Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 through 1.8.16, and 1.9.0 through 1.9.4 are vulnerable to a denial-of-service attack caused by exponential XML entity expansion. The attack can cause the targeted process to consume an excessive amount of CPU resources or memory.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libsvn-java": "1.8.8-1ubuntu3.3", "libsvn-perl": "1.8.8-1ubuntu3.3", "libsvn1": "1.8.8-1ubuntu3.3", "subversion": "1.8.8-1ubuntu3.3", "libsvn-perl-dbgsym": "1.8.8-1ubuntu3.3", "python-subversion-dbgsym": "1.8.8-1ubuntu3.3", "subversion-dbg": "1.8.8-1ubuntu3.3", "ruby-svn": "1.8.8-1ubuntu3.3", "python-subversion": "1.8.8-1ubuntu3.3", "subversion-tools": "1.8.8-1ubuntu3.3", "libsvn-ruby1.8": "1.8.8-1ubuntu3.3", "libsvn-dev": "1.8.8-1ubuntu3.3", "libapache2-mod-svn": "1.8.8-1ubuntu3.3", "libsvn-doc": "1.8.8-1ubuntu3.3", "subversion-dbgsym": "1.8.8-1ubuntu3.3", "libsvn-dev-dbgsym": "1.8.8-1ubuntu3.3", "libapache2-mod-svn-dbgsym": "1.8.8-1ubuntu3.3", "libsvn1-dbgsym": "1.8.8-1ubuntu3.3", "libapache2-svn": "1.8.8-1ubuntu3.3", "libsvn-java-dbgsym": "1.8.8-1ubuntu3.3", "ruby-svn-dbgsym": "1.8.8-1ubuntu3.3", "python-subversion-dbg": "1.8.8-1ubuntu3.3" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "libsvn-java": "1.9.3-2ubuntu1.1", "libsvn-perl": "1.9.3-2ubuntu1.1", "libsvn1": "1.9.3-2ubuntu1.1", "subversion": "1.9.3-2ubuntu1.1", "libsvn-perl-dbgsym": "1.9.3-2ubuntu1.1", "subversion-tools-dbgsym": "1.9.3-2ubuntu1.1", "subversion-dbg": "1.9.3-2ubuntu1.1", "ruby-svn": "1.9.3-2ubuntu1.1", "python-subversion": "1.9.3-2ubuntu1.1", "subversion-tools": "1.9.3-2ubuntu1.1", "libsvn-ruby1.8": "1.9.3-2ubuntu1.1", "libsvn-dev": "1.9.3-2ubuntu1.1", "libapache2-mod-svn": "1.9.3-2ubuntu1.1", "libsvn-doc": "1.9.3-2ubuntu1.1", "subversion-dbgsym": "1.9.3-2ubuntu1.1", "libsvn-dev-dbgsym": "1.9.3-2ubuntu1.1", "libapache2-mod-svn-dbgsym": "1.9.3-2ubuntu1.1", "libsvn1-dbgsym": "1.9.3-2ubuntu1.1", "libapache2-svn": "1.9.3-2ubuntu1.1", "libsvn-java-dbgsym": "1.9.3-2ubuntu1.1", "ruby-svn-dbgsym": "1.9.3-2ubuntu1.1", "python-subversion-dbg": "1.9.3-2ubuntu1.1" } ] }