On Mon, Aug 11, 2014 at 11:52 AM, Ben Reser <bre...@apache.org> wrote: > I'm happy to announce the release of Apache Subversion 1.8.10. > > This release addresses two security issues: > CVE-2014-3522: ra_serf improper validation of wildcards in SSL certs. > CVE-2014-3528: credentials cached with svn may be sent to wrong server. > > Please choose the mirror closest to you by visiting: > > http://subversion.apache.org/download/#recommended-release
For RHEL 6 users, or CentOS or Scientific Linux users, I've updated my hooks for building Subversion 1.8 RPM.s at https://github.com/nkadel/subversion-1.8.x-srpm. Look for tag v1.8.10-0.1. Note that these include only patches and spec files, not binary tarballs. Get those from the relevant Apache repository. Repoforge seems to be mildly active again, I'll take another shot at getting these updates available there. Nico Kadel-Garcia <nka...@gmail.com>