buildroot/package/subversion/subversion.hash, branch 2016.02

package/subversion: security version bump to 1.9.3

2016-01-31T19:33:39+00:00

Release announcement: http://mail-archives.apache.org/mod_mbox/subversion-dev/201512.mbox/%3CCAP_GPNj_GCA869VQeJUrp5ngXsgN7pQQHSS=sqoXm8_6hHTTxg@mail.gmail.com%3E CVE-2015-5259: Remotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser. http://subversion.apache.org/security/CVE-2015-5259-advisory.txt CVE-2015-5343: Remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. http://subversion.apache.org/security/CVE-2015-5343-advisory.txt Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni

subversion: bump to version 1.9.2

2015-09-28T20:15:45+00:00

- Bump to version 1.9.2. - Update the hash file. - Use a tar.bz2 tarball to save space and bandwidth. - Fix a typo in the berkeley-db configure option. - Remove non-existent configure options: neon, gssapi and ssl. - Remove neon dependency: is not needed to build subversion. - Tweak the 0001-dont-mangle-cflags.patch for the 1.9.2 version and to patch configure.ac instead of configure. - Add a new 0002-disable-macos-specific-features.patch to remove a configure check for Mach-O (and two more) which breaks the build when cross-compiling. - Enable autoreconf since we are patching the configure.ac. Signed-off-by: Vicente Olivert Riera Signed-off-by: Thomas Petazzoni

subversion: security bump to version 1.7.19

2014-12-21T12:22:18+00:00

Fixes: CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests. CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names. Also add hash file. Signed-off-by: Gustavo Zacarias Signed-off-by: Thomas Petazzoni