Ubuntu Security Notice 3388-2 - USN-3388-1 fixed several vulnerabilities in Subversion. This update provides the corresponding update for Ubuntu 12.04 ESM. Ivan Zhakov discovered that Subversion did not properly handle some requests. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
a687e5391fa1b5969d8465cd6fe1b7abad9ba098f227067976e565ef0aebea20Ubuntu Security Notice 3388-1 - Joern Schneeweisz discovered that Subversion did not properly handle host names in 'svn+ssh://' URLs. A remote attacker could use this to construct a subversion repository that when accessed could run arbitrary code with the privileges of the user. Daniel Shahaf and James McCoy discovered that Subversion did not properly verify realms when using Cyrus SASL authentication. A remote attacker could use this to possibly bypass intended access restrictions. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
afb947313ea3b2743fc9ec546b5a4c8ac5e42c19227852d40f19315d56ae31a2Gentoo Linux Security Advisory 201610-5 - Multiple vulnerabilities have been found in Subversion and Serf, the worst of which could lead to execution of arbitrary code. Versions less than 1.9.4 are affected.
6fc3d8b062f4dd9dd7a5b8d8121065ad62aa138fd8e27bec35dc5e71fb9cd7e8Slackware Security Advisory - New subversion packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
384ed0f0e1971c9917b9b019f463d5f21891e2feea3e327669254736a355f117Debian Linux Security Advisory 3561-1 - Several vulnerabilities were discovered in Subversion, a version control system.
a3ddda805ec7e1179854aceee79c5936746ae42436b7a540717028d63bfd07a6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed