Return-Path: 
 <announce-return-1147-apmail-announce-archive=apache.org@apache.org>
X-Original-To: apmail-announce-archive@www.apache.org
Delivered-To: apmail-announce-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2DAD76A0E
	for <apmail-announce-archive@www.apache.org>;
 Wed,  1 Jun 2011 20:07:59 +0000 (UTC)
Received: (qmail 48454 invoked by uid 500); 1 Jun 2011 20:07:45 -0000
Delivered-To: apmail-announce-archive@apache.org
Received: (qmail 48164 invoked by uid 500); 1 Jun 2011 20:07:45 -0000
Mailing-List: contact announce-help@apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:announce-help@apache.org>
List-Unsubscribe: <mailto:announce-unsubscribe@apache.org>
List-Post: <mailto:announce@apache.org>
List-Id: <announce.apache.org>
Delivered-To: mailing list announce@apache.org
Delivered-To: moderator for announce@apache.org
Received: (qmail 46486 invoked by uid 99); 1 Jun 2011 20:07:11 -0000
X-ASF-Spam-Status: No, hits=-0.0 required=5.0
	tests=RCVD_IN_DNSWL_LOW,SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
MIME-Version: 1.0
Sender: hyrum@hyrumwright.org
X-Originating-IP: [146.6.28.79]
Date: Wed, 1 Jun 2011 20:06:43 +0000
X-Google-Sender-Auth: E0lxL-3mcLVogRNJpNqvd-IfKN4
Message-ID: <BANLkTikmmKO8+7cwgAb1Fa7gszsohqb9-A@mail.gmail.com>
Subject: Subversion 1.6.17 Released
From: Hyrum Wright <hwright@apache.org>
To: users <users@subversion.apache.org>,
	Subversion Development <dev@subversion.apache.org>,
 announce <announce@apache.org>,
	announce <announce@subversion.apache.org>
Content-Type: text/plain; charset=ISO-8859-1

I'm happy to announce Subversion 1.6.17, available from:

    http://subversion.tigris.org/downloads/subversion-1.6.17.tar.bz2
    http://subversion.tigris.org/downloads/subversion-1.6.17.tar.gz
    http://subversion.tigris.org/downloads/subversion-1.6.17.zip
    http://subversion.tigris.org/downloads/subversion-deps-1.6.17.tar.bz2
    http://subversion.tigris.org/downloads/subversion-deps-1.6.17.tar.gz
    http://subversion.tigris.org/downloads/subversion-deps-1.6.17.zip

This release addesses three security issues:
    CVE-2011-1752: Server NULL-pointer dereference
    CVE-2011-1783: Server memory exhaustion
    CVE-2011-1921: mod_dav_svn exposure of unreadable paths

More information on these vulnerabilities, including the relevent advisories
and potential attack vectors and workarounds, can be found on the Subversion
security website:
    http://subversion.apache.org/security/

The MD5 checksums are:

    81e5dc5beee4b3fc025ac70c0b6caa14  subversion-1.6.17.tar.bz2
    aa0f54aacac21bf5c84079e551357c15  subversion-1.6.17.tar.gz
    a3a4dedd9ec782d3da4465694ce012d4  subversion-1.6.17.zip
    1f01f237498555091269f2432ae1e140  subversion-deps-1.6.17.tar.bz2
    1d99a1b4d56b5922ed1644a22c42c9e4  subversion-deps-1.6.17.tar.gz
    7ec846c284e3d6e1689dfcbca06958ab  subversion-deps-1.6.17.zip

The SHA1 checksums are:

    6e3ed7c87d98fdf5f0a999050ab601dcec6155a1  subversion-1.6.17.tar.bz2
    2ddf55622f0a742d8474feaa69596b2f7c4f1084  subversion-1.6.17.tar.gz
    ec9c3980150242129783529e7db6f5a04936d49a  subversion-1.6.17.zip
    ebfda3416c09a91dbcf744a22ea83ed827ad3495  subversion-deps-1.6.17.tar.bz2
    878fb197243435bfe44d45abff8875d4d98cd196  subversion-deps-1.6.17.tar.gz
    a14f6abc14d38c2ce0e637edf83bce4534e19717  subversion-deps-1.6.17.zip

PGP Signatures are available at:

    http://subversion.tigris.org/downloads/subversion-1.6.17.tar.bz2.asc
    http://subversion.tigris.org/downloads/subversion-1.6.17.tar.gz.asc
    http://subversion.tigris.org/downloads/subversion-1.6.17.zip.asc
    http://subversion.tigris.org/downloads/subversion-deps-1.6.17.tar.bz2.asc
    http://subversion.tigris.org/downloads/subversion-deps-1.6.17.tar.gz.asc
    http://subversion.tigris.org/downloads/subversion-deps-1.6.17.zip.asc

For this release, the following people have provided PGP signatures:

   Senthil Kumaran S [1024D/6CCD4038] with fingerprint:
    8035 16A5 1D6E 50E2 1ECD  DE56 F68D 46FB 6CCD 4038
   Philip Martin [2048R/ED1A599C] with fingerprint:
    A844 790F B574 3606 EE95  9207 76D7 88E1 ED1A 599C
   Paul T. Burba [1024D/53FCDC55] with fingerprint:
    E630 CF54 792C F913 B13C  32C5 D916 8930 53FC DC55
   Bert Huijben [1024D/9821F7B2] with fingerprint:
    2017 F51A 2572 0E78 8827  5329 FCFD 6305 9821 F7B2
   Hyrum K. Wright [1024D/4E24517C] with fingerprint:
    3324 80DA 0F8C A37D AEE6  D084 0B03 AE6E 4E24 517C
   C. Michael Pilato [1024D/1706FD6E] with fingerprint:
    20BF 14DC F02F 2730 7EA4  C7BB A241 06A9 1706 FD6E
   Stefan Sperling [1024D/F59D25F0] with fingerprint:
    B1CF 1060 A1E9 34D1 9E86  D6D6 E5D3 0273 F59D 25F0
   Mark Phippard [1024D/035A96A9] with fingerprint:
    D315 89DB E1C1 E9BA D218  39FD 265D F8A0 035A 96A9

Release notes for the 1.6.x release series may be found at:

    http://subversion.apache.org/docs/release-notes/1.6.html

You can find the list of changes between 1.6.17 and earlier versions at:

    http://svn.apache.org/repos/asf/subversion/tags/1.6.17/CHANGES

Questions, comments, and bug reports to users@subversion.apache.org.

Thanks,
- The Subversion Team

--------------------------------------------------------------------- 
To unsubscribe, e-mail: announce-unsubscribe@apache.org 
For additional commands, e-mail: announce-help@apache.org