Subversion (SVN) is a concurrent version control system which enables oneor more users to collaborate in developing and maintaining a hierarchy offiles and directories while keeping a history of all changes. Themod_dav_svn module is used with the Apache HTTP Server to allow access toSubversion repositories via HTTP.A NULL pointer dereference flaw was found in the way the mod_dav_svn moduleprocessed certain requests to lock working copy paths in a repository. Aremote attacker could issue a lock request that could cause the httpdprocess serving the request to crash. (CVE-2011-0715)Red Hat would like to thank Hyrum Wright of the Apache Subversion projectfor reporting this issue. Upstream acknowledges Philip Martin, WANdisco,Inc. as the original reporter.This update also fixes the following bug:All Subversion users should upgrade to these updated packages, whichcontain backported patches to correct these issues. After installing theupdated packages, you must restart the httpd daemon, if you are usingmod_dav_svn, for the update to take effect.