vulnerability

CentOS Linux: CVE-2020-17525: Important: subversion:1.10 security update (CESA-2021:0507)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
2021-02-15
Added
2021-02-16
Modified
2023-05-25

Description

Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. This issue was fixed in mod_dav_svn+mod_authz_svn servers 1.14.1 and mod_dav_svn+mod_authz_svn servers 1.10.7

Solution(s)

centos-upgrade-libserfcentos-upgrade-libserf-debuginfocentos-upgrade-libserf-debugsourcecentos-upgrade-mod_dav_svncentos-upgrade-mod_dav_svn-debuginfocentos-upgrade-subversioncentos-upgrade-subversion-debuginfocentos-upgrade-subversion-debugsourcecentos-upgrade-subversion-develcentos-upgrade-subversion-devel-debuginfocentos-upgrade-subversion-gnomecentos-upgrade-subversion-gnome-debuginfocentos-upgrade-subversion-javahlcentos-upgrade-subversion-libscentos-upgrade-subversion-libs-debuginfocentos-upgrade-subversion-perlcentos-upgrade-subversion-perl-debuginfocentos-upgrade-subversion-toolscentos-upgrade-subversion-tools-debuginfocentos-upgrade-utf8proccentos-upgrade-utf8proc-debuginfocentos-upgrade-utf8proc-debugsource

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today