openSUSE Build Service

Overview Details Repositories Revisions Requests Users Attributes Meta

Security update for subversion

This update for subversion fixes the following issues:

- CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY authorization check (bsc#976849)
- CVE-2016-2168: svnserve/sasl may authenticate users using the wrong realm (bsc#976850)

The following non-security bugs were fixed:

- bsc#969159: subversion dependencies did not enforce matching password store
- bsc#911620: svnserve could not be started via YaST Service manager

This update was imported from the SUSE:SLE-12:Update update project.

Submitted by Tomáš Chvátal (scarabeus_iv)

Fixed bugs

bnc#976849

VUL-1: CVE-2016-2167: subversion: svnserve/sasl may authenticate users using the wrong realm

bnc#976850

VUL-0: CVE-2016-2168: subversion: mod_authz_svn: DoS in MOVE/COPY authorization check

bnc#969159

subversion dependencies do not enforce matching password store (here: svn_kwallet)

bnc#911620

svn server (svnserve) cannot be started via yast > service manager - Systemd EnvironmentFile is missing

CVE-CVE-2016-2167

CVE-CVE-2016-2168

Places

Fixed bugs

Selected Binaries

Places