Gentoo Linux Security Advisory 201610-5 - Multiple vulnerabilities have been found in Subversion and Serf, the worst of which could lead to execution of arbitrary code. Versions less than 1.9.4 are affected.
6fc3d8b062f4dd9dd7a5b8d8121065ad62aa138fd8e27bec35dc5e71fb9cd7e8Apple Security Advisory 2015-09-16-2 - Xcode 7.0 is now available and addresses traffic inspection, access bypass, and various other vulnerabilities.
7a3af52221713d401a1c4f2c0809a381ca1e1c7cc53f03c7a03efe9fde6277f6Red Hat Security Advisory 2015-1742-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server to crash.
5598afe1762e5d2f9730eef6f62ee1c4319359beffb6f3ee693c7c00a2399fd6Ubuntu Security Notice 2721-1 - It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. It was discovered that the Subversion mod_dav_svn module incorrectly handled requests requiring a lookup for a virtual transaction name that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.
bf924d06c07de07ad62f90ddaca26ec6d2f16b7478d76f99c2a041bc556bda43Red Hat Security Advisory 2015-1633-01 - Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. The mod_dav_svn module is used with the Apache HTTP Server to allow access to Subversion repositories via HTTP. An assertion failure flaw was found in the way the SVN server processed certain requests with dynamically evaluated revision numbers. A remote attacker could use this flaw to cause the SVN server to crash.
d091320b57163b4490f94feff3ef41c63366f20353500a6e770c256ec6180c43Debian Linux Security Advisory 3231-1 - Several vulnerabilities were discovered in Subversion, a version control system.
b713fc8d250561a0258c3f5d80214cbca484512f312bc325fcdb64bddbe08dbaMandriva Linux Security Advisory 2015-192 - Multiple vulnerabilities has been discovered and corrected in subversion. Subversion HTTP servers with FSFS repositories are vulnerable to a remotely triggerable excessive memory use with certain REPORT requests. Subversion mod_dav_svn and svnserve are vulnerable to a remotely triggerable assertion DoS vulnerability for certain requests with dynamically evaluated revision numbers. Subversion HTTP servers allow spoofing svn:author property values for new revisions. The updated packages have been upgraded to the 1.7.20 and 1.8.13 versions where these security flaws has been fixed.
829bf7383ff71da085f5217b201c2b0b0c211ea29983b39d9bc74aa6de7c36fc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed