MGASA-2014-0545
- Source
- https://advisories.mageia.org/MGASA-2014-0545.html
- Import Source
- https://advisories.mageia.org/MGASA-2014-0545.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2014-0545
- Related
- Published
- 2014-12-23T20:35:35Z
- Modified
- 2014-12-23T20:28:29Z
- Summary
- Updated subversion packages fix security vulnerabilities
- Details
-
A NULL pointer dereference flaw was found in the way moddavsvn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash moddavsvn (CVE-2014-3580).
A NULL pointer dereference flaw was found in the way moddavsvn handled URIs for virtual transaction names. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing moddavsvn to crash (CVE-2014-8108).
- References
-
- https://advisories.mageia.org/MGASA-2014-0545.html
- https://bugs.mageia.org/show_bug.cgi?id=14826
- http://subversion.apache.org/security/CVE-2014-3580-advisory.txt
- http://subversion.apache.org/security/CVE-2014-8108-advisory.txt
- https://bugzilla.redhat.com/show_bug.cgi?id=1174054
- https://bugzilla.redhat.com/show_bug.cgi?id=1174057
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:4 / subversion
Package
- Name
- subversion
- Purl
- pkg:rpm/mageia/subversion?distro=mageia-4