Описание
Security update for subversion
This update for subversion fixes the following issues:
Security issue fixed:
- CVE-2018-11803: Fixed a vulnerability that allowed malicious SVN clients to trigger a crash in mod_dav_svn by omitting the root path from a recursive directory listing request (bsc#1122842)
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
libsvn_auth_gnome_keyring-1-0-1.10.0-lp150.2.3.1
libsvn_auth_kwallet-1-0-1.10.0-lp150.2.3.1
subversion-1.10.0-lp150.2.3.1
subversion-bash-completion-1.10.0-lp150.2.3.1
subversion-devel-1.10.0-lp150.2.3.1
subversion-perl-1.10.0-lp150.2.3.1
subversion-python-1.10.0-lp150.2.3.1
subversion-python-ctypes-1.10.0-lp150.2.3.1
subversion-ruby-1.10.0-lp150.2.3.1
subversion-server-1.10.0-lp150.2.3.1
subversion-tools-1.10.0-lp150.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:0153-1
- SUSE Security Ratings
- SUSE Bug 1122842
- SUSE CVE CVE-2018-11803 page
Описание
Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.
Затронутые продукты
openSUSE Leap 15.0:libsvn_auth_gnome_keyring-1-0-1.10.0-lp150.2.3.1
openSUSE Leap 15.0:libsvn_auth_kwallet-1-0-1.10.0-lp150.2.3.1
openSUSE Leap 15.0:subversion-1.10.0-lp150.2.3.1
openSUSE Leap 15.0:subversion-bash-completion-1.10.0-lp150.2.3.1
Ссылки
- CVE-2018-11803
- SUSE Bug 1122842