You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Ben Reser <be...@reser.org> on 2004/09/23 04:34:56 UTC
Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
The fourth release candidate of Subversion 1.1.0 is ready and available
from:
http://subversion.tigris.org/tarballs/subversion-1.1.0-rc4.tar.gz
http://subversion.tigris.org/tarballs/subversion-1.1.0-rc4.tar.bz2
http://subversion.tigris.org/tarballs/subversion-1.1.0-rc4.zip
The MD5 checksums are:
35215315276a897c114b48f0634f6b48 subversion-1.1.0-rc4.tar.gz
41bb75f16f337bff2dedb7ee51ee43a1 subversion-1.1.0-rc4.tar.bz2
7f4bbb1767ceb8132ad6af49674eabef subversion-1.1.0-rc4.zip
PGP Signatures are available at:
http://subversion.tigris.org/tarballs/subversion-1.1.0-rc4.tar.gz.asc
http://subversion.tigris.org/tarballs/subversion-1.1.0-rc4.tar.bz2.asc
http://subversion.tigris.org/tarballs/subversion-1.1.0-rc4.zip.asc
PGP Signatures will be made by the following person(s) for this release:
Ben Reser [1024D/641E358B] with fingerprint:
42F5 91FD E577 F545 FB40 8F6B 7241 856B 641E 358B
The term 'release candidate' means the Subversion developers feel that
this release is stable and ready for production use, so we encourage
people to test this release thoroughly. The final 1.1.0 release is
scheduled for late-September, in order to provide plenty of time for
testing.
The changes between 1.1.0-rc3 and 1.1.0-rc4 are listed below.
New 1.1 features are explained in detail in our release notes,
located at:
http://subversion.tigris.org/svn_1.1_releasenotes.html
You can find the list of the changes between 1.0.8 and the 1.1.0-rc4 at:
http://svn.collab.net/repos/svn/branches/1.1.x/CHANGES
Questions, comments, and bug reports to users_at_subversion.tigris.org.
This release also contains a fix for a security flaw (also fixed
by 1.0.8). For more details see the 1.0.8 announcement email or
the advisory at:
http://subversion.tigris.org/security/CAN-2004-0749-advisory.txt
Thanks,
-The Subversion Team
--------------------8-<-------cut-here---------8-<-----------------------
User-visible-changes:
* fixed: mod_authz_svn metadata leaks (CAN-2004-0749)
* various.po translation updates
Developer-visible-changes:
* fixed: buglet in fsfs history code (issue #2054)
* stop using -std=c89 gcc flag (r11054)
* sync with apr 1.0's find_apr.m4 and find_apu.m4 files (r10560)
* win32 installer improvements (r10978)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by kf...@collab.net.
Greg Hudson <gh...@MIT.EDU> writes:
> On Thu, 2004-09-23 at 11:44, C. Michael Pilato wrote:
> > I think what Ben is saying is that we just make sure the fix is in the
> > 1.1.0 final tarball (and that, so far, it is the *only* difference
> > between the rc4 and final tarballs).
>
> Oh, sorry.
>
> That's against our rules, but I'm fine with it.
I agree with both of what Greg said here :-).
It would be nice to follow the rules to the letter, but not at the
cost of more hours of Ben Reser's time, for such a trivial thing.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by Greg Hudson <gh...@MIT.EDU>.
On Thu, 2004-09-23 at 11:44, C. Michael Pilato wrote:
> I think what Ben is saying is that we just make sure the fix is in the
> 1.1.0 final tarball (and that, so far, it is the *only* difference
> between the rc4 and final tarballs).
Oh, sorry.
That's against our rules, but I'm fine with it.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by "C. Michael Pilato" <cm...@collab.net>.
Greg Hudson <gh...@MIT.EDU> writes:
> On Thu, 2004-09-23 at 08:45, Ben Collins-Sussman wrote:
> > Let me clarify my opinion. I don't think this syntax error is worth a
> > whole new RC5 release, nor do I think it justifies re-starting the
> > 1.1.0 last-week soak period.
>
> I disagree. Our code is supposed to be C89-compliant, and we have a
> glaring syntax error by that standard. It's not catastrophic that a
> release candidate would have this mistake, but it's certainly not worthy
> of a 1.1.0 release.
I think what Ben is saying is that we just make sure the fix is in the
1.1.0 final tarball (and that, so far, it is the *only* difference
between the rc4 and final tarballs).
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by Greg Hudson <gh...@MIT.EDU>.
On Thu, 2004-09-23 at 08:45, Ben Collins-Sussman wrote:
> Let me clarify my opinion. I don't think this syntax error is worth a
> whole new RC5 release, nor do I think it justifies re-starting the
> 1.1.0 last-week soak period.
I disagree. Our code is supposed to be C89-compliant, and we have a
glaring syntax error by that standard. It's not catastrophic that a
release candidate would have this mistake, but it's certainly not worthy
of a 1.1.0 release.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by Ben Collins-Sussman <su...@collab.net>.
On Sep 23, 2004, at 7:35 AM, Ben Collins-Sussman wrote:
>
> Arrrrghhhhh. You're right, I just verified that MS vC6 chokes. I
> just committed a fix to trunk in r11117.
>
> What's the next series of steps? Backport this trivial syntax-error
> fix to the 1.1.x branch? Then roll RC5? Or just not bother with RC5?
>
Let me clarify my opinion. I don't think this syntax error is worth a
whole new RC5 release, nor do I think it justifies re-starting the
1.1.0 last-week soak period. I think we should just backport the fix
to 1.1.x, and post a tiny patch that allows the RC4 release to compile
on VC6 and gcc < 3.0.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by Ben Collins-Sussman <su...@collab.net>.
On Sep 23, 2004, at 12:42 AM, Masaru Tsuchiyama wrote:
> I tried to compile subversion-1.1.0-rc4.zip with MS VC++ 6,
> but can't compile subversion\mod_dav_svn\file_revs.c by
> error C2065, error C2275 and etc.
>
> In dav_svn__file_revs_report(), variable start and end is declared
> at middle of the function.
>
> there is the same bug in trunk(r11115).
>
Arrrrghhhhh. You're right, I just verified that MS vC6 chokes. I just
committed a fix to trunk in r11117.
What's the next series of steps? Backport this trivial syntax-error
fix to the 1.1.x branch? Then roll RC5? Or just not bother with RC5?
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: Subversion 1.1.0 Release Candidate 4 released. *SECURITY FIX*
Posted by Masaru Tsuchiyama <ts...@asahi-net.email.ne.jp>.
I tried to compile subversion-1.1.0-rc4.zip with MS VC++ 6,
but can't compile subversion\mod_dav_svn\file_revs.c by
error C2065, error C2275 and etc.
In dav_svn__file_revs_report(), variable start and end is declared
at middle of the function.
there is the same bug in trunk(r11115).
Masaru Tsuchiyama
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Subversion 1.1.0 RC4 on FreeBSD 4.8
Posted by David Wheeler <da...@kineticode.com>.
On Sep 22, 2004, at 9:34 PM, Ben Reser wrote:
> Questions, comments, and bug reports to users_at_subversion.tigris.org.
I seem to have run into a problem compiling RC4 on FreeBSD 4.8:
/usr/local/bin/bash /usr/local/src/subversion-1.1.0-rc4/libtool
--silent --mode=compile gcc -I/usr/local/include -D_REENTRANT
-D_THREAD_SAFE -g -O2 -g -O2 -DNEON_ZLIB
-I/usr/local/apache2/include -I./subversion/include -I./subversion
-I/usr/local/src/subversion-1.1.0-rc4/neon/src
-I/usr/local/include/neon
-I/usr/local/src/subversion-1.1.0-rc4/apr/include
-I/usr/local/src/subversion-1.1.0-rc4/apr-util/include
-I/usr/local/include -o subversion/mod_dav_svn/file_revs.lo -c
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c:
In function `dav_svn__file_revs_report':
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c:
225: syntax error before `start'
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c:
248: `start' undeclared (first use in this function)
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c:
248: (Each undeclared identifier is reported only once
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c:
248: for each function it appears in.)
/usr/local/src/subversion-1.1.0-rc4/subversion/mod_dav_svn/file_revs.c:
250: `end' undeclared (first use in this function)
gmake: *** [subversion/mod_dav_svn/file_revs.lo] Error 1
This is not a problem with RC3, which compiles fine.
Regards,
David
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org