DSA-1855-1

Name	DSA-1855-1
Source	Debian
Description	subversion - heap overflow
References	CVE-2009-2411
Debian/oldstable	package subversion is fixed in oldstable-security.
Debian/stable	not vulnerable
Debian/testing	not known to be vulnerable
Debian/unstable	not known to be vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
subversion (PTS)	etch	1.4.2dfsg1-2	vulnerable
	etch (security)	1.4.2dfsg1-3	fixed
	lenny, lenny (security)	1.5.1dfsg1-4	fixed

The next table lists affected binary packages.

Binary Package	Release	Version	Status	Architecures
libapache2-svn, libsvn-dev, libsvn-perl, libsvn-ruby1.8, libsvn1, python-subversion, subversion	etch	1.4.2dfsg1-2	vulnerable	alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
	etch (security)	1.4.2dfsg1-3	fixed	alpha, amd64, arm, i386, ia64, mips, mipsel, powerpc, s390
	lenny, lenny (security)	1.5.1dfsg1-4	fixed	alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390, sparc
libsvn-doc, libsvn-javahl, libsvn-ruby, subversion-tools	etch	1.4.2dfsg1-2	vulnerable	all
	etch (security)	1.4.2dfsg1-3	fixed	all
libsvn-doc, libsvn-ruby, subversion-tools	lenny, lenny (security)	1.5.1dfsg1-4	fixed	all
libsvn-java	etch	1.4.2dfsg1-2	vulnerable	alpha, amd64, hppa, i386, ia64, powerpc, s390, sparc
	etch (security)	1.4.2dfsg1-3	fixed	alpha, amd64, i386, ia64, powerpc, s390
	lenny, lenny (security)	1.5.1dfsg1-4	fixed	amd64, armel, i386, ia64, powerpc, s390, sparc

The information above is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
subversion	source	etch	1.4.2dfsg1-3	unknown
subversion	source	lenny	1.5.1dfsg1-4	unknown

Home - Testing Security Team - Debian Security - Imprint