Advisories ยป MGASA-2013-0175

Updated subversion packages fix security vulnerabilities

Publication date: 19 Jun 2013
Type: security
Affected Mageia releases : 2 , 3
CVE: CVE-2013-1968 , CVE-2013-2112

Description

Subversion repositories with the FSFS repository data store format can be
corrupted by newline characters in filenames. A remote attacker with a
malicious client could use this flaw to disrupt the service for other users
using that repository (CVE-2013-1968).

Subversion's svnserve server process may exit when an incoming TCP connection
is closed early in the connection process. A remote attacker can cause
svnserve to exit and thus deny service to users of the server (CVE-2013-2112)
                

References

SRPMS

3/core

2/core