Information on source package subversion

Available versions

ReleaseVersion
jessie1.8.10-6+deb8u6
jessie (security)1.8.10-6+deb8u5
stretch1.9.5-1+deb9u3
stretch (security)1.9.5-1+deb9u4
buster1.10.4-1
buster (security)1.10.4-1+deb10u1
bullseye1.10.6-1
sid1.10.6-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-0203vulnerablefixedfixedfixedfixedRemote unauthenticated denial-of-service in Subversion svnserve
CVE-2018-11782vulnerablefixedfixedfixedfixedRemotely triggerable DoS vulnerability in svnserve 'get-deleted-rev'

Resolved issues

BugDescription
CVE-2018-11803Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10. ...
CVE-2017-9800A maliciously constructed svn+ssh:// URL would cause Subversion client ...
CVE-2016-8734Apache Subversion's mod_dontdothat module and HTTP clients 1.4.0 throu ...
CVE-2016-2168The req_check_access function in the mod_authz_svn module in the httpd ...
CVE-2016-2167The canonicalize_username function in svnserve/cyrus_auth.c in Apache ...
CVE-2015-5343Integer overflow in util.c in mod_dav_svn in Apache Subversion 1.7.x, ...
CVE-2015-5259Integer overflow in the read_string function in libsvn_ra_svn/marshal. ...
CVE-2015-3187The svn_repos_trace_node_locations function in Apache Subversion befor ...
CVE-2015-3184mod_authz_svn in Apache Subversion 1.7.x before 1.7.21 and 1.8.x befor ...
CVE-2015-0251The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 th ...
CVE-2015-0248The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 throu ...
CVE-2015-0202The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remot ...
CVE-2014-8108The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.7.x ...
CVE-2014-3580The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x be ...
CVE-2014-3528Apache Subversion 1.0.0 through 1.7.x before 1.7.17 and 1.8.x before 1 ...
CVE-2014-3522The Serf RA layer in Apache Subversion 1.4.0 through 1.7.x before 1.7. ...
CVE-2014-0032The get_resource function in repos.c in the mod_dav_svn module in Apac ...
CVE-2013-7393The daemonize.py module in Subversion 1.8.0 before 1.8.2 allows local ...
CVE-2013-4558The get_parent_resource function in repos.c in mod_dav_svn Apache HTTP ...
CVE-2013-4505The is_this_legal function in mod_dontdothat for Apache Subversion 1.4 ...
CVE-2013-4277Svnserve in Apache Subversion 1.4.0 through 1.7.12 and 1.8.0 through 1 ...
CVE-2013-4262svnwcsub.py in Subversion 1.8.0 before 1.8.3, when using the --pidfile ...
CVE-2013-4246libsvn_fs_fs/fs_fs.c in Apache Subversion 1.8.x before 1.8.2 might all ...
CVE-2013-4131The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...
CVE-2013-2112The svnserve server in Subversion before 1.6.23 and 1.7.x before 1.7.1 ...
CVE-2013-2088contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 ...
CVE-2013-1968Subversion before 1.6.23 and 1.7.x before 1.7.10 allows remote authent ...
CVE-2013-1884The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through ...
CVE-2013-1849The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x through ...
CVE-2013-1847The mod_dav_svn Apache HTTPD server module in Subversion 1.6.0 through ...
CVE-2013-1846The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before ...
CVE-2013-1845The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before ...
CVE-2011-1921The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...
CVE-2011-1783The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...
CVE-2011-1752The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...
CVE-2011-0715The mod_dav_svn module for the Apache HTTP Server, as distributed in A ...
CVE-2010-4644Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 ...
CVE-2010-4539The walk function in repos.c in the mod_dav_svn module for the Apache ...
CVE-2010-3315authz.c in the mod_dav_svn module for the Apache HTTP Server, as distr ...
CVE-2009-2411Multiple integer overflows in the libsvn_delta library in Subversion b ...
CVE-2007-2448Subversion 1.4.3 and earlier does not properly implement the "partial ...
CVE-2006-1564Untrusted search path vulnerability in libapache2-svn 1.3.0-4 for Subv ...
CVE-2004-1438The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier al ...
CVE-2004-0749The mod_authz_svn module in Subversion 1.0.7 and earlier does not prop ...
CVE-2004-0413libsvn_ra_svn in Subversion 1.0.4 trusts the length field of (1) svn:/ ...
CVE-2004-0397Stack-based buffer overflow during the apr_time_t data conversion in S ...

Security announcements

DSA / DLADescription
DSA-4490-1subversion - security update
DSA-4490-1subversion - security update
DLA-1052-1subversion - security update
DSA-3932-1subversion - security update
DSA-3932-1subversion - security update
DSA-3561-1subversion - security update
DLA-448-1subversion - security update
DSA-3424-1subversion - security update
DLA-293-1subversion - security update
DSA-3331-1subversion - security update
DSA-3331-1subversion - security update
DLA-207-1subversion - security update
DSA-3231-1subversion - security update
DLA-119-1subversion - security update
DSA-3107-2subversion - regression update
DSA-3107-1subversion - security update
DSA-2703-1subversion - several
DSA-2703-1subversion - several
DSA-2251-1subversion - several
DSA-2251-1subversion - several
DSA-2181-1subversion - denial of service
DSA-2181-1subversion - denial of service
DSA-2118-1subversion - authentication bypass
DSA-1855-1subversion - heap overflow
DSA-1855-1subversion - heap overflow

Search for package or bug name: Reporting problems