HCE2-SA-2024-0182 Important HCE 2.0 Security Fix(es): Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal _x27;copyfrom_x27; paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the _x27;copyfrom_x27; path of the original. This also reveals the fact that the node was copied. Only the _x27;copyfrom_x27; path is revealed; not its contents. Both httpd and svnserve servers are vulnerable. (CVE-2021-28544) Subversion_x27;s mod_dav_svn is vulnerable to memory corruption. While looking up path-based authorization rules, mod_dav_svn servers may attempt to use memory which has already been freed. Affected Subversion mod_dav_svn servers 1.10.0 through 1.14.1 (inclusive). Servers that do not use mod_dav_svn are not affected. (CVE-2022-24070) HCE 2.0 perl-subversion-1.14.1-1.r2.hce2.aarch64.rpm python3-subversion-1.14.1-1.r2.hce2.aarch64.rpm ruby-subversion-1.14.1-1.r2.hce2.aarch64.rpm subversion-1.14.1-1.r2.hce2.aarch64.rpm subversion-devel-1.14.1-1.r2.hce2.aarch64.rpm subversion-help-1.14.1-1.r2.hce2.noarch.rpm perl-subversion-1.14.1-1.r2.hce2.x86_64.rpm python3-subversion-1.14.1-1.r2.hce2.x86_64.rpm ruby-subversion-1.14.1-1.r2.hce2.x86_64.rpm subversion-1.14.1-1.r2.hce2.x86_64.rpm subversion-devel-1.14.1-1.r2.hce2.x86_64.rpm subversion-help-1.14.1-1.r2.hce2.noarch.rpm