Lucene search
GoogleOSV:DSA-3561-1HistoryApr 29, 2016 - 12:00 a.m.
subversion - security update
2016-04-2900:00:00
Google
osv.dev
11
0.084 Low
EPSS
Percentile
94.5%
Several vulnerabilities were discovered in Subversion, a version control
system. The Common Vulnerabilities and Exposures project identifies the
following problems:
- CVE-2016-2167
Daniel Shahaf and James McCoy discovered that an implementation
error in the authentication against the Cyrus SASL library would
permit a remote user to specify a realm string which is a prefix of
the expected realm string and potentially allowing a user to
authenticate using the wrong realm. - CVE-2016-2168
Ivan Zhakov of VisualSVN discovered a remotely triggerable denial
of service vulnerability in the mod_authz_svn module during COPY or
MOVE authorization check. An authenticated remote attacker could
take advantage of this flaw to cause a denial of service
(Subversion server crash) via COPY or MOVE requests with specially
crafted header.
For the stable distribution (jessie), these problems have been fixed in
version 1.8.10-6+deb8u4.
For the unstable distribution (sid), these problems have been fixed in
version 1.9.4-1.
We recommend that you upgrade your subversion packages.
References
Related
nessus
nessus
Slackware 14.0 / 14.1 / current : subversion (SSA:2016-121-01)
2016-05-02 00:00:00
openSUSE Security Update : subversion (openSUSE-2016-571)
2016-05-09 00:00:00
Fedora 24 : subversion-1.9.4-1.fc24 (2016-20cc04ac50)
2016-05-12 00:00:00
fedora
fedora
[SECURITY] Fedora 24 Update: subversion-1.9.4-1.fc24
2016-05-10 11:50:37
[SECURITY] Fedora 23 Update: subversion-1.9.4-1.fc23
2016-05-12 07:32:42
osv
osv
subversion - security update
2016-05-01 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2016-710)
2016-10-26 00:00:00
Fedora Update for subversion FEDORA-2016-e024b3e02b
2016-06-08 00:00:00
Apache Subversion Multiple Vulnerabilities (May 2016)
2016-05-18 00:00:00
slackware
slackware
[slackware-security] subversion
2016-04-30 20:34:18
amazon
amazon
Medium: mod_dav_svn
2016-06-02 18:09:00
Medium: subversion
2016-06-02 18:08:00
debian
debian
[SECURITY] [DSA 3561-1] subversion security update
2016-04-29 13:04:16
[SECURITY] [DLA 448-1] subversion security update
2016-05-01 02:26:52
[SECURITY] [DSA 3561-1] subversion security update
2016-04-29 13:04:16
mageia
mageia
Updated subversion packages fix security vulnerabilities
2016-05-05 12:05:33
freebsd
freebsd
subversion -- multiple vulnerabilities
2016-04-21 00:00:00
kaspersky
kaspersky
KLA10808 Multiple vulnerabilities in Apache Subversion
2016-05-05 00:00:00
archlinux
archlinux
subversion: multiple issues
2016-06-08 00:00:00
ubuntu
ubuntu
Subversion vulnerabilities
2017-10-24 00:00:00
Subversion vulnerabilities
2017-08-11 00:00:00
nvd
nvd
CVE-2016-2168
2016-05-05 18:59:01
CVE-2016-2167
2016-05-05 18:59:00
debiancve
debiancve
CVE-2016-2168
2016-05-05 18:59:01
CVE-2016-2167
2016-05-05 18:59:00
prion
prion
Null pointer dereference
2016-05-05 18:59:00
Design/Logic Flaw
2016-05-05 18:59:00
cve
cve
CVE-2016-2168
2016-05-05 18:59:01
CVE-2016-2167
2016-05-05 18:59:00
cvelist
cvelist
CVE-2016-2168
2016-05-05 18:00:00
CVE-2016-2167
2016-05-05 18:00:00
ubuntucve
ubuntucve
CVE-2016-2168
2016-05-05 00:00:00
CVE-2016-2167
2016-05-05 00:00:00
photon
photon
cloudfoundry
cloudfoundry
USN-3388-1: Subversion vulnerabilities | Cloud Foundry
2017-08-17 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1979
2021-07-02 18:11:52
gentoo
gentoo
Subversion, Serf: Multiple Vulnerabilities
2016-10-11 00:00:00
suse
suse
Security update for subversion (important)
2017-08-17 12:10:12
oracle
oracle
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00