Ubuntu Security Notice 3388-1 - Joern Schneeweisz discovered that Subversion did not properly handle host names in 'svn+ssh://' URLs. A remote attacker could use this to construct a subversion repository that when accessed could run arbitrary code with the privileges of the user. Daniel Shahaf and James McCoy discovered that Subversion did not properly verify realms when using Cyrus SASL authentication. A remote attacker could use this to possibly bypass intended access restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
afb947313ea3b2743fc9ec546b5a4c8ac5e42c19227852d40f19315d56ae31a2==========================================================================
Ubuntu Security Notice USN-3388-1
August 11, 2017
subversion vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in Subversion.
Software Description:
- subversion: Advanced version control system
Details:
Joern Schneeweisz discovered that Subversion did not properly handle
host names in 'svn+ssh://' URLs. A remote attacker could use this
to construct a subversion repository that when accessed could run
arbitrary code with the privileges of the user. (CVE-2017-9800)
Daniel Shahaf and James McCoy discovered that Subversion did not
properly verify realms when using Cyrus SASL authentication. A
remote attacker could use this to possibly bypass intended access
restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu
16.04 LTS. (CVE-2016-2167)
Florian Weimer discovered that Subversion clients did not properly
restrict XML entity expansion when accessing http(s):// URLs. A remote
attacker could use this to cause a denial of service. This issue only
affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-8734)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
libsvn1 1.9.5-1ubuntu1.1
subversion 1.9.5-1ubuntu1.1
Ubuntu 16.04 LTS:
libapache2-mod-svn 1.9.3-2ubuntu1.1
libapache2-svn 1.9.3-2ubuntu1.1
libsvn1 1.9.3-2ubuntu1.1
subversion 1.9.3-2ubuntu1.1
Ubuntu 14.04 LTS:
libapache2-mod-svn 1.8.8-1ubuntu3.3
libapache2-svn 1.8.8-1ubuntu3.3
libsvn1 1.8.8-1ubuntu3.3
subversion 1.8.8-1ubuntu3.3
In general, a standard system update will make all the necessary changes.
References:
https://www.ubuntu.com/usn/usn-3388-1
CVE-2016-2167, CVE-2016-8734, CVE-2017-9800
Package Information:
https://launchpad.net/ubuntu/+source/subversion/1.9.5-1ubuntu1.1
https://launchpad.net/ubuntu/+source/subversion/1.9.3-2ubuntu1.1
https://launchpad.net/ubuntu/+source/subversion/1.8.8-1ubuntu3.3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed