Update to Apache HTTP Server 2.4.65 and OpenSSL 3.0.18
We are glad to announce that VisualSVN products have been updated to Apache HTTP Server 2.4.65 and OpenSSL 3.0.18. Besides this, VisualSVN products are now updated to the Expat XML parser 2.7.3.
This update fixes a number of security vulnerabilities, including CVE-2025-23048, which is assigned a critical base CVSS score. However, none of these vulnerabilities affect standard, up-to-date installations of VisualSVN products, and they may be relevant only to deployments with manually customized configuration files. Nevertheless, updating to the new builds is recommended for all users.
Update for VisualSVN Server
You can get the latest VisualSVN Server 5.4.5 version from the official download page. For the complete list of changes, see the VisualSVN Server 5.4.5 changelog.
Alternatively, choose an appropriate patch build if you do not want to perform a significant upgrade right now:
- VisualSVN Server 5.3.8 if you have version 5.3.x installed.
Other version families of VisualSVN Server are not supported, and maintenance updates are not available for them. It is strongly recommended that you upgrade to VisualSVN Server 5.4.5 if you are using any version family older than 5.3.x. If upgrading from VisualSVN Server 5.3.x or earlier, please read the article KB233: Upgrading to VisualSVN Server 5.4 before beginning the upgrade.
Update for VisualSVN (a plug-in for Visual Studio)
Select an appropriate VisualSVN plug-in version with respect to your Visual Studio version:
- If you use Visual Studio 2022, update to VisualSVN 8.4.1
- If you use Visual Studio 2019, update to VisualSVN 7.5.1
- If you use Visual Studio 2017, update to VisualSVN 6.9.1
- If you use Visual Studio 2015 or older, update to VisualSVN 5.8.1
For the complete list of changes in these maintenance builds, see the corresponding changelog entries for these plug-in versions: VisualSVN 8.4.1, VisualSVN 7.5.1, VisualSVN 6.9.1 and VisualSVN 5.8.1.