[Secure-testing-commits] r35915 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 7 06:40:30 UTC 2015
Author: carnil
Date: 2015-08-07 06:40:30 +0000 (Fri, 07 Aug 2015)
New Revision: 35915
Modified:
data/CVE/list
Log:
Add CVE-2015-3184/subversion
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2015-08-07 06:31:17 UTC (rev 35914)
+++ data/CVE/list 2015-08-07 06:40:30 UTC (rev 35915)
@@ -6837,8 +6837,12 @@
NOTE: https://www.apache.org/dist/httpd/CHANGES_2.4.16
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1684525
NOTE: Behavior changed in 2.4.x refactoring, API no longer usable in 2.4.x
-CVE-2015-3184
+CVE-2015-3184 [Mixed anonymous/authenticated path-based authz with httpd 2.4]
RESERVED
+ - subversion <unfixed>
+ [wheezy] - subversion <not-affected> (1.6 does not build with apache 2.4)
+ NOTE: https://subversion.apache.org/security/CVE-2015-3184-advisory.txt
+ NOTE: subversion needs to be built with a fixed apache version
CVE-2015-3183 (The chunked transfer coding implementation in the Apache HTTP Server ...)
{DSA-3325-1 DLA-284-1}
- apache2 2.4.16-1
More information about the Secure-testing-commits
mailing list