diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 7 | ||||
| -rw-r--r-- | debian/svn_1.9_releasenotes.html | 15 |
2 files changed, 20 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index c529d20..906ca16 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,8 @@ -subversion (1.9.5-2) UNRELEASED; urgency=medium +subversion (1.9.6-1) UNRELEASED; urgency=medium + * New upstream release + + Subversion server will now reject commits which cause SHA1 collisions, + if rep-sharing is enabled (as it is by default) in db/fsfs.conf. * Remove Peter Samuelson as maintainer, at request of MIA team. Thanks for all the fish! (Closes: #852219) * Revise metadata for subversion. (Closes: #863037) @@ -9,7 +12,7 @@ subversion (1.9.5-2) UNRELEASED; urgency=medium 1.18.13. Thanks to Adrian Bunk for the explanation/patch. (Closes: #865696) - -- James McCoy <jamessan@debian.org> Tue, 24 Jan 2017 23:02:22 -0500 + -- James McCoy <jamessan@debian.org> Tue, 04 Jul 2017 22:25:38 -0400 subversion (1.9.5-1) unstable; urgency=medium diff --git a/debian/svn_1.9_releasenotes.html b/debian/svn_1.9_releasenotes.html index 4569942..be9c680 100644 --- a/debian/svn_1.9_releasenotes.html +++ b/debian/svn_1.9_releasenotes.html @@ -1468,6 +1468,21 @@ protocol. </div> <!-- httpv1-commit-race --> +<div class="h3" id="shattered-sha1"> +<h3>Subversion is unable to store SHA1 collisions + <a class="sectionlink" href="#shattered-sha1" + title="Link to this section">¶</a> +</h3> + +<p> +Subversion up to and including 1.9.5 can incorrectly store files with +different content but the same SHA1 checksum. We recommend that all +servers update to 1.9.6 and enable representation sharing. +See our <a href="/security/sha1-advisory.txt">SHA1 advisory</a> for details. +</p> + +</div> <!-- shattered-sha1 --> + </div> <!-- issues --> <div class="h2" id="troubleshooting"> |