1
CVE-2010-3315: mod_dav_svn could give an authorized user more access
2
than he is configured to have, in certain rare configurations involving
3
the directive "SVNPathAuthz short_circuit", an optimization we do not
7
--- a/subversion/mod_dav_svn/authz.c
8
+++ b/subversion/mod_dav_svn/authz.c
10
allow_read_bypass = dav_svn__get_pathauthz_bypass(r);
11
if (allow_read_bypass != NULL)
13
- if (allow_read_bypass(r,path, repos->repo_name) == OK)
14
+ if (allow_read_bypass(r, path, repos->repo_basename) == OK)