CVE-2011-0715

Publication date 11 March 2011

Last updated 24 July 2024


Ubuntu priority

The mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion before 1.6.16, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a request that contains a lock token.

Read the notes from the security team

Status

Package Ubuntu Release Status
subversion 10.10 maverick
Fixed 1.6.12dfsg-1ubuntu1.2
10.04 LTS lucid
Fixed 1.6.6dfsg-2ubuntu1.2
9.10 karmic
Fixed 1.6.5dfsg-1ubuntu1.2
8.04 LTS hardy
Fixed 1.4.6dfsg1-2ubuntu1.3
6.06 LTS dapper
Fixed 1.3.1-3ubuntu1.4

Notes


mdeslaur

on karmic and higher, binary is in universe.

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
subversion

References

Related Ubuntu Security Notices (USN)

    • USN-1096-1
    • Subversion vulnerability
    • 29 March 2011

Other references