User: Password:
Subscribe / Log in / New account

subversion: denial of service

Package(s):subversion CVE #(s):CVE-2013-1968 CVE-2013-2112
Created:June 10, 2013 Updated:June 28, 2013
Description: From the Debian advisory:

CVE-2013-1968: Subversion repositories with the FSFS repository data store format can be corrupted by newline characters in filenames. A remote attacker with a malicious client could use this flaw to disrupt the service for other users using that repository.

CVE-2013-2112: Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process. A remote attacker can cause svnserve to exit and thus deny service to users of the server.

Scientific Linux SLSA-2014:0255-1 subversion 2014-03-05
Oracle ELSA-2014-0255 subversion 2014-03-05
Oracle ELSA-2014-0255 subversion 2014-03-05
CentOS CESA-2014:0255 subversion 2014-03-06
CentOS CESA-2014:0255 subversion 2014-03-06
Red Hat RHSA-2014:0255-01 subversion 2014-03-05
Gentoo 201309-11 subversion 2013-09-23
Fedora FEDORA-2013-13672 subversion 2013-08-15
openSUSE openSUSE-SU-2013:1139-1 subversion 2013-07-04
Ubuntu USN-1893-1 subversion 2013-06-27
Mageia MGASA-2013-0175 subversion 2013-06-19
openSUSE openSUSE-SU-2013:1006-1 subversion 2013-06-14
Mandriva MDVSA-2013:173 subversion 2013-06-13
Debian DSA-2703-1 subversion 2013-06-09

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds