X-Recipient: archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status: No, hits=-2.9 required=5.0	tests=ALL_TRUSTED,AWL,BAYES_00,TW_SV
X-Spam-Check-By: sourceware.org
X-SWARE-Spam-Status: No, hits=-0.2 required=5.0	tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,TW_SV
Message-Id: <announce.4DF251DE.5060208@acm.org>
Date: Fri, 10 Jun 2011 10:18:22 -0700
From: David Rothenberger <daveroth AT acm DOT org>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
MIME-Version: 1.0
To: cygwin AT cygwin DOT com
Subject: [ANNOUNCEMENT] [SECURITY] Updated: subversion-1.6.17-1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Reply-To: cygwin AT cygwin DOT com
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

A new version of subversion is available. This is a new upstream
release.

NEWS:
=====
See CHANGES (URL below) for more information about the differences
between 1.6.17 and previous Subversion releases.

This release addesses three security issues:
    CVE-2011-1752: Server NULL-pointer dereference
    CVE-2011-1783: Server memory exhaustion
    CVE-2011-1921: mod_dav_svn exposure of unreadable paths

More information on these vulnerabilities, including the relevent advisories
and potential attack vectors and workarounds, can be found on the Subversion
security website:
    http://subversion.apache.org/security/

IMPORTANT: This release will silently upgrade your Subversion
working copies to the 1.6 format, rendering them unusable with
previous major versions of Subversion.

Please see the release notes

  http://subversion.apache.org/docs/release-notes/1.6.html

for more details about the changes in Subversion.

See

  http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES

for more details about the changes in 1.6.17.

DESCRIPTION:
============
Subversion is a version control system designed to be a compelling
successor to CVS.

Please see 

  http://svnbook.red-bean.com/en/1.5/index.html

for the latest official release of the Subversion Book, covering 1.5
or

  http://svnbook.red-bean.com/nightly/en/index.html

for the WIP version of the book covering 1.6.

DOWNLOAD:
=========
Note that downloads from sourceware.org (aka cygwin.com) aren't
allowed due to bandwidth limitations.  This means that you will need
to find a mirror which has this update, please choose the one
nearest to you: http://cygwin.com/mirrors.html

QUESTIONS:
==========
If you want to make a point or ask a question the Cygwin mailing list is
the appropriate place.

CYGWIN-ANNOUNCE UNSUBSCRIBE INFO:
=================================
To unsubscribe to the cygwin-announce mailing list, look at the
"List-Unsubscribe: " tag in the email header of this message.  Send
email to the address specified there.  It will be in the format:

cygwin-announce-unsubscribe-YOU=YOURDOMAIN DOT COM AT cygwin DOT com

If you need more information on unsubscribing, start reading here:

http://sourceware.org/lists.html#unsubscribe-simple

Please read *all* of the information on unsubscribing that is available
starting at this URL.

-- 
David Rothenberger  ----  daveroth AT acm DOT org

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple