pkgsrc.se | The NetBSD package collection

./devel/p5-subversion, Perl bindings for Subversion

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.14.5, Package name: p5-subversion-1.14.5, Maintainer: pkgsrc-users

The goal of the Subversion project is to build a version control system that
is a compelling replacement for CVS in the open source community. The software
is released under an Apache/BSD-style open source license.

This package contains the Perl bindings to the Subversion libraries.

Required to run:
[www/serf] [lang/perl5] [devel/subversion-base] [archivers/lz4] [converters/utf8proc]

Required to build:
[pkgtools/cwrappers]

Package options: serf

Master sites:

Filesize: 8472.026 KB

Version history: (Expand)

(2024-12-31) Updated to version: p5-subversion-1.14.5
(2024-11-16) Updated to version: p5-subversion-1.14.4nb4
(2024-11-15) Updated to version: p5-subversion-1.14.4nb3
(2024-11-01) Updated to version: p5-subversion-1.14.4nb2
(2024-11-01) Updated to version: p5-subversion-1.14.4nb1
(2024-10-10) Updated to version: p5-subversion-1.14.4

CVS history: (Expand)

2025-04-17 23:53:13 by Thomas Klausner | Files touched by this commit (2449)

Log message:
*: recursive bump for icu 77 and libxml2 2.14

2024-12-31 18:33:17 by Adam Ciarcinski | Files touched by this commit (9) | Package updated

Log message:
subversion: updated to 1.14.5

Apache Subversion 1.14.5. This is a stable bugfix and security release of the
Apache Subversion open source version control system. Among regular bug fixes,
this release fixes CVE-2024-46901: mod_dav_svn denial-of-service via control
characters in paths It has been discovered that the patch for CVE-2013-1968
was incomplete and unintentionally left mod_dav_svn vulnerable to control
characters in filenames. If a path or a revision-property which contains
control characters is committed to a repository then SVN operations served by
mod_dav_svn can be disrupted.

2024-11-16 13:08:07 by Thomas Klausner | Files touched by this commit (2504)

Log message:
*: recursive bump for perl 5.40

2024-11-14 23:22:33 by Thomas Klausner | Files touched by this commit (2428)

Log message:
*: recursive bump for icu 76 shlib major version bump

2024-11-01 13:55:19 by Thomas Klausner | Files touched by this commit (2425)

Log message:
*: revbump for icu downgrade

2024-11-01 01:54:33 by Thomas Klausner | Files touched by this commit (2426)

Log message:
*: recursive bump for icu 76.1 shlib bump

2024-10-09 23:15:43 by Benny Siegert | Files touched by this commit (9) | Package updated

Log message:
subversion: update to 1.14.4

This is a security release but the issue is Windows-only AFAICT.

This is a stable bugfix and security release of the Apache Subversion
open source version control system.

Among regular bug fixes, this release fixes CVE-2024-45720:

   Subversion command line argument injection on Windows platforms

   On Windows platforms, a "best fit" character encoding conversion of
   command line arguments to Subversion's executables (e.g., svn.exe,
   etc.) may lead to unexpected command line argument interpretation,
   including argument injection and execution of other programs, if a
   specially crafted command line argument string is processed.

   UNIX-like platforms are not affected.

   Reported by:
   Orange Tsai and splitline from DEVCORE Research Team

   Full advisory:
   https://subversion.apache.org/security/CVE-2024-45720-advisory.txt
   https://subversion.apache.org/security/CVE-2024-45720-advisory.txt.asc

2024-05-29 18:35:19 by Adam Ciarcinski | Files touched by this commit (1928) | Package updated

Log message:
revbump after icu and protobuf updates