-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : subversion
Version        : 1.6.17dfsg-4+deb7u12
CVE ID         : CVE-2017-9800

It was discovered that there was a arbitrary code execution
vulnerability in the subversion revision control system via
malicious "svn+ssh" URLs in "svn:externals" and
"svn:sync-from-url".

For Debian 7 "Wheezy", this issue has been fixed in subversion
version 1.6.17dfsg-4+deb7u12.

We recommend that you upgrade your subversion packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      la...@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlmNqVsACgkQHpU+J9Qx
HljyrhAAu3+Nhoym6Phh77DWaMyuxclnFIKbZ3bGPubwoFIZeAC4l4ksA7qURR7K
SB6Rgi+T16/l61x7qxQdqbGj2i4JY/20/f1cvXmyUjkKmPl50gNv+Mofk8st+cnB
QiXRO2PRio6Ng/kHBg9b0iqiBTY5sT80Opd57igaekM2VobGuodyFIj1G/9RcKqP
SMhwyeZdAW2t1N9FsFSlT/7D7CQL81zRSx5ddRs26LfRxcdmHqM/G1EelVDIGYzD
byG8z1aOTBkeD2lM/oLgBlYY+Xxv7szyotmy1HMZXDN/UibIfJzcfrdLouXEeuWP
iYMUf/duRZO6FoLHD4a8YAoP90fOEAaNJnjIM63fNAxC6xZwC8sSt8HEB98DAGAP
ZFgi7yUHJMltMdoZZqXdo/hUqR3YnbnFmQc4tKNeZ/Yfkc0I6tx0lIDY9Z0PJYzJ
bSB05oiMAbto/J9hVjrCxYTKhWtzemjK6IdhX8Se9KcY6ovmkfV+SKvQC+fPUs9/
QvY9MF5sakeSezhREoJ4NjTM0qa+hpis+4fF5d1VxJ44T1by82KJJYzvDt+T80cI
DweryTpqeP6ULFSJYqG1Rl955HXmREqoTXtE/aNzTVKKR050bTq5qp4IXZ1KoI9i
HiTFzDirtsOhYEsR3SjPQT4z5Qsw0taTR2RdBLds8hIvKuClIiU=
=dST2
-----END PGP SIGNATURE-----

Reply via email to