diff --git a/SOURCES/subversion-1.10.2-CVE-2019-0203.patch b/SOURCES/subversion-1.10.2-CVE-2019-0203.patch
new file mode 100644
index 0000000..8a42a26
--- /dev/null
+++ b/SOURCES/subversion-1.10.2-CVE-2019-0203.patch
@@ -0,0 +1,31 @@
+diff --git a/subversion/svnserve/serve.c b/subversion/svnserve/serve.c
+index 5192e7c..6159e22 100644
+--- a/subversion/svnserve/serve.c
++++ b/subversion/svnserve/serve.c
+@@ -4101,7 +4101,7 @@ construct_server_baton(server_baton_t **baton,
+                        serve_params_t *params,
+                        apr_pool_t *scratch_pool)
+ {
+-  svn_error_t *err, *io_err;
++  svn_error_t *err;
+   apr_uint64_t ver;
+   const char *client_url, *ra_client_string, *client_string;
+   svn_ra_svn__list_t *caplist;
+@@ -4239,11 +4239,12 @@ construct_server_baton(server_baton_t **baton,
+     }
+   if (err)
+     {
+-      log_error(err, b);
+-      io_err = svn_ra_svn__write_cmd_failure(conn, scratch_pool, err);
+-      svn_error_clear(err);
+-      SVN_ERR(io_err);
+-      return svn_ra_svn__flush(conn, scratch_pool);
++      /* Report these errors to the client before closing the connection. */
++      err = svn_error_compose_create(err,
++              svn_ra_svn__write_cmd_failure(conn, scratch_pool, err));
++      err = svn_error_compose_create(err,
++              svn_ra_svn__flush(conn, scratch_pool));
++      return err;
+     }
+ 
+   SVN_ERR(svn_fs_get_uuid(b->repository->fs, &b->repository->uuid,
diff --git a/SPECS/subversion.spec b/SPECS/subversion.spec
index eff4596..48d58a1 100644
--- a/SPECS/subversion.spec
+++ b/SPECS/subversion.spec
@@ -37,7 +37,7 @@
 Summary: A Modern Concurrent Version Control System
 Name: subversion
 Version: 1.10.2
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: ASL 2.0
 Group: Development/Tools
 URL: https://subversion.apache.org/
@@ -54,6 +54,7 @@ Patch1: subversion-1.10.0-rpath.patch
 Patch2: subversion-1.10.0-pie.patch
 Patch4: subversion-1.8.0-rubybind.patch
 Patch5: subversion-1.8.5-swigplWall.patch
+Patch6: subversion-1.10.2-CVE-2019-0203.patch
 BuildRequires: autoconf, libtool, texinfo, which
 BuildRequires: swig >= 1.3.24, gettext
 %if %{with bdb}
@@ -220,6 +221,7 @@ This package includes supplementary tools for use with Subversion.
 %patch2 -p1 -b .pie
 %patch4 -p1 -b .rubybind
 %patch5 -p1 -b .swigplWall
+%patch6 -p1 -b .cve0203
 
 %build
 # Regenerate the buildsystem, so that:
@@ -542,6 +544,13 @@ make check-javahl
 %endif
 
 %changelog
+* Wed Aug  7 2019 Joe Orton <jorton@redhat.com> - 1.10.2-2
+- rebuild to ensure NVR ordering (#1696354)
+
+* Thu Aug 01 2019 Lubos Uhliarik <luhliari@redhat.com> - 1.10.2-1.1
+- Resolves: #1733442 - CVE-2019-0203 subversion:1.10/subversion: remote
+  unauthenticated denial-of-service in subversion svnserve
+
 * Fri Jul 20 2018 Joe Orton <jorton@redhat.com> - 1.10.2-1
 - update to 1.10.2 (#1603197)