Change logs for subversion source package in Angry Aardvark
-
subversion (1.6.12dfsg-4ubuntu2.1) natty-security; urgency=low * SECURITY UPDATE: denial of service via baselined WebDAV resource request - debian/patches/CVE-2011-1752.patch: disallow GETs of baselined versions of resources in subversion/mod_dav_svn/repos.c. - CVE-2011-1752 * SECURITY UPDATE: mod_dav_svn resource exhaustion via infinite loop - debian/patches/CVE-2011-1783.patch: validate path in subversion/libsvn_repos/authz.c. - CVE-2011-1783 * SECURITY UPDATE: mod_dav_svn permissions bypass via incorrect resource URL - debian/patches/CVE-2011-1921.patch: validate path in subversion/mod_dav_svn/authz.c. - CVE-2011-1921 -- Marc Deslauriers <email address hidden> Thu, 02 Jun 2011 13:15:00 -0400
-
subversion (1.6.12dfsg-4ubuntu2) natty; urgency=low * SECURITY UPDATE: denial of service via request containing lock token - debian/patches/CVE-2011-0715.patch: correctly handle locks being passed when authn isn't enabled in subversion/mod_dav_svn/repos.c, subversion/mod_dav_svn/version.c. - CVE-2011-0715 -- Marc Deslauriers <email address hidden> Mon, 21 Mar 2011 13:03:32 -0400