Fedora: subversion Information leak vulnerability
Summary
Subversion is a concurrent version control system which enables one
or more users to collaborate in developing and maintaining a
hierarchy of files and directories while keeping a history of all
changes. Subversion only stores the differences between versions,
instead of every complete file. Subversion is intended to be a
compelling replacement for CVS.
Update Information:
This update includes the latest release of Subversion, including a
security fix for an issue in the mod_authz_svn Apache authentication
module which could allow a read restriction for a portion of the
repository to be bypassed by a user who has write access to a
different portion of the repository. This issue does not affect the
svnserve daemon.
* Tue Jul 20 2004 Joe Orton <jorton@redhat.com> 1.0.6-1
- update to 1.0.6
- allow build against neon 0.24.*
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Thu Jun 10 2004 Joe Orton <jorton@redhat.com> 1.0.5-1
- update to 1.0.5
This update can be downloaded from:
85ae0a5c09180f9e1b71cb06c737afa8 SRPMS/subversion-1.0.6-1.src.rpm
40bf5bfeb9e980d24486a835432e145c x86_64/subversion-1.0.6-1.x86_64.rpm
0883ea7ee7310103b1fdc2a56789d10d x86_64/subversion-devel-1.0.6-1.x86_64.rpm
d7f05d987a77e1c82f99bfbbee533279 x86_64/mod_dav_svn-1.0.6-1.x86_64.rpm
7440cbfcc197892acda8676fbaa88c77 x86_64/subversion-perl-1.0.6-1.x86_64.rpm
85da1461925008507a5cf1fff5360d64 x86_64/debug/subversion-debuginfo-1.0.6-1.x86_64.rpm
b0081c0886c2348ca7d595b2e83580cc i386/subversion-1.0.6-1.i386.rpm
7b771589cc6ecc08fbb160838aaca3bb i386/subversion-devel-1.0.6-1.i386.rpm
8e674a1709118d100967b2771509862b i386/mod_dav_svn-1.0.6-1.i386.rpm
85764d67cd305b55254cc13a82678e9a i386/subversion-perl-1.0.6-1.i386.rpm
4e6ec1709a88cba540703396b0a65f17 i386/debug/subversion-debuginfo-1.0.6-1.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
Change Log
References
Fedora Update Notification FEDORA-2004-231 2004-07-23 Product : Fedora Core 2 Name : subversion Version : 1.0.6 Release : 1 Summary : Modern Version Control System designed to replace CVS Description : Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file. Subversion is intended to be a compelling replacement for CVS.