[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[ANNOUNCE] Apache Subversion 1.9.3 released

From: Evgeny Kotkov <kotkov_at_apache.org>
Date: Tue, 15 Dec 2015 18:39:40 +0300

I'm happy to announce the release of Apache Subversion 1.9.3.
Please choose the mirror closest to you by visiting:

    http://subversion.apache.org/download/#recommended-release

This release fixes two security issues:

    CVE-2015-5259:
    Remotely triggerable heap overflow and out-of-bounds read caused by
    integer overflow in the svn:// protocol parser.
    http://subversion.apache.org/security/CVE-2015-5259-advisory.txt

    CVE-2015-5343:
    Remotely triggerable heap overflow and out-of-bounds read in mod_dav_svn
    caused by integer overflow when parsing skel-encoded request bodies.
    http://subversion.apache.org/security/CVE-2015-5343-advisory.txt

The SHA1 checksums are:

    27e8df191c92095f48314a415194ec37c682cbcf subversion-1.9.3.tar.bz2
    b0cf8a64b1c244fcf2fa282d59ba34d7a57c3751 subversion-1.9.3.tar.gz
    a3216ef4bc804926c8be5dac07c32df5ab82d38a subversion-1.9.3.zip

PGP Signatures are available at:

    http://www.apache.org/dist/subversion/subversion-1.9.3.tar.bz2.asc
    http://www.apache.org/dist/subversion/subversion-1.9.3.tar.gz.asc
    http://www.apache.org/dist/subversion/subversion-1.9.3.zip.asc

For this release, the following people have provided PGP signatures:

   Bert Huijben [4096R/CCC8E1DF] with fingerprint:
    3D1D C66D 6D2E 0B90 3952 8138 C4A6 C625 CCC8 E1DF
   Evgeny Kotkov [4096R/09F9FA74] with fingerprint:
    E7B2 A7F4 EC28 BE9F F8B3 8BA4 B64F FF12 09F9 FA74
   Ivan Zhakov [4096R/F6AD8147] with fingerprint:
    4829 8F0F E47F 4B8A 43FD 6525 919F 6F61 F6AD 8147
   Johan Corveleyn [4096R/010C8AAD] with fingerprint:
    8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD
   Julian Foad [4096R/4EECC493] with fingerprint:
    6011 63CF 9D49 9FD7 18CF 582D 1FB0 64B8 4EEC C493
   Philip Martin [2048R/ED1A599C] with fingerprint:
    A844 790F B574 3606 EE95 9207 76D7 88E1 ED1A 599C
   Stefan Fuhrmann [4096R/57921ACC] with fingerprint:
    056F 8016 D9B8 7B1B DE41 7467 99EC 741B 5792 1ACC
   Stefan Sperling [2048R/9A59B973] with fingerprint:
    8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973

Release notes for the 1.9.x release series may be found at:

    http://subversion.apache.org/docs/release-notes/1.9.html

You can find the list of changes between 1.9.3 and earlier versions at:

    http://svn.apache.org/repos/asf/subversion/tags/1.9.3/CHANGES

Questions, comments, and bug reports to users_at_subversion.apache.org.

Thanks,
- The Subversion Team
Received on 2015-12-15 16:40:05 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.