Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2014-8108

The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a request for a URI that triggers a lookup for a virtual transaction name that does not exist.

Related bugs and status

CVE-2014-8108 (Candidate) is related to these bugs:

Bug #563179: svn crashes when checking out when saving credentials in kwallet

Summary				In	Importance	Status
	563179	svn crashes when checking out when saving credentials in kwallet		subversion (Ubuntu)	Medium	Fix Released
	563179	svn crashes when checking out when saving credentials in kwallet		subversion (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://subversion.apac...
SECUNIA: 61131
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2015-03-09-4
REDHAT: RHSA-2015:0166
UBUNTU: USN-2721-1
BID: 71725