| delorie.com/archives/browse.cgi | search |
| X-Recipient: | archive-cygwin AT delorie DOT com |
| DomainKey-Signature: | a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :content-type:content-transfer-encoding:reply-to; q=dns; s= | |
| default; b=ksSXIVn1dlZCIz6a+X5ETuiB8mr9cWN8P1U03wlx9/9s0Wiixp7P1 | |
| G0RRDNeJ/rEPkJh8iKmiPj6kEra7Mp2o9slgVaVTCdaTUSaaxdlfmO4b9EEQl8hJ | |
| K/TMrWCOPm4g7QLRHDqzjPtKAHqLP9Y/aSrljpnII/DuHiC2MZygN0= | |
| DKIM-Signature: | v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id |
| :list-unsubscribe:list-subscribe:list-archive:list-post | |
| :list-help:sender:message-id:date:from:mime-version:to:subject | |
| :content-type:content-transfer-encoding:reply-to; s=default; bh= | |
| QgHSr49YAbX/+DfbarIRUf8je7U=; b=SXgeFgfiIxdVbIGKljxK0DRJLT++DXts | |
| wwM+lNfR/5DrkAoUi4lVGtIiqOOLjyFF3jOxngQcXNwxxRxAo/7mBGUycWPmr+4f | |
| hQs5mKQGATBeV6N+i3il6IE1rNO5nKQkgJyVh/KDaAESRejN/odVEhSKmsnpWc6N | |
| j8FQCks+UXU= | |
| Mailing-List: | contact cygwin-help AT cygwin DOT com; run by ezmlm |
| List-Id: | <cygwin.cygwin.com> |
| List-Subscribe: | <mailto:cygwin-subscribe AT cygwin DOT com> |
| List-Archive: | <http://sourceware.org/ml/cygwin/> |
| List-Post: | <mailto:cygwin AT cygwin DOT com> |
| List-Help: | <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs> |
| Sender: | cygwin-owner AT cygwin DOT com |
| Mail-Followup-To: | cygwin AT cygwin DOT com |
| Delivered-To: | mailing list cygwin AT cygwin DOT com |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-HELO: | localhost.localdomain |
| Authentication-Results: | sourceware.org; auth=none |
| X-Virus-Found: | No |
| X-Spam-SWARE-Status: | No, score=1.5 required=5.0 tests=BAYES_50,RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL autolearn=no version=3.3.2 |
| Message-Id: | <announce.551F2932.6090608@acm.org> |
| Date: | Fri, 03 Apr 2015 16:58:42 -0700 |
| From: | David Rothenberger <daveroth AT acm DOT org> |
| User-Agent: | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 |
| MIME-Version: | 1.0 |
| To: | cygwin AT cygwin DOT com |
| Subject: | [ANNOUNCEMENT] Updated: subversion-1.8.13-1 |
| X-IsSubscribed: | yes |
| Reply-To: | cygwin AT cygwin DOT com |
This release addresses 3 security issues.
CVE-2015-0202: Subversion HTTP servers with FSFS repositories are
vulnerable to a remotely triggerable excessive memory
use with certain REPORT requests.
CVE-2015-0248: Subversion mod_dav_svn and svnserve are vulnerable to a
remotely triggerable assertion DoS vulnerability for certain
requests with dynamically evaluated revision numbers
CVE-2015-0251: Subversion HTTP servers allow spoofing svn:author property
values for new revisions
For details see the advisories at:
http://subversion.apache.org/security/CVE-2015-0202-advisory.txt
http://subversion.apache.org/security/CVE-2015-0248-advisory.txt
http://subversion.apache.org/security/CVE-2015-0251-advisory.txt
NEWS:
=====
See CHANGES (URL below) for more information about the differences
between 1.8.0 and previous Subversion releases.
IMPORTANT: Please read the release notes (URL below) before
upgrading from a previous major release. 1.8 includes a new working
copy format with a manual upgrade operation. This will render your
working copy unusable with previous major releases. Furthermore,
there are some issues trying to upgrade corrupt working copies.
Please see the release notes
http://subversion.apache.org/docs/release-notes/1.8.html
for more details about the changes in Subversion.
See
http://svn.apache.org/repos/asf/subversion/tags/1.8.13/CHANGES
for more details about the changes in 1.8.13.
This release changes mod_dav_svn to no longer map requests to the local
filesystem. Administrators of mod_dav_svn servers should read the
section about this in the release notes:
http://subversion.apache.org/docs/release-notes/1.8.html#mod_dav_svn-fsmap
DESCRIPTION:
============
Subversion is a version control system designed to be a compelling
successor to CVS.
Please see
http://svnbook.red-bean.com/nightly/en/index.html
for the latest official release of the Subversion Book.
QUESTIONS:
==========
If you want to make a point or ask a question the Cygwin mailing list is
the appropriate place.
--
David Rothenberger ---- daveroth AT acm DOT org
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
| webmaster | delorie software privacy |
| Copyright © 2019 by DJ Delorie | Updated Jul 2019 |