On Sun, Mar 6, 2011 at 11:43 AM, Daniel Shahaf <d...@daniel.shahaf.name> wrote: > Nico Kadel-Garcia wrote on Sun, Mar 06, 2011 at 09:00:15 -0500: >> On Sun, Mar 6, 2011 at 7:22 AM, Andy Levy <andy.l...@gmail.com> wrote: >> > On Sat, Mar 5, 2011 at 22:34, Konstantin Boyandin <li...@boyandin.name> >> > wrote: >> >> Hello, >> >> >> >> Setup: there's a server where Subversion repository is located (working >> >> via Apache backend), OS CentOS 5.5, Subversion installed as RPM >> >> subversion-1.4.2-4.el5_3.1 >> >> Red Hat has published subversion-1.6.11 for RHEL 5.6, and you can grab >> and recompile it from your nearest Red Hat SRPM mirror >> (http://mirrors.kernel.org/redhat is pretty good.) CentOS 5.6 has been >> taking a while to release, so it's not published for CentOS yet. >> >> But there is also the RPMforge release of subversion-1.6.15 at >> http://rpmrepo.org/RPMforge/. Enjoy, I put up that one (based on >> variious previous releases.) I'd urge you to upgrade, ASAP, for a lot >> of *other* reasons. > > 1.6.15 contains a known remote DoS which is fixed by the just-released 1.6.16.
I'm trying to recompile 1.6.16 for RHEL 5 based environments. There's a number of fiddly little changes in the configurations which break the RPM compilation. The remote DDOS is HTTP/HTTPS related. If you use svn+ssh, which I recommend for security reasons anyway, you're apparently not at risk of it.
