diff options
| author | lev <lev@FreeBSD.org> | 2011-06-02 22:19:28 +0800 |
|---|---|---|
| committer | lev <lev@FreeBSD.org> | 2011-06-02 22:19:28 +0800 |
| commit | 573d2e7cdad409bf8a1c5d8087441459f2405234 (patch) | |
| tree | 90ff4b0ede1b48ce7bf72294960f3ef3a7ff5de9 /security | |
| parent | ae339e3e71e9055ca6ce06fc9aace4c5827b9d7c (diff) | |
| download | freebsd-ports-gnome-573d2e7cdad409bf8a1c5d8087441459f2405234.tar.gz freebsd-ports-gnome-573d2e7cdad409bf8a1c5d8087441459f2405234.tar.zst freebsd-ports-gnome-573d2e7cdad409bf8a1c5d8087441459f2405234.zip | |
Document CVE-2011-1752, CVE-2011-1783 and CVE-2011-1921 in devel/subversion
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 3a969efcb7b6..6e0b92c997ef 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,56 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="e27a1af3-8d21-11e0-a45d-001e8c75030d"> + <topic>subversion -- multiple vulnerabilities</topic> + <affects> + <package> + <name>subversion</name> + <range><lt>1.6.17</lt></range> + </package> + <package> + <name>subversion-freebsd</name> + <range><lt>1.6.17</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Subversion tram reports:</p> + <blockquote cite="http://subversion.apache.org/security/CVE-2011-1752-advisory.txt"> + <p>Subversion's mod_dav_svn Apache HTTPD server module will + dereference a NULL pointer if asked to deliver baselined WebDAV + resources.</p> + <p>This can lead to a DoS. An exploit has been tested, and tools or + users have been observed triggering this problem in the wild.</p> + </blockquote> + <blockquote cite="http://subversion.apache.org/security/CVE-2011-1783-advisory.txt"> + <p>Subversion's mod_dav_svn Apache HTTPD server module may in certain + scenarios enter a logic loop which does not exit and which allocates + memory in each iteration, ultimately exhausting all the available + memory on the server.</p> + <p>This can lead to a DoS. There are no known instances of this + problem being observed in the wild, but an exploit has been tested.</p> + </blockquote> + <blockquote cite="http://subversion.apache.org/security/CVE-2011-1921-advisory.txt"> + <p>Subversion's mod_dav_svn Apache HTTPD server module may leak to + remote users the file contents of files configured to be unreadable + by those users.</p> + <p>There are no known instances of this problem being observed in the + wild, but an exploit has been tested.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-1752</cvename> + <cvename>CVE-2011-1783</cvename> + <cvename>CVE-2011-1921</cvename> + </references> + <dates> + <discovery>2011-05-28</discovery> + <entry>2011-06-02</entry> + </dates> + </vuln> + <vuln vid="1acf9ec5-877d-11e0-b937-001372fd0af2"> <topic>drupal6 -- multiple vulnerabilities</topic> <affects> |