| Patch |
| r866121 |
r866121 | kfogel | 2007-08-12 01:26:00 +0000 (Sun, 12 Aug 2007) CVE-2007-3846: Check that client dir separator is not in a path component. See http://cve.mitre.org/cgi-bin/cvename.cgi?name=2007-3846. * subversion/libsvn_wc/update_editor.c (check_path_under_root): New helper function. (delete_entry, add_or_open_file, open_directory, add_directory): Call above, to prevent paths above cwd from being affected. Patch by: Nils Durner <ndurner{_AT_}googlemail.com> kfogel