Bug 56472

Summary: VUL-0: CVE-2004-0413: subversion: New heap overflow in subversion
Product: [Novell Products] SUSE Security Incidents Reporter: Sebastian Krahmer <krahmer>
Component: IncidentsAssignee: Olaf Hering <ohering>
Status: RESOLVED DUPLICATE QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: security-team
Version: unspecified   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: CVE-2004-0413: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Sebastian Krahmer 2004-06-01 17:14:42 UTC 
Date: Tue, 1 Jun 2004 09:15:17 +0100 (BST)
From: Mark J Cox <mjc@redhat.com>
To: Joe Orton <jorton@redhat.com>
Cc: vendor-sec@lst.de
Subject: Re: [vendor-sec] fix for subversion

> > For the recent subversion heap overflow, is there any fix yet?
> Not yet, no, it's being worked on.
(CAN-2004-0413)

Any update on a fix or timescale?

Cheers, Mark
Comment 1 Sebastian Krahmer 2004-06-01 17:14:42 UTC 
<!-- SBZ_reproduce  -->
Theres no fix yet. I will as soon as we get one. The description is
scary, only a screenshot with a debug window inside was posted. rather useless.
Comment 2 Olaf Hering 2004-06-01 17:22:58 UTC 

*** This bug has been marked as a duplicate of 55964 ***
Comment 3 Thomas Biege 2009-10-13 20:23:52 UTC 
CVE-2004-0413: CVSS v2 Base Score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)