Huawei EulerOS: CVE-2024-46901: subversion security update

Huawei EulerOS: CVE-2024-46901: subversion security update

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

12/09/2024

Created

02/12/2025

Added

02/11/2025

Modified

02/11/2025

Description

Insufficient validation of filenames against control characters in Apache Subversion repositories served via mod_dav_svn allows authenticated users with commit access to commit a corrupted revision, leading to disruption for users of the repository. All versions of Subversion up to and including Subversion 1.14.4 are affected if serving repositories via mod_dav_svn. Users are recommended to upgrade to version 1.14.5, which fixes this issue. Repositories served via other access methods are not affected.

Solution(s)

• huawei-euleros-2_0_sp12-upgrade-subversion
• huawei-euleros-2_0_sp12-upgrade-subversion-help

References

• https://attackerkb.com/topics/cve-2024-46901
• CVE - 2024-46901
• EulerOS-SA-2025-1198