Publishing details

Published on 2017-08-11
Copied from ubuntu trusty in Private PPA for Ubuntu Security Team by Steve Beattie

Changelog

subversion (1.8.8-1ubuntu3.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Arbitrary code execution on clients through
    malicious svn+ssh URLs
    - debian/patches/CVE-2017-9800-1.8.18.patch: ensure that host
      arguments to ssh cannot be treated as ssh options.
    - CVE-2017-9800
  * SECURITY UPDATE: svnserve/sasl may authenticate users using the
    wrong realm.
    - debian/patches/CVE-2016-2167.patch: Reject invalid usernames when
      SASL is being used.
    - CVE-2016-2167
  * SECURITY UPDATE: remotely triggerable crash in the mod_authz_svn
    module.
    - debian/patches/CVE-2016-2167.patch: Reject requests with invalid
      Destination headers.
    - CVE-2016-2168
  * SECURITY UPDATE: denial-of-service caused by exponential XML
    entity expansion ("billion laughs attack").
    - debian/patches/CVE-2016-8734-1,8.patch: properly error out the
      parser on invalid data.
    - CVE-2016-8734
  * SECURITY UPDATE: mod_dav_svn: integer overflow when parsing
    skel-encoded request bodies.
    - debian/patches/CVE-2015-5343.patch: Defer memory allocation
      when reading skel-encoded requests.
    - CVE-2015-5343

 -- Steve Beattie <email address hidden>  Thu, 10 Aug 2017 00:00:57 -0700

Available diffs

diff from 1.8.8-1ubuntu3.2 to 1.8.8-1ubuntu3.3 (4.8 KiB)

Builds

Built packages

libapache2-mod-svn Apache Subversion server modules for Apache httpd

libapache2-mod-svn-dbgsym debug symbols for package libapache2-mod-svn

libapache2-svn Apache Subversion server modules for Apache httpd (dummy package)

libsvn-dev Development files for Apache Subversion libraries

libsvn-dev-dbgsym debug symbols for package libsvn-dev

libsvn-doc Developer documentation for libsvn

libsvn-java Java bindings for Apache Subversion

libsvn-java-dbgsym debug symbols for package libsvn-java

libsvn-perl Perl bindings for Apache Subversion

libsvn-perl-dbgsym debug symbols for package libsvn-perl

libsvn-ruby1.8 Ruby bindings for Apache Subversion (dummy package)

libsvn1 Shared libraries used by Apache Subversion

libsvn1-dbgsym debug symbols for package libsvn1

python-subversion Python bindings for Apache Subversion

python-subversion-dbg Python bindings for Subversion (debug extension)

python-subversion-dbgsym debug symbols for package python-subversion

ruby-svn Ruby bindings for Apache Subversion

ruby-svn-dbgsym debug symbols for package ruby-svn

subversion Advanced version control system

subversion-dbg Debug symbols for Apache Subversion

subversion-dbgsym debug symbols for package subversion

subversion-tools Assorted tools related to Apache Subversion

Package files

libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (932 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (932 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (930 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (932 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (934 bytes)
libapache2-mod-svn-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (934 bytes)
libapache2-mod-svn_1.8.8-1ubuntu3.3_amd64.deb (79.0 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.3_arm64.deb (66.7 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.3_armhf.deb (70.0 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.3_i386.deb (78.4 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.3_powerpc.deb (72.3 KiB)
libapache2-mod-svn_1.8.8-1ubuntu3.3_ppc64el.deb (74.2 KiB)
libapache2-svn_1.8.8-1ubuntu3.3_all.deb (9.6 KiB)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (904 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (906 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (904 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (904 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (904 bytes)
libsvn-dev-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (906 bytes)
libsvn-dev_1.8.8-1ubuntu3.3_amd64.deb (1.1 MiB)
libsvn-dev_1.8.8-1ubuntu3.3_arm64.deb (1.0 MiB)
libsvn-dev_1.8.8-1ubuntu3.3_armhf.deb (1.0 MiB)
libsvn-dev_1.8.8-1ubuntu3.3_i386.deb (1.1 MiB)
libsvn-dev_1.8.8-1ubuntu3.3_powerpc.deb (1.0 MiB)
libsvn-dev_1.8.8-1ubuntu3.3_ppc64el.deb (1.2 MiB)
libsvn-doc_1.8.8-1ubuntu3.3_all.deb (1.2 MiB)
libsvn-java-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (944 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (946 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (942 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (944 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (948 bytes)
libsvn-java-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (946 bytes)
libsvn-java_1.8.8-1ubuntu3.3_amd64.deb (338.3 KiB)
libsvn-java_1.8.8-1ubuntu3.3_arm64.deb (331.0 KiB)
libsvn-java_1.8.8-1ubuntu3.3_armhf.deb (328.2 KiB)
libsvn-java_1.8.8-1ubuntu3.3_i386.deb (339.0 KiB)
libsvn-java_1.8.8-1ubuntu3.3_powerpc.deb (334.9 KiB)
libsvn-java_1.8.8-1ubuntu3.3_ppc64el.deb (337.0 KiB)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (926 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (928 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (928 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (926 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (928 bytes)
libsvn-perl-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (926 bytes)
libsvn-perl_1.8.8-1ubuntu3.3_amd64.deb (781.5 KiB)
libsvn-perl_1.8.8-1ubuntu3.3_arm64.deb (652.2 KiB)
libsvn-perl_1.8.8-1ubuntu3.3_armhf.deb (713.4 KiB)
libsvn-perl_1.8.8-1ubuntu3.3_i386.deb (681.7 KiB)
libsvn-perl_1.8.8-1ubuntu3.3_powerpc.deb (617.3 KiB)
libsvn-perl_1.8.8-1ubuntu3.3_ppc64el.deb (703.5 KiB)
libsvn-ruby1.8_1.8.8-1ubuntu3.3_all.deb (1016 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (884 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (882 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (884 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (886 bytes)
libsvn1-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (886 bytes)
libsvn1_1.8.8-1ubuntu3.3_amd64.deb (896.4 KiB)
libsvn1_1.8.8-1ubuntu3.3_arm64.deb (719.5 KiB)
libsvn1_1.8.8-1ubuntu3.3_armhf.deb (748.3 KiB)
libsvn1_1.8.8-1ubuntu3.3_i386.deb (886.0 KiB)
libsvn1_1.8.8-1ubuntu3.3_powerpc.deb (777.2 KiB)
libsvn1_1.8.8-1ubuntu3.3_ppc64el.deb (865.6 KiB)
python-subversion-dbg_1.8.8-1ubuntu3.3_amd64.deb (1.6 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.3_arm64.deb (1.5 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.3_armhf.deb (1.5 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.3_i386.deb (1.5 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.3_powerpc.deb (1.4 MiB)
python-subversion-dbg_1.8.8-1ubuntu3.3_ppc64el.deb (1.7 MiB)
python-subversion-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (930 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (932 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (930 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (928 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (932 bytes)
python-subversion-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (930 bytes)
python-subversion_1.8.8-1ubuntu3.3_amd64.deb (504.0 KiB)
python-subversion_1.8.8-1ubuntu3.3_arm64.deb (389.0 KiB)
python-subversion_1.8.8-1ubuntu3.3_armhf.deb (415.4 KiB)
python-subversion_1.8.8-1ubuntu3.3_i386.deb (450.4 KiB)
python-subversion_1.8.8-1ubuntu3.3_powerpc.deb (389.6 KiB)
python-subversion_1.8.8-1ubuntu3.3_ppc64el.deb (441.8 KiB)
ruby-svn-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (938 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (940 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (938 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (936 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (940 bytes)
ruby-svn-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (940 bytes)
ruby-svn_1.8.8-1ubuntu3.3_amd64.deb (415.3 KiB)
ruby-svn_1.8.8-1ubuntu3.3_arm64.deb (309.6 KiB)
ruby-svn_1.8.8-1ubuntu3.3_armhf.deb (375.3 KiB)
ruby-svn_1.8.8-1ubuntu3.3_i386.deb (376.3 KiB)
ruby-svn_1.8.8-1ubuntu3.3_powerpc.deb (316.5 KiB)
ruby-svn_1.8.8-1ubuntu3.3_ppc64el.deb (362.1 KiB)
subversion-dbg_1.8.8-1ubuntu3.3_amd64.deb (7.6 MiB)
subversion-dbg_1.8.8-1ubuntu3.3_arm64.deb (7.8 MiB)
subversion-dbg_1.8.8-1ubuntu3.3_armhf.deb (7.4 MiB)
subversion-dbg_1.8.8-1ubuntu3.3_i386.deb (7.0 MiB)
subversion-dbg_1.8.8-1ubuntu3.3_powerpc.deb (7.4 MiB)
subversion-dbg_1.8.8-1ubuntu3.3_ppc64el.deb (8.9 MiB)
subversion-dbgsym_1.8.8-1ubuntu3.3_amd64.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.3_arm64.ddeb (1.1 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.3_armhf.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.3_i386.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.3_powerpc.ddeb (1.0 KiB)
subversion-dbgsym_1.8.8-1ubuntu3.3_ppc64el.ddeb (1.0 KiB)
subversion-tools_1.8.8-1ubuntu3.3_all.deb (155.5 KiB)
subversion_1.8.8-1ubuntu3.3.diff.gz (299.5 KiB)
subversion_1.8.8-1ubuntu3.3.dsc (3.0 KiB)
subversion_1.8.8-1ubuntu3.3_amd64.deb (274.3 KiB)
subversion_1.8.8-1ubuntu3.3_arm64.deb (260.5 KiB)
subversion_1.8.8-1ubuntu3.3_armhf.deb (266.0 KiB)
subversion_1.8.8-1ubuntu3.3_i386.deb (270.9 KiB)
subversion_1.8.8-1ubuntu3.3_powerpc.deb (249.1 KiB)
subversion_1.8.8-1ubuntu3.3_ppc64el.deb (264.6 KiB)
subversion_1.8.8.orig.tar.gz (8.8 MiB)