1Version 1.9.7 2(10 Aug 2017, from /branches/1.9.x) 3http://svn.apache.org/repos/asf/subversion/tags/1.9.7 4 5 User-visible changes: 6 - Client-side bugfixes: 7 * Fix arbitrary code execution vulnerability CVE-2017-9800 8 See <https://subversion.apache.org/security/CVE-2017-9800-advisory.txt> 9 for details. 10 11 - Server-side bugfixes: 12 (none) 13 14 - Bindings bugfixes: 15 (none) 16 17 Developer-visible changes: 18 - General: 19 (none) 20 21 - API changes: 22 (none) 23 24 25Version 1.9.6 26(5 Jul 2017, from /branches/1.9.x) 27http://svn.apache.org/repos/asf/subversion/tags/1.9.6 28 29 User-visible changes: 30 - Client-side bugfixes: 31 * cp/mv: improve error message when target is an unversioned dir (r1779948) 32 * merge: reduce memory usage with large amounts of mergeinfo (issue #4667) 33 34 - Server-side bugfixes: 35 * 'svnadmin freeze': document the purpose more clearly (r1774109) 36 * dump: fix segfault when a revision has no revprops (r1781507) 37 * fsfs: improve error message upon failure to open rep-cache (r1781655) 38 * fsfs: never attempt to share directory representations (r1785053) 39 * fsfs: make consistency independent of hash algorithms (r1785737 et al) 40 This change makes Subversion resilient to collision attacks, including 41 SHA-1 collision attacks such as <http://shattered.io/>. See also our 42 documentation at <https://subversion.apache.org/faq#shattered-sha1> and 43 <https://subversion.apache.org/docs/release-notes/1.9#shattered-sha1>. 44 45 - Client-side and server-side bugfixes: 46 * work around an APR bug related to file truncation (r1759116) 47 48 - Bindings bugfixes: 49 * javahl: follow redirects when opening a connection (r1667738, r1796720) 50 51 Developer-visible changes: 52 - General: 53 * win_tests.py: make the --bin option work, rather than abort (r1706432) 54 (regression introduced in 1.9.2) 55 * windows: support building with 'zlibstat.lib' in install-layout (r1783704) 56 57 - API changes: 58 (none) 59 60 |
61Version 1.9.5 62(29 Nov 2016, from /branches/1.9.x) 63http://svn.apache.org/repos/asf/subversion/tags/1.9.5 64 65 User-visible changes: 66 - Client-side bugfixes: 67 * fix accessing non-existent paths during reintegrate merge (r1766699 et al) 68 * fix handling of newly secured subdirectories in working copy (r1724448) --- 5 unchanged lines hidden (view full) --- 74 * merge: fix possible crash (issue #4652) 75 * resolve: fix possible crash (r1748514) 76 * fix potential crash in Win32 crash reporter (r1663253 et al) 77 78 - Server-side bugfixes: 79 * fsfs: fix "offset too large" error during pack (issue #4657) 80 * svnserve: enable hook script environments (r1769152) 81 * fsfs: fix possible data reconstruction error (issue #4658) |
82 * fix source of spurious 'incoming edit' tree conflicts (r1760570) |
83 * fsfs: improve caching for large directories (r1721285) 84 * fsfs: fix crash when encountering all-zero checksums (r1759686) 85 * fsfs: fix potential source of repository corruptions (r1756266) 86 * mod_dav_svn: fix excessive memory usage with mod_headers/mod_deflate 87 (issue #3084) 88 * mod_dav_svn: reduce memory usage during GET requests (r1757529 et al) 89 * fsfs: fix unexpected "database is locked" errors (r1741096 et al) 90 * fsfs: fix opening old repositories without db/format files (r1720015) 91 92 - Client-side and server-side bugfixes: 93 * fix possible crash when reading invalid configuration files (r1715777) 94 95 - Bindings bugfixes: 96 * swig-pl: do not corrupt "{DATE}" revision variable (r1767768) |
97 * javahl: fix temporarily accepting SSL server certificates (r1764851) |
98 * swig-pl: fix possible stack corruption (r1683266, r1683267) 99 100 Developer-visible changes: 101 - General: 102 * add zlib discovery through pkg-config (issue #4655) 103 * fix potential build issue with invalid SVN_LOCALE_DIR (issue #4653) |
104 * ruby: fix test failures with ruby >= 2.2 (r1766240) 105 * fix link error with --disable-keychain on OS X (r1761755) |
106 * swig: enable building with SWIG >= 3.0.6 (r1721488 et al) 107 * swig: fix building with -Wdate-time in $CPPFLAGS (r1722164) 108 * update serf download URI in build scripts (r1700130 et al) |
109 * raise minimal httpd version from 2.0 to 2.2 (r1754190) |
110 111 112Version 1.9.4 113(28 Apr 2016, from /branches/1.9.x) 114http://svn.apache.org/repos/asf/subversion/tags/1.9.4 115 116 User-visible changes: 117 - Client-side bugfixes: --- 42 unchanged lines hidden (view full) --- 160 * svn: fix possible crash in auth credentials cache (r1705328) 161 * cleanup: avoid unneeded memory growth during pristine cleanup (r1706241) 162 * diff: fix crash when repository is on server root (r1705060 et al) 163 * fix translations for commit notifications (r1709389, r1709562) 164 * ra_serf: fix crash in multistatus parser (r1706323, r1706324) 165 * svn: report lock/unlock errors as failures (r1701598 et al) 166 * svn: cleanup user deleted external registrations (r1705843, r1710558) 167 * svn: allow simple resolving of binary file text conflicts (r1703581) |
168 * ra_serf: report built- and run-time versions of libserf (r1704847) 169 * ra_serf: set Content-Type header in outgoing requests (r1715224 et al) 170 * svn: fix merging deletes of svn:eol-style CRLF/CR files (r1703689 et al) 171 * ra_local: disable zero-copy code path (r1718167) 172 173 - Server-side bugfixes: 174 * mod_dav_svn: fix heap overflow with skel-encoded requests (CVE-2015-5343) 175 * mod_authz_svn: fix authz with mod_auth_kerb/mod_auth_ntlm (issue #4602) 176 * mod_dav_svn: fix display of process ID in cache statistics (r1709553) 177 * mod_dav_svn: use LimitXMLRequestBody for skel-encoded requests (r1687812) 178 * svnadmin dump: preserve no-op changes (r1709388 et al, issue #4598) 179 * fsfs: avoid unneeded I/O when opening transactions (r1715793) |
180 * svnlook: properly remove tempfiles on diff errors (r1711346) |
181 182 - Client-side and server-side bugfixes: 183 * fix heap overflow in svn:// protocol parser (CVE-2015-5259) 184 185 - Bindings bugfixes: 186 * javahl: fix ABI incompatibilty with 1.8 (r1710104) 187 * javahl: allow non-absolute paths in SVNClient.vacuum (r1710215, r1710290) 188 --- 808 unchanged lines hidden (view full) --- 997Version 1.8.17 998(29 Nov 2016, from /branches/1.8.x) 999http://svn.apache.org/repos/asf/subversion/tags/1.8.17 1000 1001 User-visible changes: 1002 - Client-side bugfixes: 1003 * fix handling of newly secured subdirectories in working copy (r1724448) 1004 * ra_serf: fix deleting directories with many files (issue #4557) |
1005 * gpg-agent: properly handle passwords with percent characters (issue #4611) 1006 * merge: fix crash when merging to a local add (r1702299 et al) 1007 1008 - Server-side bugfixes: 1009 * fsfs: fix possible data reconstruction error (issue #4658) |
1010 * svnlook: properly remove tempfiles on diff errors (r1711346) |
1011 1012 - Client-side and server-side bugfixes: 1013 * fix potential memory access bugs (r1722860 et al) 1014 1015 - Bindings bugfixes: |
1016 * javahl: fix temporarily accepting SSL server certificates (r1764851) |
1017 * swig-pl: do not corrupt "{DATE}" revision variable (r1767768) 1018 * swig-pl: fix possible stack corruption (r1683266) 1019 1020 Developer-visible changes: 1021 - General: 1022 * fix inconsistent behavior of inherited property API (r1717875, r1717878) 1023 * fix patch filter invocation in svn_client_patch() (r1706783) 1024 * fix potential build issue with invalid SVN_LOCALE_DIR (issue #4653) --- 5445 unchanged lines hidden --- |