subversion 1.9.3-2ubuntu1.1 source package in Ubuntu
Changelog
subversion (1.9.3-2ubuntu1.1) xenial-security; urgency=medium * SECURITY UPDATE: Arbitrary code execution on clients through malicious svn+ssh URLs - debian/patches/CVE-2017-9800-1.9.6.patch: ensure that host arguments to ssh cannot be treated as ssh options. - CVE-2017-9800 * SECURITY UPDATE: svnserve/sasl may authenticate users using the wrong realm. - debian/patches/CVE-2016-2167.patch: Reject invalid usernames when SASL is being used. - CVE-2016-2167 * SECURITY UPDATE: remotely triggerable crash in the mod_authz_svn module. - debian/patches/CVE-2016-2167.patch: Reject requests with invalid Destination headers. - CVE-2016-2168 * SECURITY UPDATE: denial-of-service caused by exponential XML entity expansion ("billion laughs attack"). - debian/patches/CVE-2016-8734.patch: properly error out the parser on invalid data. - CVE-2016-8734 -- Steve Beattie <email address hidden> Wed, 09 Aug 2017 23:16:19 -0700
Upload details
- Uploaded by:
- Steve Beattie
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- vcs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
subversion_1.9.3.orig.tar.gz | 10.1 MiB | 74cd21d2f8a2a54e4dbd2389fe1605a19dbda8ba88ffc4bb0edc9a66e143cc93 |
subversion_1.9.3-2ubuntu1.1.diff.gz | 2.3 MiB | 43ea0c91f14ddee823b7e661e3dec6eaa4eab55d0c9f69c22df4584e8392bbd6 |
subversion_1.9.3-2ubuntu1.1.dsc | 3.2 KiB | eb2f59f1a17be16de1094ac1bf9e961eb65dbc55d20f22bdf0c26bf9e181b8ab |
Available diffs
Binary packages built by this source
- libapache2-mod-svn: Apache Subversion server modules for Apache httpd
This package provides the mod_dav_svn and mod_authz_svn modules for
the Apache 2.4 web server. These modules provide Apache Subversion's WebDAV
server backend, to serve repositories over the http and https
protocols. See the 'subversion' package for more information.
- libapache2-mod-svn-dbgsym: debug symbols for package libapache2-mod-svn
This package provides the mod_dav_svn and mod_authz_svn modules for
the Apache 2.4 web server. These modules provide Apache Subversion's WebDAV
server backend, to serve repositories over the http and https
protocols. See the 'subversion' package for more information.
- libapache2-svn: Apache Subversion server modules for Apache httpd (dummy package)
This is a transition package to install the Apache Subversion server
module for Apache httpd. You may remove this package if nothing depends
on it.
- libsvn-dev: Development files for Apache Subversion libraries
This package contains the symlinks, headers, and object files needed
to compile and link programs which use libsvn1, the Apache Subversion
libraries. This package is needed only in order to compile software
that uses libsvn1.
- libsvn-dev-dbgsym: debug symbols for package libsvn-dev
This package contains the symlinks, headers, and object files needed
to compile and link programs which use libsvn1, the Apache Subversion
libraries. This package is needed only in order to compile software
that uses libsvn1.
- libsvn-doc: Developer documentation for libsvn
This package contains development (API) documentation for libsvn1, the
Apache Subversion libraries. See the 'libsvn1' package for more information.
- libsvn-java: Java bindings for Apache Subversion
This is a set of Java classes which provide the functionality of
libsvn, the Apache Subversion libraries. It is useful if you want to,
for example, write a Java class that manipulates a Subversion repository
or working copy. See the 'subversion' package for more information.
- libsvn-java-dbgsym: debug symbols for package libsvn-java
This is a set of Java classes which provide the functionality of
libsvn, the Apache Subversion libraries. It is useful if you want to,
for example, write a Java class that manipulates a Subversion repository
or working copy. See the 'subversion' package for more information.
- libsvn-perl: Perl bindings for Apache Subversion
This is a set of Perl interfaces to libsvn, the Apache Subversion libraries.
It is useful if you want to, for example, write a Perl script that
manipulates a Subversion repository or working copy. See the
'subversion' package for more information.
- libsvn-perl-dbgsym: debug symbols for package libsvn-perl
This is a set of Perl interfaces to libsvn, the Apache Subversion libraries.
It is useful if you want to, for example, write a Perl script that
manipulates a Subversion repository or working copy. See the
'subversion' package for more information.
- libsvn-ruby1.8: Ruby bindings for Apache Subversion (dummy package)
This is a transition package to install the Apache Subversion library
bindings for Ruby 1.8. You may remove this package if nothing depends
on it.
- libsvn1: Shared libraries used by Apache Subversion
This package includes shared libraries to manipulate Apache Subversion
(svn) repositories and working copies. See the 'subversion' package for
more information.
- libsvn1-dbgsym: debug symbols for package libsvn1
This package includes shared libraries to manipulate Apache Subversion
(svn) repositories and working copies. See the 'subversion' package for
more information.
- python-subversion: Python bindings for Apache Subversion
This is a set of Python interfaces to libsvn, the Apache Subversion
libraries. It is useful if you want to, for example, write a Python
script that manipulates a Subversion repository or working copy. See
the 'subversion' package for more information.
- python-subversion-dbg: Python bindings for Subversion (debug extension)
This is a set of Python interfaces to libsvn, the Subversion
libraries. It is useful if you want to, for example, write a Python
script that manipulates a Subversion repository or working copy. See
the 'subversion' package for more information.
.
This package contains the extension built for the python debug interpreter.
- ruby-svn: Ruby bindings for Apache Subversion
This is a set of Ruby interfaces to libsvn, the Apache Subversion libraries.
It is useful if you want to, for example, write a Ruby script that
manipulates a Subversion repository or working copy. See the
'subversion' package for more information.
- ruby-svn-dbgsym: debug symbols for package ruby-svn
This is a set of Ruby interfaces to libsvn, the Apache Subversion libraries.
It is useful if you want to, for example, write a Ruby script that
manipulates a Subversion repository or working copy. See the
'subversion' package for more information.
- subversion: Advanced version control system
Apache Subversion, also known as svn, is a centralised version control
system. Version control systems allow many individuals (who may be
distributed geographically) to collaborate on a set of files (source
code, websites, etc). Subversion began with a CVS paradigm and
supports all the major features of CVS, but has evolved to support
many features that CVS users often wish they had.
.
This package includes the Subversion client (svn), repository
administration tools (svnadmin, svnlook) and a network server (svnserve).
- subversion-dbg: Debug symbols for Apache Subversion
This package contains debug symbols for libsvn1 and its dependent packages
including subversion, libapache2-mod-svn, and the various programming language
interfaces.
- subversion-dbgsym: debug symbols for package subversion
Apache Subversion, also known as svn, is a centralised version control
system. Version control systems allow many individuals (who may be
distributed geographically) to collaborate on a set of files (source
code, websites, etc). Subversion began with a CVS paradigm and
supports all the major features of CVS, but has evolved to support
many features that CVS users often wish they had.
.
This package includes the Subversion client (svn), repository
administration tools (svnadmin, svnlook) and a network server (svnserve).
- subversion-tools: Assorted tools related to Apache Subversion
This package includes miscellaneous tools for use with Apache Subversion
clients and servers:
* svn-backup-dumps: Incremental dumpfile-based backup script
* svn-bisect: Bisect revisions to find a regression
* svn-clean: Remove unversioned files from a working copy
* svn-fast-backup: rsync-based backup script for FSFS repositories
* svn-hot-backup: Backup script, primarily for BDB repositories
* svn_apply_autoprops: Apply property settings from
.subversion/config file to an existing repository
* svn_load_dirs: Sophisticated replacement for 'svn import'
* svnwrap: Set umask to 002 before calling svn or svnserve
* fsfs-access-map: Convert strace output into FSFS access map
* several example hook scripts: commit-access- control, commit-email,
log-police, mailer, svnperms, verify-po
.
NOTE that some of these scripts are unsupported by upstream, and may
change radically or disappear in future releases. Some of these
scripts require packages on the Recommends list.
- subversion-tools-dbgsym: debug symbols for package subversion-tools
This package includes miscellaneous tools for use with Apache Subversion
clients and servers:
* svn-backup-dumps: Incremental dumpfile-based backup script
* svn-bisect: Bisect revisions to find a regression
* svn-clean: Remove unversioned files from a working copy
* svn-fast-backup: rsync-based backup script for FSFS repositories
* svn-hot-backup: Backup script, primarily for BDB repositories
* svn_apply_autoprops: Apply property settings from
.subversion/config file to an existing repository
* svn_load_dirs: Sophisticated replacement for 'svn import'
* svnwrap: Set umask to 002 before calling svn or svnserve
* fsfs-access-map: Convert strace output into FSFS access map
* several example hook scripts: commit-access- control, commit-email,
log-police, mailer, svnperms, verify-po
.
NOTE that some of these scripts are unsupported by upstream, and may
change radically or disappear in future releases. Some of these
scripts require packages on the Recommends list.