SUSE-SU-2019:2032-1

Опубликовано: 31 июл. 2019

Источник: suse-cvrf

Описание

Security update for subversion

This update for subversion fixes the following issues:

Security issues fixed:

CVE-2018-11782: Fixed a remote denial of service in svnserve 'get-deleted-rev' (bsc#1142743).
CVE-2019-0203: Fixed a remote, unauthenticated denial of service in svnserve (bsc#1142721).

Non-security issues fixed:

Add instructions for running svnserve as a user different from 'svn', and remove sysconfig variables that are no longer effective with the systemd unit. bsc#1049448

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP4

libsvn_auth_gnome_keyring-1-0-1.8.19-25.9.1

subversion-1.8.19-25.9.1

subversion-bash-completion-1.8.19-25.9.1

subversion-devel-1.8.19-25.9.1

subversion-perl-1.8.19-25.9.1

subversion-python-1.8.19-25.9.1

subversion-server-1.8.19-25.9.1

subversion-tools-1.8.19-25.9.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20192032-1/
Link for SUSE-SU-2019:2032-1
https://lists.suse.com/pipermail/sle-security-updates/2019-July/005765.html
E-Mail link for SUSE-SU-2019:2032-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1049448
SUSE Bug 1049448
https://bugzilla.suse.com/1142721
SUSE Bug 1142721
https://bugzilla.suse.com/1142743
SUSE Bug 1142743
https://www.suse.com/security/cve/CVE-2018-11782/
SUSE CVE CVE-2018-11782 page
https://www.suse.com/security/cve/CVE-2019-0203/
SUSE CVE CVE-2019-0203 page

Описание

In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12 SP4:libsvn_auth_gnome_keyring-1-0-1.8.19-25.9.1

SUSE Linux Enterprise Software Development Kit 12 SP4:subversion-1.8.19-25.9.1

SUSE Linux Enterprise Software Development Kit 12 SP4:subversion-bash-completion-1.8.19-25.9.1

SUSE Linux Enterprise Software Development Kit 12 SP4:subversion-devel-1.8.19-25.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-11782.html
CVE-2018-11782
https://bugzilla.suse.com/1142743
SUSE Bug 1142743

Описание

In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion's svnserve server process may exit when a client sends certain sequences of protocol commands. This can lead to disruption for users of the server.

Затронутые продукты

SUSE Linux Enterprise Software Development Kit 12 SP4:libsvn_auth_gnome_keyring-1-0-1.8.19-25.9.1

SUSE Linux Enterprise Software Development Kit 12 SP4:subversion-1.8.19-25.9.1

SUSE Linux Enterprise Software Development Kit 12 SP4:subversion-bash-completion-1.8.19-25.9.1

SUSE Linux Enterprise Software Development Kit 12 SP4:subversion-devel-1.8.19-25.9.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-0203.html
CVE-2019-0203
https://bugzilla.suse.com/1142721
SUSE Bug 1142721

SUSE-SU-2019:2032-1

Описание

Список пакетов

SUSE Linux Enterprise Software Development Kit 12 SP4

Ссылки

Уязвимость: CVE-2018-11782

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2019-0203

Описание

Затронутые продукты

Ссылки