Hello community,
here is the log from the commit of package subversion for openSUSE:Factory
checked in at Thu Oct 28 12:56:03 CEST 2010.
--------
--- subversion/subversion.changes 2010-09-20 18:23:46.000000000 +0200
+++ subversion/subversion.changes 2010-10-02 23:21:47.000000000 +0200
@@ -1,0 +2,39 @@
+Sat Oct 2 20:36:52 UTC 2010 - pascal.bleser@opensuse.org
+
+- fixes CVE-2010-3315:
+ http://subversion.apache.org/security/CVE-2010-3315-advisory.txt
+ (only affects certain scenarios when using "SVNPathAuthz short_circuit")
+
+- update to 1.6.13:
+ * don't drop properties during foreign-repo merges (issue #3623)
+ * improve auto-props failure error message (r961970)
+ * improve error message for 403 status with ra_neon (r876615)
+ * don't allow 'merge --reintegrate' for 2-url merges (r959004)
+ * improve handling of missing fsfs.conf during hotcopy (r980811, -1449)
+ * escape unsafe characters in a URL during export (issue #3683)
+ * don't leak stale locks in FSFS (r959760)
+ * better detect broken working copies during update over ra_neon (r979045)
+ * fsfs: make rev files read-only (r981921)
+ * properly canonicalize a URL (r984928, -31)
+ * fix wc corruption with 'commit --depth=empty' (issue #3700)
+ * permissions fixes when doing reintegrate merges (related to issue #3242)
+ * fix mergeinfo miscalculation during 2-url merges (issue #3648)
+ * fix error transmission problems in svnserve (r997457, -66)
+ * fixed: record-only merges create self-referential mergeinfo (issue #3646)
+ * fixed: 'SVNPathAuthz short_circuit' unsolicited read access (issue #3695)
+ * make 'svnmucc propset' handle existing and non-existing URLs (r1000607)
+ * add new 'propsetf' subcommand to svnmucc (r1000612)
+ * emit a warning about copied dirs during ci with limited depth (r1002094)
+ * make ruby bindings compatible with Ruby 1.9 (r957507)
+ * use the repos verify API in JavaHL (r948916)
+ * teach ra_serf to parse md5 checksums with update editors (r979429)
+ * let ra_serf work with current serf releases (r879757, r880320, r943796)
+
+-------------------------------------------------------------------
+Mon Sep 27 10:31:48 UTC 2010 - dimstar@opensuse.org
+
+- Add subversion-neon-systemproxy.patch: Use Neon's system-proxy
+ feature that was introduced in neon 0.29. In the background, neon
+ uses libproxy to get the right information from the session.
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
subversion-1.6.12.tar.bz2
New:
----
subversion-1.6.13.tar.bz2
subversion-neon-systemproxy.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ subversion.spec ++++++
--- /var/tmp/diff_new_pack.GiLPWF/_old 2010-10-28 12:54:14.000000000 +0200
+++ /var/tmp/diff_new_pack.GiLPWF/_new 2010-10-28 12:54:14.000000000 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package subversion (Version 1.6.12)
+# spec file for package subversion (Version 1.6.13)
#
# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
# Copyright (c) 2009-2010 Pascal Bleser
@@ -41,7 +41,7 @@
%endif # suse_version > 1030
Name: subversion
-Version: 1.6.12
+Version: 1.6.13
Release: 1
# in-tree SWIG version to use for the build:
%define swig_version 1.3.36
@@ -159,6 +159,8 @@
Patch35: subversion.java14.patch
Patch36: subversion-ctypes-remove_shebang.patch
Patch37: subversion-no-build-date.patch
+# PATCH-FEATURE-UPSTREAM subversion-neon-systemproxy.patch dimstar@opensuse.org -- Use system proxy offered by neon, if no specific config is used (Thus, actually using libproxy in the background to use 'the right proxy' as configured in the system).
+Patch38: subversion-neon-systemproxy.patch
#
%if %with_ruby
%if %{!?rb_arch:1}0
@@ -223,7 +225,7 @@
%package perl
-License: ASLv.. ; Subversion License, http://subversion.tigris.org/license-1.html
+License: ASLv2 ; Subversion License, http://subversion.tigris.org/license-1.html
Group: Development/Tools/Version Control
Summary: Allows Perl scripts to directly use Subversion repositories
Requires: subversion = %{version}
@@ -236,7 +238,7 @@
%package python
-License: ASLv.. ; Subversion License, http://subversion.tigris.org/license-1.html
+License: ASLv2 ; Subversion License, http://subversion.tigris.org/license-1.html
Group: Development/Tools/Version Control
Summary: Allows Python scripts to directly use Subversion repositories
Requires: subversion = %{version}
@@ -345,6 +347,7 @@
%patch35
%patch36 -p0
%patch37
+%patch38
%if 0%{?sles_version} == 9
%__grep -rwl '/usr/bin/python' . | xargs %__sed -i 's|/usr/bin/python|%{_usr}/bin/python2.5|g'
%__grep -rwl '/usr/bin/env python' . | xargs %__sed -i 's|/usr/bin/env python|%{_usr}/bin/python2.5|g'
@@ -358,6 +361,8 @@
}
%build
+# Re-boot strap, needed for patch37
+./autogen.sh
# This package failed when testing with -Wl,-as-needed being default.
# So we disable it here, if you want to retest, just delete this comment and the line below.
export SUSE_ASNEEDED=0
++++++ subversion-1.6.12.tar.bz2 -> subversion-1.6.13.tar.bz2 ++++++
++++ 3660 lines of diff (skipped)
++++++ subversion-neon-systemproxy.patch ++++++
Index: subversion/libsvn_ra_neon/session.c
===================================================================
--- subversion/libsvn_ra_neon/session.c.orig
+++ subversion/libsvn_ra_neon/session.c
@@ -885,6 +885,17 @@ svn_ra_neon__open(svn_ra_session_t *sess
}
#endif
}
+#ifdef SVN_NEON_0_29
+ else
+ {
+ /* If we do not have any proxy specified for this host and
+ we're running a new enough neon implementation, we use
+ neon's session proxy autodetection (via libproxy). */
+ ne_session_system_proxy(sess, 0);
+ ne_session_system_proxy(sess2, 0);
+ }
+#endif
+
if (!timeout)
timeout = DEFAULT_HTTP_TIMEOUT;
Index: build/ac-macros/neon.m4
===================================================================
--- build/ac-macros/neon.m4.orig
+++ build/ac-macros/neon.m4
@@ -69,6 +69,11 @@ AC_DEFUN(SVN_LIB_NEON,
[Define to 1 if you have Neon 0.28 or later.])
fi
+ if test -n ["`echo "$NEON_VERSION" | grep '^0\.29\.'`"] ; then
+ AC_DEFINE_UNQUOTED([SVN_NEON_0_29], [1],
+ [Define to 1 if you have Neon 0.29 or later.])
+ fi
+
for svn_allowed_neon in $NEON_ALLOWED_LIST; do
if test -n "`echo "$NEON_VERSION" | grep "^$svn_allowed_neon"`" ||
test "$svn_allowed_neon" = "any"; then
@@ -160,6 +165,11 @@ AC_DEFUN(SVN_NEON_CONFIG,
[Define to 1 if you have Neon 0.28 or later.])
fi
+ if test -n ["`echo "$NEON_VERSION" | grep '^0\.29\.'`"] ; then
+ AC_DEFINE_UNQUOTED([SVN_NEON_0_29], [1],
+ [Define to 1 if you have Neon 0.29 or later.])
+ fi
+
for svn_allowed_neon in $NEON_ALLOWED_LIST; do
if test -n "`echo "$NEON_VERSION" | grep "^$svn_allowed_neon"`" ||
test "$svn_allowed_neon" = "any"; then
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org