/[advisories]/10479.adv
ViewVC logotype

Annotation of /10479.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 55 - (hide annotations) (download)
Wed Jun 19 10:13:29 2013 UTC (7 years, 4 months ago) by boklm
File size: 999 byte(s)
MGASA-2013-0175
1 davidwhodgins 46 type: security
2     subject: Updated subversion packages fix security vulnerabilities
3     CVE:
4     - CVE-2013-1968
5     - CVE-2013-2112
6     src:
7     2:
8     core:
9     - subversion-1.7.10-1.mga2
10     3:
11     core:
12     - subversion-1.7.10-1.mga3
13     description: |
14     Subversion repositories with the FSFS repository data store format can be
15     corrupted by newline characters in filenames. A remote attacker with a
16     malicious client could use this flaw to disrupt the service for other users
17     using that repository (CVE-2013-1968).
18    
19     Subversion's svnserve server process may exit when an incoming TCP connection
20     is closed early in the connection process. A remote attacker can cause
21     svnserve to exit and thus deny service to users of the server (CVE-2013-2112)
22     references:
23     - https://bugs.mageia.org/show_bug.cgi?id=10479
24     - http://subversion.apache.org/security/CVE-2013-1968-advisory.txt
25     - http://subversion.apache.org/security/CVE-2013-2112-advisory.txt
26     - http://www.debian.org/security/2013/dsa-2703
27 boklm 55 ID: MGASA-2013-0175

  ViewVC Help
Powered by ViewVC 1.1.28