File _patchinfo of Package patchinfo.4419

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.4419

<patchinfo incident="4419">
  <packager>scarabeus_iv</packager>
  <issue tracker="bnc" id="958300">Heap overflow and out-of-bounds read in mod_dav_svn</issue>
  <issue tracker="cve" id="CVE-2015-5343"></issue>
  <issue tracker="cve" id="CVE-2015-3184"></issue>
  <issue tracker="cve" id="CVE-2015-3187"></issue>
  <issue tracker="bnc" id="939514">VUL-0: CVE-2015-3184: subversion: Mixed anonymous/authenticated path-based authz with httpd 2.4</issue>
  <issue tracker="bnc" id="939517">VUL-1: CVE-2015-3187: subversion: svn_repos_trace_node_locations() reveals paths hidden by authz</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for subversion</summary>
  <description>This update fixes the following security issues:

* CVE-2015-5343: Possible remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. (bsc#958300)
* CVE-2015-3184: mod_authz_svn information leak information in mixed anonymous/authenticated httpd (dav) configurations (bsc#939514)
* CVE-2015-3187: hidden paths leaked by path-based authz (bsc#939517)
</description>
</patchinfo>

Places

File _patchinfo of Package patchinfo.4419

Places