Synopsis:	Moderate: subversion security and bug fix update
Issue date:	2011-03-08
CVE Names:	CVE-2011-0715

A NULL pointer dereference flaw was found in the way the mod_dav_svn 
module processed certain requests to lock working copy paths in a 
repository. A remote attacker could issue a lock request that could 
cause the httpd process serving the request to crash. (CVE-2011-0715)

This update also fixes the following bug:

* A regression was found in the handling of repositories which do not 
have a "db/fsfs.conf" file. The "svnadmin hotcopy" command would fail 
when trying to produce a copy of such a repository. This command has 
been fixed to ignore the absence of the "fsfs.conf" file. The "svnadmin 
hotcopy" command will now succeed for this type of repository. (BZ#681522)

After installing the updated packages, you must restart the httpd 
daemon, if you are using mod_dav_svn, for the update to take effect.

SL 5.x

     SRPMS:
subversion-1.6.11-7.el5_6.3.src.rpm
     i386:
mod_dav_svn-1.6.11-7.el5_6.3.i386.rpm
subversion-1.6.11-7.el5_6.3.i386.rpm
subversion-devel-1.6.11-7.el5_6.3.i386.rpm
subversion-javahl-1.6.11-7.el5_6.3.i386.rpm
subversion-perl-1.6.11-7.el5_6.3.i386.rpm
subversion-ruby-1.6.11-7.el5_6.3.i386.rpm
     x86_64:
mod_dav_svn-1.6.11-7.el5_6.3.x86_64.rpm
subversion-1.6.11-7.el5_6.3.i386.rpm
subversion-1.6.11-7.el5_6.3.x86_64.rpm
subversion-devel-1.6.11-7.el5_6.3.i386.rpm
subversion-devel-1.6.11-7.el5_6.3.x86_64.rpm
subversion-javahl-1.6.11-7.el5_6.3.x86_64.rpm
subversion-perl-1.6.11-7.el5_6.3.x86_64.rpm
subversion-ruby-1.6.11-7.el5_6.3.x86_64.rpm

-Connie Sieh
-Troy Dawson