10 matches found
openSUSE Security Update : subversion (openSUSE-SU-2013:1860-1)
This update fixes the following issues with subversion : - bnc850747: update to 1.7.14 - CVE-2013-4505: moddontdothat does not restrict requests from serf clients. - CVE-2013-4558: moddavsvn assertion triggered by autoversioning commits. + Client- and server-side bugfixes : - fix assertion on url...
openSUSE Security Update : subversion (openSUSE-SU-2013:1836-1)
This update fixes the following issues with subversion CVE-2013-4505,CVE-2013-4558 : - bnc850747: update to 1.8.5 - CVE-2013-4505: moddontdothat does not restrict requests from serf clients. - CVE-2013-4558: moddavsvn assertion triggered by autoversioning commits. + Client-side bugfixes : - fix...
[slackware-security] subversion (SSA:2014-058-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2014-058-01 New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...
Fedora Update for subversion FEDORA-2013-22575
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Subversion 1.4.x - 1.7.13 / 1.8.x < 1.8.5 Multiple DoS
The installed version of Subversion Server is affected by multiple denial of service vulnerabilities : - An error exists related to the 'moddontdothat' module and handling relative URLs sent from serf-based clients. CVE-2013-4505 - An error exists related to the 'moddavsvn' module and handling...
Mandriva Linux Security Advisory : subversion (MDVSA-2013:288)
Updated subversion package fixes security vulnerabilities : moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many case...
CVE-2013-4505
The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...
DEBIAN-CVE-2013-4505
The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...
CVE-2013-4505
CVE-2013-4505 affects Apache Subversion: is_this_legal bypasses access restrictions in mod_dontdothat, enabling a remote attacker to trigger resource consumption/DoS via a crafted relative URL in a REPORT request for Subversion 1.4.0–1.7.13 and 1.8.0–1.8.4. Public advisories and OpenVAS/Nessus pl...
CVE-2013-4505
The isthislegal function in moddontdothat for Apache Subversion 1.4.0 through 1.7.13 and 1.8.0 through 1.8.4 allows remote attackers to bypass intended access restrictions and possibly cause a denial of service resource consumption via a relative URL in a REPORT request...