Ubuntu

“subversion” 1.6.6dfsg-2ubuntu1.3 source package in The Lucid Lynx

Publishing history

1.6.6dfsg-2ubuntu1.3
PUBLISHED: Lucid pocket Updates in component main and section vcs
  • Published on 2011-06-06
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team
1.6.6dfsg-2ubuntu1.3
PUBLISHED: Lucid pocket Security in component main and section vcs
  • Published on 2011-06-06
  • Copied from ubuntu lucid in Private PPA for Ubuntu Security Team

Builds

Changelog

subversion (1.6.6dfsg-2ubuntu1.3) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service via baselined WebDAV resource
    request
    - debian/patches/CVE-2011-1752.patch: disallow GETs of baselined
      versions of resources in subversion/mod_dav_svn/repos.c.
    - CVE-2011-1752
  * SECURITY UPDATE: mod_dav_svn resource exhaustion via infinite loop
    - debian/patches/CVE-2011-1783.patch: validate path in
      subversion/libsvn_repos/authz.c.
    - CVE-2011-1783
  * SECURITY UPDATE: mod_dav_svn permissions bypass via incorrect
    resource URL
    - debian/patches/CVE-2011-1921.patch: validate path in
      subversion/mod_dav_svn/authz.c.
    - CVE-2011-1921
 -- Marc Deslauriers <email address hidden>   Thu, 02 Jun 2011 13:27:51 -0400