/[advisories]/10479.adv
ViewVC logotype

Contents of /10479.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 55 - (show annotations) (download)
Wed Jun 19 10:13:29 2013 UTC (4 years, 5 months ago) by boklm
File size: 999 byte(s)
MGASA-2013-0175
1 type: security
2 subject: Updated subversion packages fix security vulnerabilities
3 CVE:
4 - CVE-2013-1968
5 - CVE-2013-2112
6 src:
7 2:
8 core:
9 - subversion-1.7.10-1.mga2
10 3:
11 core:
12 - subversion-1.7.10-1.mga3
13 description: |
14 Subversion repositories with the FSFS repository data store format can be
15 corrupted by newline characters in filenames. A remote attacker with a
16 malicious client could use this flaw to disrupt the service for other users
17 using that repository (CVE-2013-1968).
18
19 Subversion's svnserve server process may exit when an incoming TCP connection
20 is closed early in the connection process. A remote attacker can cause
21 svnserve to exit and thus deny service to users of the server (CVE-2013-2112)
22 references:
23 - https://bugs.mageia.org/show_bug.cgi?id=10479
24 - http://subversion.apache.org/security/CVE-2013-1968-advisory.txt
25 - http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
26 - http://www.debian.org/security/2013/dsa-2703
27 ID: MGASA-2013-0175

  ViewVC Help
Powered by ViewVC 1.1.26