27 matches found
About the security content of Xcode 7.3 - Apple Support
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website. For information about...
Fedora 22 : subversion-1.8.15-1.fc22 (2015-6efa349a85)
This update includes the latest stable release of Apache Subversion 1.8, version 1.8.15. This update fixes two security issues: CVE-2015-3184: Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4...
Fedora Update for subversion FEDORA-2015-6
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : subversion (openSUSE-2015-949)
This update fixes the following security issues : - CVE-2015-5343: Possible remotely triggerable heap overflow and out-of-bounds read in moddavsvn caused by integer overflow when parsing skel-encoded request bodies. bsc958300 - CVE-2015-3184: modauthzsvn information leak information in mixed...
Oracle: Security Advisory (ELSA-2015-1742)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : subversion (RHSA-2015:1742)
Updated subversion packages that fix multiple security issues are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Oracle Linux 7 : subversion (ELSA-2015-1742)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-1742 advisory. 1.7.14-7.1 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187 Tenable has extracted the preceding description block...
Scientific Linux Security Update : subversion on SL7.x x86_64 (20150908)
An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server both svnserve and httpd with the moddavsvn module to crash. CVE-2015-0248 It was found that the...
CentOS Update for mod_dav_svn CESA-2015:1742 centos7
Check the version of moddavsvn SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882281";...
RedHat Update for subversion RHSA-2015:1742-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
subversion security update
1.7.14-7.1 - add security fixes for CVE-2015-0248, CVE-2015-0251, CVE-2015-3184, CVE-2015-3187...
Ubuntu 14.04 LTS : Subversion vulnerabilities (USN-2721-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2721-1 advisory. It was discovered that the Subversion moddavsvn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could us...
USN-2721-1 subversion vulnerabilities
It was discovered that the Subversion moddavsvn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...
USN-2721-1: Subversion vulnerabilities
It was discovered that the Subversion moddavsvn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...
openSUSE Security Update : subversion (openSUSE-2015-549)
subversion was updated to version 1.8.14 to fix two security issues. These security issues were fixed : - CVE-2015-3187: Information leak only paths that were hidden by path-based authz bsc939517. - CVE-2015-3184: Information leak in mixed anonymous/authenticated httpd dav configurations bsc93951...
Debian DSA-3331-1 : subversion - security update
Several security issues have been found in the server components of the version control system subversion. - CVE-2015-3184 Subversion's modauthzsvn does not properly restrict anonymous access in some mixed anonymous/authenticated environments when using Apache httpd 2.4. The result is that...
CVE-2015-3184
modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...
CVE-2015-3184
CVE-2015-3184 affects Subversion’s mod_authz_svn when used with Apache httpd 2.4.x. The issue is an improper restriction of anonymous access in Subversion 1.7.x (before 1.7.21) and 1.8.x (before 1.8.14), which allows remote anonymous users to read hidden files via the path name. Affected product:...
CVE-2015-3184
modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...
CVE-2015-3184
modauthzsvn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x before 1.8.14, when using Apache httpd 2.4.x, does not properly restrict anonymous access, which allows remote anonymous users to read hidden files via the path name...