SUSE Security Announcement 2009:044: subversion


14 Aug 2009

Subversion is a revision control system, which is mainly used for code development.

The ibsvn_delta library is vulnerable to integer overflows while processing svndiff streams, this leads to overflows on the heap because of insufficient memory allocation.

This bug can be exploited by clients with commit access to cause a remote denial-of-service or arbitrary code execution. It can also be exploited in the other direction from a server to a client that tries to do a checkout or update…

Read More