Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-0248

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

Related bugs and status

CVE-2015-0248 (Candidate) is related to these bugs:

Bug #563179: svn crashes when checking out when saving credentials in kwallet

Summary				In	Importance	Status
	563179	svn crashes when checking out when saving credentials in kwallet		subversion (Ubuntu)	Medium	Fix Released
	563179	svn crashes when checking out when saving credentials in kwallet		subversion (Debian)	Unknown	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://subversion.apac...
MANDRIVA: MDVSA-2015:192
SUSE: openSUSE-SU-2015:0672
REDHAT: RHSA-2015:1633
CONFIRM: https://support.apple....
APPLE: APPLE-SA-2015-09-16-2
CONFIRM: http://www.oracle.com/...
BID: 74260
REDHAT: RHSA-2015:1742
UBUNTU: USN-2721-1
DEBIAN: DSA-3231
GENTOO: GLSA-201610-05
SECTRACK: 1033214