-
subversion (1.7.5-1ubuntu3.1) raring-security; urgency=low
* SECURITY UPDATE: denial of service in mod_dav_svn
- debian/patches/CVE-2013-1845.patch: handle multiple calls in
subversion/mod_dav_svn/deadprops.c.
- CVE-2013-1845
* SECURITY UPDATE: denial of service in mod_dav_svn via LOCK
- debian/patches/CVE-2013-1846_1847.patch: properly validate locks in
subversion/mod_dav_svn/lock.c.
- CVE-2013-1846
- CVE-2013-1847
* SECURITY UPDATE: denial of service in mod_dav_svn via PROPFIND
- debian/patches/CVE-2013-1849.patch: validate type in
subversion/mod_dav_svn/liveprops.c.
- CVE-2013-1849
* SECURITY UPDATE: denial of service in mod_dav_svn via log REPORT
- debian/patches/CVE-2013-1884.patch: fix error handling in
subversion/mod_dav_svn/reports/log.c.
- CVE-2013-1884
* SECURITY UPDATE: repo corruption via newline chars in filenames
- debian/patches/CVE-2013-1968.patch: properly escape paths in
subversion/libsvn_fs_fs/tree.c, added test to
subversion/tests/libsvn_fs/fs-test.c.
- CVE-2013-1968
* SECURITY UPDATE: denial of service via closed connection
- debian/patches/CVE-2013-2112.patch: check for closed connections in
subversion/svnserve/main.c.
- CVE-2013-2112
-- Marc Deslauriers <email address hidden> Fri, 21 Jun 2013 13:08:20 -0400
-
subversion (1.7.5-1ubuntu3) raring; urgency=low
* Fix python multi-arch includes issues.
-- Chris J Arges <email address hidden> Thu, 17 Jan 2013 12:25:15 -0600
-
subversion (1.7.5-1ubuntu2) quantal; urgency=low
* Drop svn2cl to Suggests; we don't particularly need it in Ubuntu main
(LP: #1048824).
-- Colin Watson <email address hidden> Fri, 28 Sep 2012 11:53:18 +0100