Have an amazing solution built in RAD Studio? Let us know. Looking for discounts? Visit our Special Offers page!
News

Updating IDE Subversion DLLs to address security issues

Recently a security issue allowing allowing local code execution after visiting a malicious URL was identified in Subversion, git and Mercurial. All three source control systems released a synchronised security update.

In RAD Studio, we use an external installation of both git and Mercurial, which you point the IDE to in the Options dialog. (Tools > Options > Version Control, and then either the git or Mercurial subitems.) Update whichever distribution you use.

However, we do ship Subversion DLLs, which could be affected by this issue. These can be easily updated, and we have internally tested new DLLs against RAD Studio 10.2.1.  You can find full instructions in the readme.txt in the binsubversion folder – for me this is C:Program Files (x86)EmbarcaderoStudio19.0binsubversion .  A rough summary is:

  • We test against builds from collab.net, and use the 32-bit binaries. If you use different binaries, you may end up with different DLL names which the IDE will not recognise. For this post, I downloaded “Subversion 1.9.7 (Windows 32-bit)”. Make sure you virus-check or take other appropriate precautions as you would from any website, despite collab.net being well-known.
  • If you overwrite the DLLs in the folder above:
    • Please close the IDE first
    • Back up the existing DLLs before replacing them
  • You can also install to any folder, and redirect the IDE. Do this only if you are confident editing the registry.
    • Please close the IDE first
    • In the registry, navigate to HKEY_CURRENT_USERSoftwareEmbarcaderoBDS19.0Subversion
    • Create a new string value called “SvnDllDir” (without quotes), and set its value to the path you installed the DLLs to. You do not need a trailing slash.

The readme file has full details.

 

 

 

See What's New in 12.2 Athens See What's New in 12.2 Athens Dev Days of Summer 2-24

Reduce development time and get to market faster with RAD Studio, Delphi, or C++Builder.
Design. Code. Compile. Deploy.
Start Free Trial   Upgrade Today

   Free Delphi Community Edition   Free C++Builder Community Edition

About author

David is an Australian developer, currently living in far-north Europe. He is the senior product manager for C++ at Idera, looking after C++Builder and Visual Assist.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

IN THE ARTICLES