[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Issues with mod_dav in httpd 2.2.25 and 2.4.6

From: Pavel Lyalyakin <pavel.lyalyakin_at_visualsvn.com>
Date: Fri, 8 Nov 2013 12:27:15 +0400


I've just replied to the related thread and noticed this one.
VisualSVN Server has the patch applied since 2.6.5 version:

On Fri, Nov 8, 2013 at 9:46 AM, Ben Reser <ben_at_reser.org> wrote:
> The current releases of httpd (at the time of writing this email) have two
> issues when used with Subversion. At this point httpd doesn't release very
> often leaving some users with an unfortunate choice to leave their httpd
> unpatched from some security issues fixed by those releases or to deal with
> these additional bugs introduced in recent versions of httpd.
> In order to help the end users I've put together some patches (that should be
> included in the next releases of Apache httpd) that resolve these issues.
> * PR 55397 : ABI change in mod_dav causes failures with older versions of SVN
> https://issues.apache.org/bugzilla/show_bug.cgi?id=55397
> This issue presents itself when the client or the server are 1.6.x or older
> (specifically that they do not support HTTPv2). Users will see failures when
> trying to commit changes to paths that have URI unsafe characters in their
> names (e.g. paths with spaces). This will show up as an error about
> "Unable to PUT new contents for /path" in the httpd error logs.
> Patches:
> 2.4.x: https://people.apache.org/~breser/httpd/2.4.x/patches/pr55397.patch
> 2.2.x: https://people.apache.org/~breser/httpd/2.2.x/patches/pr55397.patch
> * PR 55306 : COPY fails when source is locked
> https://issues.apache.org/bugzilla/show_bug.cgi?id=55306
> This issue presents itself with an 424 Failed Dependency when the source that
> you're copying is locked with `svn lock`.
> Patches:
> 2.4.x: https://people.apache.org/~breser/httpd/2.4.x/patches/pr55306.patch
> 2.2.x: https://people.apache.org/~breser/httpd/2.2.x/patches/pr55306.patch
> I believe some binary packages have included these patches already. But I'm
> not sure which ones have and have not. Hopefully those vendors can respond
> here to note that. Note that the patches are against httpd and not SVN so if
> the binary package you're using does not include Apache httpd and just uses the
> httpd included with your OS/distribution then it's up to the OS/distribution to
> have patched (which they likely have not).

With best regards,
Pavel Lyalyakin
VisualSVN Team
Received on 2013-11-08 09:28:29 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.