Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

openSUSE 11.4: 2011:0695-1 Important: Subversion Memory Leak and Crash

opensuse
Calendar Grey June 24, 2011
Dist Opensuse Esm H88
Key openSUSE patch addresses three major subversion security flaws. Learn about the improvements and resolutions implemented here.
An update that fixes three vulnerabilities is now An update that fixes three vulnerabilities is now An update that fixes three vulnerabilities is now available

Description

Subversion was updated to version 1.6.17 to fix several

security issues:

- CVE-2011-1752: The mod_dav_svn Apache HTTPD server

module can be crashed though when asked to deliver

baselined WebDAV resources.

- CVE-2011-1783: The mod_dav_svn Apache HTTPD server module

can trigger a loop which consumes all available memory on

the system.

- CVE-2011-1921: The mod_dav_svn Apache HTTPD server module

may leak to remote users the file contents of files

configured to be unreadable by those users.

Topics%20covered

Topics Covered

security advisory subversion security fix memory leak important update crash openSUSE

Patch

Patch Instructions:

To install this openSUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

- openSUSE 11.4:

zypper in -t patch libsvn_auth_gnome_keyring-1-0-4688

To bring your system up-to-date, use "zypper patch".

Package List

- openSUSE 11.4 (i586 x86_64) [New Version: 1.6.17]:

libsvn_auth_gnome_keyring-1-0-1.6.17-1.2.1

libsvn_auth_kwallet-1-0-1.6.17-1.2.1

subversion-1.6.17-1.2.1

subversion-devel-1.6.17-1.2.1

subversion-perl-1.6.17-1.2.1

subversion-python-1.6.17-1.2.1

subversion-ruby-1.6.17-1.2.1

subversion-server-1.6.17-1.2.1

subversion-tools-1.6.17-1.2.1

References

https://www.suse.com/security/cve/CVE-2011-1752.html

https://www.suse.com/security/cve/CVE-2011-1783.html

https://www.suse.com/security/cve/CVE-2011-1921.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2011:0695-1
Rating: important
Affected Products: openSUSE 11.4

Topics%20covered

Topics Covered

security advisory subversion security fix memory leak important update crash openSUSE

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here