/ 
Alien-SVN-v1.8.11.0
River stage one • 3 direct dependents • 3 total dependents
⭐ Starred 15 GitHub stars
/ Alien::SVN
Security Advisories (3)
CVE-2015-0248 (2015-04-08)

The (1) mod_dav_svn and (2) svnserve servers in Subversion 1.6.0 through 1.7.19 and 1.8.0 through 1.8.11 allow remote attackers to cause a denial of service (assertion failure and abort) via crafted parameter combinations related to dynamically evaluated revision numbers.

CVE-2015-0251 (2015-04-08)

The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remote authenticated users to spoof the svn:author property via a crafted v1 HTTP protocol request sequences.

CVE-2017-9800 (2017-08-11)

A maliciously constructed svn+ssh:// URL would cause Subversion clients before 1.8.19, 1.9.x before 1.9.7, and 1.10.0.x through 1.10.0-alpha3 to run an arbitrary shell command. Such a URL could be generated by a malicious server, by a malicious user committing to a honest server (to attack another user of that server's repositories), or by a proxy server. The vulnerability affects all clients, including those that use file://, http://, and plain (untunneled) svn://.

NAME

Alien::SVN - A wrapper for installing the SVN Perl bindings

DESCRIPTION

Alien::SVN is a wrapper to install the Perl bindings for subversion, also known as SVN::Core. If your module needs SVN::Core it can depend on SVN::Core normally, then CPAN clients can resolve the dependency normally via Alien::SVN. This is particularly useful for programs like SVK.

It comes with a copy of Subversion 1.8.11 which it will compile but only installs the Perl and Subversion libraries. They will be installed to your Perl library, not your system library. The subversion binaries will not be installed.

BUGS and FEEDBACK

Alien::SVN only wraps SVN::Core. We don't work on it.

Bug reports, problems and feedback about the Alien::SVN distribution and building SVN::Core should come to us at https://github.com/evalEmpire/Alien-SVN/issues.

Issues and improvements to SVN::Core should go to the Apache Subversion project directly. https://subversion.apache.org/reporting-issues.html

If you're not sure who to report to, you can always report to us and we'll point you in the right direction.

Report early, report often.

The repository can be found at https://github.com/evalEmpire/Alien-SVN.

LICENSE

Alien::SVN is copyright 2007-2015 Michael G Schwern <schwern@pobox.com> It is licensed under the same terms as Perl itself. See http://www.perl.com/perl/misc/Artistic.html for licensing.

This product includes Apache Subversion licensed under the Apache License 2.0 or similar terms. See src/subversion/LICENSE for full licensing information.