Mandriva Linux Security Advisory : subversion (MDVSA-2013:173)
High Nessus Plugin ID 66890
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionMultiple vulnerabilities has been found and corrected in subversion :
If a filename which contains a newline character (ASCII 0x0a) is committed to a repository using the FSFS format, the resulting revision is corrupt. This can lead to disruption for users of the repository (CVE-2013-1968).
Subversion's svnserve server process may exit when an incoming TCP connection is closed early in the connection process. This can lead to disruption for users of the server (CVE-2013-2112).
This advisory provides the latest versions of subversion (1.6.23/1.7.10) which is not vulnerable to these issues.
SolutionUpdate the affected packages.