VisualSVN Server 4.3

This page provides maintenance downloads for VisualSVN Server 4.3.x version family.

Please, upgrade to the current version that is available on the main download page.

Maintenance release for version 4.3. Includes Apache Subversion 1.14.2.

August 24, 2022

VisualSVN Server 4.3.10

Updated to Apache HTTP Server 2.4.54 with fixes for the following vulnerabilities: CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813.
Updated to OpenSSL 1.1.1q with cumulative fixes for the following vulnerabilities: CVE-2022-2068, CVE-2022-2097.
Fixed: unattended installation may hang upon encountering an error.

June 7, 2022

Updated to OpenSSL 1.1.1o with a fix for the following vulnerability: CVE-2022-1292.
Grant explicit read access to the installation directory for VDFS and Background Job services.
Fixed: memory leak in the VisualSVN Server Manager console.

April 13, 2022

Updated to Apache Subversion 1.14.2 with fixes for the following vulnerabilities: CVE-2021-28544, CVE-2022-24070.
Updated to zlib 1.2.12 with a fix for the following vulnerability: CVE-2018-25032.

March 21, 2022

Updated to Apache HTTP Server 2.4.53 with fixes for the following vulnerabilities: CVE-2022-22719, CVE-2022-22720, CVE-2022-22721, CVE-2022-23943.
Updated to OpenSSL 1.1.1n with a fix for the following vulnerability: CVE-2022-0778.
Updated Expat XML parser to version 2.4.6 with cumulative fixes for the following vulnerabilities: CVE-2022-25235, CVE-2022-25236, CVE-2022-25313, CVE-2022-25314, CVE-2022-25315, CVE-2022-23852, CVE-2022-23990.

January 27, 2022

Updated to Apache HTTP Server 2.4.52 with fixes for the following vulnerabilities: CVE-2021-44224, CVE-2021-44790.
Updated Expat XML parser to version 2.4.3 with cumulative fixes for the following vulnerabilities: CVE-2013-0340, CVE-2021-45960, CVE-2021-46143, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827.
Updated to OpenSSL 1.1.1m.
Fixed: VisualSVN Repository Configurator fails with the "Provider load failure" error caused by insufficient permissions to the server installation directory.
Fixed: WMI provider (hosted in WmiPrvSE.exe) may crash if the htpasswd file is malformed.
Fixed: mod_authn_visualsvn_svn module may crash if the htpasswd file is malformed.

November 4, 2021

Updated to Apache HTTP Server 2.4.51 with cumulative fixes for the following vulnerabilities: CVE-2021-40438, CVE-2021-39275, CVE-2021-36160, CVE-2021-34798, CVE-2021-33193, CVE-2021-41773, CVE-2021-41524, CVE-2021-42013.
Updated to OpenSSL 1.1.1l with fixes for the following vulnerabilities: CVE-2021-3711, CVE-2021-3712.
Updated to PCRE 8.45.

June 3, 2021

Updated to Apache HTTP Server 2.4.48 with cumulative fixes for the following vulnerabilities: CVE-2021-31618, CVE-2019-17567, CVE-2020-13938, CVE-2020-13950, CVE-2020-35452, CVE-2021-26690, CVE-2021-26691, CVE-2021-30641.

March 26, 2021

Updated to OpenSSL 1.1.1k with fixes for the following vulnerabilities: CVE-2021-3450, CVE-2021-3449.
Log a warning about possible VDFS service malfunction due to a known issue in the RPC runtime.

February 17, 2021

Updated to Apache Subversion 1.14.1 with a fix for the following vulnerability: CVE-2020-17525.
Updated to OpenSSL 1.1.1j with cumulative fixes for the following vulnerabilities: CVE-2020-1971, CVE-2021-23841, CVE-2021-23840.
Log an event when a service stop request is received by VDFS service.
Fixed: Chromium-based browsers cannot download files with a comma in a filename.

October 22, 2020

Updated to Apache HTTP Server 2.4.46 with fixes for the following vulnerabilities: CVE-2020-9490, CVE-2020-11993, CVE-2020-11984.
Updated to OpenSSL 1.1.1h.
Updated Expat XML parser to version 2.2.10.
Updated to PCRE 8.44.

October 6, 2020

Updated to Apache Subversion 1.14.0. For further details please see Apache Subversion 1.14 Release Notes.
Fixed: performance issue with finding files in Chromium-based browsers.
Fixed: memory leaks when viewing the background jobs history.