English | Deutsch | Español | Português
 Benutzerkennung:
 Passwort:
Registrieren
 About:   Dediziert  | Erweitert  | Standard  | Wiederkehrend  | Risikolos  | Desktop  | Basis  | Einmalig  | Sicherheits Siegel  | FAQ
  Preis/Funktionszusammenfassung  | Bestellen  | Neue Anfälligkeiten  | Vertraulichkeit  | Anfälligkeiten Suche
 Anfälligkeitssuche        Suche in 126339 CVE Beschreibungen
und 74190 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------------
Debian Security Advisory DSA-2118-1                     security@debian.org
http://www.debian.org/security/                                  Nico Golde
October 8th, 2010                        http://www.debian.org/security/faq
- ---------------------------------------------------------------------------

Package        : subversion
Vulnerability  : logic flaw
Problem type   : remote
Debian-specific: no
Debian bug     : none
CVE ID         : CVE-2010-3315

Kamesh Jayachandran and C. Michael Pilat discovered that the mod_dav_svn
module of subversion, a version control system, is not properly enforcing
access rules which are scope-limited to named repositories.  If the
SVNPathAuthz option is set to "short_circuit" set this may enable an
unprivileged attacker to bypass intended access restrictions and disclose
or modify repository content.

As a workaround it is also possible to set SVNPathAuthz to "on" but be
advised that this can result in a performance decrease for large
repositories.


For the stable distribution (lenny), this problem has been fixed in
version 1.5.1dfsg1-5.

For the testing distribution (squeeze), this problem has been fixed in
version 1.6.12dfsg-2.

For the unstable distribution (sid), this problem has been fixed in
version 1.6.12dfsg-2.


We recommend that you upgrade your samba packages.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 5.0 alias lenny
- --------------------------------

Debian (stable)
- ---------------

Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:

  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5.diff.gz
    Size/MD5 checksum:    91687 44dd10c3137760240bb56a100ca4cba6
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5.dsc
    Size/MD5 checksum:     1845 7878e43c2c80e0a6c07b96d797dfde86
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1.orig.tar.gz
    Size/MD5 checksum:  6805740 09a95bbc203ec516db796bd40d612403

Architecture independent packages:

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-doc_1.5.1dfsg1-5_all.deb
    Size/MD5 checksum:  1937436 69a2e5adf8a482d288e3f29357d10194
  http://security.debian.org/pool/updates/main/s/subversion/subversion-tools_1.5.1dfsg1-5_all.deb
    Size/MD5 checksum:   181958 000312b36cc4ff900c4479df748c0172
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby_1.5.1dfsg1-5_all.deb
    Size/MD5 checksum:      764 6fced63bde9227b8f7671fb33cb2d7b1

alpha architecture (DEC Alpha)

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:   533438 7a199374ac5459a5b67e319917037004
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:  1294012 f35e99abaf9514e824baec6be8585fb2
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:   899446 d41aa5920720619965450703f3c8fe49
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:   151234 a153898b355944200fd0187202d49500
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:  1193012 5ea6e2cc6567bfc3d9a96cdb99255a3e
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:  1150232 fa24f3c490f6097f028b258c64d8c4f1
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_alpha.deb
    Size/MD5 checksum:  1565150 d41477926238b46ae2e15a9c87299ac0

amd64 architecture (AMD x86_64 (AMD64))

  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:  1283396 28dcf742f9807ea42333e288b2d8204b
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:   285336 8bc405f1733103bdc1f8adc4ee9ccc60
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:   150352 4fd2dacd30026f3ce29dc4cfe0060487
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:  1211864 a26e60f59bff282e1e9475eacb7bcdcc
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:   864300 698f5b201980f3a46dc699bab55b83ec
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:  1219570 fbdcfa0d608b0a3366aae42c0efea222
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:  1081856 0df403c57d9c7029122c1f3026cf3624
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_amd64.deb
    Size/MD5 checksum:   561334 fbea124e749f15b8f2eb0435b9373c2d

armel architecture (ARM EABI)

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:  1079482 9d876a12091cd7d085c35a75ad923e81
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:   755496 fb35757f0a6fb6a407e7896650e88f0d
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:  1008056 411b3292372bf1063f939dd81362ebad
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:  1265200 b0da7f200016785630e7a5cc2bd232e7
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:   270450 76f0839388b1154945866442a181ce80
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:  1007228 b543718e22e8f03f2f415a352182468e
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:   145458 0dbeb3bd0e2c5ed331d5197ff71d0660
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_armel.deb
    Size/MD5 checksum:   486476 f1eb839928409d7d24ce233b54addde6

hppa architecture (HP PA RISC)

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:  1027356 2861729258f5f25f0bb164c5c55a27b7
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:  1254650 2125678a8e2385e447cedf96b6e17914
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:   905772 3c4339c885e3bcfaaa1fbcb1d4f341f0
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:  1295962 06d94ae1bb59ca4ace1f883ea7d7418d
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:   156242 cd8bd3ea65add9a291924753cff55b20
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:   588142 ec7dfe6df0dfe58c82cf74a32a7ca667
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_hppa.deb
    Size/MD5 checksum:  1291430 b2b91b912030d496c93af1118b83a17e

i386 architecture (Intel ia32)

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:  1074718 0d5f86bc8b50868ed99fd22de2299c14
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:   282014 c5396f219d33502ee0ba6cfd1524d93a
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:  1032258 fea5736294397cbe8cae51171525d268
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:   796404 11e2a23a29bf55d8a5cd7f590bbdf36c
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:  1271350 bdfae53cb17918c53fe2c4bbc42d8f75
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:   145800 8ec9eecc3aa2c0465ae46fee45e05f99
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:   477000 8a147188a35241faeac5ab6888489f1a
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_i386.deb
    Size/MD5 checksum:  1021338 08f8a6a05a8d7471a32bcab7cf162a83

ia64 architecture (Intel ia64)

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:  1413864 84c77d2aabb03897b7410f05f26a57a9
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:  1461180 94667513edaadb3d78a88ed03591008e
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:   175784 9c7df1e0e7724919269cc1da319555b3
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:  1622990 2127f6e7b7151c8f47761a18ba08a2dd
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:   722714 18ed5dc94721ab1595daab3c02e0de23
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:  1150024 f34b0db4e7ebf919666db0f57b8d5591
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:   303334 0a079f6612ee1b4ac7a583b9ef67fee4
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_ia64.deb
    Size/MD5 checksum:  1346014 c7857b73866f98eeef2022c9ac57e6ed

mips architecture (MIPS (Big Endian))

  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:   977188 7b7d51612243195e5156598fc02329b1
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:   143056 a444d612b30599bbd91ceafebed33c0a
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:  1291450 813a471bd646f4ce4c80b18fe3fe7897
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:   780626 17b703bf018936efd90c130fc75c8804
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:   726576 54599e99dbd1d9d2781f84c091451cf0
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:   431282 a7d5de9575b192b910ae2b8f6da596b7
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_mips.deb
    Size/MD5 checksum:  1278244 5e9e1f6136a7edbbfc537e5308bfb2b5

mipsel architecture (MIPS (Little Endian))

  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:   778638 521e2fe9cbf6b61f097060eeae5c0e42
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:   143196 419015f1cd73779a504e1541af596d89
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:   950776 117b465365cd0c4ad63ec7711b12c026
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:   424336 96946525ffedbe47daae09b1700d7dec
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:  1276544 359830f00320d396749aecca8ea366e5
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:   720216 1874c5f527f99b1c014a41e2d11c6453
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_mipsel.deb
    Size/MD5 checksum:  1287646 f20ea0befa3d37159bd942e872714c37

powerpc architecture (PowerPC)

  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:  1309342 3fc631a35f69d912998e341127cacf8d
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:  1129310 f27b7820ede925740d8c9766800a6749
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:   293052 7b5cea363816832c40d9deb8d0cf4ebe
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:  1211154 a06326b622c439df7358155a2416a379
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:   891340 728cc7a7fba53cb468f39b751fa1eebd
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:   539724 b30c1d6b126660abc633dc43073cacfe
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:   156110 9be01af660ef7402f4275cc21c37608c
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_powerpc.deb
    Size/MD5 checksum:  1120060 d6591d088fe879f5094c84e8b839d8b0

s390 architecture (IBM S/390)

  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:  1147140 546e0538fa3b7ecb96e53ccce638a290
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:   525536 7b8ef26f1cdba48838a1bee9a4a347cc
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:  1295362 586d80be57e1568a54db74f9486eeca3
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:   283310 50e24ceb2aa44e5404d09f6ae5ba4618
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:   153672 adea0d2ad7c264b70641a036c32790e7
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:   850932 3d87c9a80e8e67bd98d222bcaa5983a1
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:   867490 02ce0a908b9b354b7bcf740004bee6cb
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_s390.deb
    Size/MD5 checksum:  1167094 4e42c8d4951648a2427f691ce574edaa

sparc architecture (Sun SPARC/UltraSPARC)

  http://security.debian.org/pool/updates/main/s/subversion/libsvn-dev_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:  1083012 1f7d508a4fecdbb5d27cf8881425f115
  http://security.debian.org/pool/updates/main/s/subversion/libapache2-svn_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:   145080 4c22a42819c8cfa53b7cd52b81fa9174
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-ruby1.8_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:   491828 332f1d25029aa4cefc30bf831a6f3b79
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-java_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:   277138 e2b536c3016240307f80980d2d7e2a14
  http://security.debian.org/pool/updates/main/s/subversion/subversion_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:  1274640 becab26e59f0736703e7dc20320c8d10
  http://security.debian.org/pool/updates/main/s/subversion/libsvn1_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:   742790 bd00aad310f314101f6c28467dcc14f8
  http://security.debian.org/pool/updates/main/s/subversion/python-subversion_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:  1017700 5ff6c6e4035e9c1c83c23cd39da46560
  http://security.debian.org/pool/updates/main/s/subversion/libsvn-perl_1.5.1dfsg1-5_sparc.deb
    Size/MD5 checksum:  1072676 8b24094ba1a0af57eec6d4e61ad23313


  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAkyvi3AACgkQHYflSXNkfP8dXgCdEGUyiyP0e2BXOszn8owRK7CZ
eOUAn0pA/WJoO+HbF6xdqdm2RNUI2KBt
=KD/8
-----END PGP SIGNATURE-----

Registrierung eines neuen Benutzers
Email:
Benutzerkennung:
Passwort:
Bitte schicken Sie mir den monatlichen Newsletter, der mich über die neuesten Services, Verbesserungen und Umfragen informiert.
Bitte schicken Sie mir eine Anfälligkeitstest Benachrichtigung, wenn ein neuer Test hinzugefügt wird.
   Datenschutz
Anmeldung für registrierte Benutzer
 
Benutzerkennung:   
Passwort:  

 Benutzerkennung oder Passwort vergessen?
Email/Benutzerkennung:




Startseite | Über uns | Kontakt | Partnerprogramme | Developer APIs | Datenschutz | Mailinglisten | Missbrauch
Sicherheits Überprüfungen | Verwaltete DNS | Netzwerk Überwachung | Webseiten Analysator | Internet Recherche Berichte
Web Sonde

© 1998-2019 E-Soft Inc. Alle Rechte vorbehalten.