Advisories ยป MGASA-2014-0105

Updated subversion packages fix CVE-2014-0032

Publication date: 27 Feb 2014
Modification date: 27 Feb 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-0032

Description

Updated subversion packages fix security vulnerability:

The mod_dav_svn module in Apache Subversion before 1.8.8, when
SVNListParentPath is enabled, allows remote attackers to cause a denial of
service (crash) via an OPTIONS request (CVE-2014-0032).

The package has been updated to version 1.8.8, which fixes this issue, as
well as several others.
                

References

SRPMS

4/core