Login

Noch kein Login?
Daten vergessen?

 
Newsletter
Werbung
Sicherheit: Mehrere Probleme in Subversion
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Subversion
ID: SUSE-SU-2011:0691-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Software Development Kit 11 SP1
Datum: Sa, 25. Juni 2011, 22:37
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1752
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1783
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1921

Originalnachricht

 
   SUSE Security Update: subversion
______________________________________________________________________________

Announcement ID:    SUSE-SU-2011:0691-1
Rating:             important
References:         #676949 #688968 #698205 
Cross-References:   CVE-2011-0715 CVE-2011-1752 CVE-2011-1783
                    CVE-2011-1921
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 11 SP1
______________________________________________________________________________

   An update that fixes four vulnerabilities is now available.

Description:


   Subversion was updated to fix several security issues:

   * CVE-2011-1752: The mod_dav_svn Apache HTTPD server
   module can be crashed though when asked to deliver
   baselined WebDAV resources.
   * CVE-2011-1783: The mod_dav_svn Apache HTTPD server
   module can trigger a loop which consumes all available
   memory on the system.
   * CVE-2011-1921: The mod_dav_svn Apache HTTPD server
   module may leak to remote users the file contents of files
   configured to be unreadable by those users.
   * CVE-2011-0715: Remote attackers could crash an svn
   server by causing a NULL deref

   Security Issue references:

   * CVE-2011-1752
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1752
   >
   * CVE-2011-1783
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1783
   >
   * CVE-2011-1921
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1921
   >
   * CVE-2011-0715
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0715
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 11 SP1:

      zypper in -t patch sdksp1-subversion-4691

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Software Development Kit 11 SP1 (i586 ia64 ppc64
 s390x x86_64):

      subversion-1.5.7-0.10.1
      subversion-devel-1.5.7-0.10.1
      subversion-perl-1.5.7-0.10.1
      subversion-python-1.5.7-0.10.1
      subversion-server-1.5.7-0.10.1
      subversion-tools-1.5.7-0.10.1


References:

   http://support.novell.com/security/cve/CVE-2011-0715.html
   http://support.novell.com/security/cve/CVE-2011-1752.html
   http://support.novell.com/security/cve/CVE-2011-1783.html
   http://support.novell.com/security/cve/CVE-2011-1921.html
   https://bugzilla.novell.com/676949
   https://bugzilla.novell.com/688968
   https://bugzilla.novell.com/698205
   ?keywords=042ece1ed68574582bf41a46ffb91d01

-- 
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-security-announce+help@opensuse.org
Pro-Linux
Pro-Linux @Twitter
Neue Nachrichten

0
Magnolia CMS 5.0 frei­ge­ge­ben

0
Red Hat weiter mit guten Quar­tals­zah­len

0
GNU Me­di­aGob­lin erscheint in Version 0.4.0

2
Cu­bie­boar­d2 mit Dual­co­re-CPU

1
Kieler Open Source und Linux Tage im September

8
Parrot motzt Qua­dro­k­op­ter Ar.Drone auf

18
Oracle ändert Lizenz der MySQL-Do­ku­men­ta­ti­on

0
Mün­che­ner OpenSour­ce-Ta­ge

9
Canonical gründet »Carrier Advisory Group« zur Ver­mark­tung von Ubuntu Phones

0
Humble Bundle mit Android 6
 
Werbung