---
- branch: MAIN
  date: Sat Apr 13 12:57:40 UTC 2013
  files:
  - new: '1.61'
    old: '1.60'
    path: pkgsrc/devel/subversion/Makefile.version
    pathrev: pkgsrc/devel/subversion/Makefile.version@1.61
    type: modified
  - new: '1.83'
    old: '1.82'
    path: pkgsrc/devel/subversion/distinfo
    pathrev: pkgsrc/devel/subversion/distinfo@1.83
    type: modified
  id: 20130413T125740Z.fd38e575ca923397a3c3cdf71a4bdc3984145e15
  log: |
    Update to 1.7.9

    Changelog:
    Version 1.7.9
    (04 Apr 2013, from /branches/1.7.x)
    http://svn.apache.org/repos/asf/subversion/tags/1.7.9
     User-visible changes
      - Client-side bugfixes:
        * improved error messages about svn:date and svn:author props. (r1440620)
        * fix local_relpath assertion (issue #4257)
        * fix memory leak in `svn log` over svn:// (r1458341)
        * fix incorrect authz failure when using neon http library (issue #4332)
        * fix segfault when using kwallet (r1421103)

      - Server-side bugfixes:
        * svnserve will log the replayed rev not the low-water rev. (r1461278)
        * mod_dav_svn will omit some property values for activity urls (r1453780)
        * fix an assertion in mod_dav_svn when acting as a proxy on / (issue #4272)
        * improve memory usage when committing properties in mod_dav_svn (r1443929)
        * fix svnrdump to load dump files with non-LF line endings (issue #4263)
        * fix assertion when rep-cache is inaccessible (r1422100)
        * improved logic in mod_dav_svn's implementation of lock. (r1455352)
        * avoid executing unnecessary code in log with limit (r1459599)

     Developer-visible changes:
      - General:
        * fix an assertion in dav_svn_get_repos_path() on Windows (r1425368)
        * fix get-deps.sh to correctly download zlib (r13520131)
        * doxygen docs will now ignore prefixes when producing the index (r1429201)
        * fix get-deps.sh on freebsd (r1423646)

      - Bindings:
        * javahl status api now respects the ignoreExternals boolean (r1435361)

    This release addesses five security issues:
        CVE-2013-1845: mod_dav_svn excessive memory usage from property changes
        CVE-2013-1846: mod_dav_svn crashes on LOCK requests against activity URLs
        CVE-2013-1847: mod_dav_svn crashes on LOCK requests against
    non-existant URLs
        CVE-2013-1849: mod_dav_svn crashes on PROPFIND requests against
    activity URLs
        CVE-2013-1884: mod_dav_svn crashes on out of range limit in log
    REPORT request
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/devel/subversion'
  unixtime: '1365857860'
  user: ryoon