Bug 514744 – CVE-2009-2411 subversion: multiple heap overflow issues

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 514744 - (CVE-2009-2411) CVE-2009-2411 subversion: multiple heap overflow issues

Summary:	CVE-2009-2411 subversion: multiple heap overflow issues

Status:	CLOSED ERRATA

Aliases:	CVE-2009-2411

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=important,source=upstream,publ...
Keywords:	Security

Depends On:	515815 515816 515817 515818
Blocks:
	Show dependency tree / graph

Reported:	2009-07-30 11:33 EDT by Josh Bressers
Modified:	2010-11-29 03:47 EST (History)
CC List:	6 users (show)

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2009-08-27 18:03:27 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

External Trackers
Tracker	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2009:1203	normal	SHIPPED_LIVE	Important: subversion security update	2009-08-10 12:59:36 EDT

Groups: None (edit)

Description Josh Bressers 2009-07-30 11:33:12 EDT

Matt Lewis discovered an integer over flaw in the subversion server. A user with commit access to a repository could send a specially crafted commit that could cause the subversion server to crash or possibly execute arbitrary code with the permissions of the server.

Comment 3 Tomas Hoger 2009-08-09 13:28:52 EDT

Public now:
  http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt

Comment 4 Vincent Danen 2009-08-10 10:37:37 EDT

The advisory indicates these are heap overflow issues, not an integer overflow issue (just to clarify).

Comment 5 errata-xmlrpc 2009-08-10 12:59:41 EDT

This issue has been addressed in following products:

  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 4

Via RHSA-2009:1203 https://rhn.redhat.com/errata/RHSA-2009-1203.html

Comment 6 Fedora Update System 2009-08-10 17:48:32 EDT

subversion-1.6.4-2.fc10 has been pushed to the Fedora 10 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 7 Fedora Update System 2009-08-10 17:53:40 EDT

subversion-1.6.4-2.fc11 has been pushed to the Fedora 11 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 8 Michal Jaegermann 2009-08-12 10:41:53 EDT

> subversion-1.6.4-2.fc10 has been pushed ...
Despite of comment #6, and FEDORA-2009-8432 annoucement, so far this update did not show up in Fedora 10 repositories.  Other F10 packages annouced at the same time and later, and also subversion-1.6.4-2.fc11 for F11, already did.

Comment 9 Joe Orton 2009-08-12 10:58:24 EDT

Michal: https://fedorahosted.org/bodhi/ticket/350

Comment 10 Michal Jaegermann 2009-08-19 13:39:53 EDT

> https://fedorahosted.org/bodhi/ticket/350

It appears that "Priority: major" of this ticket is not so major after all.  It does not seem to have any repository effects after a week.

Comment 11 Michal Jaegermann 2009-08-27 18:03:27 EDT

subversion-1.6.4-2.fc10 at last showed up on repos.  The catch is that this took over two weeks for a security update.  Smells like a problem to me although I do not know where.

Note You need to log in before you can comment on or make changes to this bug.