PublicDateAtUSN: 2013-04-04 21:00:00 UTC
Candidate: CVE-2013-1845
CRD: 2013-04-04 21:00:00 UTC
PublicDate: 2013-05-02 14:55:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1845
 http://subversion.apache.org/security/CVE-2013-1845-advisory.txt
 https://ubuntu.com/security/notices/USN-1893-1
Description:
 The mod_dav_svn Apache HTTPD server module in Subversion 1.6.x before
 1.6.21 and 1.7.0 through 1.7.8 allows remote authenticated users to cause a
 denial of service (memory consumption) by (1) setting or (2) deleting a
 large number of properties for a file or directory.
Ubuntu-Description: 
Notes: 
Bugs: 
Priority: medium
Discovered-by: Alexander Klink
Assigned-to: mdeslaur
CVSS: 

Patches_subversion:
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1462310 (1.6)
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1462312 (1.6)
 upstream: http://svn.apache.org/viewvc?view=revision&revision=1454237 (1.7)
Tags_subversion: universe-binary
upstream_subversion: released (1.6.21, 1.7.9)
hardy_subversion: ignored (reached end-of-life)
lucid_subversion: ignored (reached end-of-life)
oneiric_subversion: ignored (reached end-of-life)
precise_subversion: released (1.6.17dfsg-3ubuntu3.3)
quantal_subversion: released (1.7.5-1ubuntu2.1)
raring_subversion: released (1.7.5-1ubuntu3.1)
devel_subversion: not-affected (1.7.9-1+nmu2ubuntu2)