Subject: | |
From: | |
Reply To: | |
Date: | Wed, 8 Jun 2011 16:12:52 -0500 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
Synopsis: Moderate: subversion security update
Issue Date: 2011-06-08
CVE Numbers: CVE-2011-1752
Subversion (SVN) is a concurrent version control system which enables
one or more users to collaborate in developing and maintaining a
hierarchy of files and directories while keeping a history of all
changes. The mod_dav_svn module is used with the Apache HTTP Server to
allow access to Subversion repositories via HTTP.
A NULL pointer dereference flaw was found in the way the mod_dav_svn
module processed requests submitted against the URL of a baselined
resource. A malicious, remote user could use this flaw to cause the
httpd process serving the request to crash. (CVE-2011-1752)
All Subversion users should upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
updated packages, you must restart the httpd daemon, if you are using
mod_dav_svn, for the update to take effect.
SL4:
i386
mod_dav_svn-1.1.4-4.el4.i386.rpm
subversion-1.1.4-4.el4.i386.rpm
subversion-debuginfo-1.1.4-4.el4.i386.rpm
subversion-devel-1.1.4-4.el4.i386.rpm
subversion-perl-1.1.4-4.el4.i386.rpm
x86_64
subversion-devel-1.1.4-4.el4.x86_64.rpm
subversion-debuginfo-1.1.4-4.el4.x86_64.rpm
subversion-1.1.4-4.el4.x86_64.rpm
mod_dav_svn-1.1.4-4.el4.x86_64.rpm
subversion-perl-1.1.4-4.el4.x86_64.rpm
- Scientific Linux Development Team
|
|
|