Your submission was sent successfully! Close

CVE-2007-2448

Published: 14 June 2007

Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.

Priority

Low

Status

Package Release Status
subversion
Launchpad, Ubuntu, Debian
Upstream
Released (1.4.4)
Patches:
Upstream: http://svn.apache.org/viewvc?view=revision&revision=865259