Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 350166 (CVE-2010-4539) - <dev-vcs/subversion-1.6.15: remote DoS (CVE-2010-{4539,4644})
Summary: <dev-vcs/subversion-1.6.15: remote DoS (CVE-2010-{4539,4644})
Status: RESOLVED FIXED
Alias: CVE-2010-4539
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/42780/
Whiteboard: A3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2010-12-30 17:08 UTC by Arfrever Frehtes Taifersar Arahesis (RETIRED)
Modified: 2013-09-23 23:15 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arfrever Frehtes Taifersar Arahesis (RETIRED) gentoo-dev 2010-12-30 17:08:06 UTC
Stabilize dev-vcs/subversion-1.6.15.

Some tests are known to fail in some configurations (time zone, locale, USE
flags), so failure of tests causes only warning.

Tests of bindings usually use Subversion libraries from /usr/lib, so these
tests are disabled by default.

Log of currently running tests:
  "${S}/tests.log"
Logs of tests with particular combinations of RA type and FS type:
  "${T}/tests-ra_${ra_type}-${fs_type}.log"
Apache logs:
  "${T}/apache/access_log"
  "${T}/apache/svn_log"
  "${T}/apache/error_log"
svnserve log:
  "${T}/svnserve.log"

If tests seem to hang, you can use the following command to check progress of
tests:
  tail -f "${S}/tests.log"
Comment 1 Alex Buell 2011-01-01 10:44:32 UTC
Tested on SPARC, majority of tests passed. Installed OK.
Comment 2 Markos Chandras (RETIRED) gentoo-dev 2011-01-01 18:29:46 UTC
amd64 done
Comment 3 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-02 08:59:11 UTC
x86 stable
Comment 4 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2011-01-06 06:47:40 UTC
There is a security issue that requires this update, see http://secunia.com/advisories/42780/

I'm suggesting A3 severity level based on http://bugs.gentoo.org/280494 .
Comment 5 Raúl Porcel (RETIRED) gentoo-dev 2011-01-06 12:49:59 UTC
alpha/arm/ia64/s390/sh/sparc stable
Comment 6 Tim Sammut (RETIRED) gentoo-dev 2011-01-07 00:42:43 UTC
It looks like there were two issues fixed in this release. From http://www.openwall.com/lists/oss-security/2011/01/04/8:

So for 
A, "* prevent crash in mod_dav_svn when using SVNParentPath (r1033166)"
  Upstream changeset:
  http://svn.apache.org/viewvc?view=revision&revision=1033166

Let's use CVE-2010-4539.

For 
B, * fix server-side memory leaks triggered by 'blame -g' (r1032808)
  References:
  http://svn.haxx.se/dev/archive-2010-11/0102.shtml
  Upstream changeset:
  http://svn.apache.org/viewvc?view=revision&revision=1032808

Let's use CVE-2010-4644.

Comment 7 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2011-01-07 11:53:35 UTC
ppc/ppc64 stable
Comment 8 Jeroen Roovers (RETIRED) gentoo-dev 2011-01-11 19:17:35 UTC
Stable for HPPA.
Comment 9 Tim Sammut (RETIRED) gentoo-dev 2011-01-12 05:05:45 UTC
Thanks, folks. GLSA request filed.
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2011-06-13 18:12:17 UTC
CVE-2010-4644 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4644):
  Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow
  remote authenticated users to cause a denial of service (memory consumption
  and daemon crash) via the -g option to the blame command.

CVE-2010-4539 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4539):
  The walk function in repos.c in the mod_dav_svn module for the Apache HTTP
  Server, as distributed in Apache Subversion before 1.6.15, allows remote
  authenticated users to cause a denial of service (NULL pointer dereference
  and daemon crash) via vectors that trigger the walking of SVNParentPath
  collections.
Comment 11 GLSAMaker/CVETool Bot gentoo-dev 2013-09-23 23:15:24 UTC
This issue was resolved and addressed in
 GLSA 201309-11 at http://security.gentoo.org/glsa/glsa-201309-11.xml
by GLSA coordinator Sean Amoss (ackle).