* A shell command injection flaw related to the handling of "svn+ssh" URLs
has been discovered in Subversion. An attacker could use this flaw to
execute shell commands with the privileges of the user running the
Subversion client, for example when performing a "checkout" or "update"
action on a malicious repository, or a legitimate repository containing a
malicious commit. (CVE-2017-9800)
--