- Subversion 1.6.21 security update [2]
This release addesses the following issues security issues:
[1][2] CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
[1][2] CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
[1][2] CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs
[1][2] CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs
[1] CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT request
More information on these vulnerabilities, including the relevent advisories
and potential attack vectors and workarounds, can be found on the Subversion
security website:
http://subversion.apache.org/security/
PR: 177646
Submitted by: ohauer
Approved by: portmgr (tabthorpe, erwin), lev
Security: b6beb137-9dc0-11e2-882f-20cf30e32f6d
e343942aad