2015-08-13 22:47:42 by Adam Ciarcinski | Files touched by this commit (13) |
Log message:
Version 1.9.0
User-visible changes:
- General:
* make all commands provide brief description in help output (r1522518)
* flush stdout before exiting to avoid information being lost (r1543868)
- Major new features:
* fsfs: new format 7 with more efficient on-disk layout (r1547045 et al)
* resolve: improve interactive conflict resolution menus
* blame: support showing prospective as well as previous changes
* info: support printing of individual values with --show-item (r1662620)
* svn auth: new subcommand to manage cached credentials and certs
* svnserve: cache config and authz to lower resource usage and be able to
serve large numbers of connections with a limited number of threads
* membuffer: quadruple the maximum cacheable directory size (r1545948 et al)
* new filesystem fsx (faster, smaller); experimental - see release notes
- Minor new features and improvements:
See http://svn.apache.org/repos/asf/subversion/tags/1.9.0/CHANGES
|
2015-06-12 12:52:19 by Thomas Klausner | Files touched by this commit (3152) |
Log message:
Recursive PKGREVISION bump for all packages mentioning 'perl',
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
|
2015-03-31 22:32:11 by Adam Ciarcinski | Files touched by this commit (3) |
Log message:
Changes 1.8.13:
This release addresses 3 security issues.
CVE-2015-0202: Subversion HTTP servers with FSFS repositories are
vulnerable to a remotely triggerable excessive memory
use with certain REPORT requests.
CVE-2015-0248: Subversion mod_dav_svn and svnserve are vulnerable to a
remotely triggerable assertion DoS vulnerability for certain
requests with dynamically evaluated revision numbers
CVE-2015-0251: Subversion HTTP servers allow spoofing svn:author property
values for new revisions
|
2014-12-20 10:22:57 by OBATA Akio | Files touched by this commit (3) | |
Log message:
Update subversion to 1.8.11.
This release addresses two security issues:
CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests.
CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names.
Version 1.8.11
(15 Dec 2014, from /branches/1.8.x)
http://svn.apache.org/repos/asf/subversion/tags/1.8.10
User-visible changes:
- Client-side bugfixes:
* checkout/update: fix file externals failing to follow history and
subsequently silently failing (issue #4185)
* patch: don't skip targets in valid --git difs (r1592014, r1592034)
* diff: make property output in diffs stable (r1589360)
* diff: fix diff of local copied directory with props (r1619380, r1619393)
* diff: fix changelist filter for repos-WC and WC-WC (r1621978, r1621981)
* remove broken conflict resolver menu options that always error out
(r1620332)
* improve gpg-agent support (r1600331, r1600348, 1600368, r1600563,
r1600781)
* fix crash in eclipse IDE with GNOME Keyring (issue #3498)
* fix externals shadowing a versioned directory (issue #4085)
* fix problems working on unix file systems that don't support
permissions (r1612225)
* upgrade: keep external registrations (issue #4519)
* cleanup: iprove performance of recorded timestamp fixups (r1633126)
* translation updates for German
- Server-side bugfixes:
* disable revprop caching feature due to cache invalidation problems
(r1543594, r1619774, r1619105, r1619118, r1619153, r1619802)
* skip generating uniquifiers if rep-sharing is not supported (r1561426)
* mod_dav_svn: reject requests with missing repository paths (r1643409)
* mod_dav_svn: reject requests with invalid virtual transaction names
(r1643437)
* mod_dav_svn: avoid unneeded memory growth in resource walking
(issue #4531)
Developer-visible changes:
- General:
* make sure all members of the repos layer notify struct are valid,
fixes crashes in API users using all members (r1616131)
* properly generate a version resource when building on Windows (r1542610,
r1564576, r1568180)
* fix LIBTOOL_M4 and LIBTOOL_CONFIG variable not be evaluated properly
during a unix build (r1637826)
* allow the use of libtool 2.4.3 (r1640862, r1640873, r1643793)
|
2014-08-13 11:08:55 by Adam Ciarcinski | Files touched by this commit (5) |
Log message:
Changes 1.8.10:
This release addresses two security issues:
CVE-2014-3522: ra_serf improper validation of wildcards in SSL certs.
CVE-2014-3528: credentials cached with svn may be sent to wrong server.
|
2014-05-30 01:38:20 by Thomas Klausner | Files touched by this commit (3049) |
Log message:
Bump for perl-5.20.0.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
|
2014-05-18 13:43:51 by Adam Ciarcinski | Files touched by this commit (10) | |
Log message:
Changes 1.8.9:
User-visible changes:
- Client-side bugfixes:
* log: use proper peg revision over DAV (r1568872)
* upgrade: allow upgrading from 1.7 with exclusive locks (r1572102 et al)
* proplist: resolve inconsitent inherited property results (r1575270 et al)
* increase minimal timestamp sleep from 1ms to 10ms (r1581305 et al)
* merge: automatic merge confused by subtree merge (issue 4481)
* propget: report proper error on invalid revision for url (r1586255)
* commit: fix an assertion when committing a deleted descendant
(r1571747, r1571787, r1571795)
* merge: resolve segfault when '--force' merges a directory delete
(r1577812, r1577813, r1579429)
* resolve: prevent interactive conflict resolution when nothing has been
done to resolve the conflict (r1577294)
* update: fix locks lost from wc with pre-1.6.17 servers (issue 4412)
* merge: honor the 'preserved-conflict-file-exts' setting (r1577151)
* list: fix '--verbose' against older servers (r1591111)
* unlock: fix ability to remove locks with timeouts (r1579588)
* copy: fix 'svn copy URL WC' on relocated working copies
(r1580626, r1580650)
* export: allow file externals to be exported (issue 4427)
* move: fix working copy db inconsistency in cert scenarios (issue 4437)
* commit: fix an issue where mixed revision copy with non copy descendants
that shadow a not present node couldn't be committed (r1518942 et al)
* delete: properly remove move_to info when the node in its original
location is removed (r1538812 et al)
* status; fix an issue where output would vary based on if the target
was the node itself or its parent (r1544597 et al)
- Server-side bugfixes:
* ensure proper access synchronization in fsfs on Windows (r1568953 et al)
* svnadmin dump: don't let invalid mergeinfo stop dump (r1574868 et al)
* svnserve: resolve performance regression caused by iprops (r1578853 et al)
* reduce size of memory buffer when reading config files (r1581296)
* remove dead transaction if commit was blocked by hook (r1583977)
* svnrdump load: fix crash when svn:* normalization (issue 4490)
* fix memcached support (issue 4470)
* svndumpfilter: fix order of node record headers (r1578670 et al)
* mod_dav_svn: blacklist building with broken versions of httpd; 2.2.25,
2.4.5 and 2.4.6 (r1545835)
* mod_dav_svn: allow generic DAV clients to refresh locks (issue 3515)
* mod_dav_svn: detect out of dateness correctly during commit (issue 4480)
Developer-visible changes:
- General:
* improve consistency checks of DAV inherited property requests (r1498000)
* fix ocassional failure in autoprop_tests.py (r1567752)
* avoid duplicate sqlite analyze information rows (r1571214)
* add Mavericks to our sysinfo output (r1573088)
* bump copyright years to 2014 (r1555403)
* unbreak test suite when running as root (r1583580)
* resolve buffer overflow in testcode (r1481782)
* fix libmagic detection with custom LDFLAGS (r1577200)
* fix an out of scope variable use in merge (r1587946)
* javahl: fix crash from resolve callback throwing an exception (r1586439)
* ruby: fix two memory lifetime bugs (r1586052, r1586467)
* fix a missing null byte when handling old pre-1.4 deltas (r1587968)
* fix building with APR 0.9.x (r1585499)
* make svn_ra_get_locks() and svn_ra_get_lock() report not locked nodes
with a NULL svn_lock_t *, as documented (r1578273, r1578311, r1578326)
* fix tests for compiler flags
|
2014-05-17 18:10:50 by Thomas Klausner | Files touched by this commit (152) |
Log message:
Bump applications PKGREVISIONs for python users that might be using
python3, since the default changed from python33 to python34.
I probably bumped too many. I hope I got them all.
|
2014-02-23 11:01:51 by Adam Ciarcinski | Files touched by this commit (1) |
Log message:
Removed patch-subversion_include_svn_auth.h
|
2014-02-23 10:59:19 by Adam Ciarcinski | Files touched by this commit (8) | |
Log message:
Changes 1.8.8:
User-visible changes:
- Client-side bugfixes:
* use CryptoAPI to validate intermediary certificates on Windows (r1564623)
* fix automatic relocate for wcs not at repository root (r1541638 et al)
* diff: fix when target is a drive root on Windows (r1541635)
* wc: improve performance when used with SQLite 3.8 (r1542765)
* copy: fix some scenarios that broke the working copy (r1560690)
* move: fix errors when moving files between an external and the parent
working copy (r1551524, r1551579)
* log: resolve performance regression in certain scenarios (r1553101 et al)
* merge: decrease work to detect differences between 3 files (r1548486)
* checkout: don't require flush support for symlinks on Windows (r1547774)
* commit: don't change file permissions inappropriately (issue 4440)
* commit: fix assertion due to invalid pool lifetime (r1553376 et al)
* version: don't cut off the distribution version on Linux (r1544878 et al)
* flush stdout before exiting to avoid information being lost (r1499470)
* status: fix missing sentinel value on warning codes (r1543145)
* update/switch: improve some WC db queries that may return incorrect
results depending on how SQLite is built (r1567109)
- Server-side bugfixes:
* reduce memory usage during checkout and export (r1564215)
* fsfs: create rep-cache.db with proper permissions (issue 3437)
* mod_dav_svn: prevent crashes with SVNListParentPath on (CVE-2014-0032)
* mod_dav_svn: fix SVNAllowBulkUpdates directive merging (r1548105)
* mod_dav_svn: include requested property changes in reports (r1557522)
* svnserve: correct default cache size in help text (r1563110)
* svnadmin dump: reduce size of dump files with '--deltas' (r1554978)
* resolve integer underflow that resulted in infinite loops (r1567985)
Developer-visible changes:
- General:
* fix ocassional failure of check_tests.py 12 (r1496127 et al)
* fix failure with SQLite 3.8.1-3.8.3 when built with
SQLITE_ENABLE_STAT3/4 due to bug in SQLite (r1567286, r1567392)
* specify SQLite defaults that can be changed when SQLite is built
to avoid unexpected behavior with Subversion (r1567064)
- API changes:
* numerous documentation fixes
* svn_client_commit_item3_dup() fix pool lifetime issues (r1550803)
* ra_serf: properly ask multiple certificate validation providers for
acceptance of certificate failures (r1535532)
* release internal fs objects when closing commit editor (r1555499)
* svn_client_proplist4() don't call the callback multiple times for
the same path in order to deliver inherited properties (r1549858 et al)
- Bindings:
* javahl: make test suite run without installing on OS X (r1535115)
* swig: fix building out of tarball on OS X (r1555654)
* swig-pl: fix with --enable-sqlite-compatibility-version (r1559009)
* swig: fix building bindings on OS X when APR has the -no-cpp-precomp
flag in the apr-config --cppflags output. (r1535610)
* swig: fix building from tarball with an out-of-tree build (r1543187)
|