Scientific Linux Security Update : subversion on SL7.x x86_64
High Nessus Plugin ID 102673
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionSecurity Fix(es) :
- A shell command injection flaw related to the handling of 'svn+ssh' URLs has been discovered in Subversion. An attacker could use this flaw to execute shell commands with the privileges of the user running the Subversion client, for example when performing a 'checkout' or 'update' action on a malicious repository, or a legitimate repository containing a malicious commit.
SolutionUpdate the affected packages.