openSUSE-SU-2011:0695-1 -- Suse subversionID: oval:org.secpod.oval:def:400326 | Date: (C)2012-12-31 (M)2022-11-29 |
Class: PATCH | Family: unix |
Subversion was updated to version 1.6.17 to fix several security issues: - CVE-2011-1752: The mod_dav_svn Apache HTTPD server module can be crashed though when asked to deliver baselined WebDAV resources. - CVE-2011-1783: The mod_dav_svn Apache HTTPD server module can trigger a loop which consumes all available memory on the system. - CVE-2011-1921: The mod_dav_svn Apache HTTPD server module may leak to remote users the file contents of files configured to be unreadable by those users.