OpenSuSE has issued an advisory today (August 1): http://lists.opensuse.org/opensuse-updates/2013-08/msg00000.html According to the upstream advisory, the issue is fixed in 1.7.11: https://subversion.apache.org/security/CVE-2013-4131-advisory.txt Mageia 2 and Mageia 3 are also affected. Reproducible: Steps to Reproduce:
Whiteboard: (none) => MGA3TOO, MGA2TOO
1.7.11 has been submitted for 2, 3 and cauldron.
CC: (none) => oe
Thanks Oden! Assigning to QA. Advisory: ======================== Updated subversion packages fix security vulnerability: Subversion's mod_dav_svn Apache HTTPD server module will trigger an assertion on some requests made against a revision root. This can lead to a DoS. If assertions are disabled it will trigger a read overflow which may cause a SEGFAULT (or equivalent) or undefined behavior. Commit access is required to exploit this (CVE-2013-4131). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4131 https://subversion.apache.org/security/CVE-2013-4131-advisory.txt http://lists.opensuse.org/opensuse-updates/2013-08/msg00000.html ======================== Updated packages in core/updates_testing: ======================== subversion-1.7.11-1.mga2 subversion-doc-1.7.11-1.mga2 libsvn0-1.7.11-1.mga2 libsvn-gnome-keyring0-1.7.11-1.mga2 libsvn-kwallet0-1.7.11-1.mga2 subversion-server-1.7.11-1.mga2 subversion-tools-1.7.11-1.mga2 python-svn-1.7.11-1.mga2 ruby-svn-1.7.11-1.mga2 libsvnjavahl1-1.7.11-1.mga2 svn-javahl-1.7.11-1.mga2 perl-SVN-1.7.11-1.mga2 subversion-kwallet-devel-1.7.11-1.mga2 subversion-gnome-keyring-devel-1.7.11-1.mga2 perl-svn-devel-1.7.11-1.mga2 python-svn-devel-1.7.11-1.mga2 ruby-svn-devel-1.7.11-1.mga2 subversion-devel-1.7.11-1.mga2 apache-mod_dav_svn-1.7.11-1.mga2 subversion-1.7.11-1.mga3 subversion-doc-1.7.11-1.mga3 libsvn0-1.7.11-1.mga3 libsvn-gnome-keyring0-1.7.11-1.mga3 libsvn-kwallet0-1.7.11-1.mga3 subversion-server-1.7.11-1.mga3 subversion-tools-1.7.11-1.mga3 python-svn-1.7.11-1.mga3 ruby-svn-1.7.11-1.mga3 libsvnjavahl1-1.7.11-1.mga3 svn-javahl-1.7.11-1.mga3 perl-SVN-1.7.11-1.mga3 subversion-kwallet-devel-1.7.11-1.mga3 subversion-gnome-keyring-devel-1.7.11-1.mga3 perl-svn-devel-1.7.11-1.mga3 python-svn-devel-1.7.11-1.mga3 ruby-svn-devel-1.7.11-1.mga3 subversion-devel-1.7.11-1.mga3 apache-mod_dav_svn-1.7.11-1.mga3 from SRPMS: subversion-1.7.11-1.mga2.src.rpm subversion-1.7.11-1.mga3.src.rpm
Version: Cauldron => 3Assignee: bugsquad => qa-bugsWhiteboard: MGA3TOO, MGA2TOO => MGA2TOO
Advisory 10895.adv uploaded to svn.
CC: (none) => davidwhodgins
Severity: normal => major
No poc that I can find, so just testing that it works. Testing complete Mageia 2 i586 and x86_64. [dave@i2v ~]$ svnadmin create --fs-type fsfs /home/dave/svn [dave@i2v ~]$ mkdir project [dave@i2v ~]$ cd project/ [dave@i2v project]$ mkdir bin [dave@i2v project]$ mkdir src [dave@i2v project]$ mkdir doc [dave@i2v project]$ echo test>doc/index.html [dave@i2v project]$ echo stuff>src/Makefile [dave@i2v project]$ svn import /home/dave/project/ file:///home/dave/svn/project/trunk -m 'Initial import' Adding doc Adding doc/index.html Adding src Adding src/Makefile Adding bin Committed revision 1. [dave@i2v project]$ cd [dave@i2v ~]$ rm -rf project [dave@i2v ~]$ svn checkout file:///home/dave/svn/project A project/trunk A project/trunk/doc A project/trunk/doc/index.html A project/trunk/src A project/trunk/src/Makefile A project/trunk/bin Checked out revision 1. [dave@i2v ~]$ sudo mc -e /etc/httpd/modules.d/46_mod_dav_svn.conf See https://bugs.mageia.org/show_bug.cgi?id=9624#c8 [dave@i2v ~]$ sudo service httpd restart [dave@i2v ~]$ firefox http://localhost/svn/repos
Whiteboard: MGA2TOO => MGA2TOO MGA2-64-OK MGA2-32-OK
Testing complete on Mageia 3 i586 and x86_64. Note: Edit /etc/httpd/conf/conf.d/subversion.conf instead of 46... Could someone from the sysadmin team push 10895.adv to updates.
Keywords: (none) => validated_updateWhiteboard: MGA2TOO MGA2-64-OK MGA2-32-OK => MGA2TOO MGA2-64-OK MGA2-32-OK MGA3-64-OK MGA3-32-OKCC: (none) => sysadmin-bugs
Update pushed: http://advisories.mageia.org/MGASA-2013-0244.html
Status: NEW => RESOLVEDCC: (none) => tmbResolution: (none) => FIXED
In VirtualBox, M4, KDE, 32-bit Package(s) under test: subversion default install of subversion [root@localhost wilcal]# urpmi subversion Package subversion-1.8.8-1.mga4.i586 is already installed [wilcal@localhost ~]$ svnadmin create --fs-type fsfs /home/wilcal/svn bash: svnadmin: command not found What next? Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
CC: (none) => wilcal.int
$ urpmf bin/svnadmin subversion-tools:/usr/bin/svnadmin
CC: (none) => remi
You commented in the wrong bug report though :-)
(In reply to Rémi Verschelde from comment #9) > You commented in the wrong bug report though :-) Opps, better put it where it's supposed to be.
In VirtualBox, M4, KDE, 32-bit Package(s) under test: subversion subversion-tools apache-mod_dav_svn default install of subversion, subversion-tools, apache-mod_dav_svn [root@localhost project]# urpmi subversion Package subversion-1.8.8-1.mga4.i586 is already installed [root@localhost project]# urpmi subversion-tools Package subversion-tools-1.8.8-1.mga4.i586 is already installed [root@localhost project]# urpmi apache-mod_dav_svn Package apache-mod_dav_svn-1.8.8-1.mga4.i586 is already installed [wilcal@localhost ~]$ svnadmin create --fs-type fsfs /home/wilcal/svn creates svn directory with subversion subdirectories and files. wilcal@localhost ~]$ cd project [wilcal@localhost project]$ ls -al total 24 drwxrwxr-x 5 wilcal wilcal 4096 Aug 19 10:24 ./ drwxr-xr-x 38 wilcal wilcal 4096 Aug 19 10:24 ../ drwxrwxr-x 2 wilcal wilcal 4096 Aug 19 10:24 bin/ -rw------- 1 wilcal wilcal 60 Aug 19 10:24 .directory drwxrwxr-x 2 wilcal wilcal 4096 Aug 19 10:24 doc/ drwxrwxr-x 2 wilcal wilcal 4096 Aug 19 10:24 src/ [wilcal@localhost project]$ echo test>doc/index.html [wilcal@localhost project]$ echo stuff>src/Makefile All went well to here: [wilcal@localhost project]$ svn import /home/wilcal/project/ file:///home/wilcal/svn/project svn: E205007: Could not use external editor to fetch log message; consider setting the $SVN_EDITOR environment variable or using the --message (-m) or --file (-F) options svn: E205007: None of the environment variables SVN_EDITOR, VISUAL or EDITOR are set, and no 'editor-cmd' run-time configuration option was found Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
As the message error tells you, you need to either specify a SVN_EDITOR environment variable, or to use the -m option to include a commit log. That is, either (provided you have nano, you can also use kwrite or any text editor): $ SVN_EDITOR=nano svn import /home/wilcal/project/ file:///home/wilcal/svn/project or: $ svn import /home/wilcal/project/ file:///home/wilcal/svn/project -m 'my funny little commit message' The -m option was actually used in the procedure, but I had overlooked it too :-)
Or just use the EDITOR variable, but the -m option is easier. And again we're in the wrong bug.