Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 838085 (CVE-2021-28544, CVE-2022-24070)

Summary: <dev-vcs/subversion-1.14.2: multiple vulnerabilities
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard: B3 [noglsa]
Package list:
Runtime testing required: ---
Bug Depends on: 852656    
Bug Blocks:    

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-12 14:09:05 UTC 
CVE-2021-28544 (https://subversion.apache.org/security/CVE-2021-28544-advisory.txt):

Subversion servers reveal 'copyfrom' paths that should be hidden according
to configured path-based authorization (authz) rules.  When a node has been
copied from a protected location, users with access to the copy can see the
'copyfrom' path of the original.  This also reveals the fact that the node
was copied.  Only the 'copyfrom' path is revealed; not its contents. Both
httpd and svnserve servers are vulnerable.

CVE-2022-24070 (https://subversion.apache.org/security/CVE-2022-24070-advisory.txt):

While looking up path-based authorization rules, mod_dav_svn servers
may attempt to use memory which has already been freed.

Please bump to 1.14.2.
Comment 1 Larry the Git Cow gentoo-dev 2022-06-08 07:09:50 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8dd9ea5055c9f00eb442189a59addad5dad0dda6

commit 8dd9ea5055c9f00eb442189a59addad5dad0dda6
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-06-08 07:09:24 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-06-08 07:09:35 +0000

    dev-vcs/subversion: add 1.14.2
    
    Closes: https://bugs.gentoo.org/845984
    Bug: https://bugs.gentoo.org/838085
    Bug: https://bugs.gentoo.org/807343
    Signed-off-by: Sam James <sam@gentoo.org>

 dev-vcs/subversion/Manifest                        |   1 +
 .../files/subversion-1.14.2-python3.11.patch       |  16 +
 dev-vcs/subversion/subversion-1.14.2.ebuild        | 441 +++++++++++++++++++++
 3 files changed, 458 insertions(+)
Comment 2 Andreas K. Hüttel archtester gentoo-dev 2023-04-03 20:40:09 UTC 
Cleanup done
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-04-30 22:54:37 UTC 
Denial of service in non-default configuration at worst, no GLSA.