AVG-2750 log
| Package | subversion |
| Status | Fixed |
| Severity | High |
| Type | multiple issues |
| Affected | 1.14.1-6 |
| Fixed | 1.14.2-1 |
| Current | 1.14.5-4 [extra] |
| Ticket | None |
| Created | Mon Jun 6 19:26:13 2022 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2022-24070 | High | Yes | Unknown | While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Servers that do not use... |
| CVE-2021-28544 | Medium | Unknown | Information disclosure | Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been... |
| Notes |
|---|
CVE-2021-28544 affect both subverion httpd and svnserve CVE-2022-24070 affects subversion httpd |