I can't get this update to upgrade using apt-get on wheezy. I also can't get the wheezy backport version to upgrade. I still have version 1.6.17dfsg-4+deb7u6, although ...deb7u8 apparently is the new current version.
Herb Garcia P.G. President Minnesota GeoServices, Inc. 40 Woodlynn Avenue Little Canada, MN 55117 651-261-2072 cell 651-644-1571 work 651-645-7854 fax h...@mngeoservices.com www.mngeoservices.com -----Original Message----- From: Florian Weimer [mailto:f...@deneb.enyo.de] Sent: Saturday, December 20, 2014 12:28 PM To: debian-security-annou...@lists.debian.org Subject: [SECURITY] [DSA 3107-1] subversion security update Importance: High -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3107-1 secur...@debian.org http://www.debian.org/security/ Florian Weimer December 20, 2014 http://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : subversion CVE ID : CVE-2014-3580 Debian Bug : 773263 Evgeny Kotkov discovered a NULL pointer dereference while processing REPORT requests in mod_dav_svn, the Subversion component which is used to serve repositories with the Apache web server. A remote attacker could abuse this vulnerability for a denial of service. For the stable distribution (wheezy), this problem has been fixed in version 1.6.17dfsg-4+deb7u7. For the unstable distribution (sid), this problem has been fixed in version 1.8.10-5. We recommend that you upgrade your subversion packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-annou...@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQEcBAEBAgAGBQJUlcb3AAoJEL97/wQC1SS+MbYIAKE5phOjZkRQRFmmzGfgpens RpM+I2mBJ1ghvHvd+3CIQsBjtIuzxgih+ekUYQ8YP5dOB1erV4cI3zMbjnv1x4ZC ZxLxDNfPGQ3xmBNwAXT+ohkVturBrqZpvxz/vR4ms77mvOHo4Zm1r/WWHgs19Cnm WgNGXTCz59HXmzFhsrmwWA0Ojr8lBEbr9t4hKeciq4QAdaMjvYoZhi9KaUMJh1K5 4ntIBP/KdaqlCTCb46w1QqG/bJ6lHv89DGX9GbKpM1PNCI6ejyVnU0CmEovDPTLs evr91+DzT3CTTPOvGxeabcrhxun/xeNPdcxdwuayEHzx7OGU1OvhdFW6j/XIecU= =3nn5 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-security-announce-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87h9wqgor7....@mid.deneb.enyo.de -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/e7d7be6bd583b843aa01931be33fb773f385b7a...@exchangehost.ad.pcspeed.com
