subversion-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject svn commit: r1130986 - /subversion/trunk/CHANGES
Date Fri, 03 Jun 2011 11:11:37 GMT
Author: stsp
Date: Fri Jun  3 11:11:37 2011
New Revision: 1130986

URL: http://svn.apache.org/viewvc?rev=1130986&view=rev
Log:
* CHANGES: Manually sync 1.6.17 section with 1.6.x branch.

Modified:
    subversion/trunk/CHANGES

Modified: subversion/trunk/CHANGES
URL: http://svn.apache.org/viewvc/subversion/trunk/CHANGES?rev=1130986&r1=1130985&r2=1130986&view=diff
==============================================================================
--- subversion/trunk/CHANGES (original)
+++ subversion/trunk/CHANGES Fri Jun  3 11:11:37 2011
@@ -185,7 +185,9 @@ http://svn.apache.org/repos/asf/subversi
     * detect very occasional corruption and abort commit (issue #3845)
     * fixed: file externals cause non-inheritable mergeinfo (issue #3843)
     * fixed: file externals cause mixed-revision working copies (issue #3816)
-    * disallow GETs of baselined versions of resources (r1098608)
+    * fix crash in mod_dav_svn with GETs of baselined resources (r1104126)
+            See CVE-2011-1752, and descriptive advisory at
+            http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
     * fixed: write-through proxy could direcly commit to slave (r917523)
     * detect a particular corruption condition in FSFS (r1100213)
     * improve error message when clients refer to unkown revisions (r939000)
@@ -196,6 +198,12 @@ http://svn.apache.org/repos/asf/subversi
     * fix 'log -g' excessive duplicate output (issue #3650)
     * fix svnsync copyfrom handling bug with BDB (r1036429)
     * server-side validation of svn:mergeinfo syntax during commit (issue #3895)
+    * fix remotely triggerable mod_dav_svn DoS
+            See CVE-2011-1783, and descriptive advisory at
+            http://subversion.apache.org/security/CVE-2011-1783-advisory.txt
+    * fix potential leak of authz-protected file contents
+            See CVE-2011-1921, and descriptive advisory at
+            http://subversion.apache.org/security/CVE-2011-1921-advisory.txt
 
   Developer-visible changes:
     * fix reporting FS-level post-commit processing errors (r1104098)



Mime
View raw message