[ MDVSA-2015:192 ] subversion

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:192
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : subversion
 Date    : April 3, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in
 subversion:
 
 Subversion HTTP servers with FSFS repositories are vulnerable to a
 remotely triggerable excessive memory use with certain REPORT requests
 (CVE-2015-0202).
 
 Subversion mod_dav_svn and svnserve are vulnerable to a remotely
 triggerable assertion DoS vulnerability for certain requests with
 dynamically evaluated revision numbers (CVE-2015-0248).
 
 Subversion HTTP servers allow spoofing svn:author property values
 for new revisio

Leave a Reply