News for package subversion

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.0
Source: subversion
Binary: subversion, subversion-dbg, libsvn1, libsvn-dev, libsvn-doc, libapache2-mod-svn, libapache2-svn, python-subversion, subversion-tools, libsvn-java, libsvn-perl, ruby-svn, libsvn-ruby1.8
Architecture: any all
Version: 1.8.10-5
Maintainer: Peter Samuelson <[email protected]>
Uploaders: Troy Heber <[email protected]>, James McCoy <[email protected]>
Homepage: http://subversion.apache.org/
Standards-Version: 3.9.5
Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-subversion/src/1.8.x/
Vcs-Svn: svn://anonscm.debian.org/pkg-subversion/src/1.8.x/
Testsuite: autopkgtest
Build-Depends: debhelper (>= 8), libserf-dev (>= 1.2), zlib1g-dev, libapr1-dev, libaprutil1-dev, libdb5.3-dev, libsasl2-dev, apache2-dev, dh-apache2, libsqlite3-dev (>= 3.7.12), libgnome-keyring-dev, libdbus-1-dev, kdelibs5-dev, quilt, doxygen, autotools-dev, autoconf, libtool, swig, python-all-dev, perl, libperl-dev, ruby, ruby-dev, default-jdk, junit
Build-Conflicts: libsvn-dev (<< 1.8~), ruby-test-unit
Package-List:
 libapache2-mod-svn deb httpd optional arch=any
 libapache2-svn deb oldlibs extra arch=all
 libsvn-dev deb libdevel extra arch=any
 libsvn-doc deb doc extra arch=all
 libsvn-java deb java optional arch=any
 libsvn-perl deb perl optional arch=any
 libsvn-ruby1.8 deb oldlibs extra arch=all
 libsvn1 deb libs optional arch=any
 python-subversion deb python optional arch=any
 ruby-svn deb ruby optional arch=any
 subversion deb vcs optional arch=any
 subversion-dbg deb debug extra arch=any
 subversion-tools deb vcs extra arch=any
Checksums-Sha1:
 8e1e1e5fd97c3f575a81d66232c62dc902257a17 9331079 subversion_1.8.10.orig.tar.gz
 b5a4f3e2318af98ee10686efe26aa2010c2bbc9d 271647 subversion_1.8.10-5.diff.gz
Checksums-Sha256:
 d0efa2533225c0bfba2ac27bcc004255997cbbde58f4f970dfb9dc3cc825005f 9331079 subversion_1.8.10.orig.tar.gz
 d0d672e75eb6e4221dcee8ae629bdd8b2cc3931935594db81bf4f5369ffe9e74 271647 subversion_1.8.10-5.diff.gz
Files:
 88cd7d8cc0fcdd00957ecca5c2550d5c 9331079 subversion_1.8.10.orig.tar.gz
 e41209ff8e8eb73bd1fe951b35b7b4ec 271647 subversion_1.8.10-5.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUk4A7XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5MUJGQkY0RDY5NTZCRDVERjdCNzJEMjNE
RkU2OTFBRTMzMUJBM0RCAAoJEN/mka4zG6PbBWcQALRDy1HViQoJJYupq3taQ6HJ
Q56XEfldXIgjKoiaF1XP1XqC1K98EpX+C+5Ut7lGlBLJ4mRZ+R9Fme+HF6KHWGNS
hAT1B9upMZUDY1ioHgTjOPK+zmERkA5FDRQT2u/Z0K3UQVW04wLlUVR3kNyuBMG+
83rqDj0v1rmezgY64OmAqLl/ELPUfxn42OZdjRmIsOml1q4AnC+yUvZgavM0ATJj
ztFoPcB+VJf8pRtOv2PqPuKa8ccnQDqSmCTtDP+6426vEsWzMD3naz/qoXSCOHTk
vlFd1ET/jbuxumaCGCK7IMaRMuVrQKntevarcUVT4RkZMbec89bo7x1n4TamiIJ7
WFtNIzmfW1yrX7jwxgsT+q5QcvHGvj4w9W93XXruhgjIpWYEvliK2Pq/x+Yw7v+l
ExK9JiF60T/IijbCy/kcOlDRTs7NvLGzZrkji9j/Jg4IcT0z2RM9o+D3xux5aFAH
lsGayF3KcYhA4reDde2LWtPPo49KL7NNx5h/dh49DevPHD1IqJ4TgrslnSmQERD3
+w0pBCZ/p79ta7p/hk2p/XZif+zSmY9CVgQZ8sYdSltRXc9rRtq1CvxTuGnZ+pIf
IH31ZD+2K3foyrSZm+/CwNRowUfQysgg/vKbcS76YVwFxCfHszALEZ3zNxaRLA42
vWtW1RkfKsyWa2w37FWr
=FNnR
-----END PGP SIGNATURE-----

Changes:
subversion (1.8.10-5) unstable; urgency=medium

  * patches/CVE-2014-8108: mod_dav_svn DoS vulnerability with invalid virtual
    transaction names  (Closes: #773315)
  * patches/CVE-2014-3580: mod_dav_svn DoS vulnerability with invalid REPORT
    requests (Closes: #773263)

 -- James McCoy <[email protected]>  Wed, 17 Dec 2014 00:11:03 -0500