VisualSVN Server 4.2

• Updated to OpenSSL 1.1.1o with a fix for the following vulnerability: CVE-2022-1292.
• Grant explicit read access to the installation directory for VDFS and Background Job services.
• Fixed: memory leak in the VisualSVN Server Manager console.

• Updated to Apache Subversion 1.10.8 with fixes for the following vulnerabilities: CVE-2021-28544, CVE-2022-24070.
• Updated to zlib 1.2.12 with a fix for the following vulnerability: CVE-2018-25032.

• Updated to Apache HTTP Server 2.4.53 with fixes for the following vulnerabilities: CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943.
• Updated to OpenSSL 1.1.1n with a fix for the following vulnerability: CVE-2022-0778.
• Updated Expat XML parser to version 2.4.6 with cumulative fixes for the following vulnerabilities: CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-23852, CVE-2022-23990.

• Updated to Apache HTTP Server 2.4.52 with fixes for the following vulnerabilities: CVE-2021-44224, CVE-2021-44790.
• Updated Expat XML parser to version 2.4.3 with cumulative fixes for the following vulnerabilities: CVE-2013-0340, CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827.
• Updated to OpenSSL 1.1.1m.
• Fixed: VisualSVN Repository Configurator fails with the "Provider load failure" error caused by insufficient permissions to the server installation directory.
• Fixed: WMI provider (hosted in WmiPrvSE.exe) may crash if the htpasswd file is malformed.
• Fixed: mod_authn_visualsvn_svn module may crash if the htpasswd file is malformed.

• Updated to Apache HTTP Server 2.4.51 with cumulative fixes for the following vulnerabilities: CVE-2021-40438, CVE-2021-39275, CVE-2021-36160, CVE-2021-34798, CVE-2021-33193, CVE-2021-41773, CVE-2021-41524, CVE-2021-42013.
• Updated to OpenSSL 1.1.1l with fixes for the following vulnerabilities: CVE-2021-3711, CVE-2021-3712.
• Updated to PCRE 8.45.

• Updated to Apache HTTP Server 2.4.48 with cumulative fixes for the following vulnerabilities: CVE-2021-31618, CVE-2019-17567, CVE-2020-13938, CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641.

• Updated to OpenSSL 1.1.1k with fixes for the following vulnerabilities: CVE-2021-3450, CVE-2021-3449.

• Updated to Apache Subversion 1.10.7 with a fix for the following vulnerability: CVE-2020-17525.
• Updated to OpenSSL 1.1.1j with cumulative fixes for the following vulnerabilities: CVE-2020-1971, CVE-2021-23841, CVE-2021-23840.
• Fixed: Chromium-based browsers cannot download files with a comma in a filename.

• Updated to Apache HTTP Server 2.4.46 with fixes for the following vulnerabilities: CVE-2020-9490, CVE-2020-11993, CVE-2020-11984.
• Updated to OpenSSL 1.1.1h.
• Updated Expat XML parser to version 2.2.10.
• Updated to PCRE 8.44.
• Fixed: performance issue with finding files in Chromium-based browsers.
• Fixed: memory leaks when viewing the background jobs history.

• Updated to OpenSSL 1.1.1g with cumulative fixes for the following vulnerabilities: CVE-2019-1551, CVE-2020-1967.
• Updated to Apache HTTP Server 2.4.43 with fixes for the following vulnerabilities: CVE-2020-1934, CVE-2020-1927.

• Fixed: WMI provider (hosted in WmiPrvSE.exe) may crash when restoring a repository from backup.

Main enhancements

• New feature: Finding files by name in the web interface.
• New feature: Viewing the background jobs history.
• Managing local Subversion users, groups and their permissions with PowerShell.

Web interface enhancements

• Add a capability to go to a specific line of a file in the Commit view.
• PDF viewer renders a few subsequent pages upfront, improving the viewing experience.
• Display text files up to 5MB. Files larger than 1MB are rendered with no syntax highlighting or Markdown formatting.
• Keyboard shortcuts are independent of the active keyboard layout.
• Remove compatibility code which uses the specific "moz-chunked-arraybuffer" response type.
• Selecting the entire page no longer captures the footer line.

PowerShell enhancements

• New PowerShell cmdlets to manage Subversion user accounts: Get-SvnLocalUser, New-SvnLocalUser, Remove-SvnLocalUser, Set-SvnLocalUser.
• New PowerShell cmdlets to manage Subversion group accounts: Get-SvnLocalGroup, New-SvnLocalGroup, Remove-SvnLocalGroup, Add-SvnLocalGroupMember, Get-SvnLocalGroupMember, Remove-SvnLocalGroupMember.
• Add new TransactionCount property showing the number of uncommitted transactions available with the Measure-SvnRepository cmdlet.
• Add support for Subversion authentication to permission management PowerShell cmdlets.

Other changes

• New Multi-Processing Module (MPM) dynamically adapting to workload.
• Do not backup rep-cache.db. Recreate the rep-cache file when restoring a repository from backup instead.
• Significantly reduce memory requirements for restoring large repository backups.
• Disallow creating user and group accounts with the same names but with different letter case.
• Disable 3DES cipher suites in the Intermediate TLS/SSL compatibility level.
• Display the number of uncommitted repository transactions in the Details tab of VisualSVN Server Manager.
• Schedule background jobs to start exactly at zero seconds of the time specified (e.g. at 09:35:00).
• Add icons for service executable files to improve their appearance in Task Manager.
• Use BCrypt instead of deprecated CryptoAPI to decode and check license.
• Fixed: "Operation failed due to timeout" error in an attempt to stop HTTP service via VisualSVN Server Manager.
• Fixed: HTTP service may fail to start due to Server Bindings customization possibly left from the previous installation.
• Updated Expat XML parser to version 2.2.9.
• Updated to Mousetrap v1.6.3.