Path to this page:
Subject: CVS commit: [pkgsrc-2009Q2] pkgsrc/devel/subversion
From: Matthias Scheler
Date: 2009-08-07 13:09:47
Message id: 20090807110947.6FE64175D0@cvs.netbsd.org
Log Message:
Pullup ticket #2853 - requested by gdt
ap22-subversion: security update
p5-subversion: security update
py25-subversion: security update
ruby18-subversion: security update
subversion-base: security update
subversion: security update
Revisions pulled up:
- devel/subversion/Makefile.common 1.33
- devel/subversion/Makefile.version 1.51
- devel/subversion/distinfo 1.72
---
Module Name: pkgsrc
Committed By: gdt
Date: Thu Aug 6 22:08:56 UTC 2009
Modified Files:
pkgsrc/devel/subversion: Makefile.common Makefile.version distinfo
Log Message:
Update to 1.6.4, a security release.
Version 1.6.4
(06 Aug 2009, from /branches/1.6.x)
http://svn.collab.net/repos/svn/tags/1.6.4
User-visible changes:
* fixed: heap overflow vulnerability on server and client
See CVE-2009-2411, and descriptive advisory at
http://subversion.tigris.org/security/CVE-2009-2411-advisory.txt
Version 1.6.3
(22 Jun 2009, from /branches/1.6.x)
http://svn.collab.net/repos/svn/tags/1.6.3
User-visible changes:
* fix segfault in WC->URL copy (r37646, -56)
* let 'svnadmin load' tolerate mergeinfo with "\r\n" (r37768)
* make svnsync normalize svn:* props to LF line endings (issue #3404)
* better integration with external merge tools (r36178)
* return a friendly error message for 'svn diff' (r37735)
* update dsvn.el for 1.6 (r37774)
* don't allow setting of props on out-of-date dirs under neon (r37745)
* improve BASH completion (r36450, -52, -70, -79, -538)
* always show tree conflicts with 'svn st' (issue #3382)
* improve correctness of 'svn mergeinfo' (issue #3126)
* decrease the amount of memory needed for large commits (r37894, -6)
* work around an APR buffer overflow seen by svnsync (r37622)
* ra_svn clients now use TCP keep-alives if available (issue #3347)
* improve 'svn merge' perf by reducing server contact (r37491, -593, -618)
* stop propagating self-referential mergeinfo in reintegrate merges (r37931)
* fix NLS detection where -liconv is required for bindtextdomain() (r37827)
* don't delete unversioned files with 'rm --keep-local' (r38015, -17, -19)
* bump apr and apr-util versions included in deps to latest. (r37941)
* avoid temp file name collisions with ra_serf, ra_neon (r37972)
* fixed: potential segfault with noop file merges (r37779)
* fixed: incorrect output with 'svn blame -g' (r37719, -23, -41)
* fixed: bindings don't load FS libs when module search enabled (issue #3413)
* fixed: DAV RA layers not properly handling update/switch working copy
directory to revision/place in which it doesn't exist (issue #3414)
* fixed: potential abort() in the working copy library (r37857)
* fixed: memory leak in hash reading functions (r37868, -979)
Developer-visible changes:
* improve memory usage in file-to-stringbuf APIs (r37907)
* reduce memory usage for temp string manipulation (r38010)
Files: