Bas van Schaik discovered that WebSVN, a tool to view Subversion repositories over the web, did not properly restrict access to private repositories, allowing a remote attacker to read significant parts of their content. The old stable distribution is not affected by this problem. For the stable distribution , this problem has been fixed in version 2.0-4+lenny1. For the unstable distribution , this problem has also been fixed in version 2.0-4+lenny1. We recommend that you upgrade your websvn package.