Advisories » MGASA-2019-0243

Updated subversion packages fix security vulnerabilities

Publication date: 06 Sep 2019
Modification date: 06 Sep 2019
Type: security
Affected Mageia releases : 6 , 7
CVE: CVE-2018-11782 , CVE-2019-0203

Description

Updated subversion packages fix security vulnerabilities:

Subversion's svnserve server process may exit when a well-formed read-only
request produces a particular answer (CVE-2018-11782).

Subversion's svnserve server process may exit when a client sends certain
sequences of protocol commands (CVE-2019-0203).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25230
• https://subversion.apache.org/security/CVE-2018-11782-advisory.txt
• https://subversion.apache.org/security/CVE-2019-0203-advisory.txt
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11782
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0203

SRPMS

7/core

• subversion-1.10.6-1.mga7

6/core

• subversion-1.9.12-1.mga6