GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Mon Sep 23, 2013 11:26 pm Post subject: [ GLSA 201309-11 ] Subversion: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Subversion: Multiple vulnerabilities (GLSA 201309-11)
Severity: low
Exploitable: local, remote
Date: September 23, 2013
Bug(s): #350166, #356741, #369065, #463728, #463860, #472202, #482166
ID: 201309-11
Synopsis
Multiple vulnerabilities have been found in Subversion, allowing
attackers to cause a Denial of Service, escalate privileges, or obtain
sensitive information.
Background
Subversion is a versioning system designed to be a replacement for CVS.
Affected Packages
Package: dev-vcs/subversion
Vulnerable: < 1.7.13
Unaffected: >= 1.7.13
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Subversion. Please
review the CVE identifiers referenced below for details.
Impact
A remote attacker could cause a Denial of Service condition or obtain
sensitive information. A local attacker could escalate his privileges to
the user running svnserve.
Workaround
There is no known workaround at this time.
Resolution
All Subversion users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-vcs/subversion-1.7.13"
|
References
CVE-2010-4539
CVE-2010-4644
CVE-2011-0715
CVE-2011-1752
CVE-2011-1783
CVE-2011-1921
CVE-2013-1845
CVE-2013-1846
CVE-2013-1847
CVE-2013-1849
CVE-2013-1884
CVE-2013-1968
CVE-2013-2088
CVE-2013-2112
CVE-2013-4131
CVE-2013-4277 |
|
News & Announcements
