Debian Security Advisory
DLA-448-1 subversion -- LTS security update
- Date Reported:
- 01 May 2016
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2016-2167, CVE-2016-2168.
- More information:
svnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption. Due to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.
Subversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value.
This allows remote attackers to cause a denial of service.
For Debian 7
Wheezy, these issues have been fixed in subversion version 1.6.17dfsg-4+deb7u11