Several vulnerabilities were discovered in Subversion, a version control system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-1968 Subversion repositories with the FSFS repository data store format can be corrupted by newline characters in filenames. A remote attacker with a malicious client could use this flaw to disrupt the service for other users using that repository. CVE-2013-2112 Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process. A remote attacker can cause svnserve to exit and thus deny service to users of the server.

For the oldstable distribution (squeeze), these problems have been fixed in version 1.6.12dfsg-7. For the stable distribution (wheezy), these problems have been fixed in version 1.6.17dfsg-4+deb7u3. For the unstable distribution (sid), these problems will be fixed soon. We recommend that you upgrade your subversion packages.

Subversion, also known as svn, is a version control system much like the Concurrent Versions System (CVS). Version control systems allow many individuals (who may be distributed geographically) to collaborate on a set of files (typically source code). Subversion has all the major features of CVS, plus certain new features that CVS users often wish they had.

subversion on Debian Linux

This check tests the installed software version using the apt package manager.

• http://www.debian.org/security/2013/dsa-2703.html

---

Updated on 2015-03-25