[arch-dev-public] [signoff] subversion-1.6.17-1

Stéphane Gaudreault stephane at archlinux.org
Wed Jun 1 21:18:22 EDT 2011


I updated subversion to 1.6.17, which fix the following security issues [1] :

    CVE-2011-1752: Server NULL-pointer dereference 
    CVE-2011-1783: Server memory exhaustion 
    CVE-2011-1921: mod_dav_svn exposure of unreadable paths 

    CVE-2011-0715 : a remotely-triggerable DoS for httpd-based Subversion              

This update also fix FS#24536.

Please test and signoff


[1] Changelogs : 
 - 1.6.17 : http://svn.haxx.se/dev/archive-2011-06/0030.shtml
 - 1.6.16 : http://svn.haxx.se/dev/archive-2011-03/0122.shtml

More information about the arch-dev-public mailing list