Описание
ELSA-2011-0258: subversion security update (MODERATE)
[1.6.11-2.2]
- add security fixes for CVE-2010-4644, CVE-2010-4539 (#672678)
[1.6.11-2.1]
- add security fix for CVE-2010-3315 (#640322)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
mod_dav_svn
1.6.11-2.el6_0.2
subversion
1.6.11-2.el6_0.2
subversion-devel
1.6.11-2.el6_0.2
subversion-gnome
1.6.11-2.el6_0.2
subversion-javahl
1.6.11-2.el6_0.2
subversion-kde
1.6.11-2.el6_0.2
subversion-perl
1.6.11-2.el6_0.2
subversion-ruby
1.6.11-2.el6_0.2
subversion-svn2cl
1.6.11-2.el6_0.2
Oracle Linux i686
mod_dav_svn
1.6.11-2.el6_0.2
subversion
1.6.11-2.el6_0.2
subversion-devel
1.6.11-2.el6_0.2
subversion-gnome
1.6.11-2.el6_0.2
subversion-javahl
1.6.11-2.el6_0.2
subversion-kde
1.6.11-2.el6_0.2
subversion-perl
1.6.11-2.el6_0.2
subversion-ruby
1.6.11-2.el6_0.2
subversion-svn2cl
1.6.11-2.el6_0.2
Связанные CVE
Связанные уязвимости
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
authz.c in the mod_dav_svn module for the Apache HTTP Server, as distr ...