Fixed vulnerabilities:
- CVE-2014-3580 (VulnLIB link) A NULL pointer dereference flaw was found in the way the mod_dav_svn module handled REPORT requests. A remote, unauthenticated attacker could use a specially crafted REPORT request to crash mod_dav_svn.
- CVE-2014-3528 (VulnLIB link) It was discovered that Subversion clients retrieved cached authentication credentials using the MD5 hash of the server realm string without also checking the server's URL. A malicious server able to provide a realm that triggers an MD5 collision could possibly use this flaw to obtain the credentials for a different realm.
Affected releases:
- Red Hat Enterprise Linux Desktop (v. 6)
- Red Hat Enterprise Linux HPC Node (v. 6)
- Red Hat Enterprise Linux Server (v. 6)
- Red Hat Enterprise Linux Server EUS (v. 6.6.z)
- Red Hat Enterprise Linux Workstation (v. 6)
Software description:
- subversion
Solution:
- Check VulnLIB for fixes for CVEs listed above and the source.
Source:
Wednesday, 11.02.2015