Debian Linux Security Advisory 2118-1 - Kamesh Jayachandran and C. Michael Pilat discovered that the mod_dav_svn module of subversion, a version control system, is not properly enforcing access rules which are scope-limited to named repositories. If the SVNPathAuthz option is set to "short_circuit" set this may enable an unprivileged attacker to bypass intended access restrictions and disclose or modify repository content.
becf445f09e09cb6217b01a48324f62f562360bee3c71eb67d6592ff061444c6