VisualSVN Server 5.3
This page provides maintenance downloads for VisualSVN Server 5.3.x
version family.
Please, upgrade to the current version that is available on the
main download page.
Maintenance release for version 5.3. Includes Apache Subversion 1.14.4.
-
Updated to Apache Subversion 1.14.4 with a fix for the following
vulnerability:
CVE-2024-45720.
-
Updated to Apache HTTP Server 2.4.62 with cumulative fixes for the
following vulnerabilities:
CVE-2024-40725,
CVE-2024-40898,
CVE-2024-39884,
CVE-2024-36387,
CVE-2024-38472,
CVE-2024-38473,
CVE-2024-38474,
CVE-2024-38475,
CVE-2024-38476,
CVE-2024-38477,
CVE-2024-39573.
-
Updated to OpenSSL 3.0.15 with cumulative fixes for the following
vulnerabilities:
CVE-2024-6119,
CVE-2024-5535,
CVE-2024-4741,
CVE-2024-2511.
-
Updated Expat XML parser to version 2.6.2 with cumulative fixes for the
following vulnerabilities:
CVE-2024-28757,
CVE-2023-52426,
CVE-2023-52425.
-
Fixed: viewing job history may cause the VisualSVN Background Job Service
to crash.
-
Fixed:
VisualSVNServerHooks.exe check-pathnames --case-conflicts
hook may unexpectedly reject valid commits.
-
Updated to Apache HTTP Server 2.4.59 with fixes for the following vulnerabilities:
CVE-2023-38709,
CVE-2024-24795,
CVE-2024-27316.
-
Updated to OpenSSL 3.0.13 with fixes for the following vulnerabilities:
CVE-2024-0727,
CVE-2023-6237,
CVE-2023-6129,
CVE-2023-5678.
-
Fixed: specifying the size of the private key for the TLS/SSL server
certificate has no effect during remote administration of VisualSVN Server
5.1.x.
-
Fixed: deleting repository items results in an error during remote
administration of VisualSVN Server 5.1.x.
-
Fixed: in-place conversion between the FSFS and VDFS repository formats
results in an error during remote administration of VisualSVN Server
5.1.x.
-
Updated to Apache HTTP Server 2.4.58 with fixes for the following vulnerabilities:
CVE-2023-31122,
CVE-2023-43622,
CVE-2023-45802.
-
Updated to OpenSSL 3.0.12 with cumulative fixes for the following vulnerabilities:
CVE-2023-5363,
CVE-2023-4807.
-
Fixed: HTTP service may fail to start if the server's TLS/SSL certificate
is signed using SHA-1.
-
Fixed: clients may receive an error during TLS handshake if the server's
TLS/SSL certificate is signed using SHA-1.
-
Updated to OpenSSL 3.0.10.