Hello community, here is the log from the commit of package subversion for openSUSE:11.4 checked in at Tue Jun 7 14:12:37 CEST 2011. -------- --- old-versions/11.4/UPDATES/all/subversion/subversion.changes 2011-05-10 16:23:57.000000000 +0200 +++ 11.4/subversion/subversion.changes 2011-06-06 13:31:31.000000000 +0200 @@ -1,0 +2,40 @@ +Mon May 30 14:07:41 UTC 2011 - stsp@elego.de + +- update to 1.6.17 (bnc#698205): + includes security fixes [CVE-2011-1752, CVE-2011-1783, CVE-2011-1921] + User-visible changes: + * improve checkout speed on Windows (issue #3719) + * make 'blame -g' more efficient on with large mergeinfo (r1094692) + * avoid some invalid handle exceptions on Windows (r1095654) + * preserve log message with a non-zero editor exit (r1072084) + * fix FSFS cache performance on 64-bit platforms (r1103665) + * make svn cleanup tolerate obstructed directories (r1091881) + * fix deadlock in multithreaded servers serving FSFS repositories (r1104093) + * detect very occasional corruption and abort commit (issue #3845) + * fixed: file externals cause non-inheritable mergeinfo (issue #3843) + * fixed: file externals cause mixed-revision working copies (issue #3816) + * fix crash in mod_dav_svn with GETs of baselined resources (r1104126) + See CVE-2011-1752, and descriptive advisory at + http://subversion.apache.org/security/CVE-2011-1752-advisory.txt + * fixed: write-through proxy could direcly commit to slave (r917523) + * detect a particular corruption condition in FSFS (r1100213) + * improve error message when clients refer to unkown revisions (r939000) + * bugfixes and optimizations to the DAV mirroring code (r878607) + * fixed: locked and deleted file causes tree conflict (issue #3525) + * fixed: update touches locked file with svn:keywords property (issue #3471) + * fix svnsync handling of directory copyfrom (issue #3641) + * fix 'log -g' excessive duplicate output (issue #3650) + * fix svnsync copyfrom handling bug with BDB (r1036429) + * server-side validation of svn:mergeinfo syntax during commit (issue #3895) + * fix remotely triggerable mod_dav_svn DoS + See CVE-2011-1783, and descriptive advisory at + http://subversion.apache.org/security/CVE-2011-1783-advisory.txt + * fix potential leak of authz-protected file contents + See CVE-2011-1921, and descriptive advisory at + http://subversion.apache.org/security/CVE-2011-1921-advisory.txt + Developer-visible changes: + * fix reporting FS-level post-commit processing errors (r1104098) + * fix JVM recognition on OS X Snow Leopard (10.6) (r1028084) + * allow building on Windows with recent Expat (r1074572) + +------------------------------------------------------------------- calling whatdependson for 11.4-i586 Old: ---- subversion-1.6.16.tar.bz2 New: ---- subversion-1.6.17.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ subversion.spec ++++++ --- /var/tmp/diff_new_pack.IADZHt/_old 2011-06-07 14:11:44.000000000 +0200 +++ /var/tmp/diff_new_pack.IADZHt/_new 2011-06-07 14:11:44.000000000 +0200 @@ -41,8 +41,8 @@ %endif # suse_version > 1030 Name: subversion -Version: 1.6.16 -Release: 1.<RELEASE5> +Version: 1.6.17 +Release: 1.<RELEASE2> # in-tree SWIG version to use for the build: %define swig_version 1.3.36 %define sqlite_version 3.6.13 ++++++ subversion-1.6.16.tar.bz2 -> subversion-1.6.17.tar.bz2 ++++++ ++++ 4745 lines of diff (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org