Bug 177646

Summary: [patch] devel/subversion security update
Product: Ports & Packages Reporter: Olli Hauer <ohauer>
Component: Individual Port(s)Assignee: Olli Hauer <ohauer>
Status: Closed FIXED    
Severity: Affects Only Me CC: lev
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
subversion.diff none

Description Olli Hauer freebsd_committer 2013-04-05 06:20:00 UTC
This release addesses five security issues:
    CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
    CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
    CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs
    CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs
    CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT request

More information on these vulnerabilities, including the relevent advisories
and potential attack vectors and workarounds, can be found on the Subversion
security website:
    http://subversion.apache.org/security/
Comment 1 dfilter service freebsd_committer 2013-04-06 11:00:43 UTC
Author: ohauer
Date: Sat Apr  6 10:00:28 2013
New Revision: 315739
URL: http://svnweb.freebsd.org/changeset/ports/315739

Log:
  - Subversion 1.7.9 security update [1]
  - Subversion 1.6.21 security update [2]
  
  This release addesses the following issues security issues:
  [1][2]  CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
  [1][2]  CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
  [1][2]  CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs
  [1][2]  CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs
  [1]     CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT request
  
  More information on these vulnerabilities, including the relevent advisories
  and potential attack vectors and workarounds, can be found on the Subversion
  security website:
      http://subversion.apache.org/security/
  
  PR:		177646
  Submitted by:	ohauer
  Approved by:	portmgr (tabthorpe, erwin), lev
  Security:	b6beb137-9dc0-11e2-882f-20cf30e32f6d

Modified:
  head/devel/subversion/Makefile.common
  head/devel/subversion/distinfo
  head/devel/subversion16/Makefile.common
  head/devel/subversion16/Makefile.inc
  head/devel/subversion16/distinfo
  head/security/vuxml/vuln.xml

Modified: head/devel/subversion/Makefile.common
==============================================================================
--- head/devel/subversion/Makefile.common	Sat Apr  6 02:38:59 2013	(r315738)
+++ head/devel/subversion/Makefile.common	Sat Apr  6 10:00:28 2013	(r315739)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	subversion
-PORTVERSION=	1.7.8
+PORTVERSION=	1.7.9
 PORTREVISION?=	0
 CATEGORIES+=	devel
 MASTER_SITES=	${MASTER_SITE_APACHE:S/$/:main/} \

Modified: head/devel/subversion/distinfo
==============================================================================
--- head/devel/subversion/distinfo	Sat Apr  6 02:38:59 2013	(r315738)
+++ head/devel/subversion/distinfo	Sat Apr  6 10:00:28 2013	(r315739)
@@ -1,5 +1,5 @@
-SHA256 (subversion17/subversion-1.7.8.tar.bz2) = fc83d4d98ccea8b7bfa8f5c20fff545c8baa7d035db930977550c51c6ca23686
-SIZE (subversion17/subversion-1.7.8.tar.bz2) = 6023912
+SHA256 (subversion17/subversion-1.7.9.tar.bz2) = f8454c585f99afed764232a5048d9b8bfd0a25a9ab8e339ea69fe1204c453ef4
+SIZE (subversion17/subversion-1.7.9.tar.bz2) = 6040347
 SHA256 (subversion17/svn-book-html-r4304.tar.bz2) = a63d958b1ae70daf2ac93a53ece70a0ba0f8f7de7af3f74a665fe44b8f50ca14
 SIZE (subversion17/svn-book-html-r4304.tar.bz2) = 467806
 SHA256 (subversion17/svn-book-r4304.pdf) = 1b2cada79db8268fd6cd55fac4e5ee04c1e2977bbc587fa1098bd3613b9689b2

Modified: head/devel/subversion16/Makefile.common
==============================================================================
--- head/devel/subversion16/Makefile.common	Sat Apr  6 02:38:59 2013	(r315738)
+++ head/devel/subversion16/Makefile.common	Sat Apr  6 10:00:28 2013	(r315739)
@@ -120,6 +120,7 @@ LIB_DEPENDS+=	serf-1:${PORTSDIR}/www/ser
 CONFIGURE_ARGS+=--with-serf=${LOCALBASE}
 PLIST_SUB+=	SERF=""
 .else
+CONFIGURE_ARGS+=--without-serf
 PLIST_SUB+=	SERF="@comment "
 .endif
 

Modified: head/devel/subversion16/Makefile.inc
==============================================================================
--- head/devel/subversion16/Makefile.inc	Sat Apr  6 02:38:59 2013	(r315738)
+++ head/devel/subversion16/Makefile.inc	Sat Apr  6 10:00:28 2013	(r315739)
@@ -1,4 +1,4 @@
 # $FreeBSD$
 # this keeps subversion16 and ../svnmerge in sync, see pr 164854
 
-PORTVERSION=	1.6.20
+PORTVERSION=	1.6.21

Modified: head/devel/subversion16/distinfo
==============================================================================
--- head/devel/subversion16/distinfo	Sat Apr  6 02:38:59 2013	(r315738)
+++ head/devel/subversion16/distinfo	Sat Apr  6 10:00:28 2013	(r315739)
@@ -1,5 +1,5 @@
-SHA256 (subversion/subversion-1.6.20.tar.bz2) = 9ca903186bacb7c005806b1202c3fe7622e3d36d4f85859ae3edc06afdbb619b
-SIZE (subversion/subversion-1.6.20.tar.bz2) = 5572244
+SHA256 (subversion/subversion-1.6.21.tar.bz2) = efece333259a8cc37bc1af7210f2587cccd8dd484700458d324bfe3247875cd6
+SIZE (subversion/subversion-1.6.21.tar.bz2) = 5564522
 SHA256 (subversion/svn-book-html.tar.bz2) = 5c4788e1f225b3186db5979b071fcc4c9543bfb5916cd62e003eea4507b8c8cb
 SIZE (subversion/svn-book-html.tar.bz2) = 406484
 SHA256 (subversion/svn-book.pdf) = 64e483cd27be6752eb8dfc1b00749f8dc46adfc4fb1ab1356dd8e2406d878225

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Sat Apr  6 02:38:59 2013	(r315738)
+++ head/security/vuxml/vuln.xml	Sat Apr  6 10:00:28 2013	(r315739)
@@ -51,6 +51,54 @@ Note:  Please add new entries to the beg
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+  <vuln vid="b6beb137-9dc0-11e2-882f-20cf30e32f6d">
+    <topic>Subversion -- multiple vulnerabilities</topic>
+    <affects>
+      <package>
+	<name>subversion</name>
+	<range><lt>1.7.9</lt></range>
+	<range><lt>1.6.21</lt></range>
+      </package>
+    </affects>
+    <description>
+      <body xmlns="http://www.w3.org/1999/xhtml">
+	<p>Subversion team reports:</p>
+	  <blockquote cite="http://subversion.apache.org/security/CVE-2013-1845-advisory.txt">
+	    <p>Subversion's mod_dav_svn Apache HTTPD server module will use excessive
+	      amounts of memory when a large number of properties are set or deleted
+	      on a node.</p>
+	</blockquote>
+	  <blockquote cite="http://subversion.apache.org/security/CVE-2013-1846-advisory.txt">
+	    <p>Subversion's mod_dav_svn Apache HTTPD server module will crash when
+	      a LOCK request is made against activity URLs.</p>
+	</blockquote>
+	<blockquote cite="http://subversion.apache.org/security/CVE-2013-1847-advisory.txt">
+	    <p>Subversion's mod_dav_svn Apache HTTPD server module will crash in some
+	      circumstances when a LOCK request is made against a non-existent URL.</p>
+	</blockquote>
+	<blockquote cite="http://subversion.apache.org/security/CVE-2013-1849-advisory.txt">
+	  <p>Subversion's mod_dav_svn Apache HTTPD server module will crash when a
+	    PROPFIND request is made against activity URLs.</p>
+	</blockquote>
+	<blockquote cite="http://subversion.apache.org/security/CVE-2013-1884-advisory.txt">
+	  <p>Subversion's mod_dav_svn Apache HTTPD server module will crash when a
+	    log REPORT request receives a limit that is out of the allowed range.</p>
+	</blockquote>
+      </body>
+    </description>
+    <references>
+      <cvename>CVE-2013-1845</cvename>
+      <cvename>CVE-2013-1846</cvename>
+      <cvename>CVE-2013-1847</cvename>
+      <cvename>CVE-2013-1849</cvename>
+      <cvename>CVE-2013-1884</cvename>
+    </references>
+    <dates>
+      <discovery>2013-04-05</discovery>
+      <entry>2013-04-05</entry>
+    </dates>
+  </vuln>
+
   <vuln vid="eae8e3cf-9dfe-11e2-ac7f-001fd056c417">
     <topic>otrs -- Information disclosure and Data manipulation</topic>
     <affects>
@@ -63,10 +111,10 @@ Note:  Please add new entries to the beg
       <body xmlns="http://www.w3.org/1999/xhtml">
 	<p>The OTRS Project reports:</p>
 	<blockquote cite="http://www.otrs.com/en/open-source/community-news/security-advisories/security-advisory-2013-01/">
-	  <p>An attacker with a valid agent login could manipulate URLs in the
-object linking mechanism to see titles of tickets and other objects that are not
-obliged to be seen. Furthermore, links to objects without permission can be
-placed and removed.</p>
+		<p>An attacker with a valid agent login could manipulate URLs in the
+		  object linking mechanism to see titles of tickets and other objects
+		  that are not obliged to be seen. Furthermore, links to objects without
+		  permission can be placed and removed.</p>
 	</blockquote>
       </body>
     </description>
@@ -17163,7 +17211,7 @@ executed in your Internet Explorer while
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
-	<p>Subversion tram reports:</p>
+	<p>Subversion team reports:</p>
 	<blockquote cite="http://subversion.apache.org/security/CVE-2011-1752-advisory.txt">
 	  <p>Subversion's mod_dav_svn Apache HTTPD server module will
 	    dereference a NULL pointer if asked to deliver baselined WebDAV
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"
Comment 2 Olli Hauer freebsd_committer 2013-04-06 11:29:35 UTC
State Changed
From-To: open->closed

Submitted! 


Comment 3 Olli Hauer freebsd_committer 2013-04-06 11:29:35 UTC
Responsible Changed
From-To: freebsd-ports-bugs->ohauer