FEDORA-2017-704c201dbb — security update for subversion

stable

subversion-1.9.6-2.fc26

FEDORA-2017-704c201dbb created by jorton 7 years ago for Fedora 26

This update includes the latest stable release of Apache Subversion, version 1.9.6.

User-visible changes:

Client-side bugfixes:

cp/mv: improve error message when target is an unversioned dir
merge: reduce memory usage with large amounts of mergeinfo (issue 4667)

Server-side bugfixes:

'svnadmin freeze': document the purpose more clearly
dump: fix segfault when a revision has no revprops
fsfs: improve error message upon failure to open rep-cache
fsfs: never attempt to share directory representations
fsfs: make consistency independent of hash algorithms This change makes Subversion resilient to collision attacks, including SHA-1 collision attacks such as http://shattered.io/. See also our documentation at https://subversion.apache.org/faq#shattered-sha1 and https://subversion.apache.org/docs/release-notes/1.9#shattered-sha1.

Client-side and server-side bugfixes:

work around an APR bug related to file truncation

Bindings bugfixes:

javahl: follow redirects when opening a connection

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2017-704c201dbb

This update has been submitted for testing by jorton.

7 years ago

This update has been pushed to testing.

7 years ago

besser82 commented & provided feedback 7 years ago

karma

Works great! LGTM! =)

bt0dotninja commented & provided feedback 7 years ago

karma

all basic functions works for me

jorton edited this update.

7 years ago

cserpentis commented & provided feedback 7 years ago

karma

works for me

This update has reached the stable karma threshold and can be pushed to stable now if the maintainer wishes.

7 years ago

jorton edited this update.

New build(s):

subversion-1.9.6-2.fc26

Removed build(s):

subversion-1.9.6-1.fc26

Karma has been reset.

7 years ago

This update has been submitted for testing by jorton.

7 years ago

This update has been pushed to testing.

7 years ago

lonelywoolf provided feedback 7 years ago

karma

BZ#1467890 subversion-1.9.6 is available

jorton edited this update.

7 years ago

filiperosset commented & provided feedback 7 years ago

karma

no regressions noted

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by jorton.

7 years ago

This update has been pushed to stable.

7 years ago

Please login to add feedback.

Metadata

Type

security

Karma

Signed

Content Type

RPM

Test Gating

None

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

disabled

Dates

submitted

7 years ago

in testing

7 years ago

in stable

7 years ago

modified

7 years ago

Builds

subversion-1.9.6-2.fc26

BZ#1429939 subversion: SHA-1 collision causes repository breakage [fedora-all]

BZ#1467890 subversion-1.9.6 is available

BZ#1469158 subversion-javahl libraries are missing

subversion-1.9.6-2.fc26

Automated Test Results

None