Sender: |
|
Date: |
Wed, 8 Jun 2011 16:12:52 -0500 |
Reply-To: |
|
Subject: |
|
MIME-Version: |
1.0 |
Content-Transfer-Encoding: |
7bit |
Content-Type: |
text/plain; charset=ISO-8859-1; format=flowed |
From: |
|
Comments: |
|
Parts/Attachments: |
|
|
Synopsis: Moderate: subversion security update
Issue Date: 2011-06-08
CVE Numbers: CVE-2011-1752
Subversion (SVN) is a concurrent version control system which enables
one or more users to collaborate in developing and maintaining a
hierarchy of files and directories while keeping a history of all
changes. The mod_dav_svn module is used with the Apache HTTP Server to
allow access to Subversion repositories via HTTP.
A NULL pointer dereference flaw was found in the way the mod_dav_svn
module processed requests submitted against the URL of a baselined
resource. A malicious, remote user could use this flaw to cause the
httpd process serving the request to crash. (CVE-2011-1752)
All Subversion users should upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, you must restart the httpd daemon, if you are using
mod_dav_svn, for the update to take effect.
SL4:
i386
mod_dav_svn-1.1.4-4.el4.i386.rpm
subversion-1.1.4-4.el4.i386.rpm
subversion-debuginfo-1.1.4-4.el4.i386.rpm
subversion-devel-1.1.4-4.el4.i386.rpm
subversion-perl-1.1.4-4.el4.i386.rpm
x86_64
subversion-devel-1.1.4-4.el4.x86_64.rpm
subversion-debuginfo-1.1.4-4.el4.x86_64.rpm
subversion-1.1.4-4.el4.x86_64.rpm
mod_dav_svn-1.1.4-4.el4.x86_64.rpm
subversion-perl-1.1.4-4.el4.x86_64.rpm
- Scientific Linux Development Team
|
|
|