Re: RFS: subversion (updated package) [lenny-backports, 1.6.12dfsg-5~bpo50+1]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2011-03-04 10:35, Michael Diers wrote:
> On 2011-03-04 00:01, Michael Diers wrote:
>> Dear mentors and backporters,
>
>> I am looking for a sponsor for the new version 1.6.12dfsg-5~bpo50+1
>> of my existing backport of package "subversion".
>
>> The new version addresses the following issues, please see also the
>> attached BSA draft notice:
>
>> CVE-2011-0715
>> Subversion's mod_dav_svn Apache HTTPD server module will dereference
>> a NULL pointer if a lock token is sent in a HTTP request by a
>> Subversion client which has not authenticated to the server.
>> http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
> [...]
>
> The security notice is to be called BSA-026, updated draft is attached.
Peter Samuelson uploaded this package. Thanks, Peter.
- --
Michael Diers, elego Software Solutions GmbH, http://www.elego.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk14HRsACgkQcEKlWnqVgz0QnwCgn/WQiN7hNuc4O3neAwoDctSS
zPkAn2kOpd0GxdMpECa8kojSt3rFpf5q
=/cX+
-----END PGP SIGNATURE-----
Reply to: