Several vulnerabilities were discovered in Subversion, a version control
system. The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2015-0248
Subversion mod_dav_svn and svnserve were vulnerable to a remotely
triggerable assertion DoS vulnerability for certain requests with
dynamically evaluated revision numbers.
- CVE-2015-0251
Subversion HTTP servers allow spoofing svn:author property values for
new revisions via specially crafted v1 HTTP protocol request
sequences.
- CVE-2013-1845
Subversion mod_dav_svn was vulnerable to a denial of service attack
through a remotely triggered memory exhaustion.
- CVE-2013-1846 / CVE-2013-1847 / CVE-2013-1849 / CVE-2014-0032
Subversion mod_dav_svn was vulnerable to multiple remotely triggered
crashes.
This update has been prepared by James McCoy.