Format: 1.8 Date: Fri, 21 Jun 2013 13:21:08 -0400 Source: subversion Binary: subversion libsvn1 libsvn-dev libsvn-doc libapache2-svn python-subversion python-subversion-dbg subversion-tools libsvn-java libsvn-perl ruby-svn libsvn-ruby1.8 libsvn-ruby Architecture: amd64 amd64_translations Version: 1.7.5-1ubuntu2.1 Distribution: quantal Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Marc Deslauriers Description: libapache2-svn - Apache Subversion server modules for Apache httpd libsvn-dev - Development files for Apache Subversion libraries libsvn-doc - Developer documentation for libsvn libsvn-java - Java bindings for Apache Subversion libsvn-perl - Perl bindings for Apache Subversion libsvn-ruby - Ruby bindings for Apache Subversion (dummy package) libsvn-ruby1.8 - Ruby bindings for Apache Subversion (dummy package) libsvn1 - Shared libraries used by Apache Subversion python-subversion - Python bindings for Apache Subversion python-subversion-dbg - Python bindings for Subversion (debug extension) ruby-svn - Ruby bindings for Apache Subversion subversion - Advanced version control system subversion-tools - Assorted tools related to Apache Subversion Changes: subversion (1.7.5-1ubuntu2.1) quantal-security; urgency=low . * SECURITY UPDATE: denial of service in mod_dav_svn - debian/patches/CVE-2013-1845.patch: handle multiple calls in subversion/mod_dav_svn/deadprops.c. - CVE-2013-1845 * SECURITY UPDATE: denial of service in mod_dav_svn via LOCK - debian/patches/CVE-2013-1846_1847.patch: properly validate locks in subversion/mod_dav_svn/lock.c. - CVE-2013-1846 - CVE-2013-1847 * SECURITY UPDATE: denial of service in mod_dav_svn via PROPFIND - debian/patches/CVE-2013-1849.patch: validate type in subversion/mod_dav_svn/liveprops.c. - CVE-2013-1849 * SECURITY UPDATE: denial of service in mod_dav_svn via log REPORT - debian/patches/CVE-2013-1884.patch: fix error handling in subversion/mod_dav_svn/reports/log.c. - CVE-2013-1884 * SECURITY UPDATE: repo corruption via newline chars in filenames - debian/patches/CVE-2013-1968.patch: properly escape paths in subversion/libsvn_fs_fs/tree.c, added test to subversion/tests/libsvn_fs/fs-test.c. - CVE-2013-1968 * SECURITY UPDATE: denial of service via closed connection - debian/patches/CVE-2013-2112.patch: check for closed connections in subversion/svnserve/main.c. - CVE-2013-2112 Checksums-Sha1: 9a4c6474fdc2b25adf24d5379a39f24c1f5144d7 283976 subversion_1.7.5-1ubuntu2.1_amd64.deb 5229af5dee7e6ac39f3417c4ef17a5bf99c67898 1091794 libsvn1_1.7.5-1ubuntu2.1_amd64.deb 2395e5c0902011a74d8a97839d79ee4935ef8a72 1680638 libsvn-dev_1.7.5-1ubuntu2.1_amd64.deb 452fef7a3286c68be0a1e41ba7507ee07ae463c7 89096 libapache2-svn_1.7.5-1ubuntu2.1_amd64.deb 6380da1fa5a224eb84ede648378490cdaf4ac637 785552 python-subversion_1.7.5-1ubuntu2.1_amd64.deb d492c9654ed24c08fb9552b602ab8e135e4c8d45 4328196 python-subversion-dbg_1.7.5-1ubuntu2.1_amd64.deb 7770b31affc18b214a0f78f29d8c8941a5491cb6 354514 libsvn-java_1.7.5-1ubuntu2.1_amd64.deb 6d3c30f57f75eaead4c5bdc33e9a1979383fa9be 1178814 libsvn-perl_1.7.5-1ubuntu2.1_amd64.deb bb137fe765834ff84c495969097577346cd84b41 626292 ruby-svn_1.7.5-1ubuntu2.1_amd64.deb 7aff371604730c83a855db1081a54b2e767d5ab5 2220897 subversion_1.7.5-1ubuntu2.1_amd64_translations.tar.gz Checksums-Sha256: 51f5c266bb6d6b007711b377dc4fe0fe9577abf1d31b73d89b7ff1a43cac8ca3 283976 subversion_1.7.5-1ubuntu2.1_amd64.deb 952e6cf26077caa8d861d1bb65a9d73bb3e5b2c35db8491ee228cbe54443f565 1091794 libsvn1_1.7.5-1ubuntu2.1_amd64.deb df24a460642f626275cbfe00ffa298f18598b4b2c7b9982cd59f8311134c2c87 1680638 libsvn-dev_1.7.5-1ubuntu2.1_amd64.deb 49450450af55b668de35c4ead2fd132a2d620d22be9620355233479d6bd96758 89096 libapache2-svn_1.7.5-1ubuntu2.1_amd64.deb a3a033e61d00e34c3b3f56a9ec38bcd4ba9414946799e24fe43987cb030b958a 785552 python-subversion_1.7.5-1ubuntu2.1_amd64.deb 404f04b575d5db0239ddb592ea15aa584d8ee3a72ac11d919323e49b0f6f92fb 4328196 python-subversion-dbg_1.7.5-1ubuntu2.1_amd64.deb 7b5d8e51e89b4a5f6f4f12926c78f7c3fccb7db993c242b80d306559981ff548 354514 libsvn-java_1.7.5-1ubuntu2.1_amd64.deb 7a206b607510a19b230da8194067e798e3daae6ac43598f6b4b7d56962c9f00e 1178814 libsvn-perl_1.7.5-1ubuntu2.1_amd64.deb 5a726c893bef3fecd49f3a11ce88c74a7796721542669ecc00de94e1f449dc44 626292 ruby-svn_1.7.5-1ubuntu2.1_amd64.deb 50d8bd3d324bb61bc93f71171f4098aeab564b72a4415ed8b880606278515e82 2220897 subversion_1.7.5-1ubuntu2.1_amd64_translations.tar.gz Files: aa12629bd46ec228e3bd745981a60a1c 283976 vcs optional subversion_1.7.5-1ubuntu2.1_amd64.deb 1b90e88bb7fb520d995c6255926cab7a 1091794 vcs optional libsvn1_1.7.5-1ubuntu2.1_amd64.deb 9d022d1902afaab2ae69277a55cc7481 1680638 libdevel extra libsvn-dev_1.7.5-1ubuntu2.1_amd64.deb 31a41345beb61520292fe4546b5beb91 89096 httpd optional libapache2-svn_1.7.5-1ubuntu2.1_amd64.deb 6f2da5153a4739dd668d60574e0f4067 785552 python optional python-subversion_1.7.5-1ubuntu2.1_amd64.deb 10223d4c9d46eba77d5e8701410a8ef7 4328196 python extra python-subversion-dbg_1.7.5-1ubuntu2.1_amd64.deb 374d08406b79e02cd70b61ad0e437592 354514 java optional libsvn-java_1.7.5-1ubuntu2.1_amd64.deb 26f40046ab035a31c2deff463f9753d7 1178814 perl optional libsvn-perl_1.7.5-1ubuntu2.1_amd64.deb 02ec7191823c9d6c7bca70b9117c171b 626292 ruby optional ruby-svn_1.7.5-1ubuntu2.1_amd64.deb 6249604bccbb9247c41bb6f73a4f4ebc 2220897 raw-translations - subversion_1.7.5-1ubuntu2.1_amd64_translations.tar.gz Original-Maintainer: Peter Samuelson