Synopsis: Moderate: subversion security and bug fix update Issue date: 2011-03-08 CVE Names: CVE-2011-0715 A NULL pointer dereference flaw was found in the way the mod_dav_svn module processed certain requests to lock working copy paths in a repository. A remote attacker could issue a lock request that could cause the httpd process serving the request to crash. (CVE-2011-0715) This update also fixes the following bug: * A regression was found in the handling of repositories which do not have a "db/fsfs.conf" file. The "svnadmin hotcopy" command would fail when trying to produce a copy of such a repository. This command has been fixed to ignore the absence of the "fsfs.conf" file. The "svnadmin hotcopy" command will now succeed for this type of repository. (BZ#681522) After installing the updated packages, you must restart the httpd daemon, if you are using mod_dav_svn, for the update to take effect. SL 5.x SRPMS: subversion-1.6.11-7.el5_6.3.src.rpm i386: mod_dav_svn-1.6.11-7.el5_6.3.i386.rpm subversion-1.6.11-7.el5_6.3.i386.rpm subversion-devel-1.6.11-7.el5_6.3.i386.rpm subversion-javahl-1.6.11-7.el5_6.3.i386.rpm subversion-perl-1.6.11-7.el5_6.3.i386.rpm subversion-ruby-1.6.11-7.el5_6.3.i386.rpm x86_64: mod_dav_svn-1.6.11-7.el5_6.3.x86_64.rpm subversion-1.6.11-7.el5_6.3.i386.rpm subversion-1.6.11-7.el5_6.3.x86_64.rpm subversion-devel-1.6.11-7.el5_6.3.i386.rpm subversion-devel-1.6.11-7.el5_6.3.x86_64.rpm subversion-javahl-1.6.11-7.el5_6.3.x86_64.rpm subversion-perl-1.6.11-7.el5_6.3.x86_64.rpm subversion-ruby-1.6.11-7.el5_6.3.x86_64.rpm -Connie Sieh -Troy Dawson