Subversion versions up to and including 1.0.5 have a bug in
mod_authz_svn that allows users with write access to read
portions of the repository that they do not have read access
to.  Subversion 1.0.6 and newer (including 1.1.0-rc1) are not
vulnerable to this issue.

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=128222
http://svn.collab.net/repos/svn/tags/1.0.6/CHANGES
http://subversion.tigris.org/servlets/NewsItemView?newsItemID=832



------- Additional Comments From dom 2004-09-07 14:22:33 ----

see also bug 1748.



------- Additional Comments From marcdeslauriers 2004-09-18 17:21:57 ----

This is a minor issue. Distros have not released updates for older versions of this.

We should stick with bug 1748.

I am closing this, if anyone thinks otherwise, it can be re-opened.



------- Bug moved to this database by dkl 2005-03-30 18:26 -------

This bug previously known as bug 1907 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=1907
Originally filed under the Fedora Legacy product and Package request component.

Unknown priority P2. Setting to default priority "normal".
Unknown platform PC. Setting to default platform "All".
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.