Mandriva Linux Security Advisory 2010-199 – authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not properly handle a named repository as a rule scope, which allows remote authenticated users to bypass intended access restrictions via svn commands.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/94678/MDVSA-2010-199.txt
Source: https://packetstormsecurity.com/files/94678/Mandriva-Linux-Security-Advisory-2010-199.html