[3.2] subversion: several security issues (CVE-2015-3184, CVE-2015-3187)
CVE-2015-3184 Mixed anonymous/authenticated path-based authz with Apache httpd 2.4.
Subversion’s mod_authz_svn does not properly restrict anonymous
access in some mixed anonymous/authenticated environments when using
Apache httpd 2.4. The result is that anonymous access may be possible
to files for which only authenticated access should be possible.
References:
https://subversion.apache.org/security/CVE-2015-3184-advisory.txt
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2015-3184
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3184
CVE-2015-3187 svn_repos_trace_node_locations() reveals paths hidden by authz.
Subversion servers, both httpd and svnserve, will reveal some paths
that should be hidden by path-based authz. When a node is copied
from an unreadable location to a readable location the unreadable
path may be revealed. This vulnerablity only reveals the path, it
does not reveal the contents of the path.
References:
http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3187
https://security-tracker.debian.org/tracker/CVE-2015-3187
(from redmine: issue id 4729, created on 2015-10-05, closed on 2015-10-16)
- Relations:
- blocks #4723 (closed)
- parent #4728 (closed)
- Changesets:
- Revision 0dcd40e1 by Natanael Copa on 2015-10-15T12:03:45Z:
main/subversion: security upgrade to 1.8.14 (CVE-2015-3184,CVE-2015-3187)
ref #4728
fixes #4729