/[advisories]/10479.adv
ViewVC logotype

Annotation of /10479.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 49 - (hide annotations) (download)
Wed Jun 19 00:54:01 2013 UTC (10 years, 9 months ago) by davidwhodgins
File size: 1105 byte(s)
Fix ending with newline for bugs 10495, 10492, 10479
1 davidwhodgins 46 type: security
2     subject: Updated subversion packages fix security vulnerabilities
3     CVE:
4     - CVE-2013-1968
5     - CVE-2013-2112
6     src:
7     2:
8     core:
9     - subversion-1.7.10-1.mga2
10     3:
11     core:
12     - subversion-1.7.10-1.mga3
13     description: |
14     Subversion repositories with the FSFS repository data store format can be
15     corrupted by newline characters in filenames. A remote attacker with a
16     malicious client could use this flaw to disrupt the service for other users
17     using that repository (CVE-2013-1968).
18    
19     Subversion's svnserve server process may exit when an incoming TCP connection
20     is closed early in the connection process. A remote attacker can cause
21     svnserve to exit and thus deny service to users of the server (CVE-2013-2112)
22     references:
23     - https://bugs.mageia.org/show_bug.cgi?id=10479
24     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1968
25     - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2112
26     - http://subversion.apache.org/security/CVE-2013-1968-advisory.txt
27     - http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
28     - http://www.debian.org/security/2013/dsa-2703

  ViewVC Help
Powered by ViewVC 1.1.30