VisualSVN Server 5.0

• Updated to Apache HTTP Server 2.4.55 with fixes for the following vulnerabilities: CVE-2006-20001, CVE-2022-36760, CVE-2022-37436.
• Updated to OpenSSL 1.1.1t with cumulative fixes for the following vulnerabilities: CVE-2023-0286, CVE-2022-4304, CVE-2023-0215, CVE-2022-4450.
• Updated Expat XML parser to version 2.5.0 with cumulative fixes for the following vulnerabilities: CVE-2022-43680, CVE-2022-40674.

• Updated to Apache HTTP Server 2.4.54 with fixes for the following vulnerabilities: CVE-2022-26377, CVE-2022-28330, CVE-2022-28614, CVE-2022-28615, CVE-2022-29404, CVE-2022-30522, CVE-2022-30556, CVE-2022-31813.
• Updated to OpenSSL 1.1.1q with cumulative fixes for the following vulnerabilities: CVE-2022-2068, CVE-2022-2097.
• Fixed: unattended installation may hang upon encountering an error.
• Fixed: potential crash when stopping the HTTP service.

• Updated to OpenSSL 1.1.1o with a fix for the following vulnerability: CVE-2022-1292.
• Fixed: HTTP service fails to start when environment variables contain non-ASCII characters.
• Grant explicit read access to the installation directory for Search Index, VDFS and Background Job services.
• Fixed: memory leak in the VisualSVN Server Manager console.
• Fixed: Get-SvnAccessConfiguration and Set-SvnAccessConfiguration PowerShell cmdlets do not support the -Verbose option.
• Fixed: Set-SvnAccessConfiguration PowerShell cmdlet does not support the -WhatIf option.
• Fixed: Get-SvnAccessConfiguration and Set-SvnAccessConfiguration PowerShell cmdlets may return incorrect results when pipelined.

• Updated to Apache Subversion 1.14.2 with fixes for the following vulnerabilities: CVE-2021-28544, CVE-2022-24070.
• Updated to zlib 1.2.12 with a fix for the following vulnerability: CVE-2018-25032.
• Fixed: possible timeout error while starting the VisualSVN Search Index service during installation.
• Fixed: possible timeout error while starting the VisualSVN Search Index service after a server configuration change.
• Fixed: long delay when a service fails to start during installation.
• Improve diagnostic message when a service fails to start during installation.

Main enhancements

• New feature: Full-text search for repository content and history.
• New feature: Email notifications for background jobs.
• New option to add implicit list folder permission for parents of readable paths.
• Configurable strong password policy for Subversion authentication.
• Allow incremental backup jobs to be scheduled multiple times a day.

Web interface enhancements

• New unified search box that supports content/history/name searching.
• New 'Jump to revision' command, available as quick action in the new search box.
• Show svn:externals entries in the Folder view.
• Highlight links and revision numbers in the log messages.
• Display warnings for files that may be interpreted differently than represented due to bidirectional Unicode text as mitigation for CVE-2021-42574.
• Viewing the commit details now uses a stable URL that does not require read access to the repository root.
• Add 'Copy' button for the revision in the Commit view.
• Use natural sorting for the repository list.
• Enable syntax highlighting for *.tsx files.
• Enable syntax highlighting for *.html files.
• Remove jQuery as a dependency.
• Remove Handlebars.js as a dependency.
• Fixed: performance issue with search requests that happen over a high throughput network.
• Fixed: 'Back' button in the Commit view always opens the History view.
• Fixed: incorrect syntax highlighting of some keywords.
• Fixed: incorrect syntax highlighting of the object property names in JavaScript and TypeScript.
• Various small tweaks and enhancements.

PowerShell enhancements

• New Get-SvnAccessConfiguration and Set-SvnAccessConfiguration cmdlets to manage per-repository authorization settings.
• Measure-SvnRepository now accepts a new -Stats option to specify the subset of measured values.
• Remove the deprecated Get-SvnRepositoryReplication and Set-SvnRepositoryReplication cmdlets.
• Remove the deprecated Local and Shared authorization profile names.
• Default to the increased 120x50 window size in the VisualSVN Server PowerShell console.
• Default to the black background color in the VisualSVN Server PowerShell console.

Repository hooks enhancements (VisualSVNServerHooks)

• New check-pathnames pre-commit hook to check file and folder names for validity.
• The commit-notification hook now supports SMTP profiles with the --smtp-profile option.
• The commit-notification hook now supports STARTTLS with the --smtp-starttls option.
• The commit-notification hook now supports specifying the CC address with the --cc option.
• The commit-notification hook now supports specifying the Reply-To address with the --reply-to option.
• Validation errors no longer output the "VisualSVNServerHooks: Exxxxxx" prefix.
• Sort paths when emitting svn:mergeinfo difference in commit notifications.
• Fixed: using commit-notification without the --from option sends an invalid MAIL FROM value to the SMTP server.

VisualSVN Server Manager enhancements

• New 'Rename' command for files and folders.
• 'Run' command for a background job now uses a modal dialog for better user experience.
• Display user friendly error message for attempts to import backup file as a repository dump.
• New 'Update license' dropdown menu on the Licensing tab in the server properties.
• New 'Open in Web Interface' command that replaces 'Browse' in the context menu.
• Improve the high-DPI display support.
• Fixed: VisualSVN Server Manager console becomes unusable after failing to access the repositories root.
• Fixed: VisualSVN Server Manager console may crash after a change of the active authorization profile for the repository.
• Fixed: VisualSVN Server Manager console makes unnecessary queries to the VisualSVN Server Background Job Service (vsvnjobsvc) that keep the service running.
• Fixed: in-place conversion to the VDFS format does not check that all relevant VisualSVN Server services are stopped.
• Various UI refinements.

Compatibility changes

• Drop support for Windows Server 2008 R2, Windows 7, Windows Server 2012 and Windows 8. The minimum supported operating systems are now Windows Server 2012 R2 and Windows 8.1.
• Drop support for Internet Explorer 11.
• Drop support for SSL 3.0.
• Drop backward compatibility with VisualSVN Server 4.1.x and older versions for Remote Server Administration.

Other changes

• Allow using Access and Operational logging under the Essential license.
• New 'Cleanup Transactions' background job.
• Backup jobs now have an option to organize backup files into subfolders by repository name.
• Adjust the TLS/SSL compatibility levels due to the TLS 1.0 and TLS 1.1 deprecation
• Send the Referrer-Policy: no-referrer HTTP header with all server responses.
• Sign the installation package and its content with SHA256 instead of SHA1.
• Several enhancements related to the high-DPI display support in the installer.
• New "VisualSVN Repository Management Delegation" rule for Windows Firewall.
• New "VisualSVN Remote Server Administration" rule for Windows Firewall.
• Log Windows version during VisualSVN Distributed File System Service (vdfssvc) startup.
• Use CR/LF line endings for the certificate signing requests (CSR).
• Use CR/LF line endings when writing the X.509 PEM files to disk.
• Do not log warnings when encountering an aborted connection in the HTTP service.
• Switch to a new memory allocation scheme that directly uses the Windows memory heap.
• Use isolated per-thread memory heaps in the HTTP service to avoid CPU contention and performance stalls in certain cases with multiple concurrent requests.
• Fixed: ongoing repository verification causes the "database is locked" post-commit errors.
• Fixed: searching for a file or folder does not generate an entry in the Operational log.
• Fixed: uninstalling VisualSVN Server does not remove Windows Firewall rules in some cases.
• Fixed: an unlikely "Access is denied" error when writing the 'BackupCollection.xml' file.
• Fixed: VisualSVN Distributed File System Service (vdfssvc) logs a spurious warning for certain values of the VdfsProtocolVersion registry setting.
• Fixed: unexpected error entries in the VisualSVN Server event log caused by aborted PUT requests.
• Fixed: potential issue with transaction processing caused by aborted PUT requests.
• Updated to LZ4 1.9.3.
• Updated to SQLite 3.30.1.
• Updated to zlib 1.2.11.
• Updated to utf8proc 2.7.0.
• Updated to highlight.js 11.4.0.
• Updated to JSZip 3.5.0.