Lucene search

K

Gentoo FoundationMGASA-2014-0105

HistoryFeb 28, 2014 - 2:00 a.m.

Updated subversion packages fix CVE-2014-0032

2014-02-2802:00:06

Gentoo Foundation

advisories.mageia.org

12

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.139 Low

EPSS

Percentile

95.6%

Updated subversion packages fix security vulnerability: The mod_dav_svn module in Apache Subversion before 1.8.8, when SVNListParentPath is enabled, allows remote attackers to cause a denial of service (crash) via an OPTIONS request (CVE-2014-0032). The package has been updated to version 1.8.8, which fixes this issue, as well as several others.

OSVersionArchitecturePackageVersionFilename
Mageia4noarchsubversion< 1.8.8-1subversion-1.8.8-1.mga4

References

bugs.mageia.org/show_bug.cgi?id=12768.mga4

mail-archives.apache.org/mod_mbox/subversion-dev/201402.mbox/%[email protected]%3E

subversion.apache.org/security/CVE-2014-0032-advisory.txt

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.139 Low

EPSS

Percentile

95.6%

Related for MGASA-2014-0105

openvas17 nessus18 debiancve1 cve1 veracode1 freebsd1 ubuntucve1 fedora2 kaspersky1 amazon1 mageia1 prion1 securityvulns4 redhat1 ubuntu1 slackware1 oraclelinux1 centos1 debian1 osv1 gentoo1