Change logs for subversion source package in Quantal

subversion (1.7.5-1ubuntu2.1) quantal-security; urgency=low

  * SECURITY UPDATE: denial of service in mod_dav_svn
    - debian/patches/CVE-2013-1845.patch: handle multiple calls in
      subversion/mod_dav_svn/deadprops.c.
    - CVE-2013-1845
  * SECURITY UPDATE: denial of service in mod_dav_svn via LOCK
    - debian/patches/CVE-2013-1846_1847.patch: properly validate locks in
      subversion/mod_dav_svn/lock.c.
    - CVE-2013-1846
    - CVE-2013-1847
  * SECURITY UPDATE: denial of service in mod_dav_svn via PROPFIND
    - debian/patches/CVE-2013-1849.patch: validate type in
      subversion/mod_dav_svn/liveprops.c.
    - CVE-2013-1849
  * SECURITY UPDATE: denial of service in mod_dav_svn via log REPORT
    - debian/patches/CVE-2013-1884.patch: fix error handling in
      subversion/mod_dav_svn/reports/log.c.
    - CVE-2013-1884
  * SECURITY UPDATE: repo corruption via newline chars in filenames
    - debian/patches/CVE-2013-1968.patch: properly escape paths in
      subversion/libsvn_fs_fs/tree.c, added test to
      subversion/tests/libsvn_fs/fs-test.c.
    - CVE-2013-1968
  * SECURITY UPDATE: denial of service via closed connection
    - debian/patches/CVE-2013-2112.patch: check for closed connections in
      subversion/svnserve/main.c.
    - CVE-2013-2112
 -- Marc Deslauriers <email address hidden>   Fri, 21 Jun 2013 13:21:08 -0400

subversion (1.7.5-1ubuntu2) quantal; urgency=low

  * Drop svn2cl to Suggests; we don't particularly need it in Ubuntu main
    (LP: #1048824).
 -- Colin Watson <email address hidden>   Fri, 28 Sep 2012 11:53:18 +0100

subversion (1.7.5-1ubuntu1) quantal; urgency=low

  * Merge from Debian unstable.  Remaining changes:
    - Create pot file on build.
    - Build a python-subversion-dbg package.
    - Build-depend on python-dbg.
    - Build-depend on default-jre-headless/-jdk.
    - Do not apply java-build patch.
    - debian/rules: Manually create the doxygen output directory, otherwise
      we get weird build failures when running parallel builds.

subversion (1.7.5-1) unstable; urgency=low

  [ Peter Samuelson ]
  * New upstream version.
    - Refresh patches; remove obsolete no-dbus-spam, kwallet-wid,
      perl-warning, perl-compiler-flags, po, swig2-compat,
      disable-failing-tests, python-exception-syntax
    - Split patches/apr-abi into apr-abi1 (to be submitted) and
      apr-abi2 (Debian-specific).
    - Disable patches/ruby-test-info ... for now.
    - Requires serf 1.0 or higher.
  * Upstream no longer ships contrib in tarball:
    - Remove contrib-license-audit
    - subversion-tools now Recommends: svn2cl
    - Ship svn-clean, svn-fast-backup, svn_apply_autoprops,
      svn_load_dirs, commit-email.pl in debian/contrib
    - Don't ship svnmerge.py, it has outlived its usefulness
    - Delete patches/{svn2cl-*,svn-clean-ignore,commit-email}
    - Overhaul debian/copyright
  * rules: Specify that we want our own libtool.  Otherwise it finds the
    one from /usr/share/apr-1.0/build, which doesn't support C++.
  * patches/entropy: Remove as obsolete.  It was a workaround for apr
    using /dev/random, but apr switched to /dev/urandom in 1.3.
  * Move emacs plugins from subversion to subversion-tools.
  * patches/java-osgi-metadata: Add OSGi metadata to the libsvn-java
    jarfile.  Thanks Jakub Adam.  (Closes: #644438)
  * Switch from python-support to dh_python2.
  * patches/python-swig205: New patch: Adjust for swig 2.0.5+ handling of
    Python ints vs. longs.

  [ Michael Diers ]
  * More contrib adjustments:
    - Provide debian/contrib/emacs from upstream VCS contrib/client-side/emacs
    - Add svn_1.6_releasenotes.html, svn_1.7_releasenotes.html
    - subversion.docs, subversion.install
    - subversion-tools.docs, subversion-tools.manpages

subversion (1.6.18dfsg-1) experimental; urgency=low

  * New upstream version.
    - patches/sasl-mem-handling: delete obsolete patch.
  * Add Conflicts and Replaces: libsvn-jni.  (Closes: #675987)
  * Rename libsvn-ruby1.8 to ruby-svn, per Ruby policy.
    Leave transition package behind for wheezy.

subversion (1.6.17dfsg-4) unstable; urgency=medium

  * Ack NMU, thanks Ondrej.  Urgency medium because the NMU fixes RC bugs.
    - Revert libsvn-java split.  Instead, disable multiarch for libsvn-java.
      If anyone _needs_ multiarch for Java libraries, which I doubt, we
      should come up with a way to produce deterministic jar files.
    - Reintroduce specific db dependencies, so a random binNMU can't
      change the DB version without warning.
  * Disable serf support for now, as this release won't properly work with
    serf 1.0.
  * patches/g++47: New patch to build with g++ 4.7.
  * Policy 3.9.3 (no changes).
  * Move ruby files to /usr/lib/ruby/vendor_ruby per ruby policy.

subversion (1.6.17dfsg-3.1) unstable; urgency=low

  * Non-maintainer upload
  * Disable test-suite which was broken by apr 1.4.6 update (Closes: #669494)
  * Also rescue on Errno::EINVAL (Closes: #624810, #629952)
  * Split libsvn-java to libsvn-java and libsvn-jni (Closes: #670034)
  * Depend on generic libdb-dev and db-util (Closes: #621460)
  * Install java files prior to dh_install -i call
  * Declare proper relationships between -jni and -java packages
 -- Andy Whitcroft <email address hidden>   Thu, 21 Jun 2012 15:36:36 +0100

subversion (1.6.17dfsg-3ubuntu5) quantal; urgency=low

  * Switch from libdb4.8-dev to libdb5.1-dev, tracking apr-util.
 -- Adam Conrad <email address hidden>   Wed, 20 Jun 2012 19:19:02 -0600

subversion (1.6.17dfsg-3ubuntu4) quantal; urgency=low

  * Port to gcc-4.7.
  * Fix APR hash ordering issues in much of the test suite.
  * Fix python svn_stream_read() to allow Long integers matching its own
    generated constants.
  * Fix "svn log -g" output for merges.
 -- Andy Whitcroft <email address hidden>   Wed, 20 Jun 2012 13:44:11 +0100

subversion (1.6.17dfsg-3ubuntu3) precise; urgency=low

  * Build using dh_python2
 -- Matthias Klose <email address hidden>   Sat, 17 Dec 2011 15:01:54 +0000