Subversion: Multiple vulnerabilities Multiple vulnerabilities have been found in Subversion, allowing attackers to cause a Denial of Service, escalate privileges, or obtain sensitive information. subversion 2013-09-23 2013-09-23 350166 356741 369065 463728 463860 472202 482166 local, remote 1.7.13 1.7.13

Subversion is a versioning system designed to be a replacement for CVS.

Multiple vulnerabilities have been discovered in Subversion. Please review the CVE identifiers referenced below for details.

A remote attacker could cause a Denial of Service condition or obtain sensitive information. A local attacker could escalate his privileges to the user running svnserve.

There is no known workaround at this time.

All Subversion users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=dev-vcs/subversion-1.7.13" CVE-2010-4539 CVE-2010-4644 CVE-2011-0715 CVE-2011-1752 CVE-2011-1783 CVE-2011-1921 CVE-2013-1845 CVE-2013-1846 CVE-2013-1847 CVE-2013-1849 CVE-2013-1884 CVE-2013-1968 CVE-2013-2088 CVE-2013-2112 CVE-2013-4131 CVE-2013-4277 underling ackle