Debian Long Term Support / LTS Security Information / 2016 / Security Information -- DLA-448-1 subversion

Debian Security Advisory

DLA-448-1 subversion -- LTS security update

Date Reported:

01 May 2016

Affected Packages:

subversion

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2016-2167, CVE-2016-2168.

More information:

• CVE-2016-2167

  svnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption. Due to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.

• CVE-2016-2168

  Subversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value.

  This allows remote attackers to cause a denial of service.

For Debian 7 Wheezy, these issues have been fixed in subversion version 1.6.17dfsg-4+deb7u11