-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:085
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : subversion
 Date    : March 28, 2015
 Affected: Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Updated subversion packages fix security vulnerabilities:
 
 The mod_dav_svn module in Apache Subversion before 1.8.8, when
 SVNListParentPath is enabled, allows remote attackers to cause a
 denial of service (crash) via an OPTIONS request (CVE-2014-0032).
 
 Ben Reser discovered that Subversion did not correctly validate SSL
 certificates containing wildcards. A remote attacker could exploit this
 to perform a man in the middle attack to view sensitive information
 or alter encrypted communications (CVE-2014-3522).
 
 Bert Hu