MDVSA-2013:152 -- Mandriva subversionID: oval:org.secpod.oval:def:1300188 | Date: (C)2013-05-02 (M)2023-12-07 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been found and corrected in subversion: Subversion's mod_dav_svn Apache HTTPD server module will use excessive amounts of memory when a large number of properties are set or deleted on a node. This can lead to a DoS. There are no known instances of this problem being observed in the wild . Subversion's mod_dav_svn Apache HTTPD server module will crash when a LOCK request is made against activity URLs. This can lead to a DoS. There are no known instances of this problem being observed in the wild . Subversion's mod_dav_svn Apache HTTPD server module will crash in some circumstances when a LOCK request is made against a non-existent URL. This can lead to a DoS. There are no known instances of this problem being observed in the wild . Subversion's mod_dav_svn Apache HTTPD server module will crash when a PROPFIND request is made against activity URLs. This can lead to a DoS. There are no known instances of this problem being observed in the wild, but the details of how to exploit it have been disclosed on the full disclosure mailing list . The updated packages have been upgraded to the 1.6.21 version which is not affected by these issues.
Platform: |
Mandriva Enterprise Server 5.2 |