[Bug 659362] Re: Subversion 1.6.13 security update
Marc Deslauriers
marc.deslauriers at canonical.com
Fri Oct 7 02:32:58 UTC 2011
This bug got fixed by the following USN:
http://www.ubuntu.com/usn/usn-1053-1/
** Changed in: subversion (Ubuntu Karmic)
Status: Confirmed => Fix Released
** Changed in: subversion (Ubuntu Lucid)
Status: Confirmed => Fix Released
** Changed in: subversion (Ubuntu Maverick)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to subversion in Ubuntu.
https://bugs.launchpad.net/bugs/659362
Title:
Subversion 1.6.13 security update
Status in “subversion” package in Ubuntu:
Fix Released
Status in “subversion” source package in Lucid:
Fix Released
Status in “subversion” source package in Maverick:
Fix Released
Status in “subversion” source package in Karmic:
Fix Released
Bug description:
Binary package hint: subversion
On October 1, Subversion 1.6.13 was released. It contains a security
fix.
"Subversion 1.6.13, the latest stable version of Subversion, has been
released. For more information, see the release announcement or the
change log. Of note, this release addresses CVE-2010-3315, a security
issue when using SVNPathAuthz short_circuit."
So either 1.6.13 must be thrown into the updates of 10.10 (which
currently features 1.6.12) or 1.6.12 needs to be patched fixing the
issue.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/subversion/+bug/659362/+subscriptions
More information about the foundations-bugs
mailing list