subversion: security bump to version 1.9.4

Fixes:
CVE-2016-2167 - svnserve/sasl may authenticate users using the wrong
realm.
CVE-2016-2168 - Remotely triggerable DoS vulnerability in mod_authz_svn
during COPY/MOVE authorization check.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

diff --git a/package/subversion/subversion.hash b/package/subversion/subversion.hash
index 4f0a4460ec5f19e57d04fd7dd15562b138e1466d..926bbc5579cde23d9268830a34a83e9ede7f2a1c 100644 (file)
--- a/package/subversion/subversion.hash
+++ b/package/subversion/subversion.hash
@@ -1,2 +1,2 @@
 # From http://subversion.apache.org/download.cgi#recommended-release
-sha1   27e8df191c92095f48314a415194ec37c682cbcf        subversion-1.9.3.tar.bz2
+sha1   bc7d51fdda43bea01e1272dfe9d23d0a9d6cd11c        subversion-1.9.4.tar.bz2

diff --git a/package/subversion/subversion.mk b/package/subversion/subversion.mk
index e9aa0ae33c45b15a3c0f4e71bf6055876ef459f7..720a1a10e98a2e831ccfc1e088c9c5466916e77b 100644 (file)
--- a/package/subversion/subversion.mk
+++ b/package/subversion/subversion.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SUBVERSION_VERSION = 1.9.3
+SUBVERSION_VERSION = 1.9.4
 SUBVERSION_SOURCE = subversion-$(SUBVERSION_VERSION).tar.bz2
 SUBVERSION_SITE = http://mirror.catn.com/pub/apache/subversion
 SUBVERSION_LICENSE = Apache-2.0