Debian Security Advisory

DLA-448-1 subversion -- LTS security update

Date Reported:
01 May 2016
Affected Packages:
subversion
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2016-2167, CVE-2016-2168.
More information:
  • CVE-2016-2167

    svnserve, the svn:// protocol server, can optionally use the Cyrus SASL library for authentication, integrity protection, and encryption. Due to a programming oversight, authentication against Cyrus SASL would permit the remote user to specify a realm string which is a prefix of the expected realm string.

  • CVE-2016-2168

    Subversion's httpd servers are vulnerable to a remotely triggerable crash in the mod_authz_svn module. The crash can occur during an authorization check for a COPY or MOVE request with a specially crafted header value.

    This allows remote attackers to cause a denial of service.

For Debian 6 Squeeze, these issues have been fixed in subversion version 1.6.17dfsg-4+deb7u11