ALT-PU-2015-2038-1
Package subversion updated to version 1.9.2-alt1 for branch sisyphus in task 154048.
Closed vulnerabilities
Published: 2015-08-12
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2015-3187
The svn_repos_trace_node_locations function in Apache Subversion before 1.7.21 and 1.8.x before 1.8.14, when path-based authorization is used, allows remote authenticated users to obtain sensitive path information by reading the history of a node that has been moved from a hidden path.
Severity: MEDIUM (4.0)
References:
- APPLE-SA-2016-03-21-4
- APPLE-SA-2016-03-21-4
- openSUSE-SU-2015:1401
- openSUSE-SU-2015:1401
- RHSA-2015:1633
- RHSA-2015:1633
- RHSA-2015:1742
- RHSA-2015:1742
- http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
- http://subversion.apache.org/security/CVE-2015-3187-advisory.txt
- DSA-3331
- DSA-3331
- 76273
- 76273
- 1033215
- 1033215
- USN-2721-1
- USN-2721-1
- GLSA-201610-05
- GLSA-201610-05
- https://support.apple.com/HT206172
- https://support.apple.com/HT206172