{ "schema_version": "1.6.2", "id": "MGASA-2013-0175", "published": "2013-06-19T10:13:33Z", "modified": "2022-01-22T02:45:17Z", "summary": "Updated subversion packages fix security vulnerabilities", "details": "Subversion repositories with the FSFS repository data store format can be\ncorrupted by newline characters in filenames. A remote attacker with a\nmalicious client could use this flaw to disrupt the service for other users\nusing that repository (CVE-2013-1968).\n\nSubversion's svnserve server process may exit when an incoming TCP connection\nis closed early in the connection process. A remote attacker can cause\nsvnserve to exit and thus deny service to users of the server (CVE-2013-2112)\n", "related": [ "CVE-2013-1968", "CVE-2013-2112" ], "references": [ { "type": "ADVISORY", "url": "https://advisories.mageia.org/MGASA-2013-0175.html" }, { "type": "REPORT", "url": "https://bugs.mageia.org/show_bug.cgi?id=10479" }, { "type": "REPORT", "url": "http://subversion.apache.org/security/CVE-2013-1968-advisory.txt" }, { "type": "REPORT", "url": "http://subversion.apache.org/security/CVE-2013-2112-advisory.txt" }, { "type": "REPORT", "url": "http://www.debian.org/security/2013/dsa-2703" } ], "affected": [ { "package": { "ecosystem": "Mageia:2", "name": "subversion", "purl": "pkg:rpm/mageia/subversion?arch=source&distro=mageia-2" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.7.10-1.mga2" } ] } ], "ecosystem_specific": { "section": "core" } }, { "package": { "ecosystem": "Mageia:3", "name": "subversion", "purl": "pkg:rpm/mageia/subversion?arch=source&distro=mageia-3" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0" }, { "fixed": "1.7.10-1.1.mga3" } ] } ], "ecosystem_specific": { "section": "core" } } ], "credits": [ { "name": "Mageia", "type": "COORDINATOR", "contact": [ "https://wiki.mageia.org/en/Packages_Security_Team" ] } ] }