CVE-2013-4246

Name of the Vulnerable Software and Affected Versions: Apache Subversion versions 1.8.x through 1.8.1

Description: The issue is related to incorrect access control in the libsvn fs fs/fs fs.c component of the centralized version control system. This can be exploited by a remote authenticated user with commit access to corrupt FSFS repositories, potentially leading to a denial of service or obtaining sensitive information by editing packed revision properties. The corruption of Subversion FSFS repositories can occur when packed revision properties are edited, specifically when one or more revision properties of a packed revision are set to new, larger values, causing a "pack file" in the repository to be split and potentially leading to the deletion of the wrong pack file, resulting in data loss of revision property data.

Recommendations: For Apache Subversion versions 1.8.x through 1.8.1, update to version 1.8.2 or later to resolve the issue.