Explore top 10 tips to secure your open-source projects now. Read More
×
This update for subversion fixes the following issues: - CVE-2017-9800: A malicious, compromised server or MITM may cause svn client to execute arbitrary commands by sending repository content with svn:externals definitions pointing to crafted svn+ssh URLs. (bsc#1051362) - Malicious user may commit SHA-1 collisions and cause repository inconsistencies (bsc#1026936) - CVE-2016-8734: Unrestricted XML entity expansion in mod_dontdothat and Subversion clients using http(s):// could lead to denial of service (bsc#1011552) - CVE-2016-2167: svnserve/sasl may authenticate users using the wrong realm (bsc#976849) - CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn during COPY/MOVE authorization check (bsc#976850)
#1011552 #1026936 #1051362 #897033 #909935
#911620 #916286 #923793 #923794 #923795 #939514
#939517 #942819 #958300 #969159 #976849 #976850
#977424 #983938
Cross- CVE-2014-3580 CVE-2014-8108 CVE-2015-0202
CVE-2015-0248 CVE-2015-0251 CVE-2015-3184
CVE-2015-3187 CVE-2015-5343 CVE-2016-2167
CVE-2016-2168 CVE-2016-8734 CVE-2017-9800
Affected Products:
SUSE Linux Enterprise Software Development Kit 12-SP3
SUSE Linux Enterprise Software Development Kit 12-SP2
https://www.suse.com/security/cve/CVE-2014-3580.html
https://www.suse.com/security/cve/CVE-2014-8108.html
https://www.suse.com/security/cve/CVE-2015-0202.html
https://www.suse.com/security/cve/CVE-2015-0248.html
https://www.suse.com/security/cve/CVE-2015-0251.html
Get the latest Linux and open source security news straight to your inbox.