Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-3580

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

Related bugs and status

CVE-2014-3580 (Candidate) is related to these bugs:

Bug #563179: svn crashes when checking out when saving credentials in kwallet

Summary				In	Importance	Status
	563179	svn crashes when checking out when saving credentials in kwallet		subversion (Ubuntu)	Medium	Fix Released
	563179	svn crashes when checking out when saving credentials in kwallet		subversion (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://subversion.apac...
SECUNIA: 61131
DEBIAN: DSA-3107
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2015-03-09-4
REDHAT: RHSA-2015:0165
REDHAT: RHSA-2015:0166
BID: 71726
UBUNTU: USN-2721-1