pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/devel/subversion

Module Name:    pkgsrc
Committed By:   ryoon
Date:           Sat Apr 13 12:57:40 UTC 2013

Modified Files:
        pkgsrc/devel/subversion: Makefile.version distinfo

Log Message:
Update to 1.7.9

Version 1.7.9
(04 Apr 2013, from /branches/1.7.x)
 User-visible changes
  - Client-side bugfixes:
    * improved error messages about svn:date and svn:author props. (r1440620)
    * fix local_relpath assertion (issue #4257)
    * fix memory leak in `svn log` over svn:// (r1458341)
    * fix incorrect authz failure when using neon http library (issue #4332)
    * fix segfault when using kwallet (r1421103)

  - Server-side bugfixes:
    * svnserve will log the replayed rev not the low-water rev. (r1461278)
    * mod_dav_svn will omit some property values for activity urls (r1453780)
    * fix an assertion in mod_dav_svn when acting as a proxy on / (issue #4272)
    * improve memory usage when committing properties in mod_dav_svn (r1443929)
    * fix svnrdump to load dump files with non-LF line endings (issue #4263)
    * fix assertion when rep-cache is inaccessible (r1422100)
    * improved logic in mod_dav_svn's implementation of lock. (r1455352)
    * avoid executing unnecessary code in log with limit (r1459599)

 Developer-visible changes:
  - General:
    * fix an assertion in dav_svn_get_repos_path() on Windows (r1425368)
    * fix to correctly download zlib (r13520131)
    * doxygen docs will now ignore prefixes when producing the index (r1429201)
    * fix on freebsd (r1423646)

  - Bindings:
    * javahl status api now respects the ignoreExternals boolean (r1435361)

This release addesses five security issues:
    CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
    CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
    CVE-2013-1847: mod_dav_svn crashes on LOCK requests against
non-existant URLs
    CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against
activity URLs
    CVE-2013-1884: mod_dav_svn crashes on out of range limit in log
REPORT request

To generate a diff of this commit:
cvs rdiff -u -r1.60 -r1.61 pkgsrc/devel/subversion/Makefile.version
cvs rdiff -u -r1.82 -r1.83 pkgsrc/devel/subversion/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index