[ubuntu/artful-proposed] subversion 1.9.5-1ubuntu3 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Fri Aug 11 15:44:15 UTC 2017
subversion (1.9.5-1ubuntu3) artful; urgency=medium
* SECURITY UPDATE: Arbitrary code execution on clients through
malicious svn+ssh URLs
- debian/patches/CVE-2017-9800-1.9.6.patch: ensure that host
arguments to ssh cannot be treated as ssh options.
- CVE-2017-9800
Date: Fri, 11 Aug 2017 00:22:13 -0700
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/subversion/1.9.5-1ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 11 Aug 2017 00:22:13 -0700
Source: subversion
Binary: subversion libsvn1 libsvn-dev libsvn-doc libapache2-mod-svn python-subversion python-subversion-dbg subversion-tools libsvn-java libsvn-perl ruby-svn
Architecture: source
Version: 1.9.5-1ubuntu3
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
Description:
libapache2-mod-svn - Apache Subversion server modules for Apache httpd
libsvn-dev - Development files for Apache Subversion libraries
libsvn-doc - Developer documentation for libsvn
libsvn-java - Java bindings for Apache Subversion
libsvn-perl - Perl bindings for Apache Subversion
libsvn1 - Shared libraries used by Apache Subversion
python-subversion - Python bindings for Apache Subversion
python-subversion-dbg - Python bindings for Subversion (debug extension)
ruby-svn - Ruby bindings for Apache Subversion
subversion - Advanced version control system
subversion-tools - Assorted tools related to Apache Subversion
Changes:
subversion (1.9.5-1ubuntu3) artful; urgency=medium
.
* SECURITY UPDATE: Arbitrary code execution on clients through
malicious svn+ssh URLs
- debian/patches/CVE-2017-9800-1.9.6.patch: ensure that host
arguments to ssh cannot be treated as ssh options.
- CVE-2017-9800
Checksums-Sha1:
158d8d5160a4104baa04251a0897a16a7ab97b69 3100 subversion_1.9.5-1ubuntu3.dsc
bf0c4b280de8905c5b8720bf178950fad743d040 2543283 subversion_1.9.5-1ubuntu3.diff.gz
0026d9cb2ffcadbe64c64a5f79e64e1c23a544ce 18008 subversion_1.9.5-1ubuntu3_source.buildinfo
Checksums-Sha256:
36f81587ff1a1a6e6f461e60b73d8d3c8f679f0ffcc252ba2c0802b07cfbf835 3100 subversion_1.9.5-1ubuntu3.dsc
7d04d6ac694f876356d4ce3e47c5daa8a2a74f324ae4a581dcb62755115e70c7 2543283 subversion_1.9.5-1ubuntu3.diff.gz
caa1f20eee5ceca0fb91534af88957d750c9a47dd81ee989c2067fffbe1924f4 18008 subversion_1.9.5-1ubuntu3_source.buildinfo
Files:
ed14f1bf45ff72f90ce6d3c23d24c26c 3100 vcs optional subversion_1.9.5-1ubuntu3.dsc
152a947cc31c939802bd786e6570c1d8 2543283 vcs optional subversion_1.9.5-1ubuntu3.diff.gz
ef62a47940643aa2f57b52712667b204 18008 vcs optional subversion_1.9.5-1ubuntu3_source.buildinfo
Original-Maintainer: Peter Samuelson <peter at p12n.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJZjc8aAAoJEGVp2FWnRL6TKBgQAIlvcvIob6cXKfbNIooELSHQ
+pXIgvTCe+Yg55DUcsYy/X3WFubgKYLz8ZdLAwBJmODeyvC/f/rCzikpMFsUd44G
VZwIDcs48KcylaQo/cWHbnuK8wGl6x3GSN8FrUmxiUY8HvlYURwpTwLuyvpVkRpa
3LpI00kJfCN29gLqqPnzEoS94D5WORZDroboZV6sUt1MRUH2LY4J2b/eYtIt72PJ
7gu6bviS0woPk/IG/UDDac4UkodfHe/oA8xJSQrBRs+EUkMqizwQGa6UtnY5Rwjs
F3yEjNq/K85JUDF8CaJ6e7/Z8685TuwRmQAV6wE+8SgDfzlS8ehsiQxLgegag/d5
gmAVOvmkSneMo2j2nJ8pF9aH5Pev1eD1lGWEU/S+u4LykUXmslFcInIgPoAq6gy7
U/87brw2RxO5pA9uL2ggjGmd55H84D/cTPPwmVuEUg59n8fqW4WTpF0OqCK59D12
Dzo8Fj0fcbjxCKDmnAfKgclgS/VTiV/gWzQbSp7y2/dDAEFDgMXTsUc+REldkLaR
jFVdcdUOvdnzclor622Bsg2MyhlSbhbCNJtwhUVlgIPO5OtdoJpgrIEf8ZYVZmTd
DpCjctgFM2Dv5QuRYQKgPQMei7CkFBZYYCxGjkFyNRyP8khpoh9yM/xOvl2oI7Yo
EnsO0XIsjYXbqFmsMCgM
=EMZV
-----END PGP SIGNATURE-----
More information about the Artful-changes
mailing list