File _patchinfo of Package patchinfo
<patchinfo>
<category>security</category>
<rating>moderate</rating>
<packager>wrosenauer</packager>
<summary>subversion: update to 1.7.14</summary>
<description>This update fixes the following issues with subversion:
- bnc#850747: update to 1.7.14
* CVE-2013-4505: mod_dontdothat does not restrict requests from
serf clients.
* CVE-2013-4558: mod_dav_svn assertion triggered by
autoversioning commits.
+ Client- and server-side bugfixes:
* fix assertion on urls of the form 'file://./'
+ Client-side bugfixes:
* upgrade: fix an assertion when used with pre-1.3 wcs
* fix externals that point at redirected locations
* diff: fix incorrect calculation of changes in some cases
* diff: fix errors with added/deleted targets
+ Server-side bugfixes:
* mod_dav_svn: Prevent crashes with some 3rd party modules
* fix OOM on concurrent requests at threaded server start
* fsfs: limit commit time of files with deep change histories
* mod_dav_svn: canonicalize paths properly
+ Other tool improvements and bugfixes:
* mod_dontdothat: Fix the uri parser
+ Developer-visible changes:
* javahl: canonicalize path for streamFileContent method
+ require python-sqlite when running regression tests</description>
<issue tracker="cve" id="CVE-2010-3315"/>
<issue tracker="cve" id="CVE-2010-4539"/>
<issue tracker="cve" id="CVE-2010-4644"/>
<issue tracker="cve" id="CVE-2013-1884"/>
<issue tracker="cve" id="CVE-2013-4131"/>
<issue tracker="cve" id="CVE-2013-4505"/>
<issue tracker="cve" id="CVE-2013-4558"/>
<issue tracker="bnc" id="528714"/>
<issue tracker="bnc" id="649861"/>
<issue tracker="bnc" id="662030"/>
<issue tracker="bnc" id="713919"/>
<issue tracker="bnc" id="788015"/>
<issue tracker="bnc" id="794676"/>
<issue tracker="bnc" id="830031"/>
<issue tracker="bnc" id="836245"/>
<issue tracker="bnc" id="850747"/>
</patchinfo>