subversion 1.13.0-3ubuntu0.1 source package in Ubuntu

Changelog

subversion (1.13.0-3ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Use-after-free of object-pools when used as httpd module
    - debian/patches/CVE-2022-24070.patch: Register cleanup handler to reset
      authz initialization state in subversion/libsvn_repos/authz.c
    - CVE-2022-24070
  * SECURITY UPDATE: Disclosure of copyfrom paths that should be hidden
    according to configured path-based authz rules when copying.
    - debian/patches/CVE-2021-28544.patch: Do not expose copyfrom information
      if path is configured private with authz.
    - CVE-2021-28544

 -- Spyros Seimenis <email address hidden>  Fri, 08 Apr 2022 12:43:33 +0300

Upload details

Uploaded by:
Spyros Seimenis
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
vcs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
subversion_1.13.0.orig.tar.gz 11.0 MiB daad440c03b8a86fcca804ea82217bb1902cfcae1b7d28c624143c58dcb96931
subversion_1.13.0.orig.tar.gz.asc 2.9 KiB ed4f87b947b8172fcaa4c741d8ccc7929914b18cf1ccffc32b4f159fdee3070d
subversion_1.13.0-3ubuntu0.1.debian.tar.xz 413.4 KiB fbf0806d137bd0e9b77bd0b9fbbe813b997798d31fddd215b609c78a6c907990
subversion_1.13.0-3ubuntu0.1.dsc 3.1 KiB 8eb8426a8b87fd0aaf88941a35503c72123a3e6bcf309b0245df96a3ff586df3

View changes file

Binary packages built by this source

libapache2-mod-svn: Apache Subversion server modules for Apache httpd

 This package provides the mod_dav_svn and mod_authz_svn modules for
 the Apache 2.4 web server. These modules provide Apache Subversion's WebDAV
 server backend, to serve repositories over the http and https
 protocols. See the 'subversion' package for more information.

libapache2-mod-svn-dbgsym: debug symbols for libapache2-mod-svn
libsvn-dev: Development files for Apache Subversion libraries

 This package contains the symlinks, headers, and object files needed
 to compile and link programs which use libsvn1, the Apache Subversion
 libraries. This package is needed only in order to compile software
 that uses libsvn1.

libsvn-doc: Developer documentation for libsvn

 This package contains development (API) documentation for libsvn1, the
 Apache Subversion libraries. See the 'libsvn1' package for more information.

libsvn-java: Java bindings for Apache Subversion

 This is a set of Java classes which provide the functionality of
 libsvn, the Apache Subversion libraries. It is useful if you want to,
 for example, write a Java class that manipulates a Subversion repository
 or working copy. See the 'subversion' package for more information.

libsvn-java-dbgsym: debug symbols for libsvn-java
libsvn-perl: Perl bindings for Apache Subversion

 This is a set of Perl interfaces to libsvn, the Apache Subversion libraries.
 It is useful if you want to, for example, write a Perl script that
 manipulates a Subversion repository or working copy. See the
 'subversion' package for more information.

libsvn-perl-dbgsym: debug symbols for libsvn-perl
libsvn1: Shared libraries used by Apache Subversion

 This package includes shared libraries to manipulate Apache Subversion
 (svn) repositories and working copies. See the 'subversion' package for
 more information.

libsvn1-dbgsym: debug symbols for libsvn1
python-subversion: Python bindings for Apache Subversion

 This is a set of Python interfaces to libsvn, the Apache Subversion
 libraries. It is useful if you want to, for example, write a Python
 script that manipulates a Subversion repository or working copy. See
 the 'subversion' package for more information.

python-subversion-dbgsym: debug symbols for python-subversion
ruby-svn: Ruby bindings for Apache Subversion

 This is a set of Ruby interfaces to libsvn, the Apache Subversion libraries.
 It is useful if you want to, for example, write a Ruby script that
 manipulates a Subversion repository or working copy. See the
 'subversion' package for more information.

ruby-svn-dbgsym: debug symbols for ruby-svn
subversion: Advanced version control system

 Apache Subversion, also known as svn, is a centralised version control
 system. Version control systems allow many individuals (who may be
 distributed geographically) to collaborate on a set of files (source
 code, websites, etc). Subversion began with a CVS paradigm and
 supports all the major features of CVS, but has evolved to support
 many features that CVS users often wish they had.
 .
 This package includes the Subversion client (svn, svnsync), repository
 administration tools (svnadmin, svnlook) and a network server (svnserve).

subversion-dbgsym: debug symbols for subversion
subversion-tools: Assorted tools related to Apache Subversion

 This package includes miscellaneous tools for use with Apache Subversion
 clients and servers:
  * svn-backup-dumps: Incremental dumpfile-based backup script
  * svn-bisect: Bisect revisions to find a regression
  * svn-clean: Remove unversioned files from a working copy
  * svn-hot-backup: Backup script, primarily for BDB repositories
  * svn_apply_autoprops: Apply property settings from
    .subversion/config file to an existing repository
  * svn_load_dirs: Sophisticated replacement for 'svn import'
  * svnwrap: Set umask to 002 before calling svn or svnserve
  * fsfs-access-map: Convert strace output into FSFS access map
  * several example hook scripts: commit-access-control, commit-email,
    log-police, mailer, svnperms, verify-po
 .
 NOTE that some of these scripts are unsupported by upstream, and may
 change radically or disappear in future releases. Some of these
 scripts require packages on the Recommends list.

subversion-tools-dbgsym: debug symbols for subversion-tools