Attached is the debdiff
diff -u subversion-1.9.5/debian/changelog subversion-1.9.5/debian/changelog --- subversion-1.9.5/debian/changelog +++ subversion-1.9.5/debian/changelog @@ -1,3 +1,11 @@ +subversion (1.9.5-1+deb9u5) stretch-security; urgency=medium + + * Non-maintainer upload. + * Backport upstream fix for segfault with new mod_http2 from DSA-4509-1. + Closes: #936034 + + -- Stefan Fritsch <s...@debian.org> Mon, 30 Sep 2019 09:03:27 +0200 + subversion (1.9.5-1+deb9u4) stretch-security; urgency=high * Backport security fixes from upstream: diff -u subversion-1.9.5/debian/patches/series subversion-1.9.5/debian/patches/series --- subversion-1.9.5/debian/patches/series +++ subversion-1.9.5/debian/patches/series @@ -23,0 +24 @@ +SVN-4782_r_notes only in patch2: unchanged: --- subversion-1.9.5.orig/debian/patches/SVN-4782_r_notes +++ subversion-1.9.5/debian/patches/SVN-4782_r_notes @@ -0,0 +1,48 @@ +# http://svn.apache.org/viewvc?view=revision&revision=1845531 +# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=936034 +# backport fix for new mod_http2 + +Index: a/subversion/mod_dav_svn/mod_dav_svn.c +=================================================================== +--- a/subversion/mod_dav_svn/mod_dav_svn.c (revision 1845530) ++++ a/subversion/mod_dav_svn/mod_dav_svn.c (revision 1845531) +@@ -1232,7 +1232,7 @@ + + /* Leave a note to ourselves so that we know not to decline in the + * map_to_storage hook. */ +- apr_table_setn(r->notes, NO_MAP_TO_STORAGE_NOTE, (const char*)1); ++ apr_table_setn(r->notes, NO_MAP_TO_STORAGE_NOTE, "1"); + return OK; + } + +Index: a/subversion/mod_authz_svn/mod_authz_svn.c +=================================================================== +--- a/subversion/mod_authz_svn/mod_authz_svn.c (revision 1845530) ++++ a/subversion/mod_authz_svn/mod_authz_svn.c (revision 1845531) +@@ -912,7 +912,7 @@ + { + /* Set the note to force authn regardless of what access_checker_ex + hook requires */ +- apr_table_setn(r->notes, FORCE_AUTHN_NOTE, (const char*)1); ++ apr_table_setn(r->notes, FORCE_AUTHN_NOTE, "1"); + + /* provide the proper return so the access_checker hook doesn't + * prevent the code from continuing on to the other auth hooks */ +@@ -978,7 +978,7 @@ + * ap_some_authn_rquired() without triggering an infinite + * loop since the call will trigger this function to be + * called again. */ +- apr_table_setn(r->notes, IN_SOME_AUTHN_NOTE, (const char*)1); ++ apr_table_setn(r->notes, IN_SOME_AUTHN_NOTE, "1"); + authn_required = ap_some_authn_required(r); + apr_table_unset(r->notes, IN_SOME_AUTHN_NOTE); + if (authn_required) +@@ -1021,7 +1021,7 @@ + status = req_check_access(r, conf, &repos_path, &dest_repos_path); + if (status == OK) + { +- apr_table_setn(r->notes, "authz_svn-anon-ok", (const char*)1); ++ apr_table_setn(r->notes, "authz_svn-anon-ok", "1"); + log_access_verdict(APLOG_MARK, r, 1, FALSE, repos_path, dest_repos_path); + return OK; + }
