Parent Directory
| 
Revision Log
Fix ending with newline for bugs 10495, 10492, 10479
| 1 | type: security |
| 2 | subject: Updated subversion packages fix security vulnerabilities |
| 3 | CVE: |
| 4 | - CVE-2013-1968 |
| 5 | - CVE-2013-2112 |
| 6 | src: |
| 7 | 2: |
| 8 | core: |
| 9 | - subversion-1.7.10-1.mga2 |
| 10 | 3: |
| 11 | core: |
| 12 | - subversion-1.7.10-1.mga3 |
| 13 | description: | |
| 14 | Subversion repositories with the FSFS repository data store format can be |
| 15 | corrupted by newline characters in filenames. A remote attacker with a |
| 16 | malicious client could use this flaw to disrupt the service for other users |
| 17 | using that repository (CVE-2013-1968). |
| 18 | |
| 19 | Subversion's svnserve server process may exit when an incoming TCP connection |
| 20 | is closed early in the connection process. A remote attacker can cause |
| 21 | svnserve to exit and thus deny service to users of the server (CVE-2013-2112) |
| 22 | references: |
| 23 | - https://bugs.mageia.org/show_bug.cgi?id=10479 |
| 24 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1968 |
| 25 | - http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2112 |
| 26 | - http://subversion.apache.org/security/CVE-2013-1968-advisory.txt |
| 27 | - http://subversion.apache.org/security/CVE-2013-2112-advisory.txt |
| 28 | - http://www.debian.org/security/2013/dsa-2703 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |