Security update for subversion
This update for subversion fixes the following issues:
- CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY authorization check (bsc#976849)
- CVE-2016-2168: svnserve/sasl may authenticate users using the wrong realm (bsc#976850)
The following non-security bugs were fixed:
- bsc#969159: subversion dependencies did not enforce matching password store
- bsc#911620: svnserve could not be started via YaST Service manager
This update was imported from the SUSE:SLE-12:Update update project.
- Submitted by Tomáš Chvátal (scarabeus_iv)
Fixed bugs
bnc#976849
VUL-1: CVE-2016-2167: subversion: svnserve/sasl may authenticate users using the wrong realm
bnc#976850
VUL-0: CVE-2016-2168: subversion: mod_authz_svn: DoS in MOVE/COPY authorization check
bnc#969159
subversion dependencies do not enforce matching password store (here: svn_kwallet)
bnc#911620
svn server (svnserve) cannot be started via yast > service manager - Systemd EnvironmentFile is missing