subversion 1.6.17dfsg-3ubuntu3.5 source package in Ubuntu

Changelog

subversion (1.6.17dfsg-3ubuntu3.5) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via non-existing REPORT request
    - debian/patches/CVE-2014-3580.patch: make sure repo paths are
      specified in subversion/mod_dav_svn/reports/deleted-rev.c,
      subversion/mod_dav_svn/reports/file-revs.c,
      subversion/mod_dav_svn/reports/get-location-segments.c,
      subversion/mod_dav_svn/reports/get-locations.c,
      subversion/mod_dav_svn/reports/log.c,
      subversion/mod_dav_svn/reports/mergeinfo.c.
    - CVE-2014-3580
  * SECURITY UPDATE: denial of service via crafted parameter combinations
    - debian/patches/CVE-2015-0248.patch: properly handle missing revision
      numbers in subversion/mod_dav_svn/reports/get-location-segments.c,
      subversion/svnserve/serve.c.
    - CVE-2015-0248
  * SECURITY UPDATE: svn:author property spoofing issue
    - debian/patches/CVE-2015-0251.patch: restrict svn:author modifications
      in subversion/mod_dav_svn/deadprops.c.
    - CVE-2015-0251
  * SECURITY UPDATE: sensitive path information disclosure
    - debian/patches/CVE-2015-3187.patch: fix order in
      subversion/libsvn_repos/rev_hunt.c, added tests to
      subversion/tests/cmdline/authz_tests.py,
      subversion/tests/libsvn_repos/repos-test.c.
    - CVE-2015-3187

 -- Marc Deslauriers <email address hidden>  Thu, 20 Aug 2015 08:53:48 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2015-08-20
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
vcs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Precise updates on 2015-08-20 main devel
Precise security on 2015-08-20 main devel

Downloads

File Size SHA-256 Checksum
subversion_1.6.17dfsg.orig.tar.gz 7.4 MiB 45a8a067b65cfe5326f9676f991d82f39d67f8309c35e58f67e689eb702679d0
subversion_1.6.17dfsg-3ubuntu3.5.diff.gz 132.1 KiB 176a0ea37ee651668e0877fb15e973cd462cee15c3c654762e3e387e779d6508
subversion_1.6.17dfsg-3ubuntu3.5.dsc 3.0 KiB 635ec66267d7498ed77d6b58932222af23db16e921f0e37e98790fd0d91d2d65

View changes file

Binary packages built by this source

libapache2-svn: Subversion server modules for Apache

 This package provides the mod_dav_svn and mod_authz_svn modules for
 the Apache 2.2 web server. These modules provide Subversion's WebDAV
 server backend, to serve repositories over the http and https
 protocols. See the 'subversion' package for more information.

libapache2-svn-dbgsym: debug symbols for package libapache2-svn

 This package provides the mod_dav_svn and mod_authz_svn modules for
 the Apache 2.2 web server. These modules provide Subversion's WebDAV
 server backend, to serve repositories over the http and https
 protocols. See the 'subversion' package for more information.

libsvn-dev: Development files for Subversion libraries

 This package contains the symlinks, headers, and object files needed
 to compile and link programs which use libsvn1, the Subversion
 libraries. This package is needed only in order to compile software
 that uses libsvn1.

libsvn-doc: Developer documentation for libsvn

 This package contains development (API) documentation for libsvn1, the
 Subversion libraries. See the 'libsvn1' package for more information.

libsvn-java: Java bindings for Subversion

 This is a set of Java classes which provide the functionality of
 libsvn, the Subversion libraries. It is useful if you want to, for
 example, write a Java class that manipulates a Subversion repository
 or working copy. See the 'subversion' package for more information.

libsvn-java-dbgsym: debug symbols for package libsvn-java

 This is a set of Java classes which provide the functionality of
 libsvn, the Subversion libraries. It is useful if you want to, for
 example, write a Java class that manipulates a Subversion repository
 or working copy. See the 'subversion' package for more information.

libsvn-perl: Perl bindings for Subversion

 This is a set of Perl interfaces to libsvn, the Subversion libraries.
 It is useful if you want to, for example, write a Perl script that
 manipulates a Subversion repository or working copy. See the
 'subversion' package for more information.

libsvn-perl-dbgsym: debug symbols for package libsvn-perl

 This is a set of Perl interfaces to libsvn, the Subversion libraries.
 It is useful if you want to, for example, write a Perl script that
 manipulates a Subversion repository or working copy. See the
 'subversion' package for more information.

libsvn-ruby: Ruby bindings for Subversion (dummy package)

 This is a dummy package to install the Subversion library bindings for
 the default version of Ruby.

libsvn-ruby1.8: Ruby bindings for Subversion

 This is a set of Ruby interfaces to libsvn, the Subversion libraries.
 It is useful if you want to, for example, write a Ruby script that
 manipulates a Subversion repository or working copy. See the
 'subversion' package for more information.

libsvn-ruby1.8-dbgsym: debug symbols for package libsvn-ruby1.8

 This is a set of Ruby interfaces to libsvn, the Subversion libraries.
 It is useful if you want to, for example, write a Ruby script that
 manipulates a Subversion repository or working copy. See the
 'subversion' package for more information.

libsvn1: Shared libraries used by Subversion

 This package includes shared libraries to manipulate Subversion (svn)
 repositories and working copies. See the 'subversion' package for
 more information.

libsvn1-dbgsym: debug symbols for package libsvn1

 This package includes shared libraries to manipulate Subversion (svn)
 repositories and working copies. See the 'subversion' package for
 more information.

python-subversion: Python bindings for Subversion

 This is a set of Python interfaces to libsvn, the Subversion
 libraries. It is useful if you want to, for example, write a Python
 script that manipulates a Subversion repository or working copy. See
 the 'subversion' package for more information.

python-subversion-dbg: Python bindings for Subversion (debug extension)

 This is a set of Python interfaces to libsvn, the Subversion
 libraries. It is useful if you want to, for example, write a Python
 script that manipulates a Subversion repository or working copy. See
 the 'subversion' package for more information.
 .
 This package contains the extension built for the python debug interpreter.

python-subversion-dbgsym: debug symbols for package python-subversion

 This is a set of Python interfaces to libsvn, the Subversion
 libraries. It is useful if you want to, for example, write a Python
 script that manipulates a Subversion repository or working copy. See
 the 'subversion' package for more information.

subversion: Advanced version control system

 Subversion, also known as svn, is a version control system much like
 the Concurrent Versions System (CVS). Version control systems allow
 many individuals (who may be distributed geographically) to
 collaborate on a set of files (typically source code). Subversion has
 all the major features of CVS, plus certain new features that CVS
 users often wish they had.
 .
 This package includes the Subversion client (svn), tools to create a
 Subversion repository (svnadmin) and to make a repository available
 over a network (svnserve).

subversion-dbgsym: debug symbols for package subversion

 Subversion, also known as svn, is a version control system much like
 the Concurrent Versions System (CVS). Version control systems allow
 many individuals (who may be distributed geographically) to
 collaborate on a set of files (typically source code). Subversion has
 all the major features of CVS, plus certain new features that CVS
 users often wish they had.
 .
 This package includes the Subversion client (svn), tools to create a
 Subversion repository (svnadmin) and to make a repository available
 over a network (svnserve).

subversion-tools: Assorted tools related to Subversion

 This package includes miscellaneous tools for use with Subversion
 clients and servers:
  * svn-backup-dumps: Incremental dumpfile-based backup script
  * svn-bisect: Bisect revisions to find a regression
  * svn-clean: Remove unversioned files from a working copy
  * svn-fast-backup: rsync-based backup script for FSFS repositories
  * svn-hot-backup: Backup script, primarily for BDB repositories
  * svn_apply_autoprops: Apply property settings from
    .subversion/config file to an existing repository
  * svn_load_dirs: Sophisticated replacement for 'svn import'
  * svn2cl: Generate GNU-style changelog from repository history
  * svnmerge: Maintain merge history between two related branches
    (mostly obsolete as of Subversion 1.5)
  * svnwrap: Set umask to 002 before calling svn or svnserve
  * several example hook scripts: commit-access-control, commit-email,
    log-police, mailer, svnperms, verify-po
 .
 NOTE that some of these scripts are unsupported by upstream, and may
 change radically or disappear in future releases. The Recommended
 packages are each required by at least one of these scripts.