1
Candidate: CVE-2013-4558
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4558
5
http://subversion.apache.org/security/CVE-2013-4558-advisory.txt
7
The get_parent_resource function in repos.c in mod_dav_svn Apache HTTPD
8
server module in Subversion 1.7.11 through 1.7.13 and 1.8.1 through 1.8.4,
9
when built with assertions enabled and SVNAutoversioning is enabled, allows
10
remote attackers to cause a denial of service (assertion failure and Apache
11
process abort) via a non-canonical URL in a request, as demonstrated using
15
mdeslaur> only affects 1.7.11 through 1.7.13
18
Discovered-by: Philip Martin
22
Tags_subversion: universe-binary
23
upstream_subversion: released (1.7.14,1.8.5)
24
lucid_subversion: ignored (reached end-of-life)
25
precise_subversion: not-affected
26
quantal_subversion: not-affected
27
raring_subversion: not-affected
28
saucy_subversion: not-affected
29
trusty_subversion: not-affected (1.8.8-1ubuntu3)
30
devel_subversion: not-affected (1.8.9-2ubuntu2)