-
subversion (1.14.3-1) unstable; urgency=medium
* Update to new upstream version 1.14.3.
-- James McCoy <email address hidden> Mon, 01 Jan 2024 12:21:16 -0500
-
subversion (1.14.2-5) unstable; urgency=medium
* Add future=+lfs build options to ensure use of 64-bit filesystem APIs
* Add commented example for SVNListParentPath in dav_svn.conf
(Closes: #1031229)
* Remove BUILD directory and other detritus during clean (Closes: #1046849)
* Backport upstream patch to fix missing version in pkg-config files
(Closes: #1055242)
+ autogen.sh: export environment variable "PYTHON", for autoheader and autoconf
* Skip dh_autoreconf, since we already call autogen.sh
-- James McCoy <email address hidden> Fri, 03 Nov 2023 19:34:37 -0400
-
subversion (1.14.2-4) unstable; urgency=medium
* Backport patch to fix building with swig 4.1 (Closes: #1023529)
-- James McCoy <email address hidden> Sat, 12 Nov 2022 15:30:30 -0500
-
subversion (1.14.2-3) unstable; urgency=medium
* Re-enable the ability to store plaintext passwords (Closes: #995692)
* Bump debhelper-compat to 13
* Adjust lacks-unversioned-link-to-shared-library overrides
* Adjust package-contains-upstream-installation-documentation override
* Document uninstalled files in debian/not-installed
-- James McCoy <email address hidden> Tue, 12 Jul 2022 10:03:54 -0400
-
subversion (1.14.2-2) unstable; urgency=medium
* Skip building java bindings on kfreebsd-*. Thanks to Laurent Bigonville
for the suggestion (Closes: #1012379)
* Skip building ruby bindings on ia64 and kfreebsd-*
* Disable kwallet support on kfreebsd-*
* Use autogen-swig-{pl,py,rb} targets instead of autogen-swig
(Closes: #986174)
* Declare compliance with Policy 4.6.1, no changes needed
* Fix handling of verbose/terse build logs
-- James McCoy <email address hidden> Mon, 06 Jun 2022 20:42:25 -0400
-
subversion (1.14.2-1) unstable; urgency=high
* Update to new upstream version 1.14.2.
+ Security Fixes:
- CVE-2021-28544: Don't show unreadable copyfrom paths in 'svn log -v'
- CVE-2022-24070: Fix issue #4880 "Use-after-free of object-pools when
used as httpd module"
* libsvn1: Add wildcard to symbols-declares-dependency-on-other-package override
* subversion-tools: Adjust wildcards for ruby-script-but-no-ruby-dep
* Declare compliance with Policy 4.6.0, no changes needed
* Update upstream signing keys
* Re-enable testCrash_RequestChannel_nativeRead_AfterException, fixed
upstream
-- James McCoy <email address hidden> Tue, 12 Apr 2022 08:38:19 -0400
-
subversion (1.14.1-3) unstable; urgency=medium
* Correctly disable testCrash_RequestChannel_nativeRead_AfterException
(Closes: #982684)
-- James McCoy <email address hidden> Wed, 17 Feb 2021 21:52:03 -0500
-
subversion (1.14.1-2) unstable; urgency=medium
* Temporarily disable testCrash_RequestChannel_nativeRead_AfterException
(Closes: #982684)
* rules: Remove clean from .PHONY
-- James McCoy <email address hidden> Wed, 17 Feb 2021 07:46:16 -0500
-
subversion (1.14.1-1) unstable; urgency=high
* Update to new upstream version 1.14.1.
+ Fix FTBFS with OpenJDK 17 (Closes: #982084)
+ Security fix:
- CVE-2020-17525: Remote unauthenticated denial-of-service in Subversion
mod_authz_svn (Closes: #982464)
-- James McCoy <email address hidden> Wed, 10 Feb 2021 21:17:14 -0500
-
subversion (1.14.0-3) unstable; urgency=medium
* Rename python suffixes to the versioned python suffix.
Thanks to Matthias Klose for the patch (Closes: #972197)
* Rename python-script-but-no-python-dep override to python3 version
-- James McCoy <email address hidden> Sat, 31 Oct 2020 20:44:20 -0400
-
subversion (1.14.0-2) unstable; urgency=medium
* Backport patch from upstream to fix FTBFS (Closes: #966989)
- Fix crash in JavaHL JNI wrapper caused by object lifetimes
* svn_load_dirs.1: Use correct groff macro for single-quote
* Update lintian overrides to account for renamed tags
-- James McCoy <email address hidden> Mon, 17 Aug 2020 13:01:19 -0400
-
subversion (1.14.0-1) unstable; urgency=medium
* Update to new upstream version 1.14.0.
* Install NOTICE as required by Apache license
* rules: Disable dh_auto_test for Arch: all builds
-- James McCoy <email address hidden> Wed, 03 Jun 2020 22:21:57 -0400
-
subversion (1.13.0-4) unstable; urgency=medium
* Disable building python-subversion if SWIG 4.0 is installed
(Closes: #954866)
* Remove python-subversion from subversion-tool's Recommends
-- James McCoy <email address hidden> Sat, 25 Apr 2020 08:58:28 -0400
-
subversion (1.13.0-3) unstable; urgency=medium
[ James McCoy ]
* rules: Use "pyversions -s" instead of "pyversions -i"
* Build with swig3.0 to fix FTBFS with swig4.0 (Closes: #951893)
* Declare compliance with Policy 4.5.0, no changes needed
* Build-Depend on debhelper-compat (= 12)
[ Dimitri John Ledkov ]
* swig.m4: Do not include ruby include subdir
-- James McCoy <email address hidden> Tue, 24 Mar 2020 08:33:36 -0400
-
subversion (1.13.0-2) unstable; urgency=medium
[ James McCoy ]
* gbp.conf: Do not number patches
[ Steve Langasek ]
* use python2 as the interpreter now for tests, not python (Closes: #948770)
-- James McCoy <email address hidden> Sun, 19 Jan 2020 08:59:14 -0500
-
subversion (1.13.0-1) unstable; urgency=medium
* New upstream release
* debian/watch:
+ Monitor 1.13.x versions
* Update upstream signing keys
* debian/control:
+ Bump minimum jdk version to 1.8
+ Switch to junit4 for Java tests
+ Bump libsvn-dev Build-Conflicts to << 1.13~
+ Remove obsolete Build-Depends on apache2-dev
+ Fix a typos in the pkg.subversion.nokde profile name
* Declare compliance with Policy 4.4.1, no changes needed
* Fix FTBFS on certain archs due to PIC/PIE interaction.
Thanks to Thorsten Glaser for the patch (Closes: #942798)
* libsvn1.symbols:
+ Mark private/experimental symbols as optional
+ Update symbols for 1.11, 1.12, and 1.13
* debian/tests:
+ Replace $ADTTMP with $AUTOPKGTEST_TMP
* Add fetch-keys script to update/minimize signing-key.asc
* Add a pkg.subversion.nojava build profile
-- James McCoy <email address hidden> Thu, 28 Nov 2019 22:11:05 -0500
-
subversion (1.10.6-1) unstable; urgency=medium
* Update to new upstream version 1.10.6.
+ Security fix
- CVE-2018-11782: Remotely triggerable DoS vulnerability in svnserve
'get-deleted-rev'
- CVE-2019-0203: Remote unauthenticated denial-of-service in Subversion
svnserve
* Support a pkg.subversion.nokde build profile.
Thanks to Jason Duerstock for the patch (Closes: #929326)
-- James McCoy <email address hidden> Wed, 31 Jul 2019 07:01:38 -0400
-
subversion (1.10.4-1) unstable; urgency=medium
* Update to new upstream version 1.10.4 (Closes: #919767)
+ Security fix
- CVE-2018-11803: Malicious SVN clients can crash mod_dav_svn
* d/copyright: Convert to copyright format 1.0
* Replace hand-written postinst/rm with maintscript helper
* lintian: Minimize the upstream signing key
* Declare compliance with Policy 4.3.0, no changes needed
-- James McCoy <email address hidden> Tue, 22 Jan 2019 22:41:34 -0500
-
subversion (1.10.3-1) unstable; urgency=medium
* Update to new upstream version 1.10.3.
* lintian:
+ Update libapache2-mod-svn override due to tag being renamed
+ Add libsvn1 override for package-name-doesnt-match-sonames
* libsvn-{java,dev}: Use absolute target path for symlink_to_dir calls
(Closes: #910233)
* rules: Allow quiet builds when DEB_BUILD_OPTIONS=terse
* Declare compliance with Policy 4.2.1
* libsvn-java: Remove obsolete libsvn-jni Conflicts/Replaces
* Update release notes
-- James McCoy <email address hidden> Sat, 20 Oct 2018 14:27:55 -0400
-
subversion (1.10.2-1) unstable; urgency=medium
* New upstream release
* Switch to dgit-maint-debrebase(7) workflow
* debian/tests: Use $AUTOPKGTEST_TMP if $ADTTMP is not set
* debian/tests: Add a basic test for svnserve
-- James McCoy <email address hidden> Sat, 04 Aug 2018 12:28:03 -0400
-
subversion (1.10.0-2) unstable; urgency=medium
* Build native java bindings using javac instead of javah.
Thanks to Emmanuel Bourg (Closes: #897555)
-- James McCoy <email address hidden> Sat, 16 Jun 2018 10:00:22 -0400
-
subversion (1.10.0-1) unstable; urgency=medium
* Upload new upstream release to unstable
* control: Adjust debhelper Build-Depends to ease backporting
-- James McCoy <email address hidden> Wed, 18 Apr 2018 12:29:55 -0400
-
subversion (1.9.7-4) unstable; urgency=medium
* Actually drop quilt Build-Depends
* Change Vcs-* to salsa.d.o
* Declare compliance with Policy 4.1.3, no changes needed
* Switch default-jdk Build-Depends to headless variant
* Disable parallelization for local-install target
* Disable libsvn-java on ia64
-- James McCoy <email address hidden> Mon, 05 Mar 2018 19:47:43 -0500
-
subversion (1.9.7-3) unstable; urgency=medium
* Remove workaround for #871514, now that it's fixed.
* Convert package to 3.0 (quilt)
* Stop generating libsvn-perl.install. The multi-arch vendor directory has
been in effect since jessie.
* debian/rules:
+ Ensure $(PY_DIR) always exists so the upstream Makefiles don't try to
recreate it, causing the build to fail.
+ Add .NOTPARALLEL to prevent install-arch's dh_prep from deleting files
install-indep installed or vice-versa. Thanks to Robert McQueen for the
idea. (Closes: #680125)
* patches/build-fixes:
+ Stop patching out calls to serf_debug__closed_conn. This requires serf
>= 1.3.9-4 to avoid gaining invalid Depends.
+ Remove out-of-tree swig changes. Using an absolute path for the
out-of-tree directory and ensuring the relevant build directories exists
resolves the problem.
* patches/rpath:
+ Move INSTALLDIRS=vendor to debian/rules instead of patching upstream
code.
+ Use "chrpath -d" to remove RPATHs instead of changing various bits of
upstream build system.
* Lintian:
+ Use https URL in debian/watch
+ Change extra Priorities to optional
* Declare compliance with Policy 4.1.2
* Mark libsvn-{doc,dev} Multi-Arch: foreign/same, respectively, per the
multiarch hinter.
-- James McCoy <email address hidden> Fri, 08 Dec 2017 22:26:53 -0500
-
subversion (1.9.7-2) unstable; urgency=medium
* Disable optimizations on mips64el to workaround GCC bug #871514.
* Use debhelper's dh_update_autotools_config and drop explicit Build-Depends
on autotools-dev.
-- James McCoy <email address hidden> Wed, 16 Aug 2017 22:50:12 -0400
-
subversion (1.9.7-1) unstable; urgency=high
* New upstream release
+ Security fix
- CVE-2017-9800: Arbitrary code execution on clients through malicious
svn+ssh URLs in svn:externals and svn:sync-from-url
-- James McCoy <email address hidden> Thu, 10 Aug 2017 12:59:16 -0400
-
subversion (1.9.6-1) unstable; urgency=medium
* New upstream release
+ Subversion server will now reject commits which cause SHA1 collisions,
if rep-sharing is enabled (as it is by default) in db/fsfs.conf.
* Remove Peter Samuelson as maintainer, at request of MIA team. Thanks for
all the fish! (Closes: #852219)
* Revise metadata for subversion. (Closes: #863037)
+ Add mention of svnsync to Description
+ Suggests libapache2-mod-svn
* Remove "-pie" from hardening options since the semantics changed in dpkg
1.18.13. Thanks to Adrian Bunk for the explanation/patch. (Closes:
#865696)
* Bump minimum SQLite compatibility to 3.8.7
* Declare compliance with Policy 4.0.0, no changes needed
* Bump debhelper compat to 10
-- James McCoy <email address hidden> Sun, 09 Jul 2017 22:27:49 -0400
-
subversion (1.9.5-1) unstable; urgency=medium
* New upstream release
+ Security fix
- CVE-2016-8734: Unrestricted XML entity expansion in HTTP clients
+ Fix corruption of "{DATE}" revision variable in swig-pl. (Closes:
#843138)
+ Remove patches:
- ruby-frozen-nil: Alternative fix committed upstream.
- Backported patches: perl-swig-crash, swig3.x-compat,
r1722164-swig-cppflags
* Fix #! lines for libsvn-{java,dev}.postinst. (Closes: #843292, #843288)
* Remove maintainer scripts that were handling pre-Jessie changes.
* Use dh_apache2's substvars in libapache2-mod-svn.
-- James McCoy <email address hidden> Tue, 29 Nov 2016 22:50:42 -0500
-
subversion (1.9.4-3) unstable; urgency=medium
* Build with hardening flags
* Backport patches/perl-swig-crash from upstream to fix crashes with the
Perl bindings, commonly seen when using git-svn. (Closes: #780246,
#534763)
-- James McCoy <email address hidden> Sat, 03 Sep 2016 14:45:04 -0400
-
subversion (1.9.4-2) unstable; urgency=medium
* Add Build-Depends on rename package and invoke rename instead of prename.
(Closes: #826057)
* Fix removal of .so/.la files for private libsvn_ra_{serf,local} from -dev
package.
* Replace use of debhelper's deprecated -s with -a
* Declare compliance with Policy 3.9.8, no changes required
* Use https URL for Vcs-Browser
-- James McCoy <email address hidden> Mon, 25 Jul 2016 22:48:13 -0400
-
subversion (1.9.4-1) unstable; urgency=high
* New upstream release.
+ Security fixes
- CVE-2016-2167: svnserve/sasl may authenticate users using the wrong
realm
- CVE-2016-2168: Remotely triggerable DoS vulnerability in mod_authz_svn
during COPY/MOVE authorization check
+ Remove merged patch ruby-test-unit.
+ Fix non-canonical path assertion in svn-graph.pl. (Closes: #702922)
+ Abort a commit on Ctrl-C. (Closes: #502222, #501971)
* d/rules: Remove an extraneous "done" to fix FTBFS when bash is $SHELL.
(Closes: #821930)
-- James McCoy <email address hidden> Wed, 27 Apr 2016 20:47:49 -0400
-
subversion (1.9.3-3) unstable; urgency=medium
* Remove transitional packages and maintainer snippets supporting upgrades
from pre-jessie systems.
* Enable libsvn-java on m68k and sparc64, since openjdk-8-jdk is now
available on those archs.
* Declare compliance with policy 3.9.7, no changes needed.
* Remove subversion-dbg package in favor of automatic -dbgsym package.
* Bump debhelper compat to 9.
* Fix FTBFS on mips(el) by working around GCC bug #816698
* Fix SWIG build issues
+ Backport patches/swig3.x-compat from upstream
+ Switch back to “Build-Depends: swig” (Closes: #817002)
-- James McCoy <email address hidden> Mon, 14 Mar 2016 00:34:52 -0400
-
subversion (1.9.3-2) unstable; urgency=medium
* Remove -Wdate-time from CPPFLAGS passed to swig. (Closes: #809054)
-- James McCoy <email address hidden> Fri, 15 Jan 2016 22:45:33 -0500
-
subversion (1.9.3-1) unstable; urgency=high
* New upstream release.
+ Security fixes
- CVE-2015-5259: Heap overflow and out-of-bounds read in svn:// protocol
parser
- CVE-2015-5343: Heap overflow and out-of-bounds read in mod_dav_svn
+ Fix dumps of no-op changes with “svnadmin dump”. (Closes: #803725)
+ Fix segfault when performing a diff when repository is on server root.
(Closes: #802611)
+ Fix translations of commit notifications. (Closes: #802156)
+ Fix authz with mod_auth_ntlm/mod_auth_kerb. (Closes: #797216)
+ Restore reporting (un)lock errors as failures. (Closes: #796781)
-- James McCoy <email address hidden> Tue, 15 Dec 2015 20:26:57 -0500
-
subversion (1.9.2-3) unstable; urgency=medium
* Re-enable libsvn-java on kfreebsd-*.
* Ensure swig2.0 is used to avoid build failures, until upstream figures
out how to work with swig >= 3.0. (Closes: #804389)
* Fix FTBFS with Ruby 2.2 (Closes: #803589)
+ Add ruby-frozen-nil patch to create a new Object instead of trying to
make modifications to the nil object.
+ Add ruby-test-unit patch to be compatible with the ruby-test-unit gem as
well as the older test-unit API provided by minitest.
-- James McCoy <email address hidden> Mon, 09 Nov 2015 19:22:18 -0500
-
subversion (1.9.2-2) unstable; urgency=medium
* Fix FTBFS with older Ruby versions by using RbConfig['vendorarchdir'] to
find the .a/.la files we're deleting.
-- James McCoy <email address hidden> Sun, 18 Oct 2015 22:10:03 -0400
-
subversion (1.9.2-1) unstable; urgency=medium
* New upstream release
+ Fix crash when saving credentials in kwallet. (Closes: #736879,
LP: #563179)
-- James McCoy <email address hidden> Wed, 23 Sep 2015 21:27:15 -0400
-
subversion (1.9.1-1) unstable; urgency=medium
* New upstream release
+ Remove direct use of svn_fs_open2 from libsvn_fs_x, thus fixing the
missing svn_fs_open2 symbol. (Closes: #795160)
* Enable gpg verification of new releases.
* Rename bash-completion file to svn and add symlinks for all other commands
which have completion. (Closes: #797648)
* debian/tests/libapache2-mod-svn: Stop apache2 before ending the test, to
avoid leaving stray processes running.
-- James McCoy <email address hidden> Mon, 07 Sep 2015 19:21:22 -0400
-
subversion (1.9.0-1) unstable; urgency=medium
* Upload to unstable
* New upstream release.
+ Security fixes
- CVE-2015-3184: Mixed anonymous/authenticated path-based authz with
httpd 2.4
- CVE-2015-3187: svn_repos_trace_node_locations() reveals paths hidden
by authz
* Add >= 2.7 requirement for python-all-dev Build-Depends, needed to run
tests.
* Remove Build-Conflicts against ruby-test-unit. (Closes: #791844)
* Remove patches/apache_module_dependency in favor of expressing the
dependencies in authz_svn.load/dav_svn.load.
* Build-Depend on apache2-dev (>= 2.4.16) to ensure ap_some_authn_required()
is available when building mod_authz_svn and Depend on apache2-bin (>=
2.4.16) for runtime support.
-- James McCoy <email address hidden> Fri, 07 Aug 2015 21:32:47 -0400
-
subversion (1.8.13-1) unstable; urgency=medium
* New upstream release. Refresh patches.
- Remove backported patches CVE-2014-8108, CVE-2014-3580, CVE-2015-0202,
CVE-2015-0248, CVE-2015-0251, ruby2.0-build-fixes, and
test-failure-with-optimizations.
* Add patches wc-queries-test1-r1672295 and wc-queries-test2-r1673691, from
upstream, to fix wc-queries test failures with new SQLite versions.
(Closes: #785496)
-- James McCoy <email address hidden> Fri, 22 May 2015 02:43:09 -0400
-
subversion (1.8.10-6) unstable; urgency=high
* patches/CVE-2015-0202: Excessive memory use with certain REPORT requests
against mod_dav_svn with FSFS repositories
* patches/CVE-2015-0248: Assertion DoS vulnerability for certain mod_dav_svn
and svnserve requests with dynamically evaluated revision numbers
* patches/CVE-2015-0251: mod_dav_svn allows spoofing svn:author property
values for new revisions
-- James McCoy <email address hidden> Tue, 31 Mar 2015 22:51:18 -0400
-
subversion (1.8.10-5) unstable; urgency=medium
* patches/CVE-2014-8108: mod_dav_svn DoS vulnerability with invalid virtual
transaction names (Closes: #773315)
* patches/CVE-2014-3580: mod_dav_svn DoS vulnerability with invalid REPORT
requests (Closes: #773263)
-- James McCoy <email address hidden> Wed, 17 Dec 2014 00:11:03 -0500
-
subversion (1.8.10-4) unstable; urgency=medium
* control: Use "dh_install --list-missing" instead of --fail-missing to
avoid a FTBFS with parallel builds. (Closes: #768903)
-- James McCoy <email address hidden> Mon, 10 Nov 2014 22:19:02 -0500
-
subversion (1.8.10-3) unstable; urgency=medium
* Add a NEWS item describing that 1.7.x and later do not support having a
working copy which spans multiple filesystems. (Closes: #766285)
* rules: Needs more MAN3EXT so generated swig-pl Makefile never installs
files to debian/tmp with wrong extensions.
* Move some less frequently used tools to subversion-tools and include the
fsfs-* tools. (Closes: #764689)
* Switch from specifying gcj as the Java implementation to default-jdk.
(Closes: #737527, #421400)
- Remove patches/java-build
-- James McCoy <email address hidden> Sat, 25 Oct 2014 21:47:16 -0400
-
subversion (1.8.10-2) unstable; urgency=medium
* Add patches/test-failure-with-optimizations from upstream to fix test
failures with certain build configurations. (Closes: #757773)
* Add patches/libtoolize from upstream to support the Multi-Arch libtool
packaging. (Closes: #761789)
-- James McCoy <email address hidden> Wed, 24 Sep 2014 20:54:34 -0400
-
subversion (1.8.10-1) unstable; urgency=medium
* New upstream release. Refresh patches.
- Includes security fixes:
+ CVE-2014-3522: ra_serf improper validation of wildcards in SSL certs.
+ CVE-2014-3528: credentials cached with svn may be sent to wrong
server.
* debian/rules: Avoid an unnecessary call to dpkg-buildflags.
* debian/control: Pre-Depend on ${misc:Pre-Depends} instead of hard-coding
multiarch-support, as suggested by Lintian.
-- James McCoy <email address hidden> Tue, 12 Aug 2014 21:57:23 -0400
-
subversion (1.8.9-2) unstable; urgency=medium
* Use Perl's $Config{vendorarch} to determine where libsvn-perl's files were
installed. This enables being built against a Multi-Archified Perl.
(Closes: #752816)
-- James McCoy <email address hidden> Wed, 16 Jul 2014 08:46:24 -0400
-
subversion (1.8.9-1) unstable; urgency=medium
* New upstream release
* Merge changes from Ubuntu:
- Add DEB-8 test for Apache functionality
- debian/rules: Create pot file on build.
- debian/rules: Ensure the doxygen output directory exists
- Move svn2cl to subversion-tools' Suggests on Ubuntu.
-- James McCoy <email address hidden> Tue, 20 May 2014 22:45:32 -0400
-
subversion (1.8.8-2) unstable; urgency=medium
* Fix builds with ruby 2.x. (Closes: #739772)
-- James McCoy <email address hidden> Sun, 30 Mar 2014 22:46:58 -0400
-
subversion (1.8.8-1) unstable; urgency=medium
* New upstream release. Refresh patches.
- Remove backported patches sqlite_3.8.x_workaround & swig-pl_build_fix
- Fix integer overflows with 32-bit svnserv, which could cause an infinite
loop (Closes: #738840) or inaccurate statistics (Closes: #738841)
- Work around SQLite not honoring umask when creating rep-cache.db.
(Closes: #735446)
- Includes security fix:
+ CVE-2014-0032: mod_dav_svn crash when handling certain requests with
SVNListParentPath on (Closes: #737815)
* Add a subversion-dbg package. (Closes: #508147)
* Bump libdb5.1-dev → libdb5.3-dev (Closes: #738650)
-- James McCoy <email address hidden> Thu, 20 Feb 2014 20:38:10 -0500
-
subversion (1.8.5-2) unstable; urgency=medium
* rules: Move comment out of multi-line variable definition so configure is
run with the correct flags. (Closes: #735609)
* control: Remove libsvn-ruby1.8 Provides from ruby-svn.
* Add patches/swig-pl_build_fix, from upstream, to fix a build failure when
configure is run with --enable-sqlite-compatibility.
-- James McCoy <email address hidden> Fri, 17 Jan 2014 20:05:25 -0500
-
subversion (1.8.5-1) unstable; urgency=low
[ Peter Samuelson ]
* New upstream release. (Closes: #725787) Rediff patches:
- Remove apr-abi1 (applied upstream), rename apr-abi2 to apr-abi
- Remove loosen-sqlite-version-check (shouldn't be needed)
- Remove java-osgi-metadata (applied upstream)
- svnmucc prompts for a changelog if none is provided. (Closes: #507430)
- Remove fix-bdb-version-detection, upstream uses "apu-config --dbm-libs"
- Remove ruby-test-wc (applied upstream)
- Fix “svn diff -r N file” when file has svn:mime-type set.
(Closes: #734163)
- Support specifying an encoding for mod_dav_svn's environment in which
hooks are run. (Closes: #601544)
- Fix ordering of “svnadmin dump” paths with certain APR versions.
(Closes: #687291)
- Provide a better error message when authentication fails with an
svn+ssh:// URL. (Closes: #273874)
- Updated Polish translations. (Closes: #690815)
[ James McCoy ]
* Remove all traces of libneon, replaced by libserf.
* patches/sqlite_3.8.x_workaround: Upstream fix for wc-queries-test test
failurse.
* Run configure with --with-apache-libexecdir, which allows removing part of
patches/rpath.
* Re-enable auth-test as upstream has fixed the problem of picking up
libraries from the environment rather than the build tree.
(Closes: #654172)
* Point LD_LIBRARY_PATH at the built auth libraries when running the svn
command during the build. (Closes: #678224)
* Add a NEWS entry describing how to configure mod_dav_svn to understand
UTF-8. (Closes: #566148)
* Remove ancient transitional package, libsvn-ruby.
* Enable compatibility with Sqlite3 versions back to Wheezy.
* Enable hardening flags. (Closes: #734918)
* patches/build-fixes: Enable verbose build logs.
* Build against the default ruby version. (Closes: #722393)
-- James McCoy <email address hidden> Sun, 12 Jan 2014 19:48:33 -0500
-
subversion (1.7.14-1) unstable; urgency=medium
* New upstream version.
- mod_dav_svn: Prevent crashes with some 3rd party modules. (Closes:
#728352)
- Includes security fix:
+ CVE-2013-4505: mod_dontdothat restrictions bypassed by relative
requests (Closes: #730541)
+ CVE-2013-4558: mod_dav_svn assertion when SVNAutoversioning is
enabled.
* Bump compat to debhelper 8
* Use shlibs.local to handle intrapackage dependencies on private libraries.
* rules: Fix removal of libsvnjavahl-1.a/.la/.so from libsvn-dev. (Closes:
#711911)
* Remove obsolete conffiles under /etc/svn2cl. (Closes: #677990)
-- James McCoy <email address hidden> Fri, 27 Dec 2013 10:17:38 -0500
-
subversion (1.7.13-3) unstable; urgency=low
* Remove architecture exclusions for libsvn-java. (Closes: #710498)
* Fix multi-arch Python include paths. (Closes: #698443)
* Add strict Depends on libsvn1 to libapach2-mod-svn since the latter
leverages some internal APIs and therefore must be upgraded in lock step.
(Closes: #705464)
* Standards-Version 3.9.5 (no change needed).
* Add strict minimum Depends on libsqlite3-0 to work around lack of build
time dependency information. (Closes: #721878)
-- James McCoy <email address hidden> Sat, 16 Nov 2013 11:33:37 -0500
-
subversion (1.7.13-2) unstable; urgency=low
* Remove unnecessary libapache2-svn.prem. (Closes: #726717)
-- James McCoy <email address hidden> Fri, 18 Oct 2013 23:23:06 -0400
-
subversion (1.7.13-1) unstable; urgency=low
[ Peter Samuelson ]
* New upstream version. (Closes: #719476)
- patches/CVE-2013-1968.patch, patches/CVE-2013-2112.patch: remove,
obsoleted
- Includes security fixes:
+ CVE-2013-4131: Remotely triggered crash in mod_dav_svn (Closes:
#717794)
+ CVE-2013-4277: Local privilege escalation vulnerability via symlink
attack (Closes: #721542)
[ James McCoy ]
* Add myself to uploaders.
* Acknowledge NMUs.
* Canonicalize the Vcs-* URLs. Thanks, Lintian.
* Remove Guilherme de S. Pastore from Uploaders. (Closes: #698270)
* Add Breaks: svnmailer (<< 1.0.9) to python-subversion. (Closes: #726491)
* Remove obsolete conffile /etc/emacs/site-start.d/50psvn.el. (Closes:
#705033)
-- James McCoy <email address hidden> Wed, 16 Oct 2013 20:53:11 -0400
-
subversion (1.7.9-1+nmu6) unstable; urgency=low
* Add Breaks/Replaces: libapache2-svn to libapach2-mod-svn.
-- James McCoy <email address hidden> Tue, 01 Oct 2013 00:28:55 -0400
-
subversion (1.7.9-1+nmu4) unstable; urgency=low
* Non-maintainer upload.
* patches/ruby-test-wc: New patch from upstream to fix a stray case of a
testsuite failure due to APR 1.4 hash randomization. Thanks to
Michael Gilbert for digging this up. (Closes: #705364)
* Use --disable-neon-version-check to build libsvn_ra_neon against libneon27
0.30.0.
* Add handling of directory to symlink conversions for
/usr/share/doc/libsvn-{dev,java,ruby,ruby1.8}. (Closes: #690155)
-- James McCoy <email address hidden> Mon, 02 Sep 2013 21:11:08 -0400
-
subversion (1.7.9-1+nmu3) unstable; urgency=high
* Non-maintainer upload.
* Disable libapache2-svn build (closes: #712004, #666794)
-- Julien Cristau <email address hidden> Tue, 09 Jul 2013 19:56:11 +0200
-
subversion (1.7.9-1+nmu2) unstable; urgency=high
* Non-maintainer upload.
* Add CVE-2013-1968.patch patch.
CVE-2013-1968: Subversion FSFS repositories can be corrupted by newline
characters in filenames. (Closes: #711033)
* Add CVE-2013-2112.patch patch.
CVE-2013-2112: Fix remotely triggerable DoS vulnerability. (Closes: #711033)
-- Salvatore Bonaccorso <email address hidden> Thu, 06 Jun 2013 13:14:52 +0200
-
subversion (1.7.9-1+nmu1) unstable; urgency=medium
* Non-maintainer upload.
* Convert SVN_STREAM_CHUNK_SIZE to an integer in svn/core.py (closes: #683188).
-- Michael Gilbert <email address hidden> Fri, 12 Apr 2013 00:58:01 +0000
-
subversion (1.7.9-1) unstable; urgency=medium
* New upstream version. Some DOS fixes in mod_dav_svn:
- CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
- CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
- CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant
URLs
- CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity
URLs
- CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT
request
* patches/python-swig205, patches/g++47: Remove as obsolete.
* Don't make python-subversion 'Depends: subversion'. It is quite
usable on its own.
* Move libsvn1 to section 'libs'. (Ref: #700145)
* Update watch file. (Closes: #672157)
-- Peter Samuelson <email address hidden> Sat, 06 Apr 2013 16:16:37 -0500
-
subversion (1.7.5-1) unstable; urgency=low
[ Peter Samuelson ]
* New upstream version.
- Refresh patches; remove obsolete no-dbus-spam, kwallet-wid,
perl-warning, perl-compiler-flags, po, swig2-compat,
disable-failing-tests, python-exception-syntax
- Split patches/apr-abi into apr-abi1 (to be submitted) and
apr-abi2 (Debian-specific).
- Disable patches/ruby-test-info ... for now.
- Requires serf 1.0 or higher.
* Upstream no longer ships contrib in tarball:
- Remove contrib-license-audit
- subversion-tools now Recommends: svn2cl
- Ship svn-clean, svn-fast-backup, svn_apply_autoprops,
svn_load_dirs, commit-email.pl in debian/contrib
- Don't ship svnmerge.py, it has outlived its usefulness
- Delete patches/{svn2cl-*,svn-clean-ignore,commit-email}
- Overhaul debian/copyright
* rules: Specify that we want our own libtool. Otherwise it finds the
one from /usr/share/apr-1.0/build, which doesn't support C++.
* patches/entropy: Remove as obsolete. It was a workaround for apr
using /dev/random, but apr switched to /dev/urandom in 1.3.
* Move emacs plugins from subversion to subversion-tools.
* patches/java-osgi-metadata: Add OSGi metadata to the libsvn-java
jarfile. Thanks Jakub Adam. (Closes: #644438)
* Switch from python-support to dh_python2.
* patches/python-swig205: New patch: Adjust for swig 2.0.5+ handling of
Python ints vs. longs.
[ Michael Diers ]
* More contrib adjustments:
- Provide debian/contrib/emacs from upstream VCS contrib/client-side/emacs
- Add svn_1.6_releasenotes.html, svn_1.7_releasenotes.html
- subversion.docs, subversion.install
- subversion-tools.docs, subversion-tools.manpages
-- Peter Samuelson <email address hidden> Sat, 16 Jun 2012 23:56:38 -0500
-
subversion (1.6.17dfsg-4) unstable; urgency=medium
* Ack NMU, thanks Ondrej. Urgency medium because the NMU fixes RC bugs.
- Revert libsvn-java split. Instead, disable multiarch for libsvn-java.
If anyone _needs_ multiarch for Java libraries, which I doubt, we
should come up with a way to produce deterministic jar files.
- Reintroduce specific db dependencies, so a random binNMU can't
change the DB version without warning.
* Disable serf support for now, as this release won't properly work with
serf 1.0.
* patches/g++47: New patch to build with g++ 4.7.
* Policy 3.9.3 (no changes).
* Move ruby files to /usr/lib/ruby/vendor_ruby per ruby policy.
-- Peter Samuelson <email address hidden> Sun, 03 Jun 2012 17:54:15 -0500
-
subversion (1.6.17dfsg-3.1) unstable; urgency=low
* Non-maintainer upload
* Disable test-suite which was broken by apr 1.4.6 update (Closes: #669494)
* Also rescue on Errno::EINVAL (Closes: #624810, #629952)
* Split libsvn-java to libsvn-java and libsvn-jni (Closes: #670034)
* Depend on generic libdb-dev and db-util (Closes: #621460)
* Install java files prior to dh_install -i call
* Declare proper relationships between -jni and -java packages
-- Ondřej Surý <email address hidden> Tue, 29 May 2012 15:49:32 +0200
-
subversion (1.6.17dfsg-3) unstable; urgency=medium
* libapache2.preinst: Fix upgrade case from before 1.6.17dfsg-2.
* libapache2.prerm: 'a2dismod' modules in reverse dependency order.
* patches/apache_module_dependency: New patch to allow mod_authz_svn to
load before mod_dav_svn and still use its functions.
All these together, Closes: #642250.
* Remove a bit more autofoo in 'clean' target.
-- Peter Samuelson <email address hidden> Sat, 19 Nov 2011 18:56:28 -0600
-
subversion (1.6.17dfsg-2) unstable; urgency=low
* Standards-Version: 3.9.2. Also, multiarch.
* Move to debhelper level 7.
* patches/perl-warning: New patch to suppress a bogus Perl undef warning.
(Closes: #422699)
* patches/swig2-compat: New patch from upstream to build with swig 2.x.
(Closes: #634049)
* patches/perl-compiler-flags: New patch from upstream to address an
issue brought to light by Perl 5.14. (Closes: #628507)
* patches/sasl-mem-handling: New patch from upstream to fix a crash with
svn:// URLs and SASL authentication. (Closes: #631765)
* patches/svn2cl-upstream: Use --non-interactive in svn2cl to avoid
hanging on, e.g., password prompts. (Closes: #443860)
* patches/python-exception-syntax: New patch: Fix a couple instances of
literal string exceptions in Python, which don't work in 2.6+.
(Closes: #585358)
* Remove some preinst/postinst magic that hasn't been needed in years.
* Split authz_svn.load away from dav_svn.load, since most users do not
need both. New installs will enable only dav_svn by default.
* Restart apache in libapache2-svn postinst. (Closes: #610236, #628990)
* Improve symbols file with (regex)__ catchall for private symbols not
otherwise accounted for. (Closes: #607544) I'm also including a
workaround for rapidsvn, to be removed when 0.14 is released.
* Add ${misc:Depends} everywhere. Drop libsvn-java dependency on a jre.
Thanks, Lintian.
* Remove the extra copy of jquery supplied by doxygen, from libsvn-doc.
Doesn't seem to even be used. Thanks, Lintian.
* patches/po: New patch from Laurent Bigonville to fix minor issues in
fr.po and ja.po. (Closes: #607381)
* Move to dh_lintian, and fix up the overrides a bit.
-- Peter Samuelson <email address hidden> Thu, 15 Sep 2011 12:02:03 -0500
-
subversion (1.6.17dfsg-1) unstable; urgency=high
* New upstream version. Includes security fixes: - CVE-2011-1752: Remotely triggered crash in mod_dav_svn - CVE-2011-1783: Remotely triggered memory exhaustion in mod_dav_svn - CVE-2011-1921: Content leak of certain files marked unreadable * svn-bisect: Support $SVN environment variable, requested by Daniel Shahaf upstream. * Update Lintian overrides to account for python through 2.9, in case that ever comes to be. -- Peter Samuelson <email address hidden> Wed, 01 Jun 2011 17:07:33 -0500
-
subversion (1.6.16dfsg-1) unstable; urgency=high
* New upstream version. - Fixes CVE-2011-0715: Remotely crash mod_dav_svn anonymously via a lock token. * patches/change-range: New patch to support -cA-B syntax on command line. * Stop using svn-make-config.c; we can do the same just by running svn itself in a controlled home directory. Delete debian/tools/. -- Peter Samuelson <email address hidden> Thu, 03 Mar 2011 10:55:42 -0600
-
subversion (1.6.12dfsg-4) unstable; urgency=high
* patches/loosen-sqlite-version-check: New patch: Relax the SQLite version check, to match the Debian sqlite3 packaging. (Closes: #608925) * patches/cve-2010-4539: New patch for CVE-2010-4539, fixing a remotely triggered crash in mod_dav_svn involving use of the SVNParentPath feature. (Closes: #608989) -- Peter Samuelson <email address hidden> Wed, 05 Jan 2011 10:43:01 -0600
-
subversion (1.6.12dfsg-3) unstable; urgency=medium
* Apply two patches from upstream 1.6.15: - patches/server-memleak: New patch: fix some server-side memory leaks. - patches/no-wc1.7-check: New patch: Stop checking for being inside a 1.7 working copy. The value is too low and the performance penalty too high. -- Peter Samuelson <email address hidden> Wed, 22 Dec 2010 20:38:17 -0600
-
subversion (1.6.12dfsg-2) unstable; urgency=medium
* patches/cve-2010-3315: New patch for CVE-2010-3315, whereby, in rare
configurations, mod_dav_svn could give too much access to authorized
users.
* control: Update Vcs-* fields, Homepage, Policy to 3.9.1 (no changes),
tweak python version declaration (Closes: #587853).
-- Peter Samuelson <email address hidden> Fri, 01 Oct 2010 12:11:10 -0500
-
subversion (1.6.12dfsg-1) unstable; urgency=medium
* Urgency medium, as it (probably) fixes some FTBFS.
* New upstream version.
- Fixes some or all cases of inappropriate need for read access to the
root of the repository. (Closes: #510883)
* Disable parallel mode for 'make check', which appears to have made
some build daemons sad.
* svn-bisect: use pegs to support bisecting in deleted branches.
Thanks Nikita Borodikhin. (Closes: #582344)
* patches/ruby-test-info: expand for more failures nobody can figure
out. Sigh.
* Upgrade from source format 1.0 to 1.0.
-- Peter Samuelson <email address hidden> Mon, 21 Jun 2010 11:53:14 -0500
-
subversion (1.6.11dfsg-1) unstable; urgency=low
* New upstream version. Rediff a patch or two.
- Mergeinfo queries no longer require access to repository root.
(Ref: #510883)
- Ignores errors reading .svn/ in parent directories. (Closes: #570271)
* rules: Run 'check' target in parallel mode.
-- Peter Samuelson <email address hidden> Mon, 19 Apr 2010 23:22:07 -0500
-
subversion (1.6.9dfsg-1) unstable; urgency=low
* New upstream release.
- patches/16x-po, patches/ruby-test-core: remove, applied upstream.
* patches/java-build: Update for gcj 4.4. Update the build dependency
too, as this version of the patch will not work on gcj 4.3.
Thanks to Nobuhiro Iwamatsu. (Closes: #561516)
* patches/build-fixes: Fix parallelism in 'doc-api' target. Again.
(Closes: #537297)
* patches/ruby-test-info: Disable the two failing ruby tests that
nobody can reproduce except on the buildds. (Closes: #545372)
-- Peter Samuelson <email address hidden> Wed, 27 Jan 2010 01:57:47 -0600
-
subversion (1.6.6dfsg-2) unstable; urgency=low
* Update svn-bisect (Closes: #535234), fix bugs, add features,
and write a manpage. Also mention it in the subversion-tools
Description. (Closes: #535187)
* Move from db4.7 to db4.8, tracking apr-util. (Closes: #557457)
* Move the example XSL and CSS files for mod_dav_svn to
/usr/share/doc/libapache2-svn/examples/. (Closes: #553535)
* patches/ruby-test-info: New patch to maybe address a FTBFS. (#545372)
Thanks Michael Diers, Joe Swatosh and Stefan Sperling. I expect that
this is not the only fix needed, but we shall see.
* patches/16x-po: New patch: a couple translation updates from 1.6.7.
* libsvn-java: depend on ${shlibs:Depends}, thanks Lintian.
* python-subversion: Update an outdated Lintian override.
* libsvn1: Add a handful of Lintian overrides.
-- Peter Samuelson <email address hidden> Sun, 22 Nov 2009 17:53:45 -0600
-
subversion (1.6.6dfsg-1) unstable; urgency=low
* New upstream release.
- Reintroduce svn_load_dirs.pl: Dolby has agreed to an explicit free
software license. Thanks Blair Zajac for following up on this.
- patches/ruby-test-core: New patch from upstream to fix a new failure
in the ruby testsuite.
* Standards-Version 3.8.3 (no changes).
* control: Some housecleaning: remove some Conflicts/Replaces/Provides
that haven't been needed since etch.
* patches/build-fixes: add a small fix for parallel builds.
(Closes: #543110)
* patches/svn2cl-upstream: New patch to fix the XSL to better comply
with XML standards. (Closes: #546990)
* Enable kwallet support. (Closes: #539564)
- patches/kwallet-wid: New patch based very loosely on upstrema work, to
let the kwallet library know your terminal's Window ID, if available.
- patches/apr-abi, patches/rpath: Fix the LINK_CXX target, now that
we're finally using it.
* Set dependency_libs='' in all .la files, as per:
http://lists.debian.org/debian-devel/2009/08/msg00783.html
-- Peter Samuelson <email address hidden> Thu, 22 Oct 2009 11:32:13 -0500
-
subversion (1.6.5dfsg-1) unstable; urgency=low
* New upstream release.
- Resolves symlinks in ~/.subversion. (Closes: #541202)
* patches/ssh-no-controlmaster: Replace with the much simpler approach
upstream demonstrates with 'ssh -q'.
* patches/no-dbus-spam: New patch to shut up the gnome-keyring library
when it can't initialize. (Closes: #542403)
* patches/ruby-test-tree-conflicts: New patch from upstream trunk, to
fix two ruby test failures.
-- Peter Samuelson <email address hidden> Thu, 20 Aug 2009 12:16:39 -0500
-
subversion (1.6.4dfsg-1) unstable; urgency=high
* New upstream security release.
- Fix CVE-2009-2411, heap overflows in svndiff stream parsing.
-- Peter Samuelson <email address hidden> Wed, 05 Aug 2009 20:12:07 -0500
-
subversion (1.6.3dfsg-1) unstable; urgency=low
* New upstream release.
* Update package sections corresponding to recent ftpmaster work.
* Re-enable libsvn_ra_serf, now that serf 0.3.0-0.2 is available.
* Add symbols file for libsvn1, for finer-grained dependencies.
-- Peter Samuelson <email address hidden> Tue, 14 Jul 2009 23:51:24 -0500
-
subversion (1.5.6dfsg-1) unstable; urgency=low
* New upstream release.
* patches/commit-email2: New patch to fix mail header formatting in
commit-email.pl hook. (Closes: #508301)
* Tweak 'site-packages' location for python 2.6, taken from the Ubuntu
patch uploaded by Matthias Klose.
* Build-Depends is back again to libdb4.6-dev.
-- Peter Samuelson <email address hidden> Wed, 25 Feb 2009 20:23:51 -0600
-
subversion (1.5.1dfsg1-2) unstable; urgency=low
* patches/merge-revert-error: new patch to fix an error where some
merges revert other bits of a working copy. From upstream; thanks to
Ben Hutchings for the backport and testing. (Closes: #507764)
-- Peter Samuelson <email address hidden> Wed, 31 Dec 2008 00:18:36 -0600
-
subversion (1.5.1dfsg1-1) unstable; urgency=low
* New upstream release.
- Fixes some major corner cases in merge tracking.
- Fixes several crash bugs and regressions from 1.4 -> 1.5.
- patches/ruby-test-wc-normalize-compared-value: Remove, applied upstream.
* Symlink libsvn_ra_dav-1.so.1 -> libsvn_ra_neon-1.so.1 to avoid
breaking old packages that mistakenly linked to ra_dav. This was not
and is not supported, but at least one package did it. (Closes: #490423)
* Add a NEWS entry for 1.5.x in general.
* debian/watch: Add dversionmangle setting, thanks to lintian.
-- Peter Samuelson <email address hidden> Thu, 24 Jul 2008 15:48:17 -0500
