[ubuntu/lucid-security] subversion_1.6.6dfsg-2ubuntu1.3_sparc_translations.tar.gz, subversion_1.6.6dfsg-2ubuntu1.3_ia64_translations.tar.gz, subversion_1.6.6dfsg-2ubuntu1.3_amd64_translations.tar.gz, subversion_1.6.6dfsg-2ubuntu1.3_i386_translations.tar.gz, subversion_1.6.6dfsg-2ubuntu1.3_armel_translations.tar.gz, subversion, subversion_1.6.6dfsg-2ubuntu1.3_powerpc_translations.tar.gz 1.6.6dfsg-2ubuntu1.3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Jun 6 14:04:23 UTC 2011
subversion (1.6.6dfsg-2ubuntu1.3) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via baselined WebDAV resource
request
- debian/patches/CVE-2011-1752.patch: disallow GETs of baselined
versions of resources in subversion/mod_dav_svn/repos.c.
- CVE-2011-1752
* SECURITY UPDATE: mod_dav_svn resource exhaustion via infinite loop
- debian/patches/CVE-2011-1783.patch: validate path in
subversion/libsvn_repos/authz.c.
- CVE-2011-1783
* SECURITY UPDATE: mod_dav_svn permissions bypass via incorrect
resource URL
- debian/patches/CVE-2011-1921.patch: validate path in
subversion/mod_dav_svn/authz.c.
- CVE-2011-1921
Date: Thu, 02 Jun 2011 13:27:51 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/subversion/1.6.6dfsg-2ubuntu1.3
-------------- next part --------------
Format: 1.8
Date: Thu, 02 Jun 2011 13:27:51 -0400
Source: subversion
Binary: subversion libsvn1 libsvn-dev libsvn-doc libapache2-svn python-subversion python-subversion-dbg subversion-tools libsvn-java libsvn-perl libsvn-ruby1.8 libsvn-ruby
Architecture: source
Version: 1.6.6dfsg-2ubuntu1.3
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
libapache2-svn - Subversion server modules for Apache
libsvn-dev - Development files for Subversion libraries
libsvn-doc - Developer documentation for libsvn
libsvn-java - Java bindings for Subversion
libsvn-perl - Perl bindings for Subversion
libsvn-ruby - Ruby bindings for Subversion (dummy package)
libsvn-ruby1.8 - Ruby bindings for Subversion
libsvn1 - Shared libraries used by Subversion
python-subversion - Python bindings for Subversion
python-subversion-dbg - Python bindings for Subversion (debug extension)
subversion - Advanced version control system
subversion-tools - Assorted tools related to Subversion
Changes:
subversion (1.6.6dfsg-2ubuntu1.3) lucid-security; urgency=low
.
* SECURITY UPDATE: denial of service via baselined WebDAV resource
request
- debian/patches/CVE-2011-1752.patch: disallow GETs of baselined
versions of resources in subversion/mod_dav_svn/repos.c.
- CVE-2011-1752
* SECURITY UPDATE: mod_dav_svn resource exhaustion via infinite loop
- debian/patches/CVE-2011-1783.patch: validate path in
subversion/libsvn_repos/authz.c.
- CVE-2011-1783
* SECURITY UPDATE: mod_dav_svn permissions bypass via incorrect
resource URL
- debian/patches/CVE-2011-1921.patch: validate path in
subversion/mod_dav_svn/authz.c.
- CVE-2011-1921
Checksums-Sha1:
d866976110c17d95e6274b3446190af0989ce5ba 2683 subversion_1.6.6dfsg-2ubuntu1.3.dsc
025beb076ad326a1cf693c8b5ca82f36118d10e0 114531 subversion_1.6.6dfsg-2ubuntu1.3.diff.gz
Checksums-Sha256:
71630479dd77b833593d9282fd31f64bc0a44e36804aeadb4aece6cce3309e81 2683 subversion_1.6.6dfsg-2ubuntu1.3.dsc
3f86c96729ba5862a0a4f4c16c67dec646eafee6696dda9727fd7597846102f8 114531 subversion_1.6.6dfsg-2ubuntu1.3.diff.gz
Files:
9c2b39b1b6ac55cc716a4a5133131614 2683 vcs optional subversion_1.6.6dfsg-2ubuntu1.3.dsc
32f932008f6154335fa5f8347ceb55a9 114531 vcs optional subversion_1.6.6dfsg-2ubuntu1.3.diff.gz
Original-Maintainer: Peter Samuelson <peter at p12n.org>
More information about the Lucid-changes
mailing list