Subversion versions up to and including 1.0.5 have a bug in
mod_authz_svn that allows users with write access to read
portions of the repository that they do not have read access
to. Subversion 1.0.6 and newer (including 1.1.0-rc1) are not
vulnerable to this issue.
More information here:
This issue also affects FC1.
Fixed for FC2, FEDORA-2004-231. Minor issue for FC1, won't fix