August 10, 2009

Fedora 10 Security Update: subversion-1.6.4-2.fc10

Article Source Fedora 10 Security Updates
August 10, 2009, 2:15 pm

Resolved Bugs
469524 - subversion 1.5.x - rpath problems in 64bit systems
500933 - Update to Subversion 1.6.2
514744 - CVE-2009-2411 subversion: integer overflow

This update includes the latest stable release of Subversion, including several enhancements, many bug fixes, and a fix for a security issue: Matt Lewis reported multiple heap overflow flaws in Subversion (servers and clients) when parsing binary deltas. Malicious users with commit access to a vulnerable server could uses these flaws to cause a heap overflow on the server running Subversion. A malicious Subversion server could use these flaws to cause a heap overflow on vulnerable clients when they attempt to checkout or update, resulting in a crash or, possibly, arbitrary code execution on the vulnerable client. (CVE-2009-2411)...

Read More

Click Here!