Bug#271933: CAN-2004-0786: apr_uri_parse() buffer overflow
Justification: user security hole
Uniras has reported a vulnerability in apr-util:
"The identified vulnerability is in the apr-util library; the
apr_uri_parse function in the apr-util library lacks input validation on
IPv6 literal addresses, which can result in a negative length parameter
being passed to memcpy."
It's likely that this bug affects Subversion.