Author: kotkov
Date: Mon Apr 13 15:08:29 2015
New Revision: 1673219
URL: http://svn.apache.org/r1673219
Log:
* STATUS: Update the r1667233 nomination, which now has a backport branch.
Modified:
subversion/branches/1.9.x/STATUS
Modified: subversion/branches/1.9.x/STATUS
URL:
http://svn.apache.org/viewvc/subversion/branches/1.9.x/STATUS?rev=1673219&r1=1673218&r2=1673219&view=diff
==============================================================================
--- subversion/branches/1.9.x/STATUS (original)
+++ subversion/branches/1.9.x/STATUS Mon Apr 13 15:08:29 2015
@@ -39,14 +39,23 @@ Release blockers for 1.9.0:
Votes:
+1: rhuijben, steveking
- * r1667233
+ * r1667233, r1667301
Reject invalid get-location-segments requests in mod_dav_svn and svnserve.
Justification:
Security issue.
+ Notes:
+ r1667233 is the fix itself. r1667301 fixes svnserve protocol violation
+ when the sanity check in get_location_segments() fails. The backport
+ branch is required to avoid a trunk-specific behavior change in terms
+ of the error code, i.e., to still use the SVN_ERR_INCORRECT_PARAMS
+ instead of the SVN_ERR_FS_NO_SUCH_REVISION.
+ Branch:
+ ^/subversion/branches/1.9.x-r1667233
Votes:
+1: kotkov
-0: rhuijben (causes an svn protocol error without further patches such
- as the patch applied in r1667301)
+ as the patch applied in r1667301; vote happened before
+ the '1.9.x-r1667233' backport branch)
* r1667235
Reject invalid transaction property change requests in mod_dav_svn.
