-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-2646-1 debian-...@lists.debian.org https://www.debian.org/lts/security/ Anton Gladky May 03, 2021 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : subversion Version : 1.9.5-1+deb9u6 CVE ID : CVE-2020-17525 One security issue has been discovered in subversion: CVE-2020-17525: Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service. For Debian 9 stretch, this problem has been fixed in version 1.9.5-1+deb9u6. We recommend that you upgrade your subversion packages. For the detailed security status of subversion please refer to its security tracker page at: https://security-tracker.debian.org/tracker/subversion Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEu71F6oGKuG/2fnKF0+Fzg8+n/wYFAmCQ2moACgkQ0+Fzg8+n /wYuBQ//XVEyexG/MpiecNhCxmVUaRcq5w188jKNHqv4K3XjveKzvx4FQoayhwdR MllGy4kInS/A/9JYnSIqCyRRk3UAxSvULU724N/lkXyWHskExdZxr3jDco1eByA1 3cWu3AmomjHGh6G4lla57jZxtcdnbtgkPbaCGEV8AZFMfUAgkk1l00EiEfRtsAjD Gu/ZIYXdzbBvCKBeeoNq7c9tb2NH+Yrk7albevRPl9/cSP0mD5zNLcgIEWiJDkcF S2q7z8i0nK/JkX6VKk2NJCgUTFBInkEPViKaGyweIDwGr94xW2k6veF7amaNj+ln y8b6cM+cT3kf9VtUCn5bOLCwhaG41aOJ3/1yVkBRJ1gRwdvKbtEljjViqMla2WvV JcsCN5N6UBf09BNF+C8Qp7Bzg3SaiAnUa4XIeDDFuO/WLoBUc4mRSlXrU2U5+9K5 uDn3HU4REd3CNEDVUxPAv+nFGU6qrwFJgf6kCwPdQv3mH9SvMr4C18glufcCERPO XlG9Kls9Aa39thgk0shDMstbmzwii0L9ZMVZBwJfY8iGHZA7ITuqzHMnjdFZtXwa MIpo6kOGkkPsvQN6EX9xHq5nNQwKzhm5hA8U2KfyDevvLSvb1TlJqLGniMUnoaAy jWzJ1d8u1YQ2eJWaU8BOY0ctreiGBWRwzKpIUP44RMY2JvUl/1o= =chqu -----END PGP SIGNATURE-----