Changelog for
subversion-1.7.14-59.4.x86_64.rpm :
Thu Dec 12 13:00:00 2013 wrAATTrosenauer.org
- use in-tree sqlite since 11.4\'s sqlite3 is too old
- build without serf
Tue Nov 26 13:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.7.14 [bnc#850747], addressing two security issues:
* CVE-2013-4505: mod_dontdothat does not restrict requests from
serf clients.
* CVE-2013-4558: mod_dav_svn assertion triggered by
autoversioning commits.
- Client- and server-side bugfixes:
* fix assertion on urls of the form \'file://./\'
- Client-side bugfixes:
* upgrade: fix an assertion when used with pre-1.3 wcs
* fix externals that point at redirected locations
* diff: fix incorrect calculation of changes in some cases
* diff: fix errors with added/deleted targets
- Server-side bugfixes:
* mod_dav_svn: Prevent crashes with some 3rd party modules
* fix OOM on concurrent requests at threaded server start
* fsfs: limit commit time of files with deep change histories
* mod_dav_svn: canonicalize paths properly
- Other tool improvements and bugfixes:
* mod_dontdothat: Fix the uri parser
Developer-visible changes:
* javahl: canonicalize path for streamFileContent method
Fri Aug 30 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.7.13 [bnc#836245]
- User-visible changes:
- General
* merge: fix bogus mergeinfo with conflicting file merges
* diff: fix duplicated path component in \'--summarize\' output
* ra_serf: ignore case when checking certificate common names
- Server-side bugfixes:
* svnserve: fix creation of pid files CVE-2013-4277
* mod_dav_svn: better status codes for commit failures
* mod_dav_svn: do not map requests to filesystem
- Developer-visible changes:
- General:
* don\'t use uninitialized variable to produce an error code
- Bindings:
* swig-pl: fix SVN::Client not honoring config file settings
* swig-pl & swig-py: disable unusable svn_fs_set_warning_func
Wed Jul 24 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.7.11 [bnc#830031] CVE-2013-4131
* translation updates for Simplified Chinese
* mod_dav_svn: fix incorrect path canonicalization
* javahl bindings: fix bug in error constructing code
Fri May 31 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.7.10 [bnc#821505]
CVE-2013-1968 CVE-2013-2088 CVE-2013-2112
- Client-side bugfixes:
* fix \'svn revert\' \"no such table: revert_list\" spurious error
* fix \'svn diff\' doesn\'t show some locally added files
* fix changelist filtering when --changelist values aren\'t UTF8
* fix \'svn diff --git\' shows wrong copyfrom
* fix \'svn diff -x-w\' shows wrong changes
* fix \'svn blame\' sometimes shows every line as modified
* fix regression in \'svn status -u\' output for externals
* fix file permissions change on commit of file with keywords
* improve some fatal error messages
* fix externals not removed when working copy is made shallow
- Server-side bugfixes:
* fix repository corruption due to newline in filename
* fix svnserve exiting when a client connection is aborted
* fix svnserve memory use after clear
* fix repository corruption on power/disk failure on Windows
- Developer visible changes:
* make get-deps.sh compatible with Solaris /bin/sh
* fix infinite recursion bug in get-deps.sh
* fix uninitialised output parameter of svn_fs_commit_txn()
- Bindings:
* fix JavaHL thread-safety bug
Sun Apr 7 14:00:00 2013 andreas.stiegerAATTgmx.de
- update to 1.7.9 [bnc#813913], addressing remotely triggerable
vulnerabilities in mod_dav_svn which may result in denial of service:
+ CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
+ CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
+ CVE-2013-1847: mod_dav_svn crashes on LOCK requests against non-existant URLs
+ CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against activity URLs
+ CVE-2013-1884: mod_dav_svn crashes on out of range limit in log REPORT
- further changes:
+ Client-side bugfixes:
* improved error messages about svn:date and svn:author props.
* fix local_relpath assertion
* fix memory leak in `svn log` over svn://
* fix incorrect authz failure when using neon http library
* fix segfault when using kwallet
+ Server-side bugfixes:
* svnserve will log the replayed rev not the low-water rev.
* mod_dav_svn will omit some property values for activity urls
* fix an assertion in mod_dav_svn when acting as a proxy on /
* improve memory usage when committing properties in mod_dav_svn
* fix svnrdump to load dump files with non-LF line endings
* fix assertion when rep-cache is inaccessible
* improved logic in mod_dav_svn\'s implementation of lock.
* avoid executing unnecessary code in log with limit
- Developer-visible changes:
+ General:
* fix an assertion in dav_svn_get_repos_path() on Windows
* fix get-deps.sh to correctly download zlib
* doxygen docs will now ignore prefixes when producing the index
* fix get-deps.sh on freebsd
+ Bindings:
* javahl status api now respects the ignoreExternals boolean
- refresh subversion-no-build-date.patch for upstream source changes
Mon Dec 17 13:00:00 2012 andreas.stiegerAATTgmx.de
- update to 1.7.8 [bnc#794676]
+ Client- and server-side bugfixes:
* Fix typos in pt_BR, es and zh_TW translations
+ Client-side bugfixes:
* add missing attributes to \"svn log -v --xml\" output
* fix svn patch ignoring hunks after no trailing newline
* fix hang with ra_serf during error processing
* ignore file externals with mergeinfo when merging
* fix SEGV with \"svnmucc cp rev arg\" during argv processing
* fix conflict handling on symlinks
+ Server-side bugfixes:
* properly detect threading availability
* fix \"svnadmin load --bypass-prop-validation\"
* fix parsing of [groupsfoo] sections in authz file
* add Vary: header to GET responses to improve cacheability
* fix fs_fs to cleanup after failed rep transmission
* fix mod_dav_svn to complain about revisions > HEAD
+ Developer-visible changes:
* fix incorrect status returned by 1.6 API
* fix compilation with g++ 4.7
- drop subversion-1.7.5-libsvn_auth_kwallet-r1345740.patch
as it was merged upstream
Sat Nov 3 13:00:00 2012 andreas.stiegerAATTgmx.de
- update Apache Subversion to 1.7.7 maintenance release [bnc#788015]
- changes in 1.7.7:
User-visible changes:
- Client- and server-side bugfixes:
* fix memory read bug
* update Chinese translation
- Client-side bugfixes:
* fix issues with applying Git patch files
* fix status does not descend into dir externals after upgrade
* fix file externals don\'t update with old mod_dav_svn
* fix external diff tool duplicates Index: lines with \'svn diff\'
* fix GNOME keyring library fails with very old glib
* fix unknown password stores in config file cause error
* fix assertions in ra_serf running against server root
* fix ra_serf checkout/export aborts early on Windows
- Server-side bugfixes:
* fix an assert with SVNAutoVersioning in mod_dav_svn
* fix unbounded memory use with SVNPathAuthz short_circuit
* fix svndumpfilter exclude --targets requires leading slash
* fix connection ttl for memcache should be 50 seconds
* stabilize order of paths in dumpfiles with APR 1.4.6
Developer-visible changes:
- General:
* print \"All tests successful\" at the end of \'make check\'
* fix sandbox violation in a test
* fix tests fail when running within a format 30 WC
* fix return value of svn_client_update4() incorrect
* fix make check summary missing test failures
* fix build does not fail when apache httpd is not available
- Bindings:
* fix swig-pl build fails with swig 2.0.7 and newer.
* fix swig-py runtime problems with swig 2.0.5 and newer
- also contains changes from 1.7.6:
User-visible changes:
- Client-side bugfixes:
* Fix \"svn status -u --depth empty FILE\"
* Fix example output of \'svn help status\'
* svn propset of svn:eol-style might not notice related text changes
* sort output of \'svn propget -R\'
* sort output of \'svn proplist\'
* sort output of \'svn status\'
* avoid a filestat per working copy find operation
* optimize \'svn upgrade\' performance on large working copies
* allow \'file:///C:\\repos\' style arguments on Windows, like 1.6
* fix ra_serf against Subversion 1.2 servers
* fix \'svn upgrade\' on working copies with certain tree conflicts
* avoid workqueue references to system temp dir
* allow non-existant canonical paths
* fix \'svn revert --depth files\' to operate on files
* fix ra_serf XML namespace handling against malicious server
* fix relocate with server-relative externals
* change two asserts into errors for TortoiseSVN
* don\'t attempt to anchor an operation outside a wc root
- Server-side bugfixes:
* partial sync drops properties when converting to adds
* replaying a copy and delete of an unreadable child fails
* allow svnlook to operate on r0
* make FSFS revision files independent of APR hash order
- Other tool improvements and bugfixes:
* move mod_dontdothat to install-tools
Developer-visible changes:
- General:
* fix running tests against httpd 2.4
* use constant struct initialisers for C89 compatibility
- Bindings:
* JavaHL: Don\'t assert on some invalid input
* JavaHL: Add missing new in 1.7 notifications
- refresh subversion-1.7.4-ruby-1.9-RbConfig.patch
- refresh subversion-1.7.5-libsvn_auth_kwallet-r1345740.patch
- refresh subversion-no-build-date.patch
Tue Jun 12 14:00:00 2012 andreas.stiegerAATTgmx.de
- make build against neon optional, default on, like serf
Thu Jun 7 14:00:00 2012 andreas.stiegerAATTgmx.de
- add subversion-1.7.5-libsvn_auth_kwallet-r1345740.patch from trunk
to fix build with gcc 4.7
- move checks for schemes handled by ra modules into %check section
- do not run regression tests by default:
* too many failed builds
* doesn\'t include http tests
- only require iproute2 when running regression tests
Mon May 21 14:00:00 2012 andreas.stiegerAATTgmx.de
- Allow unit tests to be run for Factory: --with=regression_tests
replacing the inline conditional
Thu May 17 14:00:00 2012 andreas.stiegerAATTgmx.de
- update to upstream 1.7.5
User-visible changes:
- Client- and server-side bugfixes:
* http: report deleted-revision upon delete during update
- Client-side bugfixes:
* avoid potential segfault when canonicalizing properties
* improve memory and file-handle management with externals (issue #4130)
* serf: convert assertions to \"MERGE failed\" errors
* fix undefined behaviour during multi-segment reverse merges (issue #4144)
* fix potential use of already freed memory during diff operation
* improve performance of scan for the working copy root
* cmdline: fix segfault during \'svn diff\' argument processing
* fix regression from 1.6 in update with --depth option (issue #4136)
* propset: avoid undefined behaviour in error path
* reset sqlite statements, partly for sqlite-3.7.11 compat
* fix assertion during \'svn diff -r BASE:HEAD ^/trunk\' (issue #4161)
* notify upon \'update\' just removing locks on files
* neon: fix potential use of freed memory during commits
* \'status --xml\' doesn\'t show repository deletes correctly (issue #4167)
* fix assert on svn:externals with drive letter on Windows (issue #4073)
* fix \'svn update --depth=empty\' against 1.4 servers (issue #4046)
* handle missing svn:date reported by svnserve gracefully
* fix merges which first add a subtree and then delete it (issue #4166)
* fix a regression with checkout of file externals (issue #4087)
* don\'t add spurious mergeinfo to subtrees in edge-case merge (issue #4169)
* improve performance of status on large working copies (issue #4178)
- Server-side bugfixes:
* fix non-fatal FSFS corruption bug with concurrent commits (issue #4129)
* mod_dav_svn: raise an error on MERGE of non-existent resource
* mod_dav_svn: support compiling/running under httpd-2.4 (r1232267)
* mod_dav_svn: forbid BDB repositories under httpd\'s event MPM (issue #4157)
- Other tool improvements and bugfixes:
* emacs support: updates to dsvn.el and vc-svn.el
Developer-visible changes:
- General:
* windows example distribution scripts: include svnrdump
* fix running the test suite with jsvn
- Bindings:
* swig-py tests: avoid FAILs on APR hash order
* swig-rb tests: avoid FAILs on APR hash order
* swig-pl: Improved perl detection in gen-make.py
Fri May 11 14:00:00 2012 andreas.stiegerAATTgmx.de
- Subversion currently does not compile Ruby bindings for 1.9
disable to fix build in Factory
- add subversion-1.7.4-ruby-1.9-RbConfig.patch to use RbConfig
instead of Config which is deprecated in Ruby 1.9
- fix conditional configuration for serf support
- add check that ra_serf is built as configure failed silently
Thu Mar 8 13:00:00 2012 andreas.stiegerAATTgmx.de
- update to upstream 1.7.4
User-visible changes:
* fix \'svn log --diff\' for moved paths
* fix ra_serf problem with reading directory entries via HTTPv2
* prepend \"sqlite:\" to error messages from SQLite
* fix randomly missing \"Merged via\" notifications in \'svn log -g\'
* fix spurious conflict when merging deleted symbolic link (issue #4052)
* fix URL-to-WC copy of externals on Windows (issue #4123)
* improve an FSFS sanity-check error message
* fix regressions with symlinks pointing at externals (issue #4102)
* fix \'svn log --diff\' output ordering issue on Windows
Developer-visible changes:
* don\'t build mod_dontdothat if not building with httpd
* fix the testsuite to avoid FAILs on APR hash order
Sat Mar 3 13:00:00 2012 andreas.stiegerAATTgmx.de
- add bash completion subpackage
Tue Feb 21 13:00:00 2012 cooloAATTsuse.com
- Apache-2 is not a license in spdx.org, pick Apache-2.0
Mon Feb 13 13:00:00 2012 andreas.stiegerAATTgmx.de
- refresh subversion-no-build-date.patch
- add mod_dontdothat to subversion-server package
- add section to README.SuSE about mod_dontdothat
- add inactive sample mod_dontdothat configuration to subversion.conf
- update to upstream 1.7.3
General:
* ship mod_dontdothat with the standard release
User-visible changes:
* fix segfault on \'svn rm $ROOT_URL\' (issue #4074)
* replace a couple of assertions in favor of errors (r1207858, -949)
* fix a server assert after being upgraded (r1210195)
* fix segfault on \'svn mkdir svn://localhost\' (r1211483)
* make \'svnadmin recover\' prune the rep cache (r1213331, et al)
* make svnmucc use values from --config-dir option
* update and clarify the merge help text (r1154121, et al)
* replace wc assertion with informative error (r1222521, -693)
* copy permissions correctly for FSFS dirs (r1229252)
* improve \'svn log --with-all-revprops\' over ra-dav (issue #4082)
* fix segfault when remapping a file external (issue #4093)
* fix segfault caused by obstructing unversioned dir (r1229677)
* fix regression on first update of external dir with \'-r\' (issue #4053)
* fix various EOL-handling problems in \'svn patch\' (issues #3814, #3991)
* fix segfault in \'svn revert\' (r1229303)
* improve correctness of \'svn patch --dry-run\' (r1231944, -5)
* enforce revisions given in \'svn:externals\' (issue #4053)
* fix potential corruption on 32-bit FSFS with large files (r1230212)
* make \'svn status --xml\' show new files (issue #4097)
* fix \'svn mergeinfo\' correctness (issue #4050)
* return the correct status for non-present nodes (r1232202, -07, -21, -22)
* improve SASL error messages (r1236343, et al)
* improve server cert error code for ra_serf (r1232413)
* fix SVNParentPath listings for parent path symlinks (r1221767, -80)
* fix mod_dav_svn\'s handling of POST errors (issue #4086)
* log some mod_dav_svn errors, rather than ignoring them (r1237720, -9596)
* relax requirements for canonicalization in mod_dav_svn (r1236173)
* fix a rare source of FSFS corruption (r1240752)
* allow committing the result of some copy operations (issue #4059)
* prevent one-byte buffer overflow in base64 decoding (r1242337)
Developer-visible changes:
* JavaHL: Add missing notify action, fixing an exception (r1221793)
* fix swig-py memory leak (r1235264, -296, -302, -736)
* fix spurious test suite failure (r1220742, -50)
* allow running tests on UNC shares (r1225491)
* bindings: see platform-specific password providers (r1242660, -1)
* skip \'svnrdump dump\' tests over ra_serf (r1242537)
* convert a few ra_serf assertions to errors (r1242607)
Wed Dec 21 13:00:00 2011 andreas.stiegerAATTgmx.de
- update license to Apache-2
- run regression tests for 12.1 again
- allow builds --without regression_tests
- subversion.libtool-verbose.patch
refresh for moved source lines
- subversion-swig-perl-install_vendor.patch
refresh for moved source lines
- subversion.libtool-pie-flags.patch
refresh for moved source lines
- subversion.perl.LD_RUN_PATH.patch
refresh for moved source lines
- subversion-no-build-date.patch
refresh for moved source lines
- subversion-neon-systemproxy.patch
adjust to changed upstream sources, remove one chunk which would
create duplicated lines in patched result
Tue Dec 6 13:00:00 2011 andreas.stiegerAATTgmx.de
- update to upstream 1.7.2
User-visible changes:
* fix working copy corruption after interrupted update/switch (issue #4040)
* avoid segfaults against pre-1.5 servers (r1186928)
* improve configure error message if apr-util uses old or no bdb (r1186784)
* make \'svn patch\' ignore \'/dev/null\' targets for compat with git (r1197998)
* fix \'svn patch\' segfault on patch that skips and deletes files (r1199950)
* omit \"Committed revision N.\" output from \'svn commit --quiet\' (r1200837)
* fix authz denial when svnserve root is a repository (issue #4060)
* fix uninitialized memory read in client diff code (r1201002)
* avoid potential segfault during merges (r1202807)
* fix an assertion failure when a symlink is updated (r1186944, -81, -83)
* make working copy operations fail if nodes have no base checksum (r1202630)
* fix nested
s when using v2 protocol (r1203546, -651, -653)
* make mod_dav_svn ignore non-Subversion POST requests (r1187695)
* avoid reading freed memory (r1204478)
* recognize empty (only byte order mark) UTF-8 files as text (issue #4064)
* fix 1.7 client regression when operating against a 1.0.x server (r1199876)
* remove empty parent dirs of removed externals on update (issue #4044)
* make \'svn diff -c N\' work for files added in rN (issue #2873)
* plug a memory leak in the bdb backend (r1205726)
* fix \'svn import\' with native eol-style and inconsistent EOLs (r1205193)
* fix reading beyond the end of a string in bdb backend (r1205839, -48)
* don\'t assert when committing an incomplete directory (issue #4042)
Developer-visible changes:
* JavaHL: allow \'status -u\' to function properly (r1189190, -395)
* don\'t put \'\\r\' characters in our generate sql headers (r1189580)
* properly define WIN64 on Windows x64 builds (r1188609)
* better adherence to C89 in enum definitions (r1189665)
* bump copyright year in Windows DLLs (r1189261)
* log a better error when opening rep-cache.db fails (r1204610, -73)
Thu Dec 1 13:00:00 2011 dmuellerAATTsuse.de
- only hide ctypesgen for Facory builds
Tue Nov 22 13:00:00 2011 cooloAATTsuse.com
- add libtool as buildrequire to avoid implicit dependency
Sun Oct 23 14:00:00 2011 dmuellerAATTsuse.de
- update to 1.7.1
* Based on many fixes by stsp.elego.de, many thanks!
* License changed to Apache License, version 2
* Detecting MIME types with libmagic
* Optimizations of diff, merge and blame
* See http://subversion.apache.org/docs/release-notes/1.7
for details
Fri Oct 21 14:00:00 2011 dmuellerAATTsuse.de
- merge in fixes from stsp.elego.de:
* Simplify tools install and ship a smaller amount of tools.
Should fix rpmlint complaining about .libs/ directories
and various other illegal files ending up in the package.
Users are better off downloading the scripts previously shipped
in this package directly from the upstream svn repository.
Fri Oct 21 14:00:00 2011 dmuellerAATTsuse.de
- merge in package description fixes from stsp.elego.de, thanks!
Fri Oct 21 14:00:00 2011 dmuellerAATTsuse.de
- reenable gnome-keyring/kde4-keyring support for older distros
(bnc#713919)
Thu Sep 29 14:00:00 2011 stspAATTelego.de
- pass the serf configure option to subversion\'s configure script,
not to swig\'s configure script
Tue Aug 23 14:00:00 2011 dmuellerAATTsuse.de
- add bconditional for libserf support
Fri Aug 19 14:00:00 2011 dmuellerAATTsuse.de
- fix swig bindings building (bnc#710878)
Fri Aug 12 14:00:00 2011 dmuellerAATTsuse.de
- run regression tests again, but only for fsfs, as bdb
is slow and often runs out of memory
Tue Aug 2 14:00:00 2011 dmuellerAATTsuse.de
- add versioned runtime dependency on sqlite3 libraries
- make init script executable
Sat Jul 30 14:00:00 2011 dmuellerAATTsuse.de
- annotate changelog with bugs and CVE\'s fixed via individual backports
on the maintained code streams
Wed Jul 27 14:00:00 2011 dmuellerAATTsuse.de
- remove intree copies of sqlite and swig if version is new enough
- disable kwallet/gnome-keyring support for SLE11 (to be package list compatible)
Mon May 30 14:00:00 2011 stspAATTelego.de
- update to 1.6.17 (bnc#698205):
includes security fixes [CVE-2011-1752, CVE-2011-1783, CVE-2011-1921]
User-visible changes:
* improve checkout speed on Windows (issue #3719)
* make \'blame -g\' more efficient on with large mergeinfo (r1094692)
* avoid some invalid handle exceptions on Windows (r1095654)
* preserve log message with a non-zero editor exit (r1072084)
* fix FSFS cache performance on 64-bit platforms (r1103665)
* make svn cleanup tolerate obstructed directories (r1091881)
* fix deadlock in multithreaded servers serving FSFS repositories (r1104093)
* detect very occasional corruption and abort commit (issue #3845)
* fixed: file externals cause non-inheritable mergeinfo (issue #3843)
* fixed: file externals cause mixed-revision working copies (issue #3816)
* fix crash in mod_dav_svn with GETs of baselined resources (r1104126)
See CVE-2011-1752, and descriptive advisory at
http://subversion.apache.org/security/CVE-2011-1752-advisory.txt
* fixed: write-through proxy could direcly commit to slave (r917523)
* detect a particular corruption condition in FSFS (r1100213)
* improve error message when clients refer to unkown revisions (r939000)
* bugfixes and optimizations to the DAV mirroring code (r878607)
* fixed: locked and deleted file causes tree conflict (issue #3525)
* fixed: update touches locked file with svn:keywords property (issue #3471)
* fix svnsync handling of directory copyfrom (issue #3641)
* fix \'log -g\' excessive duplicate output (issue #3650)
* fix svnsync copyfrom handling bug with BDB (r1036429)
* server-side validation of svn:mergeinfo syntax during commit (issue #3895)
* fix remotely triggerable mod_dav_svn DoS
See CVE-2011-1783, and descriptive advisory at
http://subversion.apache.org/security/CVE-2011-1783-advisory.txt
* fix potential leak of authz-protected file contents
See CVE-2011-1921, and descriptive advisory at
http://subversion.apache.org/security/CVE-2011-1921-advisory.txt
Developer-visible changes:
* fix reporting FS-level post-commit processing errors (r1104098)
* fix JVM recognition on OS X Snow Leopard (10.6) (r1028084)
* allow building on Windows with recent Expat (r1074572)
Thu Apr 21 14:00:00 2011 pthAATTsuse.de
- Use getent to check for existance of user and group (bnc#688968).
Thu Feb 24 13:00:00 2011 stspAATTelego.de
- update to 1.6.16 (bnc#676949, bnc#662030):
includes security fixes [CVE-2010-4539, CVE-2010-4644, CVE-2011-0715]
User-visible changes:
* more improvement to the \'blame -g\' memory leak from 1.6.15 (r1041438)
* avoid a crash in mod_dav_svn when using locks (r1071239, -307)
See CVE-2011-0715, and descriptive advisory at
http://subversion.apache.org/security/CVE-2011-0715-advisory.txt
* avoid unnecessary globbing for performance (r1068988)
* don\'t add tree conflicts when one already exists (issue #3486)
* fix potential crash when requesting mergeinfo (r902467)
* don\'t attempt to resolve prop conflicts in \'merge --dry-run\' (r880146)
* more fixes for issue #3270.
Developer-visible changes:
* ensure report_info_t is properly initialized by ra_serf (r1058722)
* locate errors properly on a malfunction (r1053208)
* fix output param timing of svn_fs_commit_txn() on fsfs (r1051751)
* for svn_fs_commit_txn(), set invalid rev on failed commit (r1051632, -8)
* fix sporadic Ruby bindings test failures (r1038792)
* fix JavaHL JVM object leak when dumping large revisions (r947006)
* use Perl to resolve symlinks when building swig-pl (r1039040)
* allow Perl bindings to build within a symlinked working copy (r1036534)
* don\'t overwrite the LD_LIBRARY_PATH during make check-swig-pl (r946355)
* improve unit tests for some fs functions (r1051744, -5, -3185, -241)
Mon Jan 31 13:00:00 2011 stspAATTelego.de
- use proper capitalisation and punctuation in /etc/sysconfig/svnserve
Mon Jan 31 13:00:00 2011 stspAATTelego.de
- fix misleading text in /etc/sysconfig/svnserve (+1 from mrueckert)
Wed Jan 19 13:00:00 2011 dmuellerAATTsuse.de
- fix typo in readme (bnc#661584)
Mon Dec 27 13:00:00 2010 dmuellerAATTsuse.de
- fix build against 11.4
Mon Dec 6 13:00:00 2010 dmuellerAATTsuse.de
- fix synax error (bnc#657354)
Wed Nov 24 13:00:00 2010 stspAATTelego.de
- update to 1.6.15 (bnc#649861):
includes security fixes [CVE-2010-3315]
User-visible changes:
* hide unreadable dirs in mod_dav_svn\'s GET response (r996884)
* make \'svnmucc propsetf\' actually work (r1005446)
* limit memory fragmentation in svnserve (r1022675)
* fix \'svn export\' regression from 1.6.13 (r1032970)
* fix \'svn export\' mistakenly uri-encodes paths (issue #3745)
* fix server-side memory leaks triggered by \'blame -g\' (r1032808)
* prevent crash in mod_dav_svn when using SVNParentPath (r1033166)
* allow \'log -g\' to continue in the face of invalid mergeinfo (r1028108)
* filter unreadable paths for \'svn ls\' and \'svn co\' (r997026, -070, -474)
* fix abort in \'svn blame -g\' (issue #3666)
* fix file handle leak in ruby bindings (issue #3512)
* remove check for 1.7-style working copies (issue #3729)
Developer-visible changes:
* improve some swig parameter mapping (r984565, r1035745)
* improve test accuracy over dav (r991534, r877814)
* create fails.log for test runs (r964349)
* improve detection of \'svnversion\' when buildling (r877219, et al)
* don\'t violate API layering in dumpstream logic (issue #3733)
* don\'t report working copy installs as switched (r1033921)
- project website changed from subversion.tigris.org to subversion.apache.org
Wed Nov 24 13:00:00 2010 dmuellerAATTsuse.de
- correct instructions on how to create the svn account (bnc#655094)
Sat Oct 2 14:00:00 2010 pascal.bleserAATTopensuse.org
- fixes CVE-2010-3315:
http://subversion.apache.org/security/CVE-2010-3315-advisory.txt
(only affects certain scenarios when using \"SVNPathAuthz short_circuit\")
- update to 1.6.13:
* don\'t drop properties during foreign-repo merges (issue #3623)
* improve auto-props failure error message (r961970)
* improve error message for 403 status with ra_neon (r876615)
* don\'t allow \'merge --reintegrate\' for 2-url merges (r959004)
* improve handling of missing fsfs.conf during hotcopy (r980811, -1449)
* escape unsafe characters in a URL during export (issue #3683)
* don\'t leak stale locks in FSFS (r959760)
* better detect broken working copies during update over ra_neon (r979045)
* fsfs: make rev files read-only (r981921)
* properly canonicalize a URL (r984928, -31)
* fix wc corruption with \'commit --depth=empty\' (issue #3700)
* permissions fixes when doing reintegrate merges (related to issue #3242)
* fix mergeinfo miscalculation during 2-url merges (issue #3648)
* fix error transmission problems in svnserve (r997457, -66)
* fixed: record-only merges create self-referential mergeinfo (issue #3646)
* fixed: \'SVNPathAuthz short_circuit\' unsolicited read access (issue #3695)
* make \'svnmucc propset\' handle existing and non-existing URLs (r1000607)
* add new \'propsetf\' subcommand to svnmucc (r1000612)
* emit a warning about copied dirs during ci with limited depth (r1002094)
* make ruby bindings compatible with Ruby 1.9 (r957507)
* use the repos verify API in JavaHL (r948916)
* teach ra_serf to parse md5 checksums with update editors (r979429)
* let ra_serf work with current serf releases (r879757, r880320, r943796)
Mon Sep 27 14:00:00 2010 dimstarAATTopensuse.org
- Add subversion-neon-systemproxy.patch: Use Neon\'s system-proxy
feature that was introduced in neon 0.29. In the background, neon
uses libproxy to get the right information from the session.
Mon Sep 20 14:00:00 2010 cristian.rodriguezAATTopensuse.org
- Do not include build date in binaries
- refresh patches
Tue Jun 22 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.6.12:
* further improvements for issue #3242 (\"Subversion demands unnecessary access to parent directories of operations\")
* allow deletion of uris which need character escaping (issue #3636)
* fix errors with \'svn mkdir --parents\' (issue #3649)
* update address to which crash reports are sent (r901304)
* fix handling of peg revision\'d copy targets (issue #3651)
* more improvements to \'svn merge --reintegrate\' (r935631)
* allow copying of broken symlinks (issue #3303)
* improve rep-sharing performance on high-concurrency repos (issue #3506)
* fixed: added subtrees with mergeinfo break reintegrate (issue #3654)
* fixed: assertion triggered by tree-conflicted externals (issue #3469)
- rolling back the in-tree sqlite-amalgamation from 3.6.17 to 3.6.13 (which is the version recommended by upstream)
- added check in spec file to make sure we use the recommended sqlite (-amalgamation) version
Sun Apr 18 14:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.6.11:
* fix for repositories mounted via NFS
* enable TCP keep-alives in svnserve
* tighten restrictions on revprops for \'svnadmin verify\'
* make ra_serf give better out-of-date information
* improve error message upon connection failure with svn+ssh://
* allow \'svn log\' on an uncommitted copy/move destination
* make \'svnadmin hotcopy\' copy the fsfs config file
* mergeinfo improvements with non-inheritable mergeinfo
* make mergeinfo queries not require access to the repo root
* update URLs to refer the the new apache.org repository
* update relative externals during a switch
* fix \'merge --reintegrate\' with self-referential mergeinfo
* improve wc-ng working copy detection
* improve handling of mergeinfo when using serf
* fixed: \'svnlook plist --revprop\' with \'-t TXN_NAME\'
* fixed: file external from URL cannot overwrite existing item
* fixed: potential memory error in \'svn status\'
* fixed: merge records mergeinfo from natural history gaps
* fixed: theoretical possibility of DB corruption
Sun Jan 24 13:00:00 2010 pascal.bleserAATTopensuse.org
- update to 1.6.9:
User-visible changes:
* allow multiple external updates over ra_svn (issue #3487)
* fix a segmentation fault when using FSFS (r881905)
* support Berkeley DB 4.8 (r879688)
* various autoprop improvements (r880274, -5)
* improve usage of svn+ssh:// on Windows (issue #2580)
* teach 1.6.x to recognize 1.7 working copies (1.6.x-future-
proof branch)
* update help text for \'svn update\' and \'svn switch\' (r886164)
* make \'svnadmin load --parent-dir\' create valid mergeinfo
(r888979)
* tolerate relative merge source paths in mergeinfo (r889840)
* teach mod_dav_svn to support the Label header (issue #3519)
* fixed: svnsync leaves stale sync-locks on mirrors (r884842)
* fix applicability of \'svn resolve --accept=theirs-conflict\'
(r880525)
* fixed: segfault in \'svn resolve\' (r896522)
* fix commit failure against an out-of-date mirror (r900797)
Developer-visible changes:
* update ruby bindings test expectation (r880162)
* don\'t allow rangelist and mergeinfo API to modify input args
(r879093)
Mon Jan 4 13:00:00 2010 vuntzAATTopensuse.org
- Change gnome-keyring-devel BuildRequires to
libgnome-keyring-devel on 11.3 and later, following the module
split upstream.
Thu Oct 22 14:00:00 2009 stspAATTelego.de
- update to 1.6.6:
User-visible changes:
* fix crash during \'svn update\' (r39673)
* respect Apache\'s ServerSignature directive (r40008, -21, -31)
* don\'t add a file with mixed line endings, and then abort (issue #2713)
* support Neon 0.29.
* fix a crash in \'svn rm --force\' (r37953)
* handle tree conflicts involving replacements (issue #3486)
* allow non-threadsafe sqlite if APR has no threads (r39301)
* print newline before plaintext SSL cert / password prompts (r38982, r39302)
* improve merge performance with implicit subtree mergeinfo (issue #3443)
* fix \"libsvn_ra_svn/marshal.c assertion failed (opt || cstr)\" (issue #3485)
* make file externals work for binary files (issue #3368)
* perform MIME type matching case-insensitively (issue #3479)
* do not treat non-existent revisions as HEAD in \'svn export\' (issue #3400)
* revert r36720\'s default MIME type change back to \"text/plain\" (issue #3508)
* improve \"tree conflict already exists\" error message (r38872)
* fix failure to commit replacement of a directory (issue #3281)
* fix mod_dav_svn parent dir links to preserve peg revisions (issue #3425)
Developer-visible changes:
* fix 2 failing tests in ruby bindings (r38886)
* do not require GNU grep for build (issue #3453)
* use \'$SED\' instead of \'sed\' in build scripts (issue #3458)
* add svn.client.{log5,merge_peg3} to python bindings (r39635, -6, -7)
* include the time of a test run in tests.log (r39887)
- Rename subversion-1.6.5-rpmlintrc to subversion.rpmlintrc.
- Drop subversion.allowed-neon.patch in favour of --disable-neon-version-check
configure flag.
- Drop subversion-make-check-log-to-stdout.patch, it doesn\'t apply anymore.
It was mainly for debugging test suite hangs on Factory. We don\'t run
tests on factory anymore.
Mon Aug 24 14:00:00 2009 stspAATTelego.de
- add patch to fix failing regression test in ruby bindings
- rename rpmlintrc file
Sun Aug 23 14:00:00 2009 pascal.bleserAATTopensuse.org
- update to 1.6.5:
* fix mod_dav_svn directory view links to preserve peg revisions
* properly escape lock comments over ra_neon
* allow syncing copies of \'/\' over ra_neon and ra_serf
* make \'svnlook diff\' show empty added or deleted files
* fix building with Apache 2.4
* fix possible data loss on ext4 and GPFS filesystems
* resolve symlinks when checking for ~/.subversion
* don\'t let svn+ssh SIGKILL ssh processes
* allow PLAIN and LOGIN mechanisms with SASL in svnserve
* fix peg revision parsing in filenames like \'dir/AATTfile.txt\'
* don\'t pretend to do tree conflict resolution
* fix data corruption when syncing from svnserve to mod_dav_svn
* fix GNOME Keyring with \'--non-interactive\' option
* fixed: false \"File \'...\' already exists\" error during commit
- bump in-tree sqlite-amalgamation from 3.6.16 to 3.6.17
Sat Aug 8 14:00:00 2009 pascal.bleserAATTopensuse.org
- bump in-tree sqlite-amalgamation from 3.6.14.2 to 3.6.16
- use a trap function in check section to make sure the svnserve
process is killed
- use a random free port for testing the svnserve process
Fri Aug 7 14:00:00 2009 stspAATTelego.de
- update to 1.6.4 (bnc#528714):
* Security fix [CVE-2009-2411]
Fri Jul 24 14:00:00 2009 dmuellerAATTsuse.de
- fix typo in dav svn default configuration (bnc#517143)
Tue Jul 21 14:00:00 2009 stspAATTelego.de
- Don\'t run regression tests on OpenSUSE Factory. It takes too
long which causes problems for the build service because the
subversion package is being rebuilt often.
Fri Jul 17 14:00:00 2009 stspAATTelego.de
- To help us figure out why the test suite sometimes hangs on the
build service, add a patch which allows logging to stdout
and stderr, instead of logging to tests.log, during make check.
Mon Jul 6 14:00:00 2009 stspAATTelego.de
- Run regression tests over both filesystem backends (FSFS and BDB),
and over svn:// as well as file://
Mon Jul 6 14:00:00 2009 stspAATTelego.de
- Now that the project repositories have been configured correctly
on the build service, OpenSUSE 10.3 should also have a JDK.
Fri Jul 3 14:00:00 2009 stspAATTelego.de
- Make python-xml an explicit build requirement since the regression
tests need it to run.
Fri Jul 3 14:00:00 2009 stspAATTelego.de
- Make regression tests clean up temporary test data (repositories,
working copies, etc.) to avoid build failures due to running out
of disk space. This trades time against space -- the build will
take longer.
Fri Jul 3 14:00:00 2009 stspAATTelego.de
- The build service keeps complaining that \"nothing provides
java-1_6_0-sun-devel\". Attempt to make it happy by only building
Java bindings on SUSE versions which have OpenJDK.
Fri Jul 3 14:00:00 2009 stspAATTelego.de
- write tests.log to stdout if make check fails to aid
debugging of test failures on the build service
Fri Jul 3 14:00:00 2009 stspAATTelego.de
- run all regression tests (ra_local only for now)
- filter a false positive rpmlint warning
- update to 1.6.3
User-visible changes:
* fix segfault in WC->URL copy (r37646, -56)
* let \'svnadmin load\' tolerate mergeinfo with \"\\r\
\" (r37768)
* make svnsync normalize svn:
* props to LF line endings (issue #3404)
* better integration with external merge tools (r36178)
* return a friendly error message for \'svn diff\' (r37735)
* update dsvn.el for 1.6 (r37774)
* don\'t allow setting of props on out-of-date dirs under neon (r37745)
* improve BASH completion (r36450, -52, -70, -79, -538)
* improve some DAV-based error messages (issue #3414)
* always show tree conflicts with \'svn st\' (issue #3382)
* improve correctness of \'svn mergeinfo\' (issue #3126)
* decrease the amount of memory needed for large commits (r37894, -6)
* work around an APR buffer overflow seen by svnsync (r37622)
* ra_svn clients now use TCP keep-alives if available (issue #3347)
* improve \'svn merge\' perf by reducing server contact (r37491, -593, -618)
* stop propagating self-referential mergeinfo in reintegrate merges (r37931)
* fix NLS detection where -liconv is required for bindtextdomain() (r37827)
* don\'t delete unversioned files with \'rm --keel-local\' (r38015, -17, -19)
* bump apr and apr-util versions included in deps to latest. (r37941)
* avoid temp file name collisions with ra_serf, ra_neon (r37972)
* fixed: potential segfault with noop file merges (r37779)
* fixed: incorrect output with \'svn blame -g\' (r37719, -23, -41)
* fixed: bindings don\'t load FS libs when module search enabled (issue #3413)
* fixed: potential abort() in the working copy library (r37857)
* fixed: memory leak in hash reading functions (r37868, -979)
Developer-visible changes:
* improve memory usage in file-to-stringbuf APIs (r37907)
* reduce memory usage for temp string manipulation (r38010)
Mon Jun 29 14:00:00 2009 dmuellerAATTsuse.de
- fix package names to be able to remove the rpmlintrc
Fri Jun 19 14:00:00 2009 cooloAATTnovell.com
- disable as-needed for this package as it fails to build with it
Mon Jun 15 14:00:00 2009 poemlAATTsuse.de
- make Subversion\'s configure script detect Berkeley DB again. With
apu-1-config 1.3.7, the --libs output doesn\'t return -ldb any
longer, and Subversion was relying on this. See this long thread:
http://mail-archives.apache.org/mod_mbox/apr-dev/200906.mbox/%3c1244533468.25532.110.camelAATTshrek.rexursive.com%3e
Building with --with-berkeley-db makes it work again.
Tue Jun 9 14:00:00 2009 dmuellerAATTsuse.de
- remove ctypesgen package - not in factory yet
Fri Jun 5 14:00:00 2009 wrAATTopensuse.org
- update svnmerge.py to the latest version
* not using popen2 anymore which was deprecated
Wed Jun 3 14:00:00 2009 dmuellerAATTsuse.de
- merge into Factory
Tue May 26 14:00:00 2009 pascal.bleserAATTopensuse.org
- update to sqlite-amalgamation 3.6.14.2
Fri May 15 14:00:00 2009 pascal.bleserAATTopensuse.org
- enable in-tree sqlite-amalgamation again, as the required sqlite3
package screws up zypper (bnc#504251)
Mon May 11 14:00:00 2009 pascal.bleserAATTopensuse.org
- bump in-tree sqlite-amalgamation to the recommended version for
Subversion 1.6.2: 3.6.13
- update to 1.6.2:
* vastly improve memory usage with \'svn merge\' (issue #3393)
* make default depth for merge \'infinity\' (r37156)
* make \'status --quiet\' show tree conflicts (issue #3396)
* allow \'--set-depth infinity\' to expand shallow subtrees
(r37169)
* return an error if attempting to reintegrate from/to the repo
root (r37385)
* don\'t store bogus mergeinfo for \'--ignore-ancestry\', foreign
merges (r37333)
* don\'t allow merge of difference between two repos (r37519)
* avoid potential segfault with subtree mergeinfo (r36613)
* recommend sqlite 3.6.13 (r37245)
* avoid unnecessary server query for implicit mergeinfo
(r36509)
* avoid unnecessary server query during reverse merges (r36527)
* set depth=infinity on \'svn add\' items with restricted depth
(r37607)
* fixed: commit log message template missing paths (issue #3399)
* fixed: segfault on merge with servers < 1.6 (r37363)
* fixed: repeat merge failures with non-inheritable mergeinfo
(issue #3392)
* fixed: another memory leak when performing mergeinfo-aware
merges (r37398)
* fixed: incorrect mergeinfo on children of shallow merges
(issue #3407)
* fixed: pool lifetime issues in the BDB backend (r37137)
Thu May 7 14:00:00 2009 pascal.bleserAATTopensuse.org
- build and install the following binaries from tools/server-side
into subversion-tools:
* svn-populate-node-origins-index
* svnauthz-validate
- add support for building Subversion 1.6.x on SLE 9, by using the
package \"python25\" and patching all python scripts accordingly,
to use #!/usr/bin/python2.5 instead of /usr/bin/python or
/usr/bin/env python
Wed Apr 15 14:00:00 2009 dmuellerAATTsuse.de
- update to 1.6.1
User-visible changes:
* recommend Neon 0.28.4. (r36388)
* improve performance of \'svn merge --ignore-ancestry\' (r36256)
* improve \'svn merge\' performance with subtree mergeinfo (r36444)
* correctly proxy LOCK and UNLOCK requests (r36159)
* prevent a crash when updating old working copies (r36751)
* don\'t let svnmerge.py delete a nonexistent property (r36086, -767, -769)
* don\'t fail when upgrading pre-1.2 repositories (r36851, -7)
* allow escaping of separator characters in autoprops (r36763, -84)
* improve tempfile creation robustness on Windows (r36442, -3)
* fix change-svn-wc-format.py for 1.6.x working copies (r36874, -5)
* improve configure\'s detection of Berkeley DB (r36741, -2)
* don\'t allow foreign merges to add foreign mergeinfo (issue #3383)
* improve performance of \'svn update\' on large files (r36389, et. al.)
* fixed: error leak and potential crash (r36860)
* fixed: parent directory handling on Windows (r36049, -50, -51, -131)
* fixed: unintialized memory errors (r36252, -3)
* fixed: potential working copy corruption (r36714)
* fixed: working copy upgrade error (r36302)
* fixed: pointer dereference error (r36783)
* fixed: error diff\'ing large data with ignored whitespace (r36816)
* fixed: potential hang in ra_serf (r36913)
* fixed: problem with merge and non-inheritable mergeinfo (r36879)
* fixed: repeated merging of conflicted properties fails (issue #3250)
* fixed: excluding an absent directory segfaults (issue #3391)
Developer-visible changes:
* ensure svn_subst_translate_cstring2() properly flushes data (r36747)
* make serf report a base checksum to apply_textdelta (r36890)
* syntax updates for strict C89 compilers (r36799)
* update RPM scripts for RHEL4 (r36834)
* allow tests to be run with Python 2.6.1 on Windows (r36149, -50, -51, -56)
* allow building JavaHL with Visual Studio 2008 (r36954)
* stop setting default translation domain in JavaHL (r36955)
* fixed: warning with Python 2.6 and ctypes bindings (r36559)
* fixed: undefined references to svn_fs_path_change2_create() (r36823)
Mon Mar 30 14:00:00 2009 pascal.bleserAATTopensuse.org
- fix build on SLE10
- don\'t build on SLE9, its python is too old (requires >= 2.4)
- build gnome-keyring and kde4 kwallet authentication store plugins
as subpackages
- added explicit BuildRequires for cyrus-sasl-devel
- use an in-tree sqlite 3.6.11 as recommended instead of the
system-wide version
- removed the %changelog from the spec file, was very long, and we
have a .changes file anyway
- rpmlint happiness:
* added a patch to remove a pointless shebang in the python
bindings
* removed dot at end of Summary in subpackages
- removed the License: tag in each subpackage
Sun Mar 22 13:00:00 2009 pascal.bleserAATTopensuse.org
- build the new ctypes python bindings
- upgraded in-tree SWIG to the recommended version for building
SVN: 1.3.36 (required to build the Ruby bindings)
- 1.6.0 in a separate repository for now
- update to 1.6.0:
* the working copy format has been upgraded: this means that 1.5
and older Subversion clients will not be able to work with
working copies produced by Subversion 1.6; working copies are
upgraded automatically
* the repository filesystem formats have changed, meaning that
1.5 and older versions of Subversion tools that normally access
a repository directly (e.g. svnserve, mod_dav_svn, svnadmin)
won\'t be able to read a repository created by Subversion 1.6;
but, repositories are not upgraded automatically (use
\"svnadmin upgrade\")
* improved output of \"svn proplist --verbose\"
* \"svn propget\" now accepts the --verbose option
* changed output of \"svn status\": now contains the additional
seventh column which informs whether the item is the victim of a
tree conflict; an additional line with more detailed description
of a tree conflict is displayed after each item remaining in tree
conflict
* subversion prompts before storing passwords in plaintext form
* passwords can be stored in KWallet (KDE 4) and GNOME Keyring
* SSL client certificate passphrases can be stored in KWallet,
GNOME Keyring in encrypted form or in plaintext form
* repository root relative URLs (client)
* improvements to \"svn:externals\": support for files and usual shell
quoting rules in external definitions
* detection of tree conflicts: Subversion 1.6 recognizes a new kind
of conflict, known as a \"tree conflict\"; such conflicts manifest
at the level of directory structure, rather than file content
* several improvements to both the Berkeley DB and FSFS backends,
designed to improve storage space, and can result in drastically
smaller repositories:
+ sharing multiple common representations
+ FSFS repositories: packing completed shards
+ FSFS repositories: support for Memcached
+ BDB repositories: reverse deltas
* ctypes Python bindings
* improved interactive conflict resolution
* sparse directory exclusion
* logging support for svnserve
* new public \"historical\" HTTP URI syntax for mod_dav_svn
* the \"svn log\" command can now take multiple revision arguments in
one invocation
* --trust-server-cert option: added to svn and svnsync, so that
non-interactive operations can work with self-signed certificates
not backed by a known trust authority
Sun Mar 8 13:00:00 2009 pascal.bleserAATTopensuse.org
- enable build of ruby bindings by using an in-tree SWIG 1.3.33
- update to 1.5.6:
* allow colons within mergeinfo path names (r35040)
* make it impossible to add .svn to wc via \'svn add --parents\'
(r35143, -5)
* copy properties of added but uncommitted files (r32448)
* improve performance of log operation on < 1.5 servers (r35566)
* allow commits over Neon of files >2GB (POSIX only) (r34919, -24)
* allow serf from behind MS ISA proxy servers (r35981)
* prevent svnmerge-migrate-history.py from committing bogus
mergeinfo (r35516)