Gentoo Linux Security Advisory 201309-11 - Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. Versions less than 1.7.13 are affected.
bfe40a4d66f395924c269877ddf68f495d3d3de142a58bf24a97c981c9b7c9d4
Mandriva Linux Security Advisory 2011-067 - The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service via a request that contains a lock token. Additionally for Corporate Server 4 and Enterprise Server 5 subversion have been upgraded to the 1.6.16 version due to of numerous upstream fixes and new features, the serf packages has also been upgraded to the now required 0.3.0 version.
3cec616a438351034abd1c3dda5c73b15ac0e5c808ea9988cf3f894ae6f07cda
Ubuntu Security Notice 1096-1 - Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.
caf09d37d15cd9024d30be254cdbcd8d0dec859eca34954ae6628f15010273e9
Debian Linux Security Advisory 2182-1 - Dominik George discovered that logwatch does not guard against shell meta-characters in crafted log file names (such as those produced by Samba). As a result, an attacker might be able to execute shell commands on the system running logwatch.
548c3405f723bbc0a955c810f5dbbc1ee409bd46f33395e87ee981bc1dff36bc
Debian Linux Security Advisory 2181-1 - Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access.
e279a1bcfe680594e3d3bf9362b9c8c66ae64ddd00c4ec601e1ee978f8fea16d