Amazon Linux 1 Security Advisory: ALAS-2021-1483
Advisory Release Date: 2021-02-23 20:18 Pacific
Advisory Updated Date: 2021-02-24 19:44 Pacific
A null-pointer-dereference flaw was found in mod_authz_svn of subversion. This flaw allows a remote, unauthenticated attacker to cause a denial of service in some server configurations. The highest threat from this vulnerability is to system availability. (CVE-2020-17525)
Affected Packages:
subversion
Issue Correction:
Run yum update subversion to update your system.
i686:
subversion-ruby-1.9.7-1.61.amzn1.i686
subversion-libs-1.9.7-1.61.amzn1.i686
mod24_dav_svn-1.9.7-1.61.amzn1.i686
subversion-tools-1.9.7-1.61.amzn1.i686
subversion-1.9.7-1.61.amzn1.i686
subversion-python27-1.9.7-1.61.amzn1.i686
subversion-perl-1.9.7-1.61.amzn1.i686
subversion-python26-1.9.7-1.61.amzn1.i686
subversion-javahl-1.9.7-1.61.amzn1.i686
subversion-debuginfo-1.9.7-1.61.amzn1.i686
subversion-devel-1.9.7-1.61.amzn1.i686
src:
subversion-1.9.7-1.61.amzn1.src
x86_64:
subversion-debuginfo-1.9.7-1.61.amzn1.x86_64
subversion-perl-1.9.7-1.61.amzn1.x86_64
subversion-python27-1.9.7-1.61.amzn1.x86_64
subversion-1.9.7-1.61.amzn1.x86_64
subversion-tools-1.9.7-1.61.amzn1.x86_64
subversion-ruby-1.9.7-1.61.amzn1.x86_64
subversion-devel-1.9.7-1.61.amzn1.x86_64
mod24_dav_svn-1.9.7-1.61.amzn1.x86_64
subversion-javahl-1.9.7-1.61.amzn1.x86_64
subversion-python26-1.9.7-1.61.amzn1.x86_64
subversion-libs-1.9.7-1.61.amzn1.x86_64