5611354ff6
Changelog: Version 1.7.9 (04 Apr 2013, from /branches/1.7.x) http://svn.apache.org/repos/asf/subversion/tags/1.7.9 User-visible changes - Client-side bugfixes: * improved error messages about svn:date and svn:author props. (r1440620) * fix local_relpath assertion (issue #4257) * fix memory leak in `svn log` over svn:// (r1458341) * fix incorrect authz failure when using neon http library (issue #4332) * fix segfault when using kwallet (r1421103) - Server-side bugfixes: * svnserve will log the replayed rev not the low-water rev. (r1461278) * mod_dav_svn will omit some property values for activity urls (r1453780) * fix an assertion in mod_dav_svn when acting as a proxy on / (issue #4272) * improve memory usage when committing properties in mod_dav_svn (r1443929) * fix svnrdump to load dump files with non-LF line endings (issue #4263) * fix assertion when rep-cache is inaccessible (r1422100) * improved logic in mod_dav_svn's implementation of lock. (r1455352) * avoid executing unnecessary code in log with limit (r1459599) Developer-visible changes: - General: * fix an assertion in dav_svn_get_repos_path() on Windows (r1425368) * fix get-deps.sh to correctly download zlib (r13520131) * doxygen docs will now ignore prefixes when producing the index (r1429201) * fix get-deps.sh on freebsd (r1423646) - Bindings: * javahl status api now respects the ignoreExternals boolean (r1435361) This release addesses five security issues: CVE-2013-1845: mod_dav_svn excessive memory usage from property changes CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT request |
||
---|---|---|
.. | ||
files | ||
patches | ||
DESCR | ||
distinfo | ||
Makefile | ||
Makefile.common | ||
Makefile.version |