Ubuntu
subversion package

lp:ubuntu/dapper-security/subversion

Dapper (6.06)
dapper-security

Created by James Westby on 2009-08-08 and last modified on 2011-03-22

Get this branch:: bzr branch lp:ubuntu/dapper-security/subversion

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

11. By Marc Deslauriers on 2011-03-22: * SECURITY UPDATE: denial of service via request containing lock token
  - debian/patches/CVE-2011-0715.patch: correctly handle locks being
    passed when authn isn't enabled in subversion/mod_dav_svn/repos.c,
    subversion/mod_dav_svn/version.c.
  - CVE-2011-0715
10. By Marc Deslauriers on 2011-01-14: * SECURITY UPDATE: information disclosure via partial access privilege
  - debian/patches/CVE-2007-2448.patch: improve logic in
    subversion/libsvn_repos/fs-wrap.c.
  - CVE-2007-2448
* SECURITY UPDATE: denial of service via SVNParentPath walking
  - debian/patches/CVE-2010-4539.patch: don't try and walk SVNParentPath
    collection in subversion/mod_dav_svn/repos.c.
  - CVE-2010-4539
9. By Kees Cook on 2009-08-06: * SECURITY UPDATE: remote arbitrary code execution via integer overflow.
  - added debian/patches/fix-binary-diff-security.patch, backported from
    upstream.
  - CVE-2009-2411
8. By Adam Conrad on 2006-05-08: * Merge new upstream version from Debian, UVF exception approved by mdz.
* Very (very, very) carefully merge our Java-related changes with Debian's
rather different Java changes to produce something that should work.
* Create a python2.4-subversion transitional package to smooth upgrades.
7. By Michael Vogt on 2006-05-05: debian/rules: Create a POT file on package build
6. By Matthias Klose on 2006-03-23: * Reenable the build of libsvn-javahl, build using java-gcj-compat-dev.
* libsvn-javahl: Prefer gij over kaffe.
5. By Adam Conrad on 2006-01-17: * Merge with Debian by hand, bringing in shiny new upstream version.
* Disable the testsuite for the ruby bindings for now, as they are
failing obscurely, and "broken bindings are slightly better than
no bindings"; I will investigate the breakage later.
4. By Adam Conrad on 2005-12-05: Merge with the final Debian release of 1.2.3dfsg1-3, bringing in
fixes to the clean target, better documentation of the libdb4.3
upgrade and build fixes to work with swig1.3_1.3.27.
3. By Michael Vogt on 2005-06-29: Resynchronise with Debian.
2. By Matthias Klose <email address hidden> on 2005-01-10: python2.4-subversion: Add conflict to python2.3-subversion.
Closes: #4957.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/subversion

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntusubversion package