* [SECURITY] Updated: subversion-1.9.4-1
@ 2016-04-30 23:18 David Rothenberger
0 siblings, 0 replies; only message in thread
From: David Rothenberger @ 2016-04-30 23:18 UTC (permalink / raw)
To: cygwin-announce
SECURITY:
=========
This release fixes two security issues:
CVE-2016-2167:
svnserve/sasl may authenticate users using the wrong realm.
http://subversion.apache.org/security/CVE-2016-2167-advisory.txt
CVE-2016-2168:
Remotely triggerable DoS vulnerability in mod_authz_svn during
COPY/MOVE authorization check.
http://subversion.apache.org/security/CVE-2016-2168-advisory.txt
NEWS:
=====
Please see the release notes
http://subversion.apache.org/docs/release-notes/1.9.html
for more details about the changes in Subversion.
See
http://svn.apache.org/repos/asf/subversion/tags/1.9.4/CHANGES
for more details about the changes in 1.9.4.
DESCRIPTION:
============
Subversion is a version control system designed to be a compelling
successor to CVS.
Please see
http://svnbook.red-bean.com/nightly/en/index.html
for the latest official release of the Subversion Book.
QUESTIONS:
==========
If you want to make a point or ask a question the Cygwin mailing list is
the appropriate place.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-04-30 23:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-04-30 23:18 [SECURITY] Updated: subversion-1.9.4-1 David Rothenberger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).