This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for subversion fixes the following issues :
- Apache Subversion 1.8.15 This release fixes one security
issue: Remotely triggerable heap overflow and
out-of-bounds read in mod_dav_svn caused by integer
overflow when parsing skel-encoded request bodies.
- fix a segfault with old style text delta
- fsfs: reduce memory allocation with Apache
- mod_dav_svn: emit first log items as soon as possible
- mod_dav_svn: use LimitXMLRequestBody for skel-encoded
- swig: fix memory corruption in svn_client_copy_source_t
- better configure-time detection of httpd authz fix (drop
replace subversion-1.8.9-allow-httpd-2.4.6.patch with
subversion-1.8.15-allow-httpd-2.4.6.patch as a result
See also :
Update the affected subversion packages.
Risk factor :
High / CVSS Base Score : 8.0