A NULL pointer dereference flaw was found in the way mod_dav_svn module of the subversion concurrent version control system processed requests submitted against the URL of a baselined resource. A remote attacker could use this flaw to cause the httpd child process to crash. Acknowledgements: Red Hat would like to thank the Apache Subversion project for reporting this issue. Upstream acknowledges Joe Schaefer of Apache Software Foundation as the original reporter.
This issue affects the versions of the subversion package, as shipped with Red Hat Enterprise Linux 4, 5, and 6. -- This issue affects the versions of the subversion package, as shipped with Fedora release of 13, 14, and 15.
Public via: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
Created subversion tracking bugs for this issue Affects: fedora-all [bug 709952]
This issue has been addressed in following products: Red Hat Enterprise Linux 4 Via RHSA-2011:0861 https://rhn.redhat.com/errata/RHSA-2011-0861.html
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 Via RHSA-2011:0862 https://rhn.redhat.com/errata/RHSA-2011-0862.html