1
PublicDateAtUSN: 2013-05-02
2
Candidate: CVE-2013-1884
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1884
6
http://subversion.apache.org/security/CVE-2013-1884-advisory.txt
7
https://usn.ubuntu.com/usn/usn-1893-1
9
The mod_dav_svn Apache HTTPD server module in Subversion 1.7.0 through
10
1.7.8 allows remote attackers to cause a denial of service (segmentation
11
fault and crash) via a log REPORT request with an invalid limit, which
12
triggers an access of an uninitialized variable.
18
Discovered-by: Greg McMullin, Stefan Fuhrmann, Philip Martin & Ben Reser
22
upstream: http://svn.apache.org/viewvc?view=revision&revision=1462332
23
Tags_subversion: universe-binary
24
upstream_subversion: released (1.7.9)
25
hardy_subversion: not-affected (1.4.6dfsg1-2ubuntu1.3)
26
lucid_subversion: not-affected (1.6.6dfsg-2ubuntu1.3)
27
oneiric_subversion: not-affected (1.6.12dfsg-4ubuntu5.1)
28
precise_subversion: not-affected (1.6.17dfsg-3ubuntu3)
29
quantal_subversion: released (1.7.5-1ubuntu2.1)
30
raring_subversion: released (1.7.5-1ubuntu3.1)
31
devel_subversion: not-affected (1.7.9-1+nmu2ubuntu2)