(RHSA-2022:2222) Important: subversion:1.10 security update

2022-05-1120:49:09

access.redhat.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

49.7%

JSON

Subversion (SVN) is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes.

Security Fix(es):

subversion: Subversion’s mod_dav_svn is vulnerable to memory corruption (CVE-2022-24070)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanys390xutf8proc-debugsource< 2.1.1-5.module+el8.3.0+6671+2675c974utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm
RedHatanyppc64lesubversion-tools-debuginfo< 1.10.2-5.module+el8.4.0+15158+80ea2a4dsubversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm
RedHatanys390xsubversion-libs< 1.10.2-5.module+el8.4.0+15158+80ea2a4dsubversion-libs-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm
RedHatanyppc64lesubversion-debugsource< 1.10.2-5.module+el8.4.0+15158+80ea2a4dsubversion-debugsource-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm
RedHatanyaarch64subversion-tools-debuginfo< 1.10.2-5.module+el8.4.0+15158+80ea2a4dsubversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm
RedHatanyaarch64mod_dav_svn-debuginfo< 1.10.2-5.module+el8.4.0+15158+80ea2a4dmod_dav_svn-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm
RedHatanys390xlibserf< 1.3.9-9.module+el8.3.0+6671+2675c974libserf-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm
RedHatanys390xsubversion< 1.10.2-5.module+el8.4.0+15158+80ea2a4dsubversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm
RedHatanys390xsubversion-perl< 1.10.2-5.module+el8.4.0+15158+80ea2a4dsubversion-perl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm
RedHatanyaarch64libserf< 1.3.9-9.module+el8.3.0+6671+2675c974libserf-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	s390x	utf8proc-debugsource	< 2.1.1-5.module+el8.3.0+6671+2675c974	utf8proc-debugsource-2.1.1-5.module+el8.3.0+6671+2675c974.s390x.rpm
RedHat	any	ppc64le	subversion-tools-debuginfo	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	subversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm
RedHat	any	s390x	subversion-libs	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	subversion-libs-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm
RedHat	any	ppc64le	subversion-debugsource	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	subversion-debugsource-1.10.2-5.module+el8.4.0+15158+80ea2a4d.ppc64le.rpm
RedHat	any	aarch64	subversion-tools-debuginfo	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	subversion-tools-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm
RedHat	any	aarch64	mod_dav_svn-debuginfo	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	mod_dav_svn-debuginfo-1.10.2-5.module+el8.4.0+15158+80ea2a4d.aarch64.rpm
RedHat	any	s390x	libserf	< 1.3.9-9.module+el8.3.0+6671+2675c974	libserf-1.3.9-9.module+el8.3.0+6671+2675c974.s390x.rpm
RedHat	any	s390x	subversion	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	subversion-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm
RedHat	any	s390x	subversion-perl	< 1.10.2-5.module+el8.4.0+15158+80ea2a4d	subversion-perl-1.10.2-5.module+el8.4.0+15158+80ea2a4d.s390x.rpm
RedHat	any	aarch64	libserf	< 1.3.9-9.module+el8.3.0+6671+2675c974	libserf-1.3.9-9.module+el8.3.0+6671+2675c974.aarch64.rpm