An attacker could send crafted input to the Subversion mod_dav_svn module for Apache and cause it to crash.
Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.
29 March 2011
A security issue affects these releases of Ubuntu and its derivatives:
An attacker could send crafted input to the Subversion mod_dav_svn module for Apache and cause it to crash.
Philip Martin discovered that the Subversion mod_dav_svn module for Apache did not properly handle certain requests containing a lock token. A remote attacker could use this flaw to cause the service to crash, leading to a denial of service.
The problem can be corrected by updating your system to the following package versions:
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to restart any applications that use Subversion, such as Apache when using mod_dav_svn, to make all the necessary changes.