12 matches found
openSUSE Security Update : subversion (openSUSE-SU-2013:1860-1)
This update fixes the following issues with subversion : - bnc850747: update to 1.7.14 - CVE-2013-4505: moddontdothat does not restrict requests from serf clients. - CVE-2013-4558: moddavsvn assertion triggered by autoversioning commits. + Client- and server-side bugfixes : - fix assertion on url...
openSUSE Security Update : subversion (openSUSE-SU-2013:1836-1)
This update fixes the following issues with subversion CVE-2013-4505,CVE-2013-4558 : - bnc850747: update to 1.8.5 - CVE-2013-4505: moddontdothat does not restrict requests from serf clients. - CVE-2013-4558: moddavsvn assertion triggered by autoversioning commits. + Client-side bugfixes : - fix...
[slackware-security] subversion (SSA:2014-058-01)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security subversion SSA:2014-058-01 New subversion packages are available for Slackware 14.0, 14.1, and -current to fix denial-of-service issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...
Fedora Update for subversion FEDORA-2013-22575
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Subversion 1.4.x - 1.7.13 / 1.8.x < 1.8.5 Multiple DoS
The installed version of Subversion Server is affected by multiple denial of service vulnerabilities : - An error exists related to the 'moddontdothat' module and handling relative URLs sent from serf-based clients. CVE-2013-4505 - An error exists related to the 'moddavsvn' module and handling...
Mandriva Linux Security Advisory : subversion (MDVSA-2013:288)
Updated subversion package fixes security vulnerabilities : moddontdothat allows you to block update REPORT requests against certain paths in the repository. It expects the paths in the REPORT request to be absolute URLs. Serf based clients send relative URLs instead of absolute URLs in many case...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...
CVE-2013-4558
CVE-2013-4558 affects Subversion’s mod_dav_svn in Apache HTTPD when built with assertions and SVNAutoversioning enabled, allowing remote DoS via a non-canonical URL (trailing /). Affected versions: Subversion 1.7.11–1.7.13 and 1.8.1–1.8.4. Root cause: assertion triggered by non-canonical requests...
CVE-2013-4558
The getparentresource function in repos.c in moddavsvn Apache HTTPD server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4, when built with assertions enabled and SVNAutoversioning is enabled, allows remote attackers to cause a denial of service assertion failure and Apache...