Paketname
subversion
Datum
2013-06-13
Advisory ID
MDVSA-2013:173
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

Multiple vulnerabilities has been found and corrected in subversion:

If a filename which contains a newline character (ASCII 0x0a)
is committed to a repository using the FSFS format, the resulting
revision is corrupt. This can lead to disruption for users of the
repository (CVE-2013-1968).

Subversion's svnserve server process may exit when an incoming TCP
connection is closed early in the connection process. This can lead
to disruption for users of the server (CVE-2013-2112).

This advisory provides the latest versions of subversion
(1.6.23/1.7.10) which is not vulnerable to these issues.

Aktualisierte Pakete

MES5 i586

 131a0451a20a116151def1bb4240b102  mes5/i586/apache-mod_dav_svn-1.6.23-0.1mdvmes5.2.i586.rpm
 eee20686ffae03646f8c849e33f44360  mes5/i586/apache-mod_dontdothat-1.6.23-0.1mdvmes5.2.i586.rpm
 8440bcd1e593f325728ea6bd0a21f80d  mes5/i586/libsvn0-1.6.23-0.1mdvmes5.2.i586.rpm
 607748fe61df7f35d52bc82ec03c9a67  mes5/i586/libsvnjavahl1-1.6.23-0.1mdvmes5.2.i586.rpm
 e6913bb295f8810d632dc699888a7e6a  mes5/i586/perl-SVN-1.6.23-0.1mdvmes5.2.i586.rpm
 ee552c9ebb20a8384a25dae7bbbb0816  mes5/i586/python-svn-1.6.23-0.1mdvmes5.2.i586.rpm
 05961e48fc20f5303e9d49f4d6f715e5  mes5/i586/ruby-svn-1.6.23-0.1mdvmes5.2.i586.rpm
 54dcdd8dcb2f953c511abeb4a19173f6  mes5/i586/subversion-1.6.23-0.1mdvmes5.2.i586.rpm
 bfac1c0ea2758ce3e2b21ebfba53846e  mes5/i586/subversion-devel-1.6.23-0.1mdvmes5.2.i586.rpm
 f8568714332798f5488eb3da460e6dd9  mes5/i586/subversion-doc-1.6.23-0.1mdvmes5.2.i586.rpm
 8ea846e80917df50536fece8bd792cea  mes5/i586/subversion-server-1.6.23-0.1mdvmes5.2.i586.rpm
 5f934c5019a060f3a55529e5dafd331e  mes5/i586/subversion-tools-1.6.23-0.1mdvmes5.2.i586.rpm
 0c6f70281c91a449cc2a84c1d555f72f  mes5/i586/svn-javahl-1.6.23-0.1mdvmes5.2.i586.rpm 
 555d17a58efeced4a57efb33eadc39be  mes5/SRPMS/subversion-1.6.23-0.1mdvmes5.2.src.rpm

MBS1 x86_64

 96ce805f5926a86cfb9928ee4878adbc  mbs1/x86_64/apache-mod_dav_svn-1.7.10-0.1.mbs1.x86_64.rpm
 e01f199c914dd3d686c0875d24456945  mbs1/x86_64/lib64svn0-1.7.10-0.1.mbs1.x86_64.rpm
 6cf641e169e452b6d650f3c40858fe5c  mbs1/x86_64/lib64svn-gnome-keyring0-1.7.10-0.1.mbs1.x86_64.rpm
 772edd952aafd1965ebb4409c9d51cf6  mbs1/x86_64/lib64svnjavahl1-1.7.10-0.1.mbs1.x86_64.rpm
 fdad77e3c7d89a1935cb90dd08c74d72  mbs1/x86_64/perl-SVN-1.7.10-0.1.mbs1.x86_64.rpm
 5b4eafd8291c21f1b12f059566b846db  mbs1/x86_64/perl-svn-devel-1.7.10-0.1.mbs1.x86_64.rpm
 50f81c1a757ca4b1d2aeccce3eb2dca8  mbs1/x86_64/python-svn-1.7.10-0.1.mbs1.x86_64.rpm
 200676fbcb36e143ec01a3f6fccb3513  mbs1/x86_64/python-svn-devel-1.7.10-0.1.mbs1.x86_64.rpm
 15004b7db070ded3caff2695df6d666b  mbs1/x86_64/ruby-svn-1.7.10-0.1.mbs1.x86_64.rpm
 dbd1df365ccbdd54f257bd507d662dc9  mbs1/x86_64/ruby-svn-devel-1.7.10-0.1.mbs1.x86_64.rpm
 4218a85705e07010c6c5225c031264a0  mbs1/x86_64/subversion-1.7.10-0.1.mbs1.x86_64.rpm
 94bbd1b84ec6cd0919c347e04167a1be  mbs1/x86_64/subversion-devel-1.7.10-0.1.mbs1.x86_64.rpm
 1f398aca282bf1c5b38a31a6efdead37  mbs1/x86_64/subversion-doc-1.7.10-0.1.mbs1.x86_64.rpm
 53a64a1f5f948d9e4be6d39a1c0ec05f  mbs1/x86_64/subversion-gnome-keyring-devel-1.7.10-0.1.mbs1.x86_64.rpm
 b6cb7b09aa94fef2b6ff04a0dad3aa56  mbs1/x86_64/subversion-server-1.7.10-0.1.mbs1.x86_64.rpm
 27b5bb16fe21cd0585758c4b78751dc0  mbs1/x86_64/subversion-tools-1.7.10-0.1.mbs1.x86_64.rpm
 f6b44cd8103689e5456148d20671e630  mbs1/x86_64/svn-javahl-1.7.10-0.1.mbs1.x86_64.rpm 
 f243a17e3e149d4c961945bbeb4d880b  mbs1/SRPMS/subversion-1.7.10-0.1.mbs1.src.rpm

MES5 x86_64

 50c81e373fe650024014f4308546ac17  mes5/x86_64/apache-mod_dav_svn-1.6.23-0.1mdvmes5.2.x86_64.rpm
 729b85dff018808ed9ebd5a09cb46dab  mes5/x86_64/apache-mod_dontdothat-1.6.23-0.1mdvmes5.2.x86_64.rpm
 618a89de1ff48514b7d153b4375d5a0e  mes5/x86_64/lib64svn0-1.6.23-0.1mdvmes5.2.x86_64.rpm
 6755bee85225a0c029fd505e31f99e6f  mes5/x86_64/lib64svnjavahl1-1.6.23-0.1mdvmes5.2.x86_64.rpm
 4ded75c4e650788b18a937dac27548e1  mes5/x86_64/perl-SVN-1.6.23-0.1mdvmes5.2.x86_64.rpm
 2c639f9f42c15ac323d46c2c26ceb5bd  mes5/x86_64/python-svn-1.6.23-0.1mdvmes5.2.x86_64.rpm
 beb83feaf1a7a6ca8120aa86279329ab  mes5/x86_64/ruby-svn-1.6.23-0.1mdvmes5.2.x86_64.rpm
 79e5c84f4f9200b7b708f87969e4e913  mes5/x86_64/subversion-1.6.23-0.1mdvmes5.2.x86_64.rpm
 b070d1842ddae3c4b227d9396c3d48f2  mes5/x86_64/subversion-devel-1.6.23-0.1mdvmes5.2.x86_64.rpm
 13ea5d25cce79b78555127c1639f0248  mes5/x86_64/subversion-doc-1.6.23-0.1mdvmes5.2.x86_64.rpm
 9c08924dca5a913f562afc0b17d6e7b5  mes5/x86_64/subversion-server-1.6.23-0.1mdvmes5.2.x86_64.rpm
 e6df2ebf5391278cb05e633d118d7a46  mes5/x86_64/subversion-tools-1.6.23-0.1mdvmes5.2.x86_64.rpm
 352235f62cb3a585b397b67f8f8687db  mes5/x86_64/svn-javahl-1.6.23-0.1mdvmes5.2.x86_64.rpm 
 555d17a58efeced4a57efb33eadc39be  mes5/SRPMS/subversion-1.6.23-0.1mdvmes5.2.src.rpm

Referenzen