openSUSE Security Update : subversion (openSUSE-SU-2014:0334-1)
Medium Nessus Plugin ID 75279
SynopsisThe remote openSUSE host is missing a security update.
DescriptionApache Subversion was updated to 1.7.16 [bnc#862459] This release addresses one security issue: CVE-2014-0032: mod_dav_svn DoS vulnerability with SVNListParentPath. Affects servers with mod_dav_svn when configured on the root path of the server and SVNListParentPath is on.
- Client-side bugfixes :
- copy: fix some scenarios that broke the working copy
- diff: fix regressions due to fixes in 1.7.14
- Server-side bugfixes :
- mod_dav_svn: prevent crashes with SVNListParentPath on (CVE-2014-0032)
- reduce memory usage during checkout and export Developer-visible changes :
- fix failure in checkout_tests.py
- support compiling against Cyrus sasl 2.1.25
- support compiling against neon 0.30.x
- modified patches :
- subversion-no-build-date.patch for context changes
- 1.7.15 was not released
- only require and build with junit when building with java and running regression tests
SolutionUpdate the affected subversion packages.