AVG-2750 log

Package subversion
Status Fixed
Severity High
Type multiple issues
Affected 1.14.1-6
Fixed 1.14.2-1
Current 1.14.5-1 [extra-testing]
1.14.4-1 [extra]
Ticket None
Created Mon Jun 6 19:26:13 2022
Issue Severity Remote Type Description
CVE-2022-24070 High Yes Unknown
While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Servers that do not use...
CVE-2021-28544 Medium Unknown Information disclosure
Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules.  When a node has been...
Notes
CVE-2021-28544 affect both subverion httpd and svnserve
CVE-2022-24070 affects subversion httpd