Changelog
subversion (1.9.0-1) unstable; urgency=medium
* Upload to unstable
* New upstream release.
+ Security fixes
- CVE-2015-3184: Mixed anonymous/authenticated path-based authz with
httpd 2.4
- CVE-2015-3187: svn_repos_trace_node_locations() reveals paths hidden
by authz
* Add >= 2.7 requirement for python-all-dev Build-Depends, needed to run
tests.
* Remove Build-Conflicts against ruby-test-unit. (Closes: #791844)
* Remove patches/apache_module_dependency in favor of expressing the
dependencies in authz_svn.load/dav_svn.load.
* Build-Depend on apache2-dev (>= 2.4.16) to ensure ap_some_authn_required()
is available when building mod_authz_svn and Depend on apache2-bin (>=
2.4.16) for runtime support.
-- James McCoy <email address hidden> Fri, 07 Aug 2015 21:32:47 -0400