I suppose it would be listed here if anyone was working on it: https://people.canonical.com/~ubuntu-archive/pending-sru.html
Debian has patched "sid" and "buster": https://security-tracker.debian.org/tracker/CVE-2020-17525 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1915698 Title: Apache Subversion "mod_authz_svn" Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/subversion/+bug/1915698/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
