SUSE-SU-2013:0838-1: moderate: Security update for subversion

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Mon May 27 15:04:34 MDT 2013


   SUSE Security Update: Security update for subversion
______________________________________________________________________________

Announcement ID:    SUSE-SU-2013:0838-1
Rating:             moderate
References:         #813913 
Cross-References:   CVE-2013-1845 CVE-2013-1846 CVE-2013-1847
                    CVE-2013-1849 CVE-2013-1884
Affected Products:
                    SUSE Studio Onsite 1.3
                    SUSE Linux Enterprise Software Development Kit 11 SP2
______________________________________________________________________________

   An update that fixes 5 vulnerabilities is now available.

Description:


   This update fixes several DoS vulnerabilities in
   subversion's mod_dav_svn  Apache HTTPD server module.

   Security Issue references:

   * CVE-2013-1845
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1845
   >
   * CVE-2013-1846
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1846
   >
   * CVE-2013-1847
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1847
   >
   * CVE-2013-1849
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1849
   >
   * CVE-2013-1884
   <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1884
   >


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Studio Onsite 1.3:

      zypper in -t patch slestso13-subversion-7735

   - SUSE Linux Enterprise Software Development Kit 11 SP2:

      zypper in -t patch sdksp2-subversion-7735

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Studio Onsite 1.3 (x86_64):

      subversion-1.6.17-1.15.1

   - SUSE Linux Enterprise Software Development Kit 11 SP2 (i586 ia64 ppc64 s390x x86_64):

      subversion-1.6.17-1.15.1
      subversion-devel-1.6.17-1.15.1
      subversion-perl-1.6.17-1.15.1
      subversion-python-1.6.17-1.15.1
      subversion-server-1.6.17-1.15.1
      subversion-tools-1.6.17-1.15.1


References:

   http://support.novell.com/security/cve/CVE-2013-1845.html
   http://support.novell.com/security/cve/CVE-2013-1846.html
   http://support.novell.com/security/cve/CVE-2013-1847.html
   http://support.novell.com/security/cve/CVE-2013-1849.html
   http://support.novell.com/security/cve/CVE-2013-1884.html
   https://bugzilla.novell.com/813913
   http://download.novell.com/patch/finder/?keywords=d302571965ffca6d19ee7c343ef9dd14



More information about the sle-security-updates mailing list