A bug in viewvc could allow remote users to obtain a really large request that could cause the server to use up excessive amounts of CPU and memory while processing the request . This has been corrected upstream  in v1.1.11 .
This affects current versions of viewvc as provided by Fedora and EPEL.
Created viewvc tracking bugs for this issue
Affects: fedora-all [bug 706275]
Affects: epel-all [bug 706276]
All supported versions of Fedora and EPEL currently provide viewvc 1.1.15, so this flaw has been resolved.