Security update for subversion SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2016:1263-1 Final 1 1 2016-05-07T09:14:03Z current 2016-05-07T09:14:03Z 2016-05-07T09:14:03Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for subversion This update for subversion fixes the following issues: - CVE-2016-2167: mod_authz_svn: DoS in MOVE/COPY authorization check (bsc#976849) - CVE-2016-2168: svnserve/sasl may authenticate users using the wrong realm (bsc#976850) The following non-security bugs were fixed: - bsc#969159: subversion dependencies did not enforce matching password store - bsc#911620: svnserve could not be started via YaST Service manager This update was imported from the SUSE:SLE-12:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html E-Mail link for openSUSE-SU-2016:1263-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 42.1 libsvn_auth_gnome_keyring-1-0-1.8.10-9.1 libsvn_auth_kwallet-1-0-1.8.10-9.1 subversion-1.8.10-9.1 subversion-bash-completion-1.8.10-9.1 subversion-devel-1.8.10-9.1 subversion-perl-1.8.10-9.1 subversion-python-1.8.10-9.1 subversion-ruby-1.8.10-9.1 subversion-server-1.8.10-9.1 subversion-tools-1.8.10-9.1 libsvn_auth_gnome_keyring-1-0-1.8.10-9.1 as a component of openSUSE Leap 42.1 libsvn_auth_kwallet-1-0-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-bash-completion-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-devel-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-perl-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-python-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-ruby-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-server-1.8.10-9.1 as a component of openSUSE Leap 42.1 subversion-tools-1.8.10-9.1 as a component of openSUSE Leap 42.1 The canonicalize_username function in svnserve/cyrus_auth.c in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4, when Cyrus SASL authentication is used, allows remote attackers to authenticate and bypass intended access restrictions via a realm string that is a prefix of an expected repository realm string. CVE-2016-2167 openSUSE Leap 42.1:libsvn_auth_gnome_keyring-1-0-1.8.10-9.1 openSUSE Leap 42.1:libsvn_auth_kwallet-1-0-1.8.10-9.1 openSUSE Leap 42.1:subversion-1.8.10-9.1 openSUSE Leap 42.1:subversion-bash-completion-1.8.10-9.1 openSUSE Leap 42.1:subversion-devel-1.8.10-9.1 openSUSE Leap 42.1:subversion-perl-1.8.10-9.1 openSUSE Leap 42.1:subversion-python-1.8.10-9.1 openSUSE Leap 42.1:subversion-ruby-1.8.10-9.1 openSUSE Leap 42.1:subversion-server-1.8.10-9.1 openSUSE Leap 42.1:subversion-tools-1.8.10-9.1 low 3.6 AV:N/AC:H/Au:S/C:P/I:P/A:N Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html https://www.suse.com/security/cve/CVE-2016-2167.html CVE-2016-2167 https://bugzilla.suse.com/976849 SUSE Bug 976849 The req_check_access function in the mod_authz_svn module in the httpd server in Apache Subversion before 1.8.16 and 1.9.x before 1.9.4 allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) via a crafted header in a (1) MOVE or (2) COPY request, involving an authorization check. CVE-2016-2168 openSUSE Leap 42.1:libsvn_auth_gnome_keyring-1-0-1.8.10-9.1 openSUSE Leap 42.1:libsvn_auth_kwallet-1-0-1.8.10-9.1 openSUSE Leap 42.1:subversion-1.8.10-9.1 openSUSE Leap 42.1:subversion-bash-completion-1.8.10-9.1 openSUSE Leap 42.1:subversion-devel-1.8.10-9.1 openSUSE Leap 42.1:subversion-perl-1.8.10-9.1 openSUSE Leap 42.1:subversion-python-1.8.10-9.1 openSUSE Leap 42.1:subversion-ruby-1.8.10-9.1 openSUSE Leap 42.1:subversion-server-1.8.10-9.1 openSUSE Leap 42.1:subversion-tools-1.8.10-9.1 moderate 6.3 AV:N/AC:M/Au:S/C:N/I:N/A:C Please Install the update. https://lists.opensuse.org/opensuse-updates/2016-05/msg00043.html https://www.suse.com/security/cve/CVE-2016-2168.html CVE-2016-2168 https://bugzilla.suse.com/976850 SUSE Bug 976850