AVG-2750 log
Package | subversion |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 1.14.1-6 |
Fixed | 1.14.2-1 |
Current |
1.14.5-1 [extra-testing] 1.14.4-1 [extra] |
Ticket | None |
Created | Mon Jun 6 19:26:13 2022 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2022-24070 | High | Yes | Unknown | While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Servers that do not use... |
CVE-2021-28544 | Medium | Unknown | Information disclosure | Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been... |
Notes |
---|
CVE-2021-28544 affect both subverion httpd and svnserve CVE-2022-24070 affects subversion httpd |