Updated subversion packages fix security vulnerabilities:

The mod_dav_svn module in Apache Subversion before 1.8.8, when
SVNListParentPath is enabled, allows remote attackers to cause a
denial of service (crash) via an OPTIONS request (CVE-2014-0032).

Ben Reser discovered that Subversion did not correctly validate SSL
certificates containing wildcards. A remote attacker could exploit this
to perform a man in the middle attack to view sensitive information
or alter encrypted communications (CVE-2014-3522).

Bert Huijben discovered that Subversion did not properly handle
cached credentials. A malicious server could possibly use this issue
to obtain credentials cached for a different server (CVE-2014-3528).

A NULL pointer dereference flaw was found in the way mod_dav_svn
handled REPORT requests. A remote, unauthenticated attacker could
use a crafted REPORT request to crash mod_dav_svn (CVE-2014-3580).

A NULL pointer dereference flaw was found in the way mod_dav_svn
handled URIs for virtual transaction names. A remote, unauthenticated
attacker could send a request for a virtual transaction name that
does not exist, causing mod_dav_svn to crash (CVE-2014-8108).