[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: 1.9.x release notes, SVN-4722

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Tue, 10 Dec 2019 06:56:28 +0000

Nathan Hartman wrote on Tue, Dec 10, 2019 at 01:22:41 -0500:
> On Mon, Dec 9, 2019 at 10:22 PM Daniel Shahaf <d.s_at_daniel.shahaf.name> wrote:
> > There were multiple security issues fixed in later 1.9 patch releases; see
> > https://subversion.apache.org/security/
>
> Yes. I see quite a few affecting various 1.9.x. I will handle these
> separately.

Thanks.

> 1.9 release notes: Document known issue SVN-4722 in 1.9.6 and 1.9.7
>
> * docs/release-notes/1.9.html
> (Known issues in the release): Add new subsection,
> "Commit can fail with an undeserved SHA1 collision error,"
> to document issue SVN-4722, which affects 1.9.6 and 1.9.7.

Historically, we've usually used the section's id in the «(symbol name)»
part of the log message. In fact, I'd probably have written this as just:

  (#svn-4722): New subsection.

This affects searchability of the logs.

In INSTALL this wouldn't make as much sense, though, because sections of INSTALL
don't have stable identifiers.

> +++ 1.9.html (working copy)
> @@ -1466,6 +1466,26 @@
>
> </div> <!-- shattered-sha1 -->

*nod*

> +<div class="h3" id="svn-4722">
> +<h3>Commit can fail with an undeserved SHA1 collision error
> + <a class="sectionlink" href="#svn-4722"
> + title="Link to this section">&para;</a>
> +</h3>
> +
> +<p>See <a href="https://issues.apache.org/jira/browse/SVN-4722?issueNumber=4722"
> +>issue 4722, "checksum fail during commit when delta is 16K"</a>.
> +</p>

Consider moving the above paragraph to be last, immediately before the </div>
tag. (I think it'll read better that way, but YMMV.)

> +<p>When using a Subversion 1.9.6 or 1.9.7 server, a commit may fail
> +with an undeserved SHA1 collision error: "E160000: SHA1 of reps
> +&hellip; and &hellip; matches (&hellip;) but contents differ." This
> +bug affects the 1.9.6 and 1.9.7 releases.</p>
> +
> +<p>A fix for this problem has been included in the 1.9.9 release
> +(1.9.8 was not publicly released).</p>
> +
> +</div> <!-- svn-4722 -->
> +
> </div> <!-- issues -->
>
> <div class="h2" id="troubleshooting">

+1 to commit.
Received on 2019-12-10 07:56:43 CET

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.