[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Apache Subversion 1.7.13 released

From: Ben Reser <breser_at_apache.org>
Date: Fri, 30 Aug 2013 08:59:27 -0700

On 8/30/13 8:34 AM, Ben Reser wrote:
> I'm happy to announce the release of Apache Subversion 1.7.13.
>
> Please note that Subversion 1.7.13 is the next release after Subversion 1.7.11.
> The 1.7.12 release was not published publicly, due to issues found
> during testing.
>
> Please choose the mirror closest to you by visiting:
>
> http://subversion.apache.org/download/#recommended-release
>
> This release addresses one security issue:
> CVE-2013-4246: svnserve: symlink attack against pid file
>
> More information on this vulnerability, including the relevant
> advisory and potential attack vectors and workarounds, can be found
> on the Subversion security website:
> http://subversion.apache.org/security/

CVE-2013-4246 was incorrectly used in this announcement. The correct list of
security issues follows:
     CVE-2013-4277: svnserve: symlink attack against pid file
Received on 2013-08-30 18:00:25 CEST

This is an archived mail posted to the Subversion Users mailing list.