A NULL pointer dereference flaw was found in the way mod_dav_svn, Apache httpd module for Subversion server, processed requests to lock working copy paths in the repository, when particular Subversion client, requesting the lock, was not previously authenticated to the Subversion server. A remote attacker could use this flaw to cause a denial of service (crash of particular httpd thread, serving the request). Acknowledgements: Red Hat would like to thank Hyrum Wright of the Apache Subversion project for reporting this issue. Upstream acknowledges Philip Martin, WANdisco, Inc. as the original reporter.
This issue did NOT affect the version of the subversion package, as shipped with Red Hat Enterprise Linux 4, as it did not include the lock working copy paths feature. This issue affects the versions of the subversion package, as shipped with Red Hat Enterprise Linux 5 and 6. -- This issue affects the versions of the subversion package, as shipped with Fedora release of 13 and 14.
This issue is now public: http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2011:0327 https://rhn.redhat.com/errata/RHSA-2011-0327.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:0328 https://rhn.redhat.com/errata/RHSA-2011-0328.html
Created subversion tracking bugs for this issue Affects: fedora-all [bug 683198]