subversion-1.8.13

[Fernando de Oliveira]

​https://www.apache.org/dist/subversion/subversion-1.8.13.tar.bz2

SHA1: aa0bd14ac6a8f0fb178cc9ff325387de01cd7452 subversion-1.8.13.tar.bz2

​https://mail-archives.apache.org/mod_mbox/subversion-announce/201503.mbox/%3C20150331120220.GO17807%40jim.stsp.name%3E

This release addresses 3 security issues.

  CVE-2015-0202: Subversion HTTP servers with FSFS repositories are
                 vulnerable to a remotely triggerable excessive memory
                 use with certain REPORT requests.
  CVE-2015-0248: Subversion mod_dav_svn and svnserve are vulnerable to a
                 remotely triggerable assertion DoS vulnerability for certain
                 requests with dynamically evaluated revision numbers
  CVE-2015-0251: Subversion HTTP servers allow spoofing svn:author property
                 values for new revisions
For details see the advisories at:

    http://subversion.apache.org/security/CVE-2015-0202-advisory.txt
    http://subversion.apache.org/security/CVE-2015-0248-advisory.txt
    http://subversion.apache.org/security/CVE-2015-0251-advisory.txt

[Fernando de Oliveira]

Ruby and Java bindings checks completely fail. The others completely pass.

Ruby

if [ "LD_LIBRARY_PATH" = "DYLD_LIBRARY_PATH" ]; then for d in /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby/libsvn_swig_ruby /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby/../../../libsvn_*; do if [ -n "$DYLD_LIBRARY_PATH" ]; then LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$d/.libs"; else LD_LIBRARY_PATH="$d/.libs"; fi; done; export LD_LIBRARY_PATH; fi; \
cd /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby; \
          if [ "2" -eq 1 -a "2" -lt 9 ] ; then \
            /usr/bin/ruby -I /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby \
              /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby/test/run-test.rb \
      --verbose=normal; \
          else \
    /usr/bin/ruby -I /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby \
      /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/swig/ruby/test/run-test.rb; \
          fi
Makefile:859: recipe for target 'check-swig-rb' failed
make: *** [check-swig-rb] Error 1

Java:

if [ "LD_LIBRARY_PATH" = "DYLD_LIBRARY_PATH" ]; then for d in /tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/libsvn_*; do if [ -n "$DYLD_LIBRARY_PATH" ]; then LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$d/.libs"; else LD_LIBRARY_PATH="$d/.libs"; fi; done; export LD_LIBRARY_PATH; fi; \
/opt/jdk/bin/java "-Dtest.rootdir=/tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/javahl/test-work" "-Dtest.srcdir=/tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/javahl" "-Dtest.rooturl=" "-Dtest.fstype=" "-Djava.library.path=subversion/bindings/javahl/native/.libs:/usr/lib" -classpath "subversion/bindings/javahl/classes:/tmp/porg-build-2015.04.01-19h23m00s/subversion-1.8.13/subversion/bindings/javahl/src:" "-Dtest.tests=" org.apache.subversion.javahl.RunTests
Error: Could not find or load main class org.apache.subversion.javahl.RunTests
Makefile:486: recipe for target 'check-apache-javahl' failed
make: *** [check-apache-javahl] Error 1
make: Target 'check-javahl' not remade because of errors.

[Fernando de Oliveira]

Fixed at r15768.

[Fernando de Oliveira]

Forgot to close

[bdubbs@…]

I got the same errors. I've tried to look at what they are trying to do, but don't understand ruby/java quite well enough to figure it out. They both have problems finding something they need.

We might want to reword what we have from "for unknown reasons" to "errors in the test suite".

[Fernando de Oliveira]

I agree. Thank s for checking. Will you do, please, or do you want me to do it tomorrow?