SUSE: 2011:0692-1 Important: Subversion Server Crash Risks

suse

June 24, 2011

An update that fixes three vulnerabilities is now available

Summary

Warning: Undefined array key "advisoryid" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3997696_1edcd913e2b52798c5b9126b8927230e on line 19

   SUSE Security Update: subversion
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0692-1
Rating:             important
References:         #676949 #698205 
Cross-References:   CVE-2011-0715 CVE-2011-1752 CVE-2011-1783
                   
Affected Products:
                    SUSE Linux Enterprise Desktop 10 SP4
                    SLE SDK 10 SP4
                    SLE SDK 10 SP3
______________________________________________________________________________

   An update that fixes three vulnerabilities is now available.

Description:


   Subversion was updated to fix several security issues:

   * CVE-2011-1752: The mod_dav_svn Apache HTTPD server
   module can be crashed though when asked to deliver
   baselined WebDAV resources.
   * CVE-2011-1783: The mod_dav_svn Apache HTTPD server
   module can trigger a loop which consumes all available
   memory on the system.
   * CVE-2011-0715: Remote attackers could crash an svn
   server by causing a NULL deref

   Security Issue references:

   * CVE-2011-1752
   
   * CVE-2011-1783
   
   * CVE-2011-0715
   



Package List:

   - SUSE Linux Enterprise Desktop 10 SP4 (i586 x86_64):

      subversion-1.3.1-1.18.1
      subversion-devel-1.3.1-1.18.1

   - SLE SDK 10 SP4 (i586 ia64 ppc s390x x86_64):

      cvs2svn-1.3.0-30.18.1
      subversion-1.3.1-1.18.1
      subversion-devel-1.3.1-1.18.1
      subversion-python-1.3.1-1.18.1
      subversion-server-1.3.1-1.18.1
      subversion-tools-1.3.1-1.18.1
      viewcvs-1.0.5-0.18.1

   - SLE SDK 10 SP3 (i586 ia64 ppc s390x x86_64):

      cvs2svn-1.3.0-30.18.1
      subversion-1.3.1-1.18.1
      subversion-devel-1.3.1-1.18.1
      subversion-python-1.3.1-1.18.1
      subversion-server-1.3.1-1.18.1
      subversion-tools-1.3.1-1.18.1
      viewcvs-1.0.5-0.18.1


References:

   https://www.suse.com/security/cve/CVE-2011-0715.html
   https://www.suse.com/security/cve/CVE-2011-1752.html
   https://www.suse.com/security/cve/CVE-2011-1783.html

Topics Covered

security advisory subversion important server crash SUSE Linux memory consumption

References

Severity

important

Lowest

Low

Medium

High

Critical

Warning: Undefined array key "block1" in /var/www/www.linuxsecurity.com-443/html/tmp/regularlabs/custom_php/3997696_c1d2d4f425d79c8c327f2b8603847ec6 on line 11

Topics Covered

security advisory subversion important server crash SUSE Linux memory consumption

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2011:0692-1 Important: Subversion Server Crash Risks

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2011:0692-1 Important: Subversion Server Crash Risks

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!