On August 6th, the Subversion project released a security advisory that alerted the public that any Subversion client/server <= 1.5.6 and <= 1.6.3 could be attacked by a DoS and arbitrary code execution as a result of a buffer overflow. As a result, Subversion 1.5.7 and Subversion 1.6.4 have been released to address the security issues outlined in the CVE-2009-2411 security advisory mentioned earlier.
As the maintainer of the Subversion Universal Binary for OS X, I have also released updated binaries for Subversion 1.5.7 and Subversion 1.6.4. Below are their download locations:
- Subversion 1.5.7: http://svnbinaries.open.collab.net/servlets/NewsItemView?newsItemID=57
- Subversion 1.6.4: http://svnbinaries.open.collab.net/servlets/NewsItemView?newsItemID=58
Please upgrade your Subversion clients/servers if you can and if you have any requests/comments/troubles with the Subversion Universal Binary for OS X, please report them to the SVNBinaries project.
