Mandriva Linux Security Advisory : subversion (MDVSA-2015:005)
Medium Nessus Plugin ID 80386
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated subversion packages fix security vulnerabilities :
A NULL pointer dereference flaw was found in the way mod_dav_svn handled REPORT requests. A remote, unauthenticated attacker could use a crafted REPORT request to crash mod_dav_svn (CVE-2014-3580).
A NULL pointer dereference flaw was found in the way mod_dav_svn handled URIs for virtual transaction names. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing mod_dav_svn to crash (CVE-2014-8108).
SolutionUpdate the affected packages.