diff -u subversion-1.8.10/debian/changelog subversion-1.8.10/debian/changelog
--- subversion-1.8.10/debian/changelog
+++ subversion-1.8.10/debian/changelog
@@ -1,3 +1,24 @@
+subversion (1.8.10-5ubuntu1) vivid; urgency=medium
+
+  * Resynchronise with Debian.  Remaining changes:
+    - debian/rules: Manually create the doxygen output directory, otherwise
+      we get weird build failures when running parallel builds.
+    - Build a python-subversion-dbg package.
+    - Build-depend on python-all-dbg.
+    - Only build on requested python versions (X-Python-Versions:).
+    - debian/patches/verbose-tests.diff: Make tests verbose.
+
+ -- Colin Watson <cjwatson@ubuntu.com>  Sun, 04 Jan 2015 21:49:36 +0000
+
+subversion (1.8.10-5) unstable; urgency=medium
+
+  * patches/CVE-2014-8108: mod_dav_svn DoS vulnerability with invalid virtual
+    transaction names  (Closes: #773315)
+  * patches/CVE-2014-3580: mod_dav_svn DoS vulnerability with invalid REPORT
+    requests (Closes: #773263)
+
+ -- James McCoy <jamessan@debian.org>  Wed, 17 Dec 2014 00:11:03 -0500
+
 subversion (1.8.10-4ubuntu1) vivid; urgency=medium
 
   * Resynchronise with Debian.  Remaining changes:
diff -u subversion-1.8.10/debian/patches/series subversion-1.8.10/debian/patches/series
--- subversion-1.8.10/debian/patches/series
+++ subversion-1.8.10/debian/patches/series
@@ -20,0 +21,2 @@
+CVE-2014-3580
+CVE-2014-8108
only in patch2:
unchanged:
--- subversion-1.8.10.orig/debian/patches/CVE-2014-3580
+++ subversion-1.8.10/debian/patches/CVE-2014-3580
@@ -0,0 +1,102 @@
+Subject: Correctly reject requests with missing repo paths
+Origin: upstream, r1643454
+Bug: CVE-2014-3850
+Bug-Debian: https://bugs.debian.org/773263
+Index: subversion/mod_dav_svn/reports/deleted-rev.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/deleted-rev.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/deleted-rev.c	(working copy)
+@@ -56,6 +56,9 @@ dav_svn__get_deleted_rev_report(const dav_resource
+   dav_error *derr = NULL;
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   if (ns == -1)
+     return dav_svn__new_error_tag(resource->pool, HTTP_BAD_REQUEST, 0,
+Index: subversion/mod_dav_svn/reports/file-revs.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/file-revs.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/file-revs.c	(working copy)
+@@ -254,6 +254,9 @@ dav_svn__file_revs_report(const dav_resource *reso
+   arb.repos = resource->info->repos;
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   /* ### This is done on other places, but the document element is
+      in this namespace, so is this necessary at all? */
+Index: subversion/mod_dav_svn/reports/get-location-segments.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/get-location-segments.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/get-location-segments.c	(working copy)
+@@ -123,6 +123,9 @@ dav_svn__get_location_segments_report(const dav_re
+   struct location_segment_baton location_segment_baton;
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   if (ns == -1)
+     {
+Index: subversion/mod_dav_svn/reports/get-locations.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/get-locations.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/get-locations.c	(working copy)
+@@ -106,6 +106,9 @@ dav_svn__get_locations_report(const dav_resource *
+                                       sizeof(svn_revnum_t));
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   if (ns == -1)
+     {
+Index: subversion/mod_dav_svn/reports/inherited-props.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/inherited-props.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/inherited-props.c	(working copy)
+@@ -63,6 +63,9 @@ dav_svn__get_inherited_props_report(const dav_reso
+   apr_pool_t *iterpool;
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   if (ns == -1)
+     {
+Index: subversion/mod_dav_svn/reports/log.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/log.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/log.c	(working copy)
+@@ -307,6 +307,9 @@ dav_svn__log_report(const dav_resource *resource,
+     = apr_array_make(resource->pool, 1, sizeof(const char *));
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   if (ns == -1)
+     {
+Index: subversion/mod_dav_svn/reports/mergeinfo.c
+===================================================================
+--- a/subversion/mod_dav_svn/reports/mergeinfo.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/reports/mergeinfo.c	(working copy)
+@@ -67,6 +67,9 @@ dav_svn__get_mergeinfo_report(const dav_resource *
+     = apr_array_make(resource->pool, 0, sizeof(const char *));
+ 
+   /* Sanity check. */
++  if (!resource->info->repos_path)
++    return dav_svn__new_error(resource->pool, HTTP_BAD_REQUEST, 0,
++                              "The request does not specify a repository path");
+   ns = dav_svn__find_ns(doc->namespaces, SVN_XML_NAMESPACE);
+   if (ns == -1)
+     {
only in patch2:
unchanged:
--- subversion-1.8.10.orig/debian/patches/CVE-2014-8108
+++ subversion-1.8.10/debian/patches/CVE-2014-8108
@@ -0,0 +1,56 @@
+Subject: Correctly reject requests with invalid virtual transaction names.
+Origin: upstream, r1643455
+Bug: CVE-2014-8108
+Bug-Debian: https://bugs.debian.org/773315
+Index: subversion/mod_dav_svn/repos.c
+===================================================================
+--- a/subversion/mod_dav_svn/repos.c	(revision 1624477)
++++ b/subversion/mod_dav_svn/repos.c	(working copy)
+@@ -508,6 +508,9 @@ parse_vtxnstub_uri(dav_resource_combined *comb,
+   if (parse_txnstub_uri(comb, path, label, use_checked_in))
+     return TRUE;
+ 
++  if (!comb->priv.root.txn_name)
++    return TRUE;
++
+   comb->priv.root.vtxn_name = comb->priv.root.txn_name;
+   comb->priv.root.txn_name = dav_svn__get_txn(comb->priv.repos,
+                                               comb->priv.root.vtxn_name);
+@@ -576,6 +579,9 @@ parse_vtxnroot_uri(dav_resource_combined *comb,
+   if (parse_txnroot_uri(comb, path, label, use_checked_in))
+     return TRUE;
+ 
++  if (!comb->priv.root.txn_name)
++    return TRUE;
++
+   comb->priv.root.vtxn_name = comb->priv.root.txn_name;
+   comb->priv.root.txn_name = dav_svn__get_txn(comb->priv.repos,
+                                               comb->priv.root.vtxn_name);
+@@ -921,6 +927,10 @@ prep_working(dav_resource_combined *comb)
+      point. */
+   if (txn_name == NULL)
+     {
++      if (!comb->priv.root.activity_id)
++        return dav_svn__new_error(comb->res.pool, HTTP_BAD_REQUEST, 0,
++                                  "The request did not specify an activity ID");
++
+       txn_name = dav_svn__get_txn(comb->priv.repos,
+                                   comb->priv.root.activity_id);
+       if (txn_name == NULL)
+@@ -1031,9 +1041,14 @@ prep_working(dav_resource_combined *comb)
+ static dav_error *
+ prep_activity(dav_resource_combined *comb)
+ {
+-  const char *txn_name = dav_svn__get_txn(comb->priv.repos,
+-                                          comb->priv.root.activity_id);
++  const char *txn_name;
+ 
++  if (!comb->priv.root.activity_id)
++    return dav_svn__new_error(comb->res.pool, HTTP_BAD_REQUEST, 0,
++                              "The request did not specify an activity ID");
++
++  txn_name = dav_svn__get_txn(comb->priv.repos, comb->priv.root.activity_id);
++
+   comb->priv.root.txn_name = txn_name;
+   comb->res.exists = txn_name != NULL;
+