stable
FEDORA-2022-13cc09ecf2 created by jorton 2 months ago for Fedora 35

This update includes the latest stable release of Apache Subversion, version 1.14.2. This update addresses two security issues, CVE-2021-28544 and CVE-2022-24070.

For more information see https://subversion.apache.org/security/CVE-2022-24070-advisory.txt and https://subversion.apache.org/security/CVE-2021-28544-advisory.txt

Client-side bugfixes:

  • Don't show unreadable copyfrom paths in 'svn log -v'
  • Fix -r option documentation for some svnadmin subcommands
  • Fix error message encoding when system() call fails
  • Fix assertion failure in conflict resolver

Client-side improvements and bugfixes:

  • Support multiple working copy formats (1.8-onward, 1.15)

Server-side bugfixes:

  • Fix use-after-free of object-pools when running in httpd (issue SVN-4880)

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2022-13cc09ecf2

This update has been submitted for testing by jorton.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has been pushed to testing.

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
2 months ago
BZ#1956806 subversion-1.14.1-2.fc35 FTBFS: tests fail
0
0
BZ#2073852 subversion-1.14.2 is available
0
0
BZ#2074772 CVE-2022-24070 subversion: Subversion's mod_dav_svn is vulnerable to memory corruption
0
0
BZ#2074773 CVE-2022-24070 subversion: Subversion's mod_dav_svn is vulnerable to memory corruption [fedora-all]
0
0
BZ#2074780 CVE-2021-28544 subversion: SVN authz protected copyfrom paths regression
0
0
BZ#2074781 CVE-2021-28544 subversion: SVN authz protected copyfrom paths regression [fedora-all]
0
0

Automated Test Results