-
subversion (1.9.7-4ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: CVE-2018-11782, CVE-2019-0203, CVE-2020-17525 (LP: #1970228)
- debian/patches/CVE-2018-11782.patch: New patch from upstream security
advisory, that also fixes CVE-2019-0203.
- debian/patches/handle_missing_file.patch: New patch from Subversion 1.10
needed to apply CVE-2020-17525.patch.
- debian/patches/CVE-2020-17525.patch: New patch from upstream security
advisory.
- debian/patches/java10-compatibility: New patch from Debian buster to fix
build failure with OpenJDK 11.
-- Luís Infante da Câmara <email address hidden> Sat, 21 May 2022 08:24:25 +0100
-
subversion (1.9.7-4ubuntu1) bionic; urgency=medium
* Merge with Debian; remaining changes:
- Build a python-subversion-dbg package.
- Build-depend on python-all-dbg.
- debian/patches/verbose-tests: Make tests verbose.
- debian/rules: add verbosity level to --with-ruby-test-verbose
configure argument as the ruby swig test errors out without a
specific level
subversion (1.9.7-4) unstable; urgency=medium
* Actually drop quilt Build-Depends
* Change Vcs-* to salsa.d.o
* Declare compliance with Policy 4.1.3, no changes needed
* Switch default-jdk Build-Depends to headless variant
* Disable parallelization for local-install target
* Disable libsvn-java on ia64
-- Matthias Klose <email address hidden> Wed, 28 Mar 2018 16:49:13 +0800
-
subversion (1.9.7-3ubuntu3) bionic; urgency=high
* No change rebuild against ruby-defaults without ruby2.3 support.
-- Dimitri John Ledkov <email address hidden> Thu, 01 Mar 2018 09:36:33 +0000
-
subversion (1.9.7-3ubuntu2) bionic; urgency=medium
* No-change rebuild for ruby2.5 update.
-- Matthias Klose <email address hidden> Thu, 01 Feb 2018 19:14:27 +0000
-
subversion (1.9.7-3ubuntu1) bionic; urgency=medium
* Merge from Debian unstable. Remaining changes:
- Build a python-subversion-dbg package.
- Build-depend on python-all-dbg.
- debian/patches/verbose-tests: Make tests verbose.
- debian/rules: add verbosity level to --with-ruby-test-verbose
configure argument as the ruby swig test errors out without a
specific level
subversion (1.9.7-3) unstable; urgency=medium
* Remove workaround for #871514, now that it's fixed.
* Convert package to 3.0 (quilt)
* Stop generating libsvn-perl.install. The multi-arch vendor directory has
been in effect since jessie.
* debian/rules:
+ Ensure $(PY_DIR) always exists so the upstream Makefiles don't try to
recreate it, causing the build to fail.
+ Add .NOTPARALLEL to prevent install-arch's dh_prep from deleting files
install-indep installed or vice-versa. Thanks to Robert McQueen for the
idea. (Closes: #680125)
* patches/build-fixes:
+ Stop patching out calls to serf_debug__closed_conn. This requires serf
>= 1.3.9-4 to avoid gaining invalid Depends.
+ Remove out-of-tree swig changes. Using an absolute path for the
out-of-tree directory and ensuring the relevant build directories exists
resolves the problem.
* patches/rpath:
+ Move INSTALLDIRS=vendor to debian/rules instead of patching upstream
code.
+ Use "chrpath -d" to remove RPATHs instead of changing various bits of
upstream build system.
* Lintian:
+ Use https URL in debian/watch
+ Change extra Priorities to optional
* Declare compliance with Policy 4.1.2
* Mark libsvn-{doc,dev} Multi-Arch: foreign/same, respectively, per the
multiarch hinter.
-- Marc Deslauriers <email address hidden> Thu, 14 Dec 2017 16:02:54 -0500
-
subversion (1.9.7-2ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- Build a python-subversion-dbg package.
- Build-depend on python-all-dbg.
- debian/patches/verbose-tests: Make tests verbose.
* Updated changes:
- debian/rules: add verbosity level to --with-ruby-test-verbose
configure argument as the ruby swig test errors out without a
specific level
* Dropped Ubuntu changes:
- debian/patches/CVE-2017-9800-1.9.6.patch: fixed upstream
- debian/control: drop X-Python-Versions: as it is no longer
needed with 2.7 the only remaining supported python 2 version
and on obsolete flag
- debian/rules: drop change that ignores swig test failures
subversion (1.9.7-2) unstable; urgency=medium
* Disable optimizations on mips64el to workaround GCC bug #871514.
* Use debhelper's dh_update_autotools_config and drop explicit Build-Depends
on autotools-dev.
subversion (1.9.7-1) unstable; urgency=high
* New upstream release
+ Security fix
- CVE-2017-9800: Arbitrary code execution on clients through malicious
svn+ssh URLs in svn:externals and svn:sync-from-url
subversion (1.9.6-1) unstable; urgency=medium
* New upstream release
+ Subversion server will now reject commits which cause SHA1 collisions,
if rep-sharing is enabled (as it is by default) in db/fsfs.conf.
* Remove Peter Samuelson as maintainer, at request of MIA team. Thanks for
all the fish! (Closes: #852219)
* Revise metadata for subversion. (Closes: #863037)
+ Add mention of svnsync to Description
+ Suggests libapache2-mod-svn
* Remove "-pie" from hardening options since the semantics changed in dpkg
1.18.13. Thanks to Adrian Bunk for the explanation/patch. (Closes:
#865696)
* Bump minimum SQLite compatibility to 3.8.7
* Declare compliance with Policy 4.0.0, no changes needed
* Bump debhelper compat to 10
-- Ubuntu Merge-o-Matic <email address hidden> Thu, 17 Aug 2017 10:20:03 +0000
