CATEGORIES= devel
MASTER_SITES= http://subversion.tigris.org/tarballs/
diff --git a/devel/subversion/files/patch-subversion::libsvn_subr::time.c b/devel/subversion/files/patch-subversion::libsvn_subr::time.c
new file mode 100644
index 000000000000..57b3129395c2
--- /dev/null
+++ b/devel/subversion/files/patch-subversion::libsvn_subr::time.c
@@ -0,0 +1,13 @@
+Index: subversion/libsvn_subr/time.c
+===================================================================
+--- subversion/libsvn_subr/time.c (revision 9636)
++++ subversion/libsvn_subr/time.c (working copy)
+@@ -55,7 +55,7 @@
+ * compatibility, but no longer generated.
+ */
+ static const char * const old_timestamp_format =
+-"%s %d %s %d %02d:%02d:%02d.%06d (day %03d, dst %d, gmt_off %06d)";
++"%3s %d %3s %d %02d:%02d:%02d.%06d (day %03d, dst %d, gmt_off %06d)";
+
+ /* Our human representation of dates looks like this:
+ *