X-Recipient: archive-cygwin AT delorie DOT com
DomainKey-Signature: a=rsa-sha1; c=nofws; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:message-id:date:mime-version
	:content-type:content-transfer-encoding:reply-to; q=dns; s=
	default; b=kKjw6ZPWAi3270HlkBtU49NwNrc3NelDUOOFA933GBs/hjfgngi+1
	qzVdGDlHyBzl0oSDUuAofarPC7HQ6WkHJsQuZlD4OPgE09rPsXL+p+1BaElR+wqT
	KxozvQBxs9SoNtoMx3YUuw7igQML+2522/oe7Oo8ozM9kz5ngEtBEA=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=sourceware.org; h=list-id
	:list-unsubscribe:list-subscribe:list-archive:list-post
	:list-help:sender:to:from:subject:message-id:date:mime-version
	:content-type:content-transfer-encoding:reply-to; s=default; bh=
	aDYus4HjK3dEbKCNNBmhqOe1VGk=; b=RoOE5x2Q3NRxl5RWh02qgTNshlKIo/BO
	iiNiM10p6QruuDFhN92nGzar4Szz3cQO5hkvRXyz2o+H5cyy1ngVghn/dzNvAhYh
	5Enoy8gXPaWcfha67so3odjK29nda7bGW/ByVjEvxg66KqHfo5ykIcNmeu0CiqZc
	DoP0zvG94nM=
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id: <cygwin.cygwin.com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-HELO: localhost.localdomain
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.8 required=5.0 tests=AWL,BAYES_50,RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL autolearn=no version=3.3.2 spammy=liquid, angles, subversion, protocol
To: cygwin AT cygwin DOT com
From: David Rothenberger <daveroth AT acm DOT org>
Subject: [ANNOUNCEMENT] Updated: subversion-1.9.3-1
Message-Id: <announce.5671C740.7050004@acm.org>
Date: Wed, 16 Dec 2015 12:19:12 -0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
X-IsSubscribed: yes
Reply-To: cygwin AT cygwin DOT com

SECURITY:
=========
This release fixes two security issues:

    CVE-2015-5259:
    Remotely triggerable heap overflow and out-of-bounds read caused
    by integer overflow in the svn:// protocol parser.
    http://subversion.apache.org/security/CVE-2015-5259-advisory.txt

    CVE-2015-5343:
    Remotely triggerable heap overflow and out-of-bounds read in
    mod_dav_svn caused by integer overflow when parsing skel-encoded
    request bodies.
    http://subversion.apache.org/security/CVE-2015-5343-advisory.txt


NEWS:
=====
Please see the release notes

  http://subversion.apache.org/docs/release-notes/1.9.html

for more details about the changes in Subversion.

See

  http://svn.apache.org/repos/asf/subversion/tags/1.9.3/CHANGES

for more details about the changes in 1.9.3.


DESCRIPTION:
============
Subversion is a version control system designed to be a compelling
successor to CVS.

Please see

  http://svnbook.red-bean.com/nightly/en/index.html

for the latest official release of the Subversion Book.

QUESTIONS:
==========
If you want to make a point or ask a question the Cygwin mailing list is
the appropriate place.

-- 
David Rothenberger  ----  daveroth AT acm DOT org

Cats, no less liquid than their shadows, offer no angles to the wind.

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple