Описание
Security update for subversion
This update for subversion fixes the following issues:
- CVE-2020-17525: A null-pointer-dereference has been found in mod_authz_svn that results in a remote unauthenticated Denial-of-Service in some server configurations (bsc#1181687).
Список пакетов
SUSE Enterprise Storage 6
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise Module for Basesystem 15 SP2
subversion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
SUSE Linux Enterprise Module for Development Tools 15 SP2
subversion-bash-completion-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise Module for Server Applications 15 SP2
subversion-server-1.10.6-3.15.1
SUSE Linux Enterprise Server 15 SP1-BCL
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise Server 15 SP1-LTSS
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise Server 15-LTSS
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Manager Proxy 4.0
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Manager Retail Branch Server 4.0
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
SUSE Manager Server 4.0
subversion-1.10.6-3.15.1
subversion-bash-completion-1.10.6-3.15.1
subversion-devel-1.10.6-3.15.1
subversion-perl-1.10.6-3.15.1
subversion-python-1.10.6-3.15.1
subversion-server-1.10.6-3.15.1
subversion-tools-1.10.6-3.15.1
Ссылки
- Link for SUSE-SU-2021:0425-1
- E-Mail link for SUSE-SU-2021:0425-1
- SUSE Security Ratings
- SUSE Bug 1181687
- SUSE CVE CVE-2020-17525 page
Описание
Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7
Затронутые продукты
SUSE Enterprise Storage 6:subversion-1.10.6-3.15.1
SUSE Enterprise Storage 6:subversion-bash-completion-1.10.6-3.15.1
SUSE Enterprise Storage 6:subversion-devel-1.10.6-3.15.1
SUSE Enterprise Storage 6:subversion-perl-1.10.6-3.15.1
Ссылки
- CVE-2020-17525
- SUSE Bug 1181687