Hello community, here is the log from the commit of package subversion for openSUSE:Factory checked in at 2016-12-02 16:42:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/subversion (Old) and /work/SRC/openSUSE:Factory/.subversion.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "subversion" Changes: -------- --- /work/SRC/openSUSE:Factory/subversion/subversion.changes 2016-07-01 10:00:09.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.subversion.new/subversion.changes 2016-12-02 16:42:06.000000000 +0100 @@ -1,0 +2,39 @@ +Wed Nov 30 07:42:07 UTC 2016 - tchvatal@suse.com + +- Version update to 1.9.5: + * bsc#1011552 CVE-2016-8734 Unrestricted XML entity expansion in + mod_dontdothat and Subversion clients using http(s):// +- Client-side bugfixes: + * fix accessing non-existent paths during reintegrate merge (r1766699 et al) + * fix handling of newly secured subdirectories in working copy (r1724448) + * info: remove trailing whitespace in --show-item=revision (issue #4660) + * fix recording wrong revisions for tree conflicts (r1734106) + * gpg-agent: improve discovery of gpg-agent sockets (r1766327) + * gpg-agent: fix file descriptor leak (r1766323) + * resolve: fix --accept=mine-full for binary files (issue #4647) + * merge: fix possible crash (issue #4652) + * resolve: fix possible crash (r1748514) + * fix potential crash in Win32 crash reporter (r1663253 et al) +- Server-side bugfixes: + * fsfs: fix "offset too large" error during pack (issue #4657) + * svnserve: enable hook script environments (r1769152) + * fsfs: fix possible data reconstruction error (issue #4658) + * fix source of spurious 'incoming edit' tree conflicts (r1770108) + * fsfs: improve caching for large directories (r1721285) + * fsfs: fix crash when encountering all-zero checksums (r1759686) + * fsfs: fix potential source of repository corruptions (r1756266) + * mod_dav_svn: fix excessive memory usage with mod_headers/mod_deflate + (issue #3084) + * mod_dav_svn: reduce memory usage during GET requests (r1757529 et al) + * fsfs: fix unexpected "database is locked" errors (r1741096 et al) + * fsfs: fix opening old repositories without db/format files (r1720015) +- Client-side and server-side bugfixes: + * fix possible crash when reading invalid configuration files (r1715777) +- Bindings bugfixes: + * swig-pl: do not corrupt "{DATE}" revision variable (r1767768) + * javahl: fix temporary accepting SSL server certificates (r1764851) + * swig-pl: fix possible stack corruption (r1683266, r1683267) +- Drop no longer needed patch: + * subversion-1.8.11-swig-py-comment-3.patch + +------------------------------------------------------------------- Old: ---- subversion-1.8.11-swig-py-comment-3.patch subversion-1.9.4.tar.bz2 subversion-1.9.4.tar.bz2.asc New: ---- subversion-1.9.5.tar.bz2 subversion-1.9.5.tar.bz2.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ subversion.spec ++++++ --- /var/tmp/diff_new_pack.cKInY3/_old 2016-12-02 16:42:08.000000000 +0100 +++ /var/tmp/diff_new_pack.cKInY3/_new 2016-12-02 16:42:08.000000000 +0100 @@ -36,7 +36,7 @@ %bcond_without python_ctypes %bcond_with all_regression_tests Name: subversion -Version: 1.9.4 +Version: 1.9.5 Release: 0 Summary: Subversion version control system License: Apache-2.0 @@ -63,7 +63,6 @@ Patch37: subversion-no-build-date.patch Patch39: subversion-fix-parallel-build-support-for-perl-bindings.patch Patch40: subversion-perl-underlinking.patch -Patch44: subversion-1.8.11-swig-py-comment-3.patch Patch45: subversion-1.8.11-autocheck-time.patch Patch48: subversion-1.9.0-allow-httpd-2.4.6.patch BuildRequires: apache2-devel >= 2.2.0 @@ -137,8 +136,8 @@ %package devel Summary: Development package for Subversion developers -Group: Development/Libraries/C and C++ # this pulls in libapr1-devel and libexpat-devel +Group: Development/Libraries/C and C++ Requires: libapr-util1-devel Requires: subversion = %{version} @@ -242,7 +241,6 @@ %patch37 -p1 %patch39 %patch40 -p1 -%patch44 -p1 %patch45 -p1 %patch48 -p1 ++++++ subversion-1.9.4.tar.bz2 -> subversion-1.9.5.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/subversion/subversion-1.9.4.tar.bz2 /work/SRC/openSUSE:Factory/.subversion.new/subversion-1.9.5.tar.bz2 differ: char 11, line 1 ++++++ subversion.keyring ++++++ ++++ 84622 lines (skipped) ++++ between /work/SRC/openSUSE:Factory/subversion/subversion.keyring ++++ and /work/SRC/openSUSE:Factory/.subversion.new/subversion.keyring