Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2015-0248 Subversion mod_dav_svn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain requests with dynamically evaluated revision numbers. CVE-2015-0251 Subversion HTTP servers allow spoofing svn:author property values for new revisions via specially crafted v1 HTTP protocol request sequences. For the stable distribution (wheezy), these problems have been fixed in version 1.6.17dfsg-4+deb7u9. For the upcoming stable distribution (jessie), these problems have been fixed in version 1.8.10-6. For the unstable distribution (sid), these problems have been fixed in version 1.8.10-6. We recommend that you upgrade your subversion packages.
Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems:
Subversion mod_dav_svn and svnserve were vulnerable to a remotely triggerable assertion DoS vulnerability for certain requests with dynamically evaluated revision numbers.
Subversion HTTP servers allow spoofing svn:author property values for new revisions via specially crafted v1 HTTP protocol request sequences.
For the stable distribution (wheezy), these problems have been fixed in version 1.6.17dfsg-4+deb7u9.
For the upcoming stable distribution (jessie), these problems have been fixed in version 1.8.10-6.
For the unstable distribution (sid), these problems have been fixed in version 1.8.10-6.
We recommend that you upgrade your subversion packages.