Publishing details

Removed from disk on 2017-08-12.
Removal requested on 2017-08-12.
Superseded on 2017-08-11 by subversion - 1.8.8-1ubuntu3.3
Published on 2015-08-20
Copied from ubuntu trusty in Private PPA for Ubuntu Security Team by Ubuntu Archive Robot

Changelog

subversion (1.8.8-1ubuntu3.2) trusty-security; urgency=medium

  * SECURITY UPDATE: denial of service via non-existing REPORT request
    - debian/patches/CVE-2014-3580.patch: make sure repo patchs are
      specified in subversion/mod_dav_svn/reports/deleted-rev.c,
      subversion/mod_dav_svn/reports/file-revs.c,
      subversion/mod_dav_svn/reports/get-location-segments.c,
      subversion/mod_dav_svn/reports/get-locations.c,
      subversion/mod_dav_svn/reports/inherited-props.c,
      subversion/mod_dav_svn/reports/log.c,
      subversion/mod_dav_svn/reports/mergeinfo.c.
    - CVE-2014-3580
  * SECURITY UPDATE: denial of service via non-existing virtual transaction
    name
    - debian/patches/CVE-2014-8108.patch: check transaction names and
      activity ids in subversion/mod_dav_svn/repos.c.
    - CVE-2014-8108
  * SECURITY UPDATE: denial of service via large number of REPORT requests
    - debian/patches/CVE-2015-0202.patch: refactor locking in
      subversion/libsvn_fs_fs/tree.c.
    - CVE-2015-0202
  * SECURITY UPDATE: denial of service via crafted parameter combinations
    - debian/patches/CVE-2015-0248.patch: properly handle missing revision
      numbers in subversion/mod_dav_svn/reports/get-location-segments.c,
      subversion/svnserve/serve.c.
    - CVE-2015-0248
  * SECURITY UPDATE: svn:author property spoofing issue
    - debian/patches/CVE-2015-0251.patch: restrict svn:author modifications
      in subversion/mod_dav_svn/deadprops.c.
    - CVE-2015-0251
  * SECURITY UPDATE: incorrect anonymous access restriction
    - debian/patches/CVE-2015-3184.patch: use force_authn() in Makefile.in,
      build/ac-macros/apache.m4, build/run_tests.py,
      subversion/mod_authz_svn/mod_authz_svn.c,
      subversion/tests/cmdline/README,
      subversion/tests/cmdline/davautocheck.sh,
      subversion/tests/cmdline/mod_authz_svn_tests.py,
      subversion/tests/cmdline/svntest/main.py, win-tests.py.
    - CVE-2015-3184
  * SECURITY UPDATE: sensitive path information disclosure
    - debian/patches/CVE-2015-3187.patch: fix order in
      subversion/libsvn_repos/rev_hunt.c, added tests to
      subversion/tests/cmdline/authz_tests.py,
      subversion/tests/libsvn_repos/repos-test.c.
    - CVE-2015-3187
  * debian/control: Depend on specific version of apache2-dev and
    apache2-bin to make sure fix for CVE-2015-3185 is included.

 -- Marc Deslauriers <email address hidden>  Wed, 19 Aug 2015 14:32:44 -0400

Available diffs

diff from 1.8.8-1ubuntu3.1 to 1.8.8-1ubuntu3.2 (23.7 KiB)

Builds

Package files

libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (930 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (932 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (934 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (930 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (932 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (934 bytes)
libapache2-mod-svn_1.8.8-1ubuntu3.2_amd64.deb (78.2 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.2_arm64.deb (66.3 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.2_armhf.deb (69.9 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.2_i386.deb (78.1 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.2_powerpc.deb (71.8 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.2_ppc64el.deb (74.0 KiB)
libapache2-svn_1.8.8-1ubuntu3.2_all.deb (9.3 KiB)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (902 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (906 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (904 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (902 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (904 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (906 bytes)
libsvn-dev_1.8.8-1ubuntu3.2_amd64.deb (1.1 MiB)
libsvn-dev_1.8.8-1ubuntu3.2_arm64.deb (1.0 MiB)
libsvn-dev_1.8.8-1ubuntu3.2_armhf.deb (1.0 MiB)
libsvn-dev_1.8.8-1ubuntu3.2_i386.deb (1.1 MiB)
libsvn-dev_1.8.8-1ubuntu3.2_powerpc.deb (1.0 MiB)
libsvn-dev_1.8.8-1ubuntu3.2_ppc64el.deb (1.2 MiB)
libsvn-doc_1.8.8-1ubuntu3.2_all.deb (1.2 MiB)
libsvn-java-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (942 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (944 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (944 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (942 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (944 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (946 bytes)
libsvn-java_1.8.8-1ubuntu3.2_amd64.deb (338.1 KiB)
libsvn-java_1.8.8-1ubuntu3.2_arm64.deb (330.5 KiB)
libsvn-java_1.8.8-1ubuntu3.2_armhf.deb (327.9 KiB)
libsvn-java_1.8.8-1ubuntu3.2_i386.deb (338.9 KiB)
libsvn-java_1.8.8-1ubuntu3.2_powerpc.deb (335.3 KiB)
libsvn-java_1.8.8-1ubuntu3.2_ppc64el.deb (336.5 KiB)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (928 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (928 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (928 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (924 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (926 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (928 bytes)
libsvn-perl_1.8.8-1ubuntu3.2_amd64.deb (780.6 KiB)
libsvn-perl_1.8.8-1ubuntu3.2_arm64.deb (647.7 KiB)
libsvn-perl_1.8.8-1ubuntu3.2_armhf.deb (711.6 KiB)
libsvn-perl_1.8.8-1ubuntu3.2_i386.deb (685.2 KiB)
libsvn-perl_1.8.8-1ubuntu3.2_powerpc.deb (616.9 KiB)
libsvn-perl_1.8.8-1ubuntu3.2_ppc64el.deb (705.1 KiB)
libsvn-ruby1.8_1.8.8-1ubuntu3.2_all.deb (1014 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (886 bytes)
libsvn1_1.8.8-1ubuntu3.2_amd64.deb (894.3 KiB)
libsvn1_1.8.8-1ubuntu3.2_arm64.deb (716.0 KiB)
libsvn1_1.8.8-1ubuntu3.2_armhf.deb (747.6 KiB)
libsvn1_1.8.8-1ubuntu3.2_i386.deb (884.9 KiB)
libsvn1_1.8.8-1ubuntu3.2_powerpc.deb (776.4 KiB)
libsvn1_1.8.8-1ubuntu3.2_ppc64el.deb (861.6 KiB)
python-subversion-dbg_1.8.8-1ubuntu3.2_amd64.deb (1.6 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.2_arm64.deb (1.5 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.2_armhf.deb (1.5 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.2_i386.deb (1.5 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.2_powerpc.deb (1.4 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.2_ppc64el.deb (1.7 MiB)
python-subversion-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (930 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (928 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (932 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (926 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (930 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (932 bytes)
python-subversion_1.8.8-1ubuntu3.2_amd64.deb (503.7 KiB)
python-subversion_1.8.8-1ubuntu3.2_arm64.deb (388.4 KiB)
python-subversion_1.8.8-1ubuntu3.2_armhf.deb (415.2 KiB)
python-subversion_1.8.8-1ubuntu3.2_i386.deb (450.3 KiB)
python-subversion_1.8.8-1ubuntu3.2_powerpc.deb (390.7 KiB)
python-subversion_1.8.8-1ubuntu3.2_ppc64el.deb (441.0 KiB)
ruby-svn-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (940 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (938 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (938 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (934 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (938 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (940 bytes)
ruby-svn_1.8.8-1ubuntu3.2_amd64.deb (415.6 KiB)
ruby-svn_1.8.8-1ubuntu3.2_arm64.deb (306.8 KiB)
ruby-svn_1.8.8-1ubuntu3.2_armhf.deb (374.9 KiB)
ruby-svn_1.8.8-1ubuntu3.2_i386.deb (378.0 KiB)
ruby-svn_1.8.8-1ubuntu3.2_powerpc.deb (316.3 KiB)
ruby-svn_1.8.8-1ubuntu3.2_ppc64el.deb (363.0 KiB)
subversion-dbg_1.8.8-1ubuntu3.2_amd64.deb (7.6 MiB)
subversion-dbg_1.8.8-1ubuntu3.2_arm64.deb (7.7 MiB)
subversion-dbg_1.8.8-1ubuntu3.2_armhf.deb (7.5 MiB)
subversion-dbg_1.8.8-1ubuntu3.2_i386.deb (7.0 MiB)
subversion-dbg_1.8.8-1ubuntu3.2_powerpc.deb (7.3 MiB)
subversion-dbg_1.8.8-1ubuntu3.2_ppc64el.deb (8.9 MiB)
subversion-dbgsym_1.8.8-1ubuntu3.2_amd64.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.2_arm64.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.2_armhf.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.2_i386.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.2_powerpc.ddeb (1.1 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.2_ppc64el.ddeb (1.1 KiB)
subversion-tools_1.8.8-1ubuntu3.2_all.deb (155.3 KiB)
subversion_1.8.8-1ubuntu3.2.diff.gz (295.2 KiB)
subversion_1.8.8-1ubuntu3.2.dsc (3.0 KiB)
subversion_1.8.8-1ubuntu3.2_amd64.deb (273.0 KiB)
subversion_1.8.8-1ubuntu3.2_arm64.deb (259.3 KiB)
subversion_1.8.8-1ubuntu3.2_armhf.deb (267.9 KiB)
subversion_1.8.8-1ubuntu3.2_i386.deb (269.8 KiB)
subversion_1.8.8-1ubuntu3.2_powerpc.deb (249.3 KiB)
subversion_1.8.8-1ubuntu3.2_ppc64el.deb (262.6 KiB)
subversion_1.8.8.orig.tar.gz (8.8 MiB)