Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information.
Package | dev-vcs/subversion on all architectures |
---|---|
Affected versions | < 1.7.13 |
Unaffected versions | >= 1.7.13 |
Subversion is a versioning system designed to be a replacement for CVS.
Multiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details.
A remote attacker could cause a Denial of Service condition or obtain sensitive information. A local attacker could escalate his privileges to the user running svnserve.
There is no known workaround at this time.
All Subversion users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/subversion-1.7.13"