openSUSE alert openSUSE-SU-2013:1286-1 (subversion) [LWN.net]


From:
    	       opensuse-security@opensuse.org 
To:
    	       opensuse-updates@opensuse.org 
Subject:
    	       openSUSE-SU-2013:1286-1: moderate: subversion: update to 1.7.11 
Date:
    	       Thu,  1 Aug 2013 10:04:09 +0200 (CEST)
Message-ID:
    	       <20130801080409.4DF6832076@maintenance.suse.de>
Archive-link:
    	       Article, Thread
              
   openSUSE Security Update: subversion: update to 1.7.11
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2013:1286-1
Rating:             moderate
References:         #830031 
Cross-References:   CVE-2013-4131
Affected Products:
                    openSUSE 12.3
                    openSUSE 12.2
______________________________________________________________________________

   An update that fixes one vulnerability is now available.

Description:


   Subversion was updated to 1.7.11 [bnc#830031] to fix bugs
   and security issues.
   * translation updates for Simplified Chinese
   * mod_dav_svn: fix incorrect path canonicalization
   (CVE-2013-4131)
   * javahl bindings: fix bug in error constructing code


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 12.3:

      zypper in -t patch openSUSE-2013-621

   - openSUSE 12.2:

      zypper in -t patch openSUSE-2013-621

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 12.3 (i586 x86_64):

      libsvn_auth_gnome_keyring-1-0-1.7.11-2.12.1
      libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.11-2.12.1
      libsvn_auth_kwallet-1-0-1.7.11-2.12.1
      libsvn_auth_kwallet-1-0-debuginfo-1.7.11-2.12.1
      subversion-1.7.11-2.12.1
      subversion-debuginfo-1.7.11-2.12.1
      subversion-debugsource-1.7.11-2.12.1
      subversion-devel-1.7.11-2.12.1
      subversion-perl-1.7.11-2.12.1
      subversion-perl-debuginfo-1.7.11-2.12.1
      subversion-python-1.7.11-2.12.1
      subversion-python-debuginfo-1.7.11-2.12.1
      subversion-server-1.7.11-2.12.1
      subversion-server-debuginfo-1.7.11-2.12.1
      subversion-tools-1.7.11-2.12.1
      subversion-tools-debuginfo-1.7.11-2.12.1

   - openSUSE 12.3 (noarch):

      subversion-bash-completion-1.7.11-2.12.1

   - openSUSE 12.2 (i586 x86_64):

      libsvn_auth_gnome_keyring-1-0-1.7.11-4.20.1
      libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.11-4.20.1
      libsvn_auth_kwallet-1-0-1.7.11-4.20.1
      libsvn_auth_kwallet-1-0-debuginfo-1.7.11-4.20.1
      subversion-1.7.11-4.20.1
      subversion-debuginfo-1.7.11-4.20.1
      subversion-debugsource-1.7.11-4.20.1
      subversion-devel-1.7.11-4.20.1
      subversion-perl-1.7.11-4.20.1
      subversion-perl-debuginfo-1.7.11-4.20.1
      subversion-python-1.7.11-4.20.1
      subversion-python-debuginfo-1.7.11-4.20.1
      subversion-server-1.7.11-4.20.1
      subversion-server-debuginfo-1.7.11-4.20.1
      subversion-tools-1.7.11-4.20.1
      subversion-tools-debuginfo-1.7.11-4.20.1

   - openSUSE 12.2 (noarch):

      subversion-bash-completion-1.7.11-4.20.1


References:

   http://support.novell.com/security/cve/CVE-2013-4131.html
   https://bugzilla.novell.com/830031
(Log in to post comments)