Bug 21097 - CVE-2009-2411: subversion heap overflow
Summary: CVE-2009-2411: subversion heap overflow
Status: CLOSED FIXED
Alias: None
Product: Sisyphus
Classification: Development
Component: subversion (show other bugs)
Version: unstable
Hardware: all Linux
: P3 blocker
Assignee: Andrey Cherepanov
QA Contact: qa-sisyphus
URL: http://subversion.tigris.org/security...
Keywords: security
Depends on:
Blocks:
 
Reported: 2009-08-17 17:46 MSD by Dmitry V. Levin
Modified: 2009-08-20 14:24 MSD (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Dmitry V. Levin 2009-08-17 17:46:08 MSD
Subversion performs insufficient input validation of svndiff streams.
Malicious servers could cause heap overflows in clients, and malicious
clients with commit access could cause heap overflows in servers,
possibly leading to arbitrary code execution in both cases.

Upstream released new version to fix the problem.
Comment 1 Repository Robot 2009-08-19 04:25:48 MSD
subversion-1.6.4-alt1 -> sisyphus:

* Tue Aug 18 2009 Dmitry V. Levin <ldv@altlinux> 1.6.4-alt1

- Updated to 1.6.4 (CVE-2009-2411; closes: #21097).
Comment 2 Afanasov Dmitry 2009-08-20 14:24:23 MSD
спасибо, меня резко в командировку выгнали, только до почты добрался.