PublicDateAtUSN: 2015-04-08
Candidate: CVE-2015-0202
PublicDate: 2015-04-08 18:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0202
 https://subversion.apache.org/security/CVE-2015-0202-advisory.txt
 https://ubuntu.com/security/notices/USN-2721-1
Description:
 The mod_dav_svn server in Subversion 1.8.0 through 1.8.11 allows remote
 attackers to cause a denial of service (memory consumption) via a large
 number of REPORT requests, which trigger the traversal of FSFS repository
 nodes.
Ubuntu-Description:
Notes:
 tyhicks> libapache2-mod-svn (libapache2-svn in older releases) is a universe
  binary
Bugs:
Priority: medium
Discovered-by: Evgeny Kotkov
Assigned-to: mdeslaur
CVSS: 

Patches_subversion:
Tags_subversion: universe-binary
upstream_subversion: released (1.8.10-6)
lucid_subversion: ignored (reached end-of-life)
precise_subversion: not-affected
trusty_subversion: released (1.8.8-1ubuntu3.2)
trusty/esm_subversion: DNE (trusty was released [1.8.8-1ubuntu3.2])
utopic_subversion: ignored (reached end-of-life)
vivid_subversion: released (1.8.10-5ubuntu1.1)
devel_subversion: not-affected (1.8.13-1ubuntu1)