This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
Apache Subversion was updated to 1.8.13 to fix three vulnerabilities
and a number of non-security bugs.
This release fixes three vulnerabilities :
- Subversion HTTP servers with FSFS repositories were
vulnerable to a remotely triggerable excessive memory
use with certain REPORT requests. (bsc#923793
- Subversion mod_dav_svn and svnserve were vulnerable to a
remotely triggerable assertion DoS vulnerability for
certain requests with dynamically evaluated revision
numbers. (bsc#923794 CVE-2015-0248)
- Subversion HTTP servers allow spoofing svn:author
property values for new revisions (bsc#923795
Non-security fixes :
- fixes number of client and server side non-security bugs
- improved working copy performance
- reduction of resource use
- stability improvements
- usability improvements
- fix sample configuration comments in subversion.conf
- fix bashisms in mailer-init.sh script
See also :
Update the affected subversion packages.
Risk factor :
High / CVSS Base Score : 7.8