[RFC] subversion upload for squeeze - what to include
I'm very sorry for the late late notice, I should have gotten on this a
week or two ago. There are quite a lot of upstream Subversion 1.6.x
fixes that are not in squeeze, but most of them are probably not
appropriate for squeeze at this point.
Could someone give feedback on which (if any) of the following 3
patches would be appropriate for squeeze? None of them have bugs filed
- these are fixes from upstream - but I can file corresponding bugs if
you wish. I intend to upload to unstable, but of course I can do TPU
if there turns out to be a need.
1. 'server-memleaks': Fix a handful of server-side memory leaks, in
which untrusted remote clients can DoS a server by making it use way
too much memory. There's a patch to shuffle around some memory pool
usage - create, use, destroy. And a smaller patch for svnserve (for
the svn:// network protocol), to tweak the behavior of the pool
allocator so it frees memory more aggressively.
libsvn_repos/rev_hunt.c | 56 +++++++++++++++++++++++++++++++-----------------
svnserve/main.c | 15 ++++++++++++
2 files changed, 51 insertions(+), 20 deletions(-)
2. 'dav-skip-unreadable-children': Patch to Apache mod_dav_svn ordinary
directory listing, to filter out paths the user doesn't have
permission to read.
Could be construed as a security fix, to match the expectation that
when you set a file (or subdir) as not readable, the existence of
the file will also be hidden. Very un-Unixy; Unix admins should
know better than to assume that.
I believe this is _not_ needed in squeeze, but if debian-release
thinks it would be useful, I will include it.
mod_dav_svn/authz.c | 29 ++++++++++++-----------------
mod_dav_svn/dav_svn.h | 31 +++++++++++++++++++++++--------
mod_dav_svn/liveprops.c | 2 +-
mod_dav_svn/lock.c | 18 ++++++++++++------
mod_dav_svn/repos.c | 24 ++++++++++++++++++++++++
5 files changed, 72 insertions(+), 32 deletions(-)
3. 'no-wc1.7-check': Rip out some expensive code to detect, and abort,
if you're in a Subversion 1.7 working copy. This was intended as
future proofing, but we've since reconsidered and decided that it
isn't really very important, and the client slowdown is far out of
proportion to any value it brings.
This is clearly not RC, but it's also easy to review: it merely
deletes a function, its caller, and a few lines in the testsuite.
libsvn_wc/questions.c | 59 ---------------------------------------
tests/cmdline/svntest/actions.py | 6 ---
tests/cmdline/svntest/main.py | 1
3 files changed, 66 deletions(-)
Thanks!
Peter
Reply to: