Subversion 1.10.0 introduced server-side support for recursive directory listing operations. The implementation in mod_dav_svn failed to validate the root path of the directory listing provided by the client. If the client omits the root path, mod_dav_svn will deference an uninitialized pointer variable and crash the HTTPD worker process handling the request. References: https://subversion.apache.org/security/CVE-2018-11803-advisory.txt
Created subversion tracking bugs for this issue: Affects: fedora-all [bug 1671271]
Statement: This issue did not affect the versions of subversion as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue does not affect any Ansible Tower supported versions: 3.2, 3.3 or 3.4, as their system jobs don't use mod_dav_svn module.