4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.013 Low
EPSS
Percentile
85.4%
Package : subversion
Version : 1.6.12dfsg-7+deb6u2
CVE ID : CVE-2013-1845 CVE-2013-1846 CVE-2013-1847 CVE-2013-1849
CVE-2014-0032 CVE-2015-0248 CVE-2015-0251
Debian Bug : 704940 737815
Several vulnerabilities were discovered in Subversion, a version control
system. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2015-0248
Subversion mod_dav_svn and svnserve were vulnerable to a remotely
triggerable assertion DoS vulnerability for certain requests with
dynamically evaluated revision numbers.
CVE-2015-0251
Subversion HTTP servers allow spoofing svn:author property values for
new revisions via specially crafted v1 HTTP protocol request
sequences.
CVE-2013-1845
Subversion mod_dav_svn was vulnerable to a denial of service attack
through a remotely triggered memory exhaustion.
CVE-2013-1846 / CVE-2013-1847 / CVE-2013-1849 / CVE-2014-0032
Subversion mod_dav_svn was vulnerable to multiple remotely triggered
crashes.
This update has been prepared by James McCoy.
–
Raphaël Hertzog ◈ Debian Developer
Support Debian LTS: http://www.freexian.com/services/debian-lts.html
Learn to master Debian: http://debian-handbook.info/get/
Attachment:
signature.asc
Description: Digital signature
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 7 | mips | libsvn-dev | < 1.6.17dfsg-4+deb7u2 | libsvn-dev_1.6.17dfsg-4+deb7u2_mips.deb |
Debian | 6 | all | libsvn-ruby | < 1.6.12dfsg-7+deb6u2 | libsvn-ruby_1.6.12dfsg-7+deb6u2_all.deb |
Debian | 7 | all | libsvn-ruby | < 1.6.17dfsg-4+deb7u2 | libsvn-ruby_1.6.17dfsg-4+deb7u2_all.deb |
Debian | 6 | amd64 | libsvn1 | < 1.6.12dfsg-7+deb6u2 | libsvn1_1.6.12dfsg-7+deb6u2_amd64.deb |
Debian | 7 | powerpc | libsvn1 | < 1.6.17dfsg-4+deb7u2 | libsvn1_1.6.17dfsg-4+deb7u2_powerpc.deb |
Debian | 7 | s390x | libsvn-java | < 1.6.17dfsg-4+deb7u2 | libsvn-java_1.6.17dfsg-4+deb7u2_s390x.deb |
Debian | 7 | kfreebsd-i386 | python-subversion | < 1.6.17dfsg-4+deb7u2 | python-subversion_1.6.17dfsg-4+deb7u2_kfreebsd-i386.deb |
Debian | 7 | ia64 | subversion | < 1.6.17dfsg-4+deb7u2 | subversion_1.6.17dfsg-4+deb7u2_ia64.deb |
Debian | 7 | ia64 | libsvn1 | < 1.6.17dfsg-4+deb7u2 | libsvn1_1.6.17dfsg-4+deb7u2_ia64.deb |
Debian | 7 | sparc | libapache2-svn | < 1.6.17dfsg-4+deb7u2 | libapache2-svn_1.6.17dfsg-4+deb7u2_sparc.deb |