Hello community, here is the log from the commit of package subversion for openSUSE:Factory checked in at 2013-09-02 15:03:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/subversion (Old) and /work/SRC/openSUSE:Factory/.subversion.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "subversion" Changes: -------- --- /work/SRC/openSUSE:Factory/subversion/subversion.changes 2013-07-24 23:41:04.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.subversion.new/subversion.changes 2013-09-02 15:03:01.000000000 +0200 @@ -1,0 +2,51 @@ +Fri Aug 30 16:00:16 UTC 2013 - andreas.stieger@gmx.de + +- update to 1.8.3 + CVE-2013-4246: fsfs: corruption from editing packed revision properties + CVE-2013-4262: admin-side tools: symlink attack against pid file + CVE-2013-4277: svnserve: symlink attack against pid file +- User-visible changes: + - Client- and server-side bugfixes: + * translation updates for Swedish + * enforce strict version equality between tools and libraries + * consistently output revisions as "r%ld" in error messags + - Client-side bugfixes: + * status: always use absolute paths in XML output + * ra_serf: 'svn log -v' fails with a 1.2.x server + * ra_serf: fix crash when committing cp with deep deletion + * diff: issue an error for files that can't fit in memory + * svnmucc: generate proper error for mismatched URLs + * update: fix a crash when a temp file doesn't exist + * commit & update: improve sleep for timestamps performance + * diff: continue on missing or obstructing files + * ra_serf: use runtime serf version for User-Agent + * ra_serf: ignore case when checking certificate common names + * ra_serf: format distinguished names properly + * ra_serf: do not retry HTTP requests if we started to parse them + * ra_serf: output ssl cert verification failure reason + * ra_serf: allow session reuse after SVN_ERR_CEASE_INVOCATION + * ra_serf: include library version in '--version' output + * info: fix spurious error on wc root with child in conflict + - Server-side bugfixes: + * svnserve: fix creation of pid files + * svnadmin: fix output encoding in non-UTF8 environments + * svnsync: fix high memory usage when running over ra_serf + * mod_dav_svn: do not map requests to filesystem + * svnauthz: improve help strings + * fsfs: fixed manifest file growth with revprop changes + * fsfs: fix packed revprops causing loss of revprops + - Other tool improvements and bugfixes: + * svnwcsub/irkerbridge: fix symlink attack via pid file + + Developer-visible changes: + - General: + * describe APR unimplemented errors as coming from APR + * mod_dav_svn: update INSTALL to reflect configure defaults + * davautocheck: use the correct apxs binary by default + - API changes: + * svn_config_walk_auth_data() config_dir arg: permit NULL) + - Bindings: + * swig-pl: fix SVN::Client not honoring config file settings + * swig-pl & swig-py: disable unusable svn_fs_set_warning_func + +------------------------------------------------------------------- Old: ---- subversion-1.8.1.tar.bz2 subversion-1.8.1.tar.bz2.asc New: ---- subversion-1.8.3.tar.bz2 subversion-1.8.3.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ subversion.spec ++++++ --- /var/tmp/diff_new_pack.KtIK6M/_old 2013-09-02 15:03:03.000000000 +0200 +++ /var/tmp/diff_new_pack.KtIK6M/_new 2013-09-02 15:03:03.000000000 +0200 @@ -46,7 +46,7 @@ %define svnuser svn Name: subversion -Version: 1.8.1 +Version: 1.8.3 Release: 0 # in-tree SWIG version to use for the build: %define swig_version 1.3.36 ++++++ subversion-1.8.1.tar.bz2 -> subversion-1.8.3.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/subversion/subversion-1.8.1.tar.bz2 /work/SRC/openSUSE:Factory/.subversion.new/subversion-1.8.3.tar.bz2 differ: char 11, line 1 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org