subversion: Remote unauthenticated denial-of-service in Subversion mod_authz_svn (CVE-2020-17525)
A flaw was found in subversion versions 1.9.0 through 1.10.6 and 1.11.0 through 1.14.0. Subversion's mod_authz_svn module will crash if the server is using in-repository authz rules with the AuthzSVNReposRelativeAccessFile option and a client sends a request for a non-existing repository URL. This can lead to disruption for users of the service.
Fixed In Version:
Subversion 1.14.1, subversion 1.10.7
- master (7e0b94cf)