Subversion team, Tenable is currently working on an update for our unsupported detection plugins for the Nessus security scanner and the question has come up during QA if our interpretation of the supported vs. unsupported versions is accurate:
Apache provides the following pages referencing supported vs. unsupported releases: https://subversion.apache.org/docs/release-notes/ https://subversion.apache.org/download/#recommended-release During QA, it was noted: The confusion is in the interpretation. The one page says: Supported Versions: 1.9.x Fully supported Fixes for all bugs 1.8.x Partially supported Only fixes for security issues and bugs which could cause data loss 1.7.x and earlier No longer supported This implies the entire 1.8.x branch is partially supported and the entire 1.9.x branch is fully supported. The other page says (I inserted the two releases into the text for clarity): "In addition to the recommended release (1.9.4), we generally support the latest release from at least one prior release stream for security-related bugfixes only. The currently supported older releases (1.8.16) are as follows:" This implied to me that only 1.9.4 and 1.8.16 are supported. The first page sounded like a blanket support page that was not updated frequently, and covered support level at a high level, while the second page drilled down into actual support versions. Needless to say, and as you mention, it's a matter of interpretation. We are hoping you can confirm the current state of support for these versions. Thank you, Brian Martin Tenable Security Response
