News for package subversion

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.0
Source: subversion
Binary: subversion, subversion-dbg, libsvn1, libsvn-dev, libsvn-doc, libapache2-mod-svn, libapache2-svn, python-subversion, subversion-tools, libsvn-java, libsvn-perl, ruby-svn, libsvn-ruby1.8
Architecture: any all
Version: 1.8.10-6
Maintainer: Peter Samuelson <[email protected]>
Uploaders: Troy Heber <[email protected]>, James McCoy <[email protected]>
Homepage: http://subversion.apache.org/
Standards-Version: 3.9.5
Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-subversion/src/1.8.x/
Vcs-Svn: svn://anonscm.debian.org/pkg-subversion/src/1.8.x/
Testsuite: autopkgtest
Build-Depends: debhelper (>= 8), libserf-dev (>= 1.2), zlib1g-dev, libapr1-dev, libaprutil1-dev, libdb5.3-dev, libsasl2-dev, apache2-dev, dh-apache2, libsqlite3-dev (>= 3.7.12), libgnome-keyring-dev, libdbus-1-dev, kdelibs5-dev, quilt, doxygen, autotools-dev, autoconf, libtool, swig, python-all-dev, perl, libperl-dev, ruby, ruby-dev, default-jdk, junit
Build-Conflicts: libsvn-dev (<< 1.8~), ruby-test-unit
Package-List:
 libapache2-mod-svn deb httpd optional arch=any
 libapache2-svn deb oldlibs extra arch=all
 libsvn-dev deb libdevel extra arch=any
 libsvn-doc deb doc extra arch=all
 libsvn-java deb java optional arch=any
 libsvn-perl deb perl optional arch=any
 libsvn-ruby1.8 deb oldlibs extra arch=all
 libsvn1 deb libs optional arch=any
 python-subversion deb python optional arch=any
 ruby-svn deb ruby optional arch=any
 subversion deb vcs optional arch=any
 subversion-dbg deb debug extra arch=any
 subversion-tools deb vcs extra arch=any
Checksums-Sha1:
 8e1e1e5fd97c3f575a81d66232c62dc902257a17 9331079 subversion_1.8.10.orig.tar.gz
 59eff0583ec60ad831d9e0aa972d28c7cb867057 277870 subversion_1.8.10-6.diff.gz
Checksums-Sha256:
 d0efa2533225c0bfba2ac27bcc004255997cbbde58f4f970dfb9dc3cc825005f 9331079 subversion_1.8.10.orig.tar.gz
 2631c3f9283e02e801f18398424098afc592373fc6d13378ab903236e712a349 277870 subversion_1.8.10-6.diff.gz
Files:
 88cd7d8cc0fcdd00957ecca5c2550d5c 9331079 subversion_1.8.10.orig.tar.gz
 80e01f3dbfc883dfed652f56328c8605 277870 subversion_1.8.10-6.diff.gz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJVG242XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ5MUJGQkY0RDY5NTZCRDVERjdCNzJEMjNE
RkU2OTFBRTMzMUJBM0RCAAoJEN/mka4zG6PbEpoP/2ud3KNyuA2uMqVHsDn9FBO3
hZSEztlSjc8Gh+QPSnNuOZmrXTPJXkyMDaQp3toaAEmHzxPz9wvzHZAARuCmWXZh
EtN4yFfnGAvU+0isVAzKr47NQZF41bT3tE6gOCWWQdiOn3xH/BUxbzboK88s8zQy
i+FC+4dWF7y/m9vy9sVYuZ7lGcO8rv45qZdJCHdN8jMiIe32I2YB4Wfe8DvSxvU+
4aosC/zV/azK8Xoo01r49Dnxq78OBkMni2MferhqJ2HPZkAPx79XETFI+YQMNZSG
OBeLcgG9mPp0lzsFFRhiZd1crDb8EObdbmqiRFEW9ESAAXv6DzaMsPIuuW/WvH4L
CyZLhLkb1AJJjkE/kIeQzsNBXhH8mFsAFKLqdElclzdZpY1WrhsbtdMXRee+5ioL
JYSSNgu2+m4B4AcWVaOMQoG6Cl62JYyA8xYMWrewzzlr5c/yHXrfUDgina+dGn0m
Gd/zmYmNjJ2w/DJIQ2qmFKfXVZS37gpF9QHHDyZvsC3gz7TENuW0qbSfMLbbv/yj
3vzjMfAK0mn1bHFsEjDHQyQ1GhvPp0wOWD0Z26UvXoLk2IKAWFBRCklAt4OuAc4R
oF9XpVB1kwx7V9NLJA5DeL0idJ/1imCm0K2akKb/K0vjhs33n4ChAc0UxpPuKvMT
XdLjCGYlDVIaynKAWSBA
=LNL/
-----END PGP SIGNATURE-----

Changes:
subversion (1.8.10-6) unstable; urgency=high

  * patches/CVE-2015-0202: Excessive memory use with certain REPORT requests
    against mod_dav_svn with FSFS repositories
  * patches/CVE-2015-0248: Assertion DoS vulnerability for certain mod_dav_svn
    and svnserve requests with dynamically evaluated revision numbers
  * patches/CVE-2015-0251: mod_dav_svn allows spoofing svn:author property
    values for new revisions

 -- James McCoy <[email protected]>  Tue, 31 Mar 2015 22:51:18 -0400