subversion-1.4.2-4.1.1AXS3
エラータID: AXSA:2009-374:02
リリース日:
2009/08/19 Wednesday - 12:36
題名:
subversion-1.4.2-4.1.1AXS3
影響のあるチャネル:
Asianux Server 3 for x86_64
Asianux Server 3 for x86
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- Subversion の libsvn_delta ライブラリには複数の整数オーバーフローが存在し、リモートの認証されたユーザとリモートの Subversion サーバが svndiff ストリームによって任意のコードを実行する脆弱性があります。(CVE-2009-2411)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2009-2411
Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.
Multiple integer overflows in the libsvn_delta library in Subversion before 1.5.7, and 1.6.x before 1.6.4, allow remote authenticated users and remote Subversion servers to execute arbitrary code via an svndiff stream with large windows that trigger a heap-based buffer overflow, a related issue to CVE-2009-2412.
追加情報:
N/A
ダウンロード:
SRPMS
- subversion-1.4.2-4.1.1AXS3.src.rpm
MD5: 95a23224f9acc377bf517c90e76aa1d1
SHA-256: daab436aa76fb4ef33f6a66890e89cc15d8fb086948b71ade8c147629886c611
Size: 6.05 MB
Asianux Server 3 for x86
- mod_dav_svn-1.4.2-4.1.1AXS3.i386.rpm
MD5: e133dc79e5d386a3a3067e7089ca3f05
SHA-256: 711846684b8da52a6a17062711425eb2df4b14f5dec5d429fd39a3a9d8ec24ad
Size: 70.04 kB - subversion-1.4.2-4.1.1AXS3.i386.rpm
MD5: f323cf95f0215da9fc3efdbf521fd1dd
SHA-256: 1732ff2f2fe6d4b92092af68cb14d1e1888fdf185fb91eab682ab1c4aa799bde
Size: 2.29 MB - subversion-devel-1.4.2-4.1.1AXS3.i386.rpm
MD5: e8ac798b3e36144d626043d615973664
SHA-256: ba2f8d5e5c7de9b004afcdda8681aa1dbce5ae2a1931b851cff02606bc4bbdb4
Size: 200.74 kB - subversion-javahl-1.4.2-4.1.1AXS3.i386.rpm
MD5: 28febd88616d485dd4d65c100234f83e
SHA-256: 757e38f14395b56e4ecf4edb3fd3187a3373651ce6835eb682eb753852b7dff3
Size: 124.32 kB - subversion-perl-1.4.2-4.1.1AXS3.i386.rpm
MD5: 14ed2f181d136e594061d5c0e95f4cb2
SHA-256: 7bf1e8064f120ab8cf789ae66fbb7afc20ccb1a8bbd2538b6e2aadc98ff6cc25
Size: 753.78 kB - subversion-ruby-1.4.2-4.1.1AXS3.i386.rpm
MD5: fcb4e58b4824a18c8dd8313927279c86
SHA-256: 96a22a150eb86f8c2ae05d963dc93960337fcd5102a2540cc814a9a462c22151
Size: 339.22 kB
Asianux Server 3 for x86_64
- mod_dav_svn-1.4.2-4.1.1AXS3.x86_64.rpm
MD5: d86e1ac16952e33e77b657b37d17bf1b
SHA-256: 42213b899b9207aea584e1c09b214adf4836b5eda7f715a4771ded62c7553ee9
Size: 70.73 kB - subversion-1.4.2-4.1.1AXS3.x86_64.rpm
MD5: 4165e672031daffcc539ab76e36b827d
SHA-256: 7bb85b53a6c88dbbd2e18e70f10859a7c0dea82f5b722f19278ced044e8e1437
Size: 2.36 MB - subversion-devel-1.4.2-4.1.1AXS3.x86_64.rpm
MD5: e894b09a0c2bc50bf6d9ac3f1e22a2dd
SHA-256: 4800a25d51ac368d591001f852227c5c4b83a12dd83c3de93cedb4f65d12b9d6
Size: 200.82 kB - subversion-javahl-1.4.2-4.1.1AXS3.x86_64.rpm
MD5: efc5a06531e70ea3ea1b0277e8e2381d
SHA-256: 3fac28a9c98968fb8b385fb3ff86950e81e929c4b75986a9964c5a8e5444a208
Size: 127.02 kB - subversion-perl-1.4.2-4.1.1AXS3.x86_64.rpm
MD5: 0040fda30479e53363e52a984ce9156e
SHA-256: f9955855df5d194a3e3f06c40649cc3c9fd673435fab9eed56a3ec088508f847
Size: 766.17 kB - subversion-ruby-1.4.2-4.1.1AXS3.x86_64.rpm
MD5: 249f4bb0972c34ea64365142fb98457d
SHA-256: c0c767e86573dd3f17c3d7010686ee212df52aba7977c6090c497ae4d8426ae3
Size: 362.61 kB