[arch-dev-public] [signoff] subversion-1.6.17-1
Pierre Schmitz
pierre at archlinux.de
Sat Jun 4 08:32:52 EDT 2011
On Wed, 1 Jun 2011 21:18:22 -0400, Stéphane Gaudreault wrote:
> Hi,
>
> I updated subversion to 1.6.17, which fix the following security issues [1] :
>
> CVE-2011-1752: Server NULL-pointer dereference
> CVE-2011-1783: Server memory exhaustion
> CVE-2011-1921: mod_dav_svn exposure of unreadable paths
>
> CVE-2011-0715 : a remotely-triggerable DoS for httpd-based
> Subversion
> servers
>
> This update also fix FS#24536.
>
> Please test and signoff
>
> Stéphane
>
> [1] Changelogs :
> - 1.6.17 : http://svn.haxx.se/dev/archive-2011-06/0030.shtml
> - 1.6.16 : http://svn.haxx.se/dev/archive-2011-03/0122.shtml
You'll need to add sqlite3 as dependency. See
https://bugs.archlinux.org/task/24250 No idea why namcap does not report
this issue.
--
Pierre Schmitz, https://users.archlinux.de/~pierre
More information about the arch-dev-public
mailing list