Your message dated Mon, 10 Mar 2014 18:17:06 +0000
with message-id <[email protected]>
and subject line Bug#737815: fixed in subversion 1.6.17dfsg-4+deb7u5
has caused the Debian Bug report #737815,
regarding subversion: CVE-2014-0032: mod_dav_svn crash when handling certain
requests with SVNListParentPath on
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
737815: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737815
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: subversion
Version: 1.8.5-2
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for subversion.
CVE-2014-0032[0]:
mod_dav_svn crash when handling certain requests with SVNListParentPath on
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0032
http://security-tracker.debian.org/tracker/CVE-2014-0032
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1062042
Please adjust the affected versions in the BTS as needed.
Salvatore
--- End Message ---
--- Begin Message ---
Source: subversion
Source-Version: 1.6.17dfsg-4+deb7u5
We believe that the bug you reported is fixed in the latest version of
subversion, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James McCoy <[email protected]> (supplier of updated subversion package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 09 Mar 2014 11:59:48 -0400
Source: subversion
Binary: subversion libsvn1 libsvn-dev libsvn-doc libapache2-svn
python-subversion subversion-tools libsvn-java libsvn-perl libsvn-ruby1.8
libsvn-ruby
Architecture: source all amd64
Version: 1.6.17dfsg-4+deb7u5
Distribution: wheezy
Urgency: medium
Maintainer: Peter Samuelson <[email protected]>
Changed-By: James McCoy <[email protected]>
Description:
libapache2-svn - Subversion server modules for Apache
libsvn-dev - Development files for Subversion libraries
libsvn-doc - Developer documentation for libsvn
libsvn-java - Java bindings for Subversion
libsvn-perl - Perl bindings for Subversion
libsvn-ruby - Ruby bindings for Subversion (dummy package)
libsvn-ruby1.8 - Ruby bindings for Subversion
libsvn1 - Shared libraries used by Subversion
python-subversion - Python bindings for Subversion
subversion - Advanced version control system
subversion-tools - Assorted tools related to Subversion
Closes: 711911 737815
Changes:
subversion (1.6.17dfsg-4+deb7u5) wheezy; urgency=medium
.
* Add patch CVE-2014-0032: mod_dav_svn crash when handling certain requests
with SVNListParentPath on (Closes: #737815)
* rules: Fix removal of libsvnjavahl-1.a/.la/.so from libsvn-dev (Closes:
#711911)
Checksums-Sha1:
d38776c6deb234d07006462dbfe24ddbcf5e04fd 3054
subversion_1.6.17dfsg-4+deb7u5.dsc
576b4692f3d1353d96f6508aaffe4f905280987d 114341
subversion_1.6.17dfsg-4+deb7u5.diff.gz
95c3b679febb78ae54565a548adfcb2e25a64cc3 2088206
libsvn-doc_1.6.17dfsg-4+deb7u5_all.deb
e104052973f0c38488922b6beb3a8ae87d49845f 221474
subversion-tools_1.6.17dfsg-4+deb7u5_all.deb
45ca6e9f896b5a04e83f3e365f8cb05008d825d7 764
libsvn-ruby_1.6.17dfsg-4+deb7u5_all.deb
db8c0fddd9d3313d957169b9ea9ff1e408916d83 1319556
subversion_1.6.17dfsg-4+deb7u5_amd64.deb
0d5bd5d08373be1762517f6a444d89fecca60328 933902
libsvn1_1.6.17dfsg-4+deb7u5_amd64.deb
9f4acec7eb4d2a867f2de8a34caf56cc8919842a 1305310
libsvn-dev_1.6.17dfsg-4+deb7u5_amd64.deb
e439da6cbbf3a4ef6a94e570059074a27b9095be 173100
libapache2-svn_1.6.17dfsg-4+deb7u5_amd64.deb
4c292c02685ba7897d8ae00135d333190c45dc28 1341056
python-subversion_1.6.17dfsg-4+deb7u5_amd64.deb
f7d45b66b5672c6c14fd7c4fd9995b51149cb5cd 306084
libsvn-java_1.6.17dfsg-4+deb7u5_amd64.deb
0fec15df009a26bca117598ff6ca2b6f223ae3f8 1081994
libsvn-perl_1.6.17dfsg-4+deb7u5_amd64.deb
263b94c6da8d871607ea889d71858b9e67a8f8a7 627760
libsvn-ruby1.8_1.6.17dfsg-4+deb7u5_amd64.deb
Checksums-Sha256:
5f16a8afb928d82ecb754ce7b21ec87ab3724a6ef45a0ed62c35167c5f566f56 3054
subversion_1.6.17dfsg-4+deb7u5.dsc
e986f76cf57bc16daebd25cd9cd324c483d8606be5825ff985d21e0b4f04954e 114341
subversion_1.6.17dfsg-4+deb7u5.diff.gz
34c42eec9702ffedcce578c92db36e2de71dfa7a7511ece151cb29a73c313140 2088206
libsvn-doc_1.6.17dfsg-4+deb7u5_all.deb
7ca41c116d162b9a685fe8ba3e5a8ca43f2dce5c705c89161d6346c94eaaf556 221474
subversion-tools_1.6.17dfsg-4+deb7u5_all.deb
d7b240bed4dab8f53334d4a26398c7bb91a98827d5819dd8cee0848449886899 764
libsvn-ruby_1.6.17dfsg-4+deb7u5_all.deb
01da484499de8ab933fb39503066af503218def912c968c8dffc703d81e7959a 1319556
subversion_1.6.17dfsg-4+deb7u5_amd64.deb
146aceb337576ae01e81a06a52bf6f92e44087c4c92d0efee0e860df509c61bc 933902
libsvn1_1.6.17dfsg-4+deb7u5_amd64.deb
ef2ce7637188a5a0a2d7ca13139bd1746cb964efae7623fa12dce6d51c151e5b 1305310
libsvn-dev_1.6.17dfsg-4+deb7u5_amd64.deb
6c70ba52350f1f93fcd8f11e4b506561acb9bf3a7404aa1051c42dbf1d63424e 173100
libapache2-svn_1.6.17dfsg-4+deb7u5_amd64.deb
e601a8883da850584c2ec75abe2a44b42f03ce2be6fb412d6be0591cc4be55dc 1341056
python-subversion_1.6.17dfsg-4+deb7u5_amd64.deb
e6eeb80814958b8153401d82b973f899e56ca3f741109d2bec457ca80d962849 306084
libsvn-java_1.6.17dfsg-4+deb7u5_amd64.deb
965f86e8b9c1fb0b274e287e552622d53c1a34d13439c28c9717a24cd162527b 1081994
libsvn-perl_1.6.17dfsg-4+deb7u5_amd64.deb
5a95618a7e093e94865a3761b447532e21a65b90fa363ec2f80eddc2965ae979 627760
libsvn-ruby1.8_1.6.17dfsg-4+deb7u5_amd64.deb
Files:
d1966e8ebe8eb758df034218bfb30120 3054 vcs optional
subversion_1.6.17dfsg-4+deb7u5.dsc
098b8ff90e45b6f10eb2f8d82614dd9e 114341 vcs optional
subversion_1.6.17dfsg-4+deb7u5.diff.gz
0ec20154e301797f19f97f4a2eb20e84 2088206 doc extra
libsvn-doc_1.6.17dfsg-4+deb7u5_all.deb
2f22844e5e825ec7a73926aba0a61103 221474 vcs extra
subversion-tools_1.6.17dfsg-4+deb7u5_all.deb
56ce2d7e3868f827e1f10cff712bcaae 764 ruby optional
libsvn-ruby_1.6.17dfsg-4+deb7u5_all.deb
134cb397c9a8d088a15600c5c980b0fa 1319556 vcs optional
subversion_1.6.17dfsg-4+deb7u5_amd64.deb
6e4675665ce64e549a7bf78ef370198e 933902 vcs optional
libsvn1_1.6.17dfsg-4+deb7u5_amd64.deb
a8939a50ede8be03e2f1e9c1ce2cec89 1305310 libdevel extra
libsvn-dev_1.6.17dfsg-4+deb7u5_amd64.deb
c18b54f87947533c9c2bc54dc3c2b4c4 173100 httpd optional
libapache2-svn_1.6.17dfsg-4+deb7u5_amd64.deb
5d8c810883ae5c45a2457f58448e2480 1341056 python optional
python-subversion_1.6.17dfsg-4+deb7u5_amd64.deb
1d6ecc1722a485bf9218c8436d090cb6 306084 java optional
libsvn-java_1.6.17dfsg-4+deb7u5_amd64.deb
6f46f80eca48f7a7f37c38a727bad605 1081994 perl optional
libsvn-perl_1.6.17dfsg-4+deb7u5_amd64.deb
74390440893a50a34789ca733093ddc8 627760 ruby optional
libsvn-ruby1.8_1.6.17dfsg-4+deb7u5_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJTHJ/QXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5MUJGQkY0RDY5NTZCRDVERjdCNzJEMjNE
RkU2OTFBRTMzMUJBM0RCAAoJEN/mka4zG6PbKQQP/jREMHuoU8r9Ul/bXoZXr8Hs
I21HkEB3qJVTUEBMpdZKYDI02rcBLGfLFchHS6OhLYqPIG1uswq+7BB2lXg96DRt
CK2bww2fbHqi2eFHeaFIAGpe9cjMncloUnE1TTHFD/lQzdq0n442UJ+hPy7LeJy3
Nqtmd3Y5SXu0P3yUBO9JxEwhkWxswJ/e3Qn7Io7mCzgtHcfuure0GY1UwOI9lkvt
1qDyurl7OZhyr2wtcSy97HEMQhY7HM1YSjy9bB7zZnl+cpLoUCqRr796fu8X7GiJ
iUjTf0AwpNFkRfEFyMENIxca85/WWw6S38OI+EOJy6eAw4VnEkTfAmf2V6QOOMqL
ZqTVMOYhlFHNTE8wiO1XGWQVRtgUvx2OXur/xbeavw9HjHEpTxASWOGef4e6ISal
UAyYt1CHEiaJv3WpfB3KSM2NqmA63JQwyyNvQ2hMeWlIYpOuEhhX9q0ksCg/LMv7
+hRc2xJfgEouURS6OwScu3o7TGAlx8EQylJfSqkpPE4rRJELCG1ARgBlLAlCq6im
7VLvP7IuUWlZtyuBOzZNa3KwttTOJdDdgUbHctqWdfcOxb2HPOyQB1tsdXMAraPg
cWtNF0C2BbxnBl2HfUNspBbdt660B3qo2A4cc2C0K1IPk0R7epRGtWyF5Pk2/3CR
sIX4Td6PmTZ9cfMfA7LT
=7gKK
-----END PGP SIGNATURE-----
--- End Message ---
