subversion -- multiple vulnerabilities

ID 57BB5E3D-3C4F-11E5-A4D4-001E8C75030D
Type freebsd
Reporter FreeBSD
Modified 2015-07-27T00:00:00


Subversion reports:

CVE-2015-3184: Subversion's mod_authz_svn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. CVE-2015-3187: Subversion servers, both httpd and svnserve, will reveal some paths that should be hidden by path-based authz.