VisualSVN Server 3.5 | VisualSVN Server

December 19, 2017

VisualSVN Server 3.5.13

Updated to OpenSSL 1.0.2n with cumulative fixes for the following vulnerabilities: CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, CVE-2017-3738.
For further details, please see the OpenSSL 1.0.2 Series Release Notes.

August 10, 2017

Updated to Apache Subversion 1.9.7 with a fix for the following vulnerability: CVE-2017-9800.
For further details please see https://svn.apache.org/repos/asf/subversion/tags/1.9.7/CHANGES

July 25, 2017

Updated to Apache HTTP Server 2.2.34 with cumulative fixes for the following vulnerabilities: CVE-2017-7668, CVE-2017-3169, CVE-2017-7679 CVE-2017-9788.
Updated Expat XML parser to version 2.2.2 with fixes for the following vulnerabilities: CVE-2017-9233, CVE-2016-9063.
Updated to OpenSSL 1.0.2l.
Fixed: unable to access the server when the hostname contains an underscore ('_') character.

February 28, 2017

Disable FSFS rep-sharing to protect from possible repository corruptions caused by SHA-1 collisions.

February 21, 2017

Fixed: Internet Explorer does not display VisualSVN Server web interface if Compatibility View mode is enabled.

February 8, 2017

Updated to Apache HTTP Server 2.2.32 with fixes for CVE-2016-8743 and CVE-2016-5387 vulnerability.
Updated to OpenSSL 1.0.2k with cumulative fixes for the following vulnerabilities: CVE-2016-7055, CVE-2017-3731, CVE-2017-3732. For further details, please see the OpenSSL Security Advisory.
Fixed: Java 6 and Java 7 clients receive error "Could not generate DH keypair" when accessing VisualSVN Server via HTTPS.
Configure VisualSVN Server to send X-Frame-Options HTTP response header in order to mitigate possible clickjacking attacks (initially released in version 3.2.0 but then reverted in 3.2.1).

December 16, 2016

Updated to Apache Subversion 1.9.5 with a fix for the following vulnerability: CVE-2016-8734.
For further details please see https://svn.apache.org/repos/asf/subversion/tags/1.9.5/CHANGES
mod_reqtimeout Apache module is included into the installation package.
Fixed: calculating the repository size blocks write operations to the repository.

October 5, 2016

August 5, 2016

Fixed: potential race condition in repository's rep-cache database.
Updated Expat XML parser to version 2.2.0 with fixes for the following vulnerabilities: CVE-2009-3560, CVE-2009-3720, CVE-2012-0876, CVE-2015-1283, CVE-2015-2716, CVE-2016-0718, CVE-2016-4472.
mod_proxy_ajp Apache module is included into the installation package.

May 6, 2016

Updated to Apache Subversion 1.9.4 with fixes for the following vulnerabilities: CVE-2016-2167, CVE-2016-2168.
For further details please see https://svn.apache.org/repos/asf/subversion/tags/1.9.4/CHANGES
Updated to OpenSSL 1.0.2h with cumulative fixes for the following vulnerabilities: CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176.
For further details, please see the OpenSSL 1.0.2 Series Release Notes.

April 28, 2016

Prevent possible collisions in Subversion shared object cache that can occur after re-creating a repository with the same name and UUID.
Fixed: VisualSVN Server Manager may crash when canceling an operation in progress.
Add missing digital signature for WMIProvider.dll

March 10, 2016

Updated to OpenSSL 1.0.2g with cumulative fixes for the following vulnerabilities: CVE-2016-0800, CVE-2016-0705, CVE-2016-0798, CVE-2016-0797, CVE-2016-0799, CVE-2016-0702, CVE-2016-0701, CVE-2015-3197.
For further details, please see the OpenSSL 1.0.2 Series Release Notes.
Disable NDR64 transfer syntax as a workaround for an RPC implementation error.
Use SHA256 in SSL certificate signing requests by default.
Fixed: missing VisualSVN Server Manager shortcut after upgrading to Windows 10.
Fixed: pinned taskbar shortcut icons are missing after VisualSVN Server upgrade.
Fixed: unable to pin VisualSVN Server Manager shortcut to taskbar on the first start after installation.

December 22, 2015

New feature: Customizable "/svn" prefix in a repository URL.
Significantly improve performance of commits to VDFS slave repositories.
Updated to OpenSSL 1.0.2e.
New PowerShell cmdlets to manage repository hooks.
New PowerShell cmdlets to manage VisualSVN Server settings.
Revamped design of the repositories collection list in the web interface.
Do not display contents of text files over 1MB in the web interface.
Improve web interface load speed and caching.
Increase VDFS service in-memory cache size to 64MB.
Recycle VDFS replication listeners periodically for better performance and reliability.
Drop backward compatibility with VDFS protocol versions 3.0 and 3.2.
Log a warning when the VDFS service starts in backward compatibility mode.
VisualSVN Server Manager now provides a command to delete a file from repository.
Display progress while deleting repositories in VisualSVN Server Manager.
Update help reference for repository hook input parameters in VisualSVN Server Manager.
Fixed: unable to import PFX certificate which name contains non-ASCII characters.
Fixed: unable to authenticate using Windows Basic Authentication when a password contains non-ASCII characters.
Fixed: VisualSVN Repository Configurator shortcut is not removed after server uninstall.
Fixed: repository hook content could be written non-atomically.