summaryrefslogtreecommitdiffstats
path: root/package/subversion/subversion.hash
Commit message (Collapse)AuthorAgeFilesLines
* subversion: bump version to 1.9.5Vicente Olivert Riera2016-12-021-1/+4
| | | | | | | Also add a sha256 hash since upstream only provides one weak hash. Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* subversion: security bump to version 1.9.4Gustavo Zacarias2016-04-281-1/+1
| | | | | | | | | | | Fixes: CVE-2016-2167 - svnserve/sasl may authenticate users using the wrong realm. CVE-2016-2168 - Remotely triggerable DoS vulnerability in mod_authz_svn during COPY/MOVE authorization check. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/subversion: security version bump to 1.9.3Bernd Kuhls2016-01-311-1/+1
| | | | | | | | | | | | | | | | | | Release announcement: http://mail-archives.apache.org/mod_mbox/subversion-dev/201512.mbox/%3CCAP_GPNj_GCA869VQeJUrp5ngXsgN7pQQHSS=sqoXm8_6hHTTxg@mail.gmail.com%3E CVE-2015-5259: Remotely triggerable heap overflow and out-of-bounds read caused by integer overflow in the svn:// protocol parser. http://subversion.apache.org/security/CVE-2015-5259-advisory.txt CVE-2015-5343: Remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn caused by integer overflow when parsing skel-encoded request bodies. http://subversion.apache.org/security/CVE-2015-5343-advisory.txt Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* subversion: bump to version 1.9.2Vicente Olivert Riera2015-09-281-2/+2
| | | | | | | | | | | | | | | | | | - Bump to version 1.9.2. - Update the hash file. - Use a tar.bz2 tarball to save space and bandwidth. - Fix a typo in the berkeley-db configure option. - Remove non-existent configure options: neon, gssapi and ssl. - Remove neon dependency: is not needed to build subversion. - Tweak the 0001-dont-mangle-cflags.patch for the 1.9.2 version and to patch configure.ac instead of configure. - Add a new 0002-disable-macos-specific-features.patch to remove a configure check for Mach-O (and two more) which breaks the build when cross-compiling. - Enable autoreconf since we are patching the configure.ac. Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* subversion: security bump to version 1.7.19Gustavo Zacarias2014-12-211-0/+2
Fixes: CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests. CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names. Also add hash file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
OpenPOWER on IntegriCloud