This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for subversion to 1.9.7 fixes security issues and bugs.
The following vulnerabilities were fixed :
- CVE-2017-9800: A remote attacker could have caused svn
clients to execute arbitrary code via specially crafted
URLs in svn:externals and svn:sync-from-url properties.
- CVE-2005-4900: SHA-1 collisions may cause repository
The following bugfix changes are included :
- Add instructions for running svnserve as a user
different from 'svn', and remove sysconfig variables
that are no longer effective with the systemd unit.
See also :
Update the affected subversion packages.
Risk factor :
High / CVSS Base Score : 7.5