exploit the possibilities

Apache Subversion Arbitrary Code Execution

Apache Subversion Arbitrary Code Execution
Posted Aug 11, 2017
Site subversion.apache.org

Apache Subversion has released version 1.9.7 which addresses an arbitrary code execution vulnerability.

tags | advisory, arbitrary, code execution
advisories | CVE-2017-9800
MD5 | dcd92c75f829615ac0c6e648fc7ed87a

Apache Subversion Arbitrary Code Execution

Change Mirror Download
I'm happy to announce the release of Apache Subversion 1.9.7.
Please choose the mirror closest to you by visiting:

http://subversion.apache.org/download.cgi?update=201708081800#recommended-release

This is a stable security release of the Apache Subversion open source
version control system. It fixes one security issue:

CVE-2017-9800:
Arbitrary code execution on clients through malicious svn+ssh URLs in
svn:externals and svn:sync-from-url
http://subversion.apache.org/security/CVE-2017-9800-advisory.txt

The SHA1 checksums are:

874b81749cdc3e88152d103243c3623ac6338388 subversion-1.9.7.tar.bz2
1a5f48acf9d0faa60e8c7aea96a9b29ab1d4dcac subversion-1.9.7.tar.gz
741727b62596bf27f75838c46d1bb6938c83fbd7 subversion-1.9.7.zip

SHA-512 checksums are available at:

https://www.apache.org/dist/subversion/subversion-1.9.7.tar.bz2.sha512
https://www.apache.org/dist/subversion/subversion-1.9.7.tar.gz.sha512
https://www.apache.org/dist/subversion/subversion-1.9.7.zip.sha512

PGP Signatures are available at:

http://www.apache.org/dist/subversion/subversion-1.9.7.tar.bz2.asc
http://www.apache.org/dist/subversion/subversion-1.9.7.tar.gz.asc
http://www.apache.org/dist/subversion/subversion-1.9.7.zip.asc

For this release, the following people have provided PGP signatures:

Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint:
8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint:
8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
Evgeny Kotkov [4096R/B64FFF1209F9FA74] with fingerprint:
E7B2 A7F4 EC28 BE9F F8B3 8BA4 B64F FF12 09F9 FA74
Stefan Hett (CODE SIGNING KEY) [4096R/376A3CFD110B1C95] with fingerprint:
7B8C A7F6 451A D89C 8ADC 077B 376A 3CFD 110B 1C95
Daniel Shahaf [3072R/A5FEEE3AC7937444] with fingerprint:
E966 46BE 08C0 AF0A A0F9 0788 A5FE EE3A C793 7444
Philip Martin [2048R/76D788E1ED1A599C] with fingerprint:
A844 790F B574 3606 EE95 9207 76D7 88E1 ED1A 599C

Release notes for the 1.9.x release series may be found at:

http://subversion.apache.org/docs/release-notes/1.9.html

You can find the list of changes between 1.9.7 and earlier versions at:

http://svn.apache.org/repos/asf/subversion/tags/1.9.7/CHANGES

Questions, comments, and bug reports to users@subversion.apache.org.

Thanks,
- The Subversion Team
Login or Register to add favorites

File Archive:

December 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    18 Files
  • 2
    Dec 2nd
    11 Files
  • 3
    Dec 3rd
    23 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close