2024-10-09 23:15:43 by Benny Siegert | Files touched by this commit (9) | |
Log message:
subversion: update to 1.14.4
This is a security release but the issue is Windows-only AFAICT.
This is a stable bugfix and security release of the Apache Subversion
open source version control system.
Among regular bug fixes, this release fixes CVE-2024-45720:
Subversion command line argument injection on Windows platforms
On Windows platforms, a "best fit" character encoding conversion of
command line arguments to Subversion's executables (e.g., svn.exe,
etc.) may lead to unexpected command line argument interpretation,
including argument injection and execution of other programs, if a
specially crafted command line argument string is processed.
UNIX-like platforms are not affected.
Reported by:
Orange Tsai and splitline from DEVCORE Research Team
Full advisory:
https://subversion.apache.org/security/CVE-2024-45720-advisory.txt
https://subversion.apache.org/security/CVE-2024-45720-advisory.txt.asc
|
2024-02-10 15:42:40 by Takahiro Kambe | Files touched by this commit (21) |
Log message:
Bump revision by changing default version of Ruby.
|
2023-12-29 12:30:53 by Adam Ciarcinski | Files touched by this commit (11) | |
Log message:
subversion: updated to 1.14.3
Version 1.14.3
User-visible changes:
- Client-side bugfixes:
* Fix svn:mergeinfo diff parser bug when parsing forward merges
* Fix redirected URL handling with file externals
- Server-side bugfixes:
(none)
Developer-visible changes:
* swig-rb: Fix uses of 'File.exist?', deprecated since Ruby 2.1
* Build: Fix uses of deprecated Python APIs
* Build: Retain ability to build SWIG Python 2 bindings
* Fix reading WC lock status with svn_wc_status2_t
* JavaHL: Add @Deprecated to silence compiler warnings
* JavaHL: Fix crash in case of null message in getMessage
* Fix build breakage of release tarballs by installed swig
* Add regression test for issue 4711 "invalid xml file"
* swig-py: Fix building with SWIG 4.1.0
* Makefile.in: Fix cleaning of __pycache__ dirs and *.pyc
* swig-py: Avoid deprecated options to SWIG >= 4.1.0
* swig-py: Use sysconfig to allow building with Python 3.12
* INSTALL: Document not to use SVN with APR 1.7.3 on Windows
* Fix test suite broken by syntax error when --enable-sasl
* swig-py: Improve error when no external diff
* autogen.sh: Fix building when Python is not named "python"
|
2023-10-25 00:11:51 by Thomas Klausner | Files touched by this commit (2298) |
Log message:
*: bump for openssl 3
|
2023-10-23 16:26:46 by Michael Baeuerle | Files touched by this commit (20) |
Log message:
Recursive revbump for new ABI major version of converters/utf8proc
|
2023-08-14 07:25:36 by Thomas Klausner | Files touched by this commit (1247) |
Log message:
*: recursive bump for Python 3.11 as new default
|
2022-08-17 21:59:39 by Roland Illig | Files touched by this commit (1) |
Log message:
subversion: remove unknown configure option '--with-neon'
|
2022-06-30 13:19:02 by Nia Alarie | Files touched by this commit (524) |
Log message:
*: Revbump packages that use Python at runtime without a PKGNAME prefix
|
2022-06-28 13:38:00 by Thomas Klausner | Files touched by this commit (3952) |
Log message:
*: recursive bump for perl 5.36
|
2022-04-12 23:40:36 by Thomas Klausner | Files touched by this commit (1) | |
Log message:
subversion: reset PKGREVISION after update
|