{"id":"MGASA-2015-0177","summary":"Updated subversion packages fix security vulnerabilities","details":"Updated subversion packages fix security vulnerabilities:\n\nSubversion HTTP servers with FSFS repositories are vulnerable to a remotely\ntriggerable excessive memory use with certain REPORT requests (CVE-2015-0202).\n\nSubversion mod_dav_svn and svnserve are vulnerable to a remotely triggerable\nassertion DoS vulnerability for certain requests with dynamically evaluated\nrevision numbers (CVE-2015-0248).\n\nSubversion HTTP servers allow spoofing svn:author property values for new\nrevisions (CVE-2015-0251).\n","modified":"2026-02-04T02:48:26.400070Z","published":"2015-05-03T00:19:16Z","related":["CVE-2015-0202","CVE-2015-0248","CVE-2015-0251"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0177.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=15619"},{"type":"REPORT","url":"http://subversion.apache.org/security/CVE-2015-0202-advisory.txt"},{"type":"REPORT","url":"http://subversion.apache.org/security/CVE-2015-0248-advisory.txt"},{"type":"REPORT","url":"http://subversion.apache.org/security/CVE-2015-0251-advisory.txt"}],"affected":[{"package":{"name":"subversion","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/subversion?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.8.13-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0177.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}