[BSA-026] Security Update for subversion
-----BEGIN PGP SIGNED MESSAGE-----
Peter Samuelson uploaded new packages for subversion which fixed the
following security problems:
Subversion's mod_dav_svn Apache HTTPD server module will dereference
a NULL pointer if a lock token is sent in a HTTP request by a
Subversion client which has not authenticated to the server.
For the lenny-backports distribution the problems have been fixed in
For the stable distribution (squeeze) the problems have been fixed in
For the unstable distribution (sid) the problems have been fixed in
version 1.6.16dfsg-1. This version is expected to be migrated to the
testing distribution (wheezy) shortly.
If you don't use pinning (see ) you have to update the package
manually via "apt-get -t lenny-backports install <packagelist>" with
the packagelist of your installed packages affected by this update.
We recommend to pin (in /etc/apt/preferences) the backports repository
to 200 so that new versions of installed backports will be installed
Pin: release a=lenny-backports
Michael Diers, elego Software Solutions GmbH, http://www.elego.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----