[ubuntu/quantal-updates] subversion 1.7.5-1ubuntu2.1 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Jun 27 17:58:10 UTC 2013
subversion (1.7.5-1ubuntu2.1) quantal-security; urgency=low
* SECURITY UPDATE: denial of service in mod_dav_svn
- debian/patches/CVE-2013-1845.patch: handle multiple calls in
subversion/mod_dav_svn/deadprops.c.
- CVE-2013-1845
* SECURITY UPDATE: denial of service in mod_dav_svn via LOCK
- debian/patches/CVE-2013-1846_1847.patch: properly validate locks in
subversion/mod_dav_svn/lock.c.
- CVE-2013-1846
- CVE-2013-1847
* SECURITY UPDATE: denial of service in mod_dav_svn via PROPFIND
- debian/patches/CVE-2013-1849.patch: validate type in
subversion/mod_dav_svn/liveprops.c.
- CVE-2013-1849
* SECURITY UPDATE: denial of service in mod_dav_svn via log REPORT
- debian/patches/CVE-2013-1884.patch: fix error handling in
subversion/mod_dav_svn/reports/log.c.
- CVE-2013-1884
* SECURITY UPDATE: repo corruption via newline chars in filenames
- debian/patches/CVE-2013-1968.patch: properly escape paths in
subversion/libsvn_fs_fs/tree.c, added test to
subversion/tests/libsvn_fs/fs-test.c.
- CVE-2013-1968
* SECURITY UPDATE: denial of service via closed connection
- debian/patches/CVE-2013-2112.patch: check for closed connections in
subversion/svnserve/main.c.
- CVE-2013-2112
Date: 2013-06-22 03:45:12.790624+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/quantal/+source/subversion/1.7.5-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Quantal-changes
mailing list