openSUSE Security Update: subversion: update to 1.7.14 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2013:1869-1 Rating: moderate References: #528714 #649861 #662030 #713919 #788015 #794676 #830031 #836245 #850747 Cross-References: CVE-2010-3315 CVE-2010-4539 CVE-2010-4644 CVE-2013-1884 CVE-2013-4131 CVE-2013-4505 CVE-2013-4558 Affected Products: openSUSE 11.4 ______________________________________________________________________________ An update that solves 7 vulnerabilities and has two fixes is now available. Description: This update fixes the following issues with subversion: - bnc#850747: update to 1.7.14 * CVE-2013-4505: mod_dontdothat does not restrict requests from serf clients. * CVE-2013-4558: mod_dav_svn assertion triggered by autoversioning commits. + Client- and server-side bugfixes: * fix assertion on urls of the form 'file://./' + Client-side bugfixes: * upgrade: fix an assertion when used with pre-1.3 wcs * fix externals that point at redirected locations * diff: fix incorrect calculation of changes in some cases * diff: fix errors with added/deleted targets + Server-side bugfixes: * mod_dav_svn: Prevent crashes with some 3rd party modules * fix OOM on concurrent requests at threaded server start * fsfs: limit commit time of files with deep change histories * mod_dav_svn: canonicalize paths properly + Other tool improvements and bugfixes: * mod_dontdothat: Fix the uri parser + Developer-visible changes: * javahl: canonicalize path for streamFileContent method + require python-sqlite when running regression tests Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.4: zypper in -t patch 2013-169 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.4 (i586 x86_64): libsvn_auth_gnome_keyring-1-0-1.7.14-59.1 libsvn_auth_gnome_keyring-1-0-debuginfo-1.7.14-59.1 libsvn_auth_kwallet-1-0-1.7.14-59.1 libsvn_auth_kwallet-1-0-debuginfo-1.7.14-59.1 subversion-1.7.14-59.1 subversion-debuginfo-1.7.14-59.1 subversion-debugsource-1.7.14-59.1 subversion-devel-1.7.14-59.1 subversion-perl-1.7.14-59.1 subversion-perl-debuginfo-1.7.14-59.1 subversion-python-1.7.14-59.1 subversion-python-debuginfo-1.7.14-59.1 subversion-ruby-1.7.14-59.1 subversion-ruby-debuginfo-1.7.14-59.1 subversion-server-1.7.14-59.1 subversion-server-debuginfo-1.7.14-59.1 subversion-tools-1.7.14-59.1 subversion-tools-debuginfo-1.7.14-59.1 - openSUSE 11.4 (noarch): subversion-bash-completion-1.7.14-59.1 References: http://support.novell.com/security/cve/CVE-2010-3315.html http://support.novell.com/security/cve/CVE-2010-4539.html http://support.novell.com/security/cve/CVE-2010-4644.html http://support.novell.com/security/cve/CVE-2013-1884.html http://support.novell.com/security/cve/CVE-2013-4131.html http://support.novell.com/security/cve/CVE-2013-4505.html http://support.novell.com/security/cve/CVE-2013-4558.html https://bugzilla.novell.com/528714 https://bugzilla.novell.com/649861 https://bugzilla.novell.com/662030 https://bugzilla.novell.com/713919 https://bugzilla.novell.com/788015 https://bugzilla.novell.com/794676 https://bugzilla.novell.com/830031 https://bugzilla.novell.com/836245 https://bugzilla.novell.com/850747