openSUSE Security Update : subversion (openSUSE-SU-2013:1836-1)

2014-06-1300:00:00

www.tenable.com

JSON

This update fixes the following issues with subversion (CVE-2013-4505,CVE-2013-4558) :

bnc#850747: update to 1.8.5
CVE-2013-4505: mod_dontdothat does not restrict requests from serf clients.
CVE-2013-4558: mod_dav_svn assertion triggered by autoversioning commits.

Client-side bugfixes :

fix externals that point at redirected locations
diff: fix assertion with move inside a copy

Server-side bugfixes :

mod_dav_svn: Prevent crashes with some 3rd party modules
mod_dav_svn: canonicalize paths properly
mod_authz_svn: fix crash of mod_authz_svn with invalid config
hotcopy: fix hotcopy losing revprop files in packed repos

Other tool improvements and bugfixes :

mod_dontdothat: Fix the uri parser

Developer-visible changes :

fix compilation with ‘–enable-optimize’ with clang
add test to fail when built against broken ZLib

Bindings :

ctypes-python: build with compiler selected via configure
require python-sqlite when running regression tests for all targets, no longer pulled in implicitly
print error logs on regression test failures
fix regression tests for ppc/ppc64 architectures, found in openSUSE package build and fixed with upstream developers
if running regression tests, also run them against bdb backend
update keyring, use Subversion Project Management Committee keyring rather than all committers

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2013-942.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(75223);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2013-4505", "CVE-2013-4558");

  script_name(english:"openSUSE Security Update : subversion (openSUSE-SU-2013:1836-1)");
  script_summary(english:"Check for the openSUSE-2013-942 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes the following issues with subversion
(CVE-2013-4505,CVE-2013-4558) :

  - bnc#850747: update to 1.8.5

  - CVE-2013-4505: mod_dontdothat does not restrict requests
    from serf clients.

  - CVE-2013-4558: mod_dav_svn assertion triggered by
    autoversioning commits.

  + Client-side bugfixes :

  - fix externals that point at redirected locations

  - diff: fix assertion with move inside a copy

  + Server-side bugfixes :

  - mod_dav_svn: Prevent crashes with some 3rd party modules

  - mod_dav_svn: canonicalize paths properly

  - mod_authz_svn: fix crash of mod_authz_svn with invalid
    config

  - hotcopy: fix hotcopy losing revprop files in packed
    repos

  + Other tool improvements and bugfixes :

  - mod_dontdothat: Fix the uri parser

  + Developer-visible changes :

  - fix compilation with '--enable-optimize' with clang

  - add test to fail when built against broken ZLib

  + Bindings :

  - ctypes-python: build with compiler selected via
    configure

  - require python-sqlite when running regression tests for
    all targets, no longer pulled in implicitly

  - print error logs on regression test failures

  - fix regression tests for ppc/ppc64 architectures, found
    in openSUSE package build and fixed with upstream
    developers

  - if running regression tests, also run them against bdb
    backend

  - update keyring, use Subversion Project Management
    Committee keyring rather than all committers"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=850667"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=850747"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://lists.opensuse.org/opensuse-updates/2013-12/msg00029.html"
  );
  script_set_attribute(
    attribute:"solution", 
    value:"Update the affected subversion packages."
  );
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-bash-completion");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-debugsource");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-perl-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-python-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-ruby");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-ruby-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-server-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:subversion-tools-debuginfo");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:13.1");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/11/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2014/06/13");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE13\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "13.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

ourarch = get_kb_item("Host/cpu");
if (!ourarch) audit(AUDIT_UNKNOWN_ARCH);
if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch);

flag = 0;

if ( rpm_check(release:"SUSE13.1", reference:"libsvn_auth_gnome_keyring-1-0-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libsvn_auth_gnome_keyring-1-0-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libsvn_auth_kwallet-1-0-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"libsvn_auth_kwallet-1-0-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-bash-completion-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-debugsource-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-devel-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-perl-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-perl-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-python-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-python-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-ruby-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-ruby-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-server-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-server-debuginfo-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-tools-1.8.5-2.11.1") ) flag++;
if ( rpm_check(release:"SUSE13.1", reference:"subversion-tools-debuginfo-1.8.5-2.11.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());
  else security_note(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "subversion");
}

VendorProductVersionCPE
novellopensuselibsvn_auth_gnome_keyring-1-0p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0
novellopensuselibsvn_auth_gnome_keyring-1-0-debuginfop-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo
novellopensuselibsvn_auth_kwallet-1-0p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0
novellopensuselibsvn_auth_kwallet-1-0-debuginfop-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo
novellopensusesubversionp-cpe:/a:novell:opensuse:subversion
novellopensusesubversion-bash-completionp-cpe:/a:novell:opensuse:subversion-bash-completion
novellopensusesubversion-debuginfop-cpe:/a:novell:opensuse:subversion-debuginfo
novellopensusesubversion-debugsourcep-cpe:/a:novell:opensuse:subversion-debugsource
novellopensusesubversion-develp-cpe:/a:novell:opensuse:subversion-devel
novellopensusesubversion-perlp-cpe:/a:novell:opensuse:subversion-perl

Vendor	Product	Version	CPE
novell	opensuse	libsvn_auth_gnome_keyring-1-0	p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0
novell	opensuse	libsvn_auth_gnome_keyring-1-0-debuginfo	p-cpe:/a:novell:opensuse:libsvn_auth_gnome_keyring-1-0-debuginfo
novell	opensuse	libsvn_auth_kwallet-1-0	p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0
novell	opensuse	libsvn_auth_kwallet-1-0-debuginfo	p-cpe:/a:novell:opensuse:libsvn_auth_kwallet-1-0-debuginfo
novell	opensuse	subversion	p-cpe:/a:novell:opensuse:subversion
novell	opensuse	subversion-bash-completion	p-cpe:/a:novell:opensuse:subversion-bash-completion
novell	opensuse	subversion-debuginfo	p-cpe:/a:novell:opensuse:subversion-debuginfo
novell	opensuse	subversion-debugsource	p-cpe:/a:novell:opensuse:subversion-debugsource
novell	opensuse	subversion-devel	p-cpe:/a:novell:opensuse:subversion-devel
novell	opensuse	subversion-perl	p-cpe:/a:novell:opensuse:subversion-perl