subversion

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A Modern Concurrent Version Control System
Version 1.12.2-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1016 1.12.0-3 1.12.2-1 High Fixed
AVG-858 1.11.0-2 1.11.1-1 High Fixed
AVG-379 1.9.6-1 1.9.7-1 Critical Fixed
Issue Group Severity Remote Type Description
CVE-2019-0203 AVG-1016 High Yes Denial of service
A null-pointer-dereference has been found in svnserve that results in a remote unauthenticated Denial-of-Service in some server configurations. The...
CVE-2018-11803 AVG-858 High Yes Denial of service
A denial of service has been found in subversion versions prior to 1.11.1, allowing a malicious SVN client to crash a remote server using mod_dav_svn by...
CVE-2018-11782 AVG-1016 Medium Yes Denial of service
Subversion svn:// connections, including svn+ssh:// and svn+<custom>://, use a custom network protocol [1] with Lisp-like syntax. The code implementing the...
CVE-2017-9800 AVG-379 Critical Yes Arbitrary command execution
A security issue has been found in subversion < 1.9.7. A Subversion client sometimes connects to URLs provided by the repository. This happens in two...

Advisories

Date Advisory Group Severity Description
16 Aug 2019 ASA-201908-10 AVG-1016 High denial of service
28 Jan 2019 ASA-201901-17 AVG-858 High denial of service
15 Aug 2017 ASA-201708-14 AVG-379 Critical arbitrary command execution