Oval Definition:oval:org.mitre.oval:def:13837
Revision Date:2014-06-23Version:20
Title:DSA-1855-1 subversion -- heap overflow
Description:Matt Lewis discovered that Subversion performs insufficient input validation of svndiff streams. Malicious servers could cause heap overflows in clients, and malicious clients with commit access could cause heap overflows in servers, possibly leading to arbitrary code execution in both cases. For the old stable distribution, this problem has been fixed in version 1.4.2dfsg1-3. For the stable distribution , this problem has been fixed in version 1.5.1dfsg1-4. For the unstable distribution, this problem has been fixed in version 1.6.4dfsg-1. We recommend that you upgrade your Subversion packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-2411
DSA-1855-1
Platform(s):Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s):subversion
Definition Synopsis
  • Release section
  • Debian GNU/Linux 5.0 is installed
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • subversion-tools DPKG is earlier than 1.5.1dfsg1-4
  • OR libsvn-doc DPKG is earlier than 1.5.1dfsg1-4
  • OR libsvn-ruby DPKG is earlier than 1.5.1dfsg1-4
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • libsvn-dev DPKG is earlier than 1.5.1dfsg1-4
  • OR libapache2-svn DPKG is earlier than 1.5.1dfsg1-4
  • OR libsvn-ruby1.8 DPKG is earlier than 1.5.1dfsg1-4
  • OR python-subversion DPKG is earlier than 1.5.1dfsg1-4
  • OR libsvn1 DPKG is earlier than 1.5.1dfsg1-4
  • OR subversion DPKG is earlier than 1.5.1dfsg1-4
  • OR libsvn-perl DPKG is earlier than 1.5.1dfsg1-4
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is i386
  • OR Installed architecture is powerpc
  • OR Installed architecture is sparc
  • OR Installed architecture is armel
  • OR Installed architecture is ia64
  • AND libsvn-java DPKG is earlier than 1.5.1dfsg1-4
  • OR Release section
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • subversion-tools DPKG is earlier than 1.4.2dfsg1-3
  • OR libsvn-doc DPKG is earlier than 1.4.2dfsg1-3
  • OR libsvn-javahl DPKG is earlier than 1.4.2dfsg1-3
  • OR libsvn-ruby DPKG is earlier than 1.4.2dfsg1-3
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is amd64
  • OR Installed architecture is powerpc
  • OR Installed architecture is i386
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is mipsel
  • OR Installed architecture is arm
  • AND Packages section
  • libsvn-dev DPKG is earlier than 1.4.2dfsg1-3
  • OR libapache2-svn DPKG is earlier than 1.4.2dfsg1-3
  • OR libsvn-ruby1.8 DPKG is earlier than 1.4.2dfsg1-3
  • OR python-subversion DPKG is earlier than 1.4.2dfsg1-3
  • OR libsvn1 DPKG is earlier than 1.4.2dfsg1-3
  • OR subversion DPKG is earlier than 1.4.2dfsg1-3
  • OR libsvn-perl DPKG is earlier than 1.4.2dfsg1-3
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is i386
  • OR Installed architecture is amd64
  • OR Installed architecture is powerpc
  • AND libsvn-java DPKG is earlier than 1.4.2dfsg1-3
    • BACK