|
|
Subscribe / Log in / New account

Debian alert DLA-4127-1 (subversion)



From:
              Adrian Bunk <bunk@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 4127-1] subversion security update


Date:
              Sun, 13 Apr 2025 21:53:27 +0300


Message-ID:
              <Z/wIJxkaVTnEIGy4@localhost>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4127-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
April 13, 2025                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : subversion
Version        : 1.14.1-3+deb11u2
CVE ID         : CVE-2024-46901

Denial-of-service via control characters in paths has been fixed in the 
mod_dav_svn module of the version control system Subversion.

For Debian 11 bullseye, this problem has been fixed in version
1.14.1-3+deb11u2.

We recommend that you upgrade your subversion packages.

For the detailed security status of subversion please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/subversion

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmf8CCcACgkQiNJCh6LY
mLGxaQ/9E7+gGI5axRrz5EQDH6o+Sbk4kOZNdYTtJz1LPIe8+tW+qhxoZiHuApgx
+DCZh+4oQzgYbt/dEuG73scdVhTdvs/KhkjAdOj3zYO9Z0VI321uxNFToyHkcpZh
9RfVHC4t+yUnX/v0YxbF/EckIqUpDP6QeKacI5lcNWLrKlqfal+JkC+uXWo34NCp
0LrlHa+jq6mf6ZpR7QNzWpy4EGjHyI9cSVgrC7iI1WUA/uoqJG7qrD2PtMPdfZyE
tVG+Tq+6W51iQlDKfjtspHm4dtuVw7Bb/znStfCeFeqdSTdfP40rtqkS240alr1m
VACF3xDpoMSA6J+y7STUTZ9H7+8EJEuDTYbU4f/DLjgqXtjvVSMCM/O4OQBIMjBN
xmDAuK43KOnuf2tJKnw12d4dEBt57GlO0qBbCrGCThCuX7e/t7xLtYbp6nWDI/QQ
S4oj4NzotTplOb3IA62ilvbGwX4FSZKLGrLBH/l3enhhsBbRh4j+rXRi5QYNi8mv
hHvdvAqpQdsQK6AKI4VlJuZuVYkPJzs6Ujx29EbOQAna1Zs25NK1iV522I1OVTbA
9ZoTI/NKy0Da7H/aAtA6HW14+ueFnjUWOb2zcswvy65F//wIBq4jwKVdr5+YeAQ1
WkSPaUSztKA7If9Z9UkOS5FUNO8i/dtHXqXOVCMKQm6j7rP9n7k=
=mAXG
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds