-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:192
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : subversion
Date : April 3, 2015
Affected: Business Server 1.0, Business Server 2.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in
subversion:
Subversion HTTP servers with FSFS repositories are vulnerable to a
remotely triggerable excessive memory use with certain REPORT requests
(CVE-2015-0202).
Subversion mod_dav_svn and svnserve are vulnerable to a remotely
triggerable assertion DoS vulnerability for certain requests with
dynamically evaluated revision numbers (CVE-2015-0248).
Subversion HTTP servers allow spoofing svn:author property values
for new revisio