Описание
Security update for subversion
This update for subversion to version 1.10.6 fixes the following issues:
Security issues fixed:
- CVE-2018-11782: Fixed a remote denial of service in svnserve 'get-deleted-rev' (bsc#1142743).
- CVE-2019-0203: Fixed a remote, unauthenticated denial of service in svnserve (bsc#1142721).
Список пакетов
SUSE Linux Enterprise Module for Basesystem 15
subversion-1.10.6-3.6.2
subversion-devel-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
subversion-1.10.6-3.6.2
subversion-devel-1.10.6-3.6.2
SUSE Linux Enterprise Module for Development Tools 15
subversion-bash-completion-1.10.6-3.6.2
subversion-perl-1.10.6-3.6.2
subversion-python-1.10.6-3.6.2
subversion-tools-1.10.6-3.6.2
SUSE Linux Enterprise Module for Development Tools 15 SP1
subversion-bash-completion-1.10.6-3.6.2
subversion-perl-1.10.6-3.6.2
subversion-python-1.10.6-3.6.2
subversion-tools-1.10.6-3.6.2
SUSE Linux Enterprise Module for Server Applications 15
subversion-server-1.10.6-3.6.2
SUSE Linux Enterprise Module for Server Applications 15 SP1
subversion-server-1.10.6-3.6.2
Ссылки
- Link for SUSE-SU-2019:2031-1
- E-Mail link for SUSE-SU-2019:2031-1
- SUSE Security Ratings
- SUSE Bug 1142721
- SUSE Bug 1142743
- SUSE CVE CVE-2018-11782 page
- SUSE CVE CVE-2019-0203 page
Описание
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:subversion-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15 SP1:subversion-devel-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15:subversion-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15:subversion-devel-1.10.6-3.6.2
Ссылки
- CVE-2018-11782
- SUSE Bug 1142743
Описание
In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.
Затронутые продукты
SUSE Linux Enterprise Module for Basesystem 15 SP1:subversion-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15 SP1:subversion-devel-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15:subversion-1.10.6-3.6.2
SUSE Linux Enterprise Module for Basesystem 15:subversion-devel-1.10.6-3.6.2
Ссылки
- CVE-2019-0203
- SUSE Bug 1142721