subversion -- multiple DoS

2011-01-02T00:00:00
ID 71612099-1E93-11E0-A587-001B77D09812
Type freebsd
Reporter FreeBSD
Modified 2011-01-02T00:00:00

Description

Entry for CVE-2010-4539 says:

The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.15, allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) via vectors that trigger the walking of SVNParentPath collections.

Entry for CVE-2010-4644 says:

Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated users to cause a denial of service (memory consumption and daemon crash) via the -g option to the blame command.