You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Ben Reser <br...@apache.org> on 2014/12/15 22:13:15 UTC
Apache Subversion 1.7.19 released
I'm happy to announce the release of Apache Subversion 1.7.19.
This release addresses two security issues:
CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests.
CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names.
Please choose the mirror closest to you by visiting:
http://subversion.apache.org/download/#supported-releases
The SHA1 checksums are:
3681b967d1c154b2aa4ccb63984d89aedafc488b subversion-1.7.19.zip
bb3cd135bbd856e7f0f2d59313f075b9bbec9848 subversion-1.7.19.tar.gz
a662721a3a1da70c4b0732d0bde5008ce8873575 subversion-1.7.19.tar.bz2
PGP Signatures are available at:
http://www.apache.org/dist/subversion/subversion-1.7.19.tar.bz2.asc
http://www.apache.org/dist/subversion/subversion-1.7.19.tar.gz.asc
http://www.apache.org/dist/subversion/subversion-1.7.19.zip.asc
For this release, the following people have provided PGP signatures:
Ben Reser [4096R/16A0DE01] with fingerprint:
19BB CAEF 7B19 B280 A0E2 175E 62D4 8FAD 16A0 DE01
Bert Huijben [4096R/CCC8E1DF] with fingerprint:
3D1D C66D 6D2E 0B90 3952 8138 C4A6 C625 CCC8 E1DF
Ivan Zhakov [4096R/F6AD8147] with fingerprint:
4829 8F0F E47F 4B8A 43FD 6525 919F 6F61 F6AD 8147
Julian Foad [4096R/4EECC493] with fingerprint:
6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
Paul T. Burba [4096R/56F3D7BC] with fingerprint:
1A0F E7C6 B3C5 F8D4 D0C4 A20B 64DD C071 56F3 D7BC
Philip Martin [2048R/ED1A599C] with fingerprint:
A844 790F B574 3606 EE95 9207 76D7 88E1 ED1A 599C
Stefan Fuhrmann [4096R/57921ACC] with fingerprint:
056F 8016 D9B8 7B1B DE41 7467 99EC 741B 5792 1ACC
Stefan Sperling [2048R/9A59B973] with fingerprint:
8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973
Release notes for the 1.7.x release series may be found at:
http://subversion.apache.org/docs/release-notes/1.7.html
You can find the list of changes between 1.7.19 and earlier versions at:
http://svn.apache.org/repos/asf/subversion/tags/1.7.19/CHANGES
Questions, comments, and bug reports to users@subversion.apache.org.
Thanks,
- The Subversion Team
Re: Apache Subversion 1.7.19 released
Posted by Nico Kadel-Garcia <nk...@gmail.com>.
On Mon, Dec 15, 2014 at 4:13 PM, Ben Reser <br...@apache.org> wrote:
> I'm happy to announce the release of Apache Subversion 1.7.19.
>
> This release addresses two security issues:
> CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests.
> CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names.
>
> Please choose the mirror closest to you by visiting:
>
> http://subversion.apache.org/download/#supported-releases
I've updated and done a casual test of my build tools 1.7.19 for RHEL
6 with my published tools at:
https://github.com/nkadel/subversion-1.7.x-srpm/
I realize it's a bit odd to publishing Subversion build tools at
github.com, but it's personal repo of build tools, not a source repo,
and much easier for me to personally maintain for various reasons.
Nico Kadel-Garcia
Re: Apache Subversion 1.7.19 released
Posted by Nico Kadel-Garcia <nk...@gmail.com>.
On Mon, Dec 15, 2014 at 4:13 PM, Ben Reser <br...@apache.org> wrote:
> I'm happy to announce the release of Apache Subversion 1.7.19.
>
> This release addresses two security issues:
> CVE-2014-3580: mod_dav_svn DoS from invalid REPORT requests.
> CVE-2014-8108: mod_dav_svn DoS from use of invalid transaction names.
>
> Please choose the mirror closest to you by visiting:
>
> http://subversion.apache.org/download/#supported-releases
I've updated and done a casual test of my build tools 1.7.19 for RHEL
6 with my published tools at:
https://github.com/nkadel/subversion-1.7.x-srpm/
I realize it's a bit odd to publishing Subversion build tools at
github.com, but it's personal repo of build tools, not a source repo,
and much easier for me to personally maintain for various reasons.
Nico Kadel-Garcia