{"id":"MGASA-2014-0338","summary":"Updated subversion packages fix CVE-2014-3528","details":"Updated subversion packages fix security vulnerability:\n\nBert Huijben discovered that Subversion did not properly handle cached\ncredentials. A malicious server could possibly use this issue to obtain\ncredentials cached for a different server (CVE-2014-3528).\n\nThe subversion package has been patched to fix this issue.\n","modified":"2026-04-16T01:46:07.622118767Z","published":"2014-08-21T09:36:13Z","upstream":["CVE-2014-3528"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0338.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13838"},{"type":"ADVISORY","url":"http://subversion.apache.org/security/CVE-2014-3528-advisory.txt"},{"type":"WEB","url":"http://www.ubuntu.com/usn/usn-2316-1/"}],"affected":[{"package":{"name":"subversion","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/subversion?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.14-1.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0338.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}