RHSA-2017:2480-01 -- Redhat subversionID: oval:org.secpod.oval:def:502124 | Date: (C)2017-08-18 (M)2023-12-20 |
Class: PATCH | Family: unix |
Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Security Fix: * A shell command injection flaw related to the handling of "svn+ssh" URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for example when performing a "checkout" or "update" action on a malicious repository, or a legitimate repository containing a malicious commit. Red Hat would like to thank the Subversion Team for reporting this issue.
Platform: |
Red Hat Enterprise Linux 7 |