← Back to team overview

svn team mailing list archive

Re: Preparing for imminent upstream release

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2011-03-03 12:05, Michael Diers wrote:
> unless someone has already prepared packages for the imminent upstream
> release, I'll start updating the PPA as soon as appropriate.

Sorry for the delay. I had problems with pbuilder no longer working for
maverick and natty packaging on a lucid box. So I decided to give natty
a try, which seems to work OK.

I have commits ready to push. As I've shown some bad judgement as far as
the wording for commit messages and changelog entries go, in the past,
that is, here's the changelog entries and commit messages I'd like to
push to lp:~svn/ubuntu/natty/subversion/ppa.

Opinions, anyone?

Cheers,

Michael

mdiers@ubudev: ~/lp/ppa-svn/ubuntu/natty/subversion
$ br log -c 55 --include-merges
- ------------------------------------------------------------
revno: 55 [merge]
tags: 1.6.16dfsg-1~ppa-0svn1
committer: Michael Diers <mdiers@xxxxxxxx>
branch nick: ppa-natty
timestamp: Thu 2011-03-17 16:03:03 +0100
message:
  Merge Debian (1.6.16dfsg-1).
    ------------------------------------------------------------
    revno: 0.4.7 [merge]
    tags: 1.6.16dfsg-1
    author: Peter Samuelson <peter@xxxxxxxx>
    committer: Bazaar Package Importer <james.westby@xxxxxxxxxx>
    branch nick: sid
    timestamp: Thu 2011-03-03 04:55:42 -0600
    message:
      * New upstream version.
        - Fixes CVE-2011-0715: Remotely crash mod_dav_svn anonymously via a
          lock token.
      * patches/change-range: New patch to support -cA-B syntax on
command line.
      * Stop using svn-make-config.c; we can do the same just by running svn
        itself in a controlled home directory.  Delete debian/tools/.
        ------------------------------------------------------------
        revno: 1.6.1
        tags: upstream-1.6.16dfsg
        author: Peter Samuelson <peter@xxxxxxxx>
        committer: Bazaar Package Importer <james.westby@xxxxxxxxxx>
        branch nick: upstream
        timestamp: Thu 2011-03-03 04:55:42 -0600
        message:
          Import upstream version 1.6.16dfsg

mdiers@ubudev: ~/lp/ppa-svn/ubuntu/natty/subversion
$ bzr diff -c 55 debian/changelog
=== modified file 'debian/changelog'
- --- debian/changelog	2011-03-17 14:37:24 +0000
+++ debian/changelog	2011-03-17 15:03:03 +0000
@@ -1,3 +1,29 @@
+subversion (1.6.16dfsg-1~ppa-0svn1) natty; urgency=low
+
+  * Create a PPA build.
+  * Merge with Debian unstable. Remaining changes:
+    - Create pot file on build.
+    - Build a python-subversion-dbg package.
+    - (Build-)depend on default-jre-headless/-jdk.
+    - Do not apply java-build patch.
+    - debian/rules: Manually create the doxygen output directory, otherwise
+      we get weird build failures when running parallel builds.
+    - Disable the serf backend because serf is in universe.
+    - Fix FTBFS against Python 2.7 by disabling some problematic tests.
+
+ -- Michael Diers <mdiers@xxxxxxxx>  Thu, 17 Mar 2011 14:59:58 +0100
+
+subversion (1.6.16dfsg-1) unstable; urgency=high
+
+  * New upstream version.
+    - Fixes CVE-2011-0715: Remotely crash mod_dav_svn anonymously via a
+      lock token.
+  * patches/change-range: New patch to support -cA-B syntax on command
line.
+  * Stop using svn-make-config.c; we can do the same just by running svn
+    itself in a controlled home directory.  Delete debian/tools/.
+
+ -- Peter Samuelson <peter@xxxxxxxx>  Thu, 03 Mar 2011 10:55:42 -0600
+
 subversion (1.6.15dfsg~ppa-0svn1) natty; urgency=low

   * Create a PPA build, merging:

mdiers@ubudev: ~/lp/ppa-svn/ubuntu/natty/subversion
$ br log -c 54 --include-merges
- ------------------------------------------------------------
revno: 54 [merge]
committer: Michael Diers <mdiers@xxxxxxxx>
branch nick: ppa-natty
timestamp: Thu 2011-03-17 15:37:24 +0100
message:
  Merge Ubuntu natty (1.6.12dfsg-4ubuntu1).
  Note that the patch for CVE-2010-4539 is included in 1.6.15, so
  what remains is the patch for the SQLite version check.
    ------------------------------------------------------------
    revno: 44.1.5 [merge]
    tags: 1.6.12dfsg-4ubuntu1
    author: Michael Bienia <geser@xxxxxxxxxx>
    committer: Bazaar Package Importer <james.westby@xxxxxxxxxx>
    branch nick: natty
    timestamp: Fri 2011-01-28 15:14:19 +0100
    message:
      * Merge with Debian unstable. Remaining changes:
        - Create pot file on build.
        - Build a python-subversion-dbg package.
        - (Build-)depend on default-jre-headless/-jdk.
        - Do not apply java-build patch.
        - debian/rules: Manually create the doxygen output directory,
otherwise
          we get weird build failures when running parallel builds.
        - Disable the serf backend because serf is in universe.
        - Don't override LD_LIBRARY_PATH completely but prepend to it as
to not
          break fakeroot.
        - Fix FTBFS against Python 2.7 by disabling some problematic tests.
        - debian/tools/Makefile:
          + Add APR_LIBS and use it when linking svn-make-config
          + svn_config_ensure() moved from
libsvn_client/libsvn_client-1.la to
            libsvn_subr/libsvn_subr-1.la.
        ------------------------------------------------------------
        revno: 0.4.6
        tags: 1.6.12dfsg-4
        fixes bug(s): http://bugs.debian.org/608925
http://bugs.debian.org/608989
        author: Peter Samuelson <peter@xxxxxxxx>
        committer: Bazaar Package Importer <james.westby@xxxxxxxxxx>
        branch nick: sid
        timestamp: Wed 2011-01-05 04:43:01 -0600
        message:
          * patches/loosen-sqlite-version-check: New patch: Relax the SQLite
            version check, to match the Debian sqlite3 packaging.
            (Closes: #608925)
          * patches/cve-2010-4539: New patch for CVE-2010-4539, fixing a
remotely
            triggered crash in mod_dav_svn involving use of the
SVNParentPath
            feature.  (Closes: #608989)

mdiers@ubudev: ~/lp/ppa-svn/ubuntu/natty/subversion
$ bzr diff -c 54 debian/changelog
=== modified file 'debian/changelog'
- --- debian/changelog	2011-01-05 23:01:25 +0000
+++ debian/changelog	2011-03-17 14:37:24 +0000
@@ -8,10 +8,42 @@

  -- Max Bowsher <maxb@xxxxxxx>  Wed, 05 Jan 2011 23:01:20 +0000

+subversion (1.6.12dfsg-4ubuntu1) natty; urgency=low
+
+  * Merge with Debian unstable. Remaining changes:
+    - Create pot file on build.
+    - Build a python-subversion-dbg package.
+    - (Build-)depend on default-jre-headless/-jdk.
+    - Do not apply java-build patch.
+    - debian/rules: Manually create the doxygen output directory, otherwise
+      we get weird build failures when running parallel builds.
+    - Disable the serf backend because serf is in universe.
+    - Don't override LD_LIBRARY_PATH completely but prepend to it as to not
+      break fakeroot.
+    - Fix FTBFS against Python 2.7 by disabling some problematic tests.
+    - debian/tools/Makefile:
+      + Add APR_LIBS and use it when linking svn-make-config
+      + svn_config_ensure() moved from libsvn_client/libsvn_client-1.la to
+        libsvn_subr/libsvn_subr-1.la.
+
+ -- Michael Bienia <geser@xxxxxxxxxx>  Fri, 28 Jan 2011 14:14:19 +0100
+
+subversion (1.6.12dfsg-4) unstable; urgency=high
+
+  * patches/loosen-sqlite-version-check: New patch: Relax the SQLite
+    version check, to match the Debian sqlite3 packaging.
+    (Closes: #608925)
+  * patches/cve-2010-4539: New patch for CVE-2010-4539, fixing a remotely
+    triggered crash in mod_dav_svn involving use of the SVNParentPath
+    feature.  (Closes: #608989)
+
+ -- Peter Samuelson <peter@xxxxxxxx>  Wed, 05 Jan 2011 10:43:01 -0600
+
 subversion (1.6.12dfsg-3) unstable; urgency=medium

   * Apply two patches from upstream 1.6.15:
- -    - patches/server-memleak: New patch: fix some server-side memory
leaks.
+    - patches/server-memleak: New patch: fix some server-side memory
+      leaks, including CVE-2010-4644.
     - patches/no-wc1.7-check: New patch: Stop checking for being inside a
       1.7 working copy.  The value is too low and the performance penalty
       too high.
@@ -567,35 +599,6 @@

  -- Matthias Klose <doko@xxxxxxxxxx>  Wed, 30 Jan 2008 12:45:05 +0100

- -subversion (1.4.6dfsg1-1) unstable; urgency=low
- -
- -  * New upstream version.
- -  * Build with db 4.6, to match apr-util.
- -  * patches/svn-clean-manpage: New patch, fix a small typo.  (Closes:
#441827)
- -  * patches/neon27: New patch from upstream trunk to support neon 0.27.
- -    - control: build-depend on libneon27-dev.
- -    - rules: no longer --disable-neon-version-check.
- -  * patches/ruby-newswig: Support swig 1.3.33.  (Closes: #453166)
- -  * patches/python-memleak: New patch to fix a serious memory leak in the
- -    Python bindings.  Thanks to Jelmer Vernooij.  (Closes: #428755)
- -  * control: Policy 3.7.3.
- -  * control: spell 'Source-Version' as 'binary:Version' for political
- -    correctness.  (Or for clarity.)
- -  * control: add appropriate Vcs-Svn and Vcs-Browser fields.
- -  * control: subversion-tools Recommends: rsync.  (Closes: #459023)
- -  * patches/svn2cl: update svn2cl to 0.9 (from upstream trunk).
- -  * patches/commit-email: use original 'sendmail' commit-email.pl mode,
- -    rather than the direct SMTP feature.  (Closes: #447824)
- -  * rules: do not run 'dh_testroot' or 'make extraclean' in clean rule.
- -  * rules: rewrite DEB_BUILD_OPTIONS support; remove 'notest' synonym, as
- -    the world seems to be standardizing on 'nocheck'.
- -  * rules: remove 'DEB_BUILD_OPTIONS=-j[N]' support, add support for the
- -    new 'dpkg-buildpackage -j[N]' feature.
- -  * rules: add an option to disable ruby bindings.  Though it turns out
- -    we don't need it ... yet.
- -
- - -- Peter Samuelson <peter@xxxxxxxx>  Mon, 11 Feb 2008 23:49:02 -0600
- -
 subversion (1.4.4dfsg1-1ubuntu5) hardy; urgency=medium

   * Add debian/patches/python-memleak: Fix major memory leak in the

- -- 
Michael Diers, elego Software Solutions GmbH, http://www.elego.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk2CKDkACgkQcEKlWnqVgz0lfACgl7KnR8K4wU1wQHH98aE/hH6c
CrUAniIbPYQsr7G+6eT60yh7XuqUWFK3
=Nz/m
-----END PGP SIGNATURE-----



Follow ups

References