Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 374621 - dev-vcs/subversion: access restriction bypass (CVE-2010-3315)
Summary: dev-vcs/subversion: access restriction bypass (CVE-2010-3315)
Status: RESOLVED DUPLICATE of bug 339517
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-07-10 00:28 UTC by GLSAMaker/CVETool Bot
Modified: 2011-07-11 02:17 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2011-07-10 00:28:39 UTC 
CVE-2010-3315 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3315):
  authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed
  in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when
  SVNPathAuthz short_circuit is enabled, does not properly handle a named
  repository as a rule scope, which allows remote authenticated users to
  bypass intended access restrictions via svn commands.


Opened for tracking purposes.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2011-07-10 00:29:46 UTC 
Vote: no!
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-07-11 02:17:02 UTC 

*** This bug has been marked as a duplicate of bug 339517 ***