subversion-1.6.11-11.AXS3

エラータID: AXSA:2013-398:01

Release date: 
Thursday, April 25, 2013 - 10:25
Subject: 
subversion-1.6.11-11.AXS3
Affected Channels: 
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity: 
High
Description: 

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS.

Security issues fixed with this release:
• CVE-2013-1845
• CVE-2013-1846
• CVE-2013-1847
• CVE-2013-1849
No information available at the time of writing, please refer to the CVE links below.

Solution: 

Update packages.

CVEs: 
CVE-2013-1845
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (memory consumption) by (1) setting or (2) deleting a large number of properties for a file or directory.
CVE-2013-1846
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a LOCK on an activity URL.
CVE-2013-1847
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an anonymous LOCK for a URL that does not exist.
CVE-2013-1849
The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through 1.6.20 and 1.7.0 through 1.7.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a PROPFIND request for an activity URL.


Additional Info: 

N/A

Download: 

SRPMS
  1. subversion-1.6.11-11.AXS3.src.rpm
    MD5: e0fd53eb3106e3d9c0a5e1fe234daca6
    SHA-256: 708a577a1262e2dd37b0c9aa4e2c9002a1c498ac0ef8c83efa34875223eba926
    Size: 11.89 MB

Asianux Server 3 for x86
  1. mod_dav_svn-1.6.11-11.AXS3.i386.rpm
    MD5: 431ceb22ccf7fdc079233c2a80ba76bc
    SHA-256: 7528827b267a87983fc33ab215accb877b760b9a48229edff2e68a95250b0f5d
    Size: 78.67 kB
  2. subversion-1.6.11-11.AXS3.i386.rpm
    MD5: f9e41fce96dc621a874e8f94d3cf40c6
    SHA-256: 69acf8b4c7b74f884b3aa6d6e4e69f8ff2db1957a4c3eb5e06e982e1b5c480ca
    Size: 3.14 MB
  3. subversion-devel-1.6.11-11.AXS3.i386.rpm
    MD5: 60069086f4263457be192f0f9d2ef75c
    SHA-256: 89161717d7483005f3dfbda68db7cf3a7a911cf2a84e94040919634626a0a295
    Size: 268.26 kB
  4. subversion-javahl-1.6.11-11.AXS3.i386.rpm
    MD5: adb99eed01ba5641b5cb4f345606a7be
    SHA-256: 37b6414f254ba767146cbe759252465c3bcf472041fabc15cdd603ad48010bf3
    Size: 176.78 kB
  5. subversion-perl-1.6.11-11.AXS3.i386.rpm
    MD5: 5e48f3e26f158ceff7eee2376877b179
    SHA-256: 35aef4bb95f0909db39f75187c2894727b8e2993b5043f5ae4b972399c921a6f
    Size: 1.05 MB
  6. subversion-ruby-1.6.11-11.AXS3.i386.rpm
    MD5: 6a8a829044b674a4b4e2a41986a98030
    SHA-256: aa410766920668b3ca7a1ae9623b45b0e736d2db77e72b83ade4a33742bc505e
    Size: 461.27 kB

Asianux Server 3 for x86_64
  1. mod_dav_svn-1.6.11-11.AXS3.x86_64.rpm
    MD5: f782075707cf784874dde59a76dbf863
    SHA-256: 0e8cb5528346b3f8d8bd2107b4b1ffb2a236b1252aa81bd8136dbee7e48093ae
    Size: 79.15 kB
  2. subversion-1.6.11-11.AXS3.x86_64.rpm
    MD5: f1043a4254dfd8bc9776cf991387a880
    SHA-256: f0b4095c8badb01bf85a1d557222d9791ac1ab419c16d96059c63a2024921c31
    Size: 3.23 MB
  3. subversion-devel-1.6.11-11.AXS3.x86_64.rpm
    MD5: c4cb48df2bbbe7c535e096802930b54b
    SHA-256: 332eb437fe9dedb99a4f2f482afc7318ee92c5e0497c8dec49bd06c95efe4167
    Size: 268.33 kB
  4. subversion-javahl-1.6.11-11.AXS3.x86_64.rpm
    MD5: eb0fbe0f0853461b9355be0339e951a3
    SHA-256: e7585381454d8dfe252d51fbcf4adebcfa18dba6a5c1c04bd1a3e289d58b6b60
    Size: 179.70 kB
  5. subversion-perl-1.6.11-11.AXS3.x86_64.rpm
    MD5: c3658060ba0498d2b2c5abb198ce5bc3
    SHA-256: 5a1376d037184a3f7396fa3a799444c89383efe911e9f2541837740e10c71dd7
    Size: 1.05 MB
  6. subversion-ruby-1.6.11-11.AXS3.x86_64.rpm
    MD5: 5fa82f5700b08c0d8be17ce8f325bcb9
    SHA-256: 118ca45833c56ee1945f58c82a5cb2681abe0a869c58916f17f6b1a2cbc96be2
    Size: 516.72 kB