SB2022052612 - Ubuntu update for subversion

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Reachable Assertion (CVE-ID: CVE-2018-11782)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a reachable assertion when handling svnserve 'get-deleted-rev' requests. A remote authenticated attacker with read-only permissions can make the server to reply with incorrect revision number that will lead to svnserve crash.

2) Input validation error (CVE-ID: CVE-2019-0203)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to an error when processing a certain sequence of commands within the svnserve process. A remote non-authenticated attacker can send specially crafted commends to the Subversion server and perform a denial of service (DoS) attack.

3) NULL pointer dereference (CVE-ID: CVE-2020-17525)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference  when the Subversion is configured to use in-repository authz rules with the AuthzSVNReposRelativeAccessFile option. A remote non-authenticated attacker can send specially crafted request to a non-existing URL, trigger a NULL pointer dereference in the mod_authz_svn module and perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-5445-1