Debian Security Advisory DSA 2181-1 (subversion) Network Vulnerability

Summary

The remote host is missing an update to subversion announced via advisory DSA 2181-1.

Solution

For the oldstable distribution (lenny), this problem has been fixed in version 1.5.1dfsg1-6. For the stable distribution (squeeze), this problem has been fixed in version 1.6.12dfsg-5. For the testing distribution (wheezy) and the unstable distribution (sid), this problem will be fixed in version 1.6.16dfsg-1. We recommend that you upgrade your subversion packages. https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202181-1

Insight

Philip Martin discovered that HTTP-based Subversion servers crash when processing lock requests on repositories which support unauthenticated read access.

Severity

Classification

CVE CVE-2011-0715

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Debian Security Advisory DSA 1107-1 (gnupg)
Debian Security Advisory DSA 1100-1 (wv2)
Debian Security Advisory DSA 1135-1 (libtunepimp)
Debian Security Advisory DSA 1115-1 (gnupg2)
Debian Security Advisory DSA 1050-1 (clamav)

Take action and discover your vulnerabilities