user/subversion: multiple vulnerabilities
Bugzilla ID | 167 |
Alias(es) | CVE-2018-11782, CVE-2019-0203 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2019-08-01 13:06:16 -0500 |
Modified | 2019-08-04 19:23:18 -0500 |
Status | RESOLVED FIXED |
Version | 1.0-BETA3 |
Hardware | Adélie Linux / All |
Importance | --- / normal |
URL | https://www.openwall.com/lists/oss-security/2019/07/31/3 |
Description
CVE-2019-0203:
Subversion's svnserve server process may exit when a client sends
certain sequences of protocol commands.This can lead to disruption for users of the server.
CVE-2018-11782:
Subversion's svnserve server process may exit when a well-formed
read-only request produces a particular answer.This can lead to disruption for users of the server.
Both are fixed in >= 1.12.2 (1.12.1 is either a development version or
does not exist).