From subversion 1.0.3 announce mail:
Subversion versions up to and including 1.0.2 have a buffer overflow in
the date parsing code.
Both client and server are vulnerable. The server is vulnerable over
both httpd/DAV and svnserve (that is, over http://, https://, svn://,
svn+ssh:// and other tunneled svn+*:// methods).
Additionally, clients with shared working copies, or permissions that
allow files in the administrative area of the working copy to be
written by other users, are potentially exploitable.
Steps to Reproduce:
There is similar issue with up to and includind net-misc/neon-0.24.5
So, there is also update for neon (0.24.6), please see http://www.webdav.org/neon/.
*** Bug 51463 has been marked as a duplicate of this bug. ***
pauldv, please bump. thanks.
*** Bug 51491 has been marked as a duplicate of this bug. ***
Reassigning back to security so that we keep track of this one. Still waiting for pauldv's bump.
I'm raising a new bug for this, but FYI, subversion 1.0.4 is now available. 1.0.3 is the security fix.
The new bug number for 1.0.4 is 51572 http://bugs.gentoo.org/show_bug.cgi?id=51572,
But, 1.0.4 isn't out yet (planned for tomorrow)!
Apparently 1.0.3 is in CVS. Stable flags are OK -- so it's ready for a GLSA