7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.037 Low
EPSS
Percentile
91.8%
This update includes the latest stable release of Apache Subversion, version1.8.13.
Three security vulnerabilities are fixed in this update :
CVE-2015-0202:
https://subversion.apache.org/security/CVE-2015-0202-adv isory.txt
CVE-2015-0248:
https://subversion.apache.org/security/CVE-2015-0248-a dvisory.txt
CVE-2015-0251:
https://subversion.apache.org/security/CVE-2015-0251-a dvisory.txt
In addition, the following changes are included in the Subversion 1.8.13 update :
Client-side bugfixes:
ra_serf: prevent abort of commits that have already succeeded
ra_serf: support case-insensitivity in HTTP headers
better error message if an external is shadowed
ra_svn: fix reporting of directory read errors
fix a redirect handling bug in ‘svn log’ over HTTP
properly copy tree conflict information
fix ‘svn patch’ output for reordered hunks http://subversion.tigris.org/issues/show_bug.cgi?id=45 33
svnrdump load: don’t load wrong props with no-deltas dump http://subversion.tigris.org/issues/show_bug.cgi?id=45 51
fix working copy corruption with relative file external http://subversion.tigris.org/issues/show_bug.cgi?id=44 11
don’t crash if config file is unreadable
svn resolve: don’t ask a question with only one answer
fix assertion failure in svn move
working copy performance improvements
handle existing working copies which become externals
fix recording of WC meta-data for foreign repos copies
fix calculating repository path of replaced directories
fix calculating repository path after commit of switched nodes
svnrdump: don’t provide HEAD+1 as base revision for deletes
don’t leave conflict markers on files that are moved
avoid unnecessary subtree mergeinfo recording
fix diff of a locally copied directory with props
Server-side bugfixes:
fsfs: fix a problem verifying pre-1.4 repos used with 1.8
svnadmin freeze: fix memory allocation error
svnadmin load: tolerate invalid mergeinfo at r0
svnadmin load: strip references to r1 from mergeinfo http://subversion.tigris.org/issues/show_bug.cgi?id=45 38
svnsync: strip any r0 references from mergeinfo http://subversion.tigris.org/issues/show_bug.cgi?id=44 76
fsfs: reduce memory consumption when operating on dag nodes
reject invalid get-location-segments requests in mod_dav_svn and svnserve
mod_dav_svn: reject invalid txnprop change requests
Client-side and server-side bugfixes:
fix undefined behaviour in string buffer routines
fix consistency issues with APR r/w locks on Windows
fix occasional SEGV if threads load DSOs in parallel
properly duplicate svn error objects
fix use-after-free in config parser
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Fedora Security Advisory 2015-11795.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(85065);
script_version("2.5");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2015-0202", "CVE-2015-0248", "CVE-2015-0251");
script_xref(name:"FEDORA", value:"2015-11795");
script_name(english:"Fedora 21 : subversion-1.8.13-7.fc21 (2015-11795)");
script_summary(english:"Checks rpm output for the updated package.");
script_set_attribute(
attribute:"synopsis",
value:"The remote Fedora host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"This update includes the latest stable release of **Apache
Subversion**, version **1.8.13**.
Three security vulnerabilities are fixed in this update :
- CVE-2015-0202:
https://subversion.apache.org/security/CVE-2015-0202-adv
isory.txt
- CVE-2015-0248:
https://subversion.apache.org/security/CVE-2015-0248-a
dvisory.txt
- CVE-2015-0251:
https://subversion.apache.org/security/CVE-2015-0251-a
dvisory.txt
In addition, the following changes are included in the Subversion
1.8.13 update :
**Client-side bugfixes:**
- ra_serf: prevent abort of commits that have already
succeeded
- ra_serf: support case-insensitivity in HTTP headers
- better error message if an external is shadowed
- ra_svn: fix reporting of directory read errors
- fix a redirect handling bug in 'svn log' over HTTP
- properly copy tree conflict information
- fix 'svn patch' output for reordered hunks
http://subversion.tigris.org/issues/show_bug.cgi?id=45
33
- svnrdump load: don't load wrong props with no-deltas
dump
http://subversion.tigris.org/issues/show_bug.cgi?id=45
51
- fix working copy corruption with relative file
external
http://subversion.tigris.org/issues/show_bug.cgi?id=44
11
- don't crash if config file is unreadable
- svn resolve: don't ask a question with only one answer
- fix assertion failure in svn move
- working copy performance improvements
- handle existing working copies which become externals
- fix recording of WC meta-data for foreign repos copies
- fix calculating repository path of replaced
directories
- fix calculating repository path after commit of
switched nodes
- svnrdump: don't provide HEAD+1 as base revision for
deletes
- don't leave conflict markers on files that are moved
- avoid unnecessary subtree mergeinfo recording
- fix diff of a locally copied directory with props
**Server-side bugfixes:**
- fsfs: fix a problem verifying pre-1.4 repos used with
1.8
- svnadmin freeze: fix memory allocation error
- svnadmin load: tolerate invalid mergeinfo at r0
- svnadmin load: strip references to r1 from mergeinfo
http://subversion.tigris.org/issues/show_bug.cgi?id=45
38
- svnsync: strip any r0 references from mergeinfo
http://subversion.tigris.org/issues/show_bug.cgi?id=44
76
- fsfs: reduce memory consumption when operating on dag
nodes
- reject invalid get-location-segments requests in
mod_dav_svn and svnserve
- mod_dav_svn: reject invalid txnprop change requests
**Client-side and server-side bugfixes:**
- fix undefined behaviour in string buffer routines
- fix consistency issues with APR r/w locks on Windows
- fix occasional SEGV if threads load DSOs in parallel
- properly duplicate svn error objects
- fix use-after-free in config parser
Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"http://subversion.tigris.org/issues/show_bug.cgi?id=4411"
);
script_set_attribute(
attribute:"see_also",
value:"http://subversion.tigris.org/issues/show_bug.cgi?id=4476"
);
script_set_attribute(
attribute:"see_also",
value:"http://subversion.tigris.org/issues/show_bug.cgi?id=4533"
);
script_set_attribute(
attribute:"see_also",
value:"http://subversion.tigris.org/issues/show_bug.cgi?id=4538"
);
script_set_attribute(
attribute:"see_also",
value:"http://subversion.tigris.org/issues/show_bug.cgi?id=4551"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1205134"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1205138"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.redhat.com/show_bug.cgi?id=1205140"
);
# https://lists.fedoraproject.org/pipermail/package-announce/2015-July/162535.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?1c4153a0"
);
script_set_attribute(
attribute:"see_also",
value:"https://subversion.apache.org/security/CVE-2015-0202-advisory.txt"
);
script_set_attribute(
attribute:"see_also",
value:"https://subversion.apache.org/security/CVE-2015-0248-advisory.txt"
);
script_set_attribute(
attribute:"see_also",
value:"https://subversion.apache.org/security/CVE-2015-0251-advisory.txt"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected subversion package."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:subversion");
script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:21");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/08");
script_set_attribute(attribute:"patch_publication_date", value:"2015/07/17");
script_set_attribute(attribute:"plugin_publication_date", value:"2015/07/29");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Fedora Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora");
os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora");
os_ver = os_ver[1];
if (! ereg(pattern:"^21([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 21.x", "Fedora " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu);
flag = 0;
if (rpm_check(release:"FC21", reference:"subversion-1.8.13-7.fc21")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "subversion");
}
Vendor | Product | Version | CPE |
---|---|---|---|
fedoraproject | fedora | subversion | p-cpe:/a:fedoraproject:fedora:subversion |
fedoraproject | fedora | 21 | cpe:/o:fedoraproject:fedora:21 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0202
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0251
subversion.tigris.org/issues/show_bug.cgi?id=4411
subversion.tigris.org/issues/show_bug.cgi?id=4476
subversion.tigris.org/issues/show_bug.cgi?id=4533
subversion.tigris.org/issues/show_bug.cgi?id=4538
subversion.tigris.org/issues/show_bug.cgi?id=4551
www.nessus.org/u?1c4153a0
bugzilla.redhat.com/show_bug.cgi?id=1205134
bugzilla.redhat.com/show_bug.cgi?id=1205138
bugzilla.redhat.com/show_bug.cgi?id=1205140
subversion.apache.org/security/CVE-2015-0202-advisory.txt
subversion.apache.org/security/CVE-2015-0248-advisory.txt
subversion.apache.org/security/CVE-2015-0251-advisory.txt