Stefan Esser notified us via vendor-sec on May02 how a malicious date/revision date can overflow a stack buffer in subversion 1.0.1 and earlier. This issue also affects FC1 This issue is embargoed until May19
public -> removing embargo
Fixed in -1.0.1-2.1 for FC2 and -0.32.1-2 for FC1: http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00018.html http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00017.html