Subversion是一款开源多用户版本控制系统，支持非ASCII文本和二进制数据。

Subversion mod_dav_svn 1.7.11-1.7.13、mod_dav_svn 1.8.1-1.8.4启用了断言后，不规范的URL请求会触发断言，造成Apache进程中断。

 

BUGTRAQ-ID:63981

CVE-ID:2013-4558

受影响系统：

Apache Group Subversion < 1.8.5

Apache Group Subversion < 1.7.14

 

解决办法：

厂商补丁：

 

Apache Group

------------

Apache Group已经为此发布了一个安全公告（CVE-2013-4558-advisory）以及相应补丁:

CVE-2013-4558-advisory：mod_dav_svn assertion triggered by non-canonical URLs in autoversioning   commits.

链接：http://subversion.apache.org/security/CVE-2013-4558-advisory.txt

 

补丁下载：

 

Patch for Subversion 1.7.x and 1.8.x:

[[[

Index: subversion/mod_dav_svn/repos.c

===================================================================

--- subversion/mod_dav_svn/repos.c    (revision 1539596)

+++ subversion/mod_dav_svn/repos.c    (working copy)

@@ -2456,9 +2456,12 @@ get_parent_resource(const dav_resource *resource,

       parent->info = parentinfo;

 

       parentinfo->uri_path =

-        svn_stringbuf_create(get_parent_path(resource->info->uri_path->data,

-                                             TRUE, resource->pool),

-                             resource->pool);

+        svn_stringbuf_create(

+               get_parent_path(

+                   svn_urlpath__canonicalize(resource->info->uri_path->data,

+                                            resource->pool),

+                   TRUE, resource->pool),

+               resource->pool);

       parentinfo->repos = resource->info->repos;

       parentinfo->root = resource->info->root;

       parentinfo->r = resource->info->r;

]]]

参考信息：

http://subversion.apache.org/security/CVE-2013-4558-advisory.txt