Upgrade to OpenSSL 3.0

We are happy to announce new releases of VisualSVN Server and VisualSVN (a plug-in for Visual Studio) with an upgrade to OpenSSL 3.0.

We also announce that VisualSVN Server 5.1.x and 5.2.x versions will reach their End of Support on September 30th, 2023. We are ending support for these version families because they use OpenSSL 1.1.1, which is going to reach its End of Life on September 11th, 2023.

Upgrading to the latest VisualSVN Server and VisualSVN plug-in is strongly recommended for all users:

• Download VisualSVN Server 5.3.
• Download VisualSVN 8.3 for Visual Studio 2022.
• Download VisualSVN 7.4 for Visual Studio 2019.
• Download VisualSVN 6.8 for Visual Studio 2017.
• Download VisualSVN 5.7 for Visual Studio 2015 and older.

The new VisualSVN Server and VisualSVN plug-in versions are fully interoperable with each other and are also compatible with previous versions, so you can upgrade the server and the plug-in in any order. Please see the Upgrade and compatibility notes sections below for the respective VisualSVN products.

Transition to OpenSSL 3.0

OpenSSL 3.0 is the latest Long-Term Support (LTS) release of the OpenSSL library, which is used to secure network communications and implement the SSL/TLS protocols. The transition to OpenSSL 3.0 is transparent to end users as it does not alter the core functionality of VisualSVN products.

Previous versions of VisualSVN products have been using OpenSSL 1.1.1. With OpenSSL 1.1.1 reaching its End of Life on September 11th, 2023, the upgrade to OpenSSL 3.0 ensures that VisualSVN products ship with an up-to-date and actively maintained OpenSSL version. Because OpenSSL 3.0 is a major release, we are releasing this upgrade in the form of new minor versions of VisualSVN products, rather than as patch versions.

Upgrade for VisualSVN Server

The upgrade to OpenSSL 3.0 is the only change introduced in VisualSVN Server 5.3. In all other respects, VisualSVN Server 5.3.0 is identical to VisualSVN Server 5.2.0.

Upgrading to VisualSVN Server 5.3 is recommended for all users. You can download VisualSVN Server 5.3 from the main download page.

Upgrade and compatibility notes for VisualSVN Server

The upgrade to VisualSVN Server 5.3 is easy and straightforward, especially when upgrading from a 5.2.x version, but we strongly advise reading the article KB222: Upgrading to VisualSVN Server 5.3 before beginning the upgrade.

Importantly, VisualSVN Server 5.3 remains fully compatible with Subversion clients based on OpenSSL 1.1.1.

Upgrade for VisualSVN (a plug-in for Visual Studio)

Select an appropriate VisualSVN plug-in version with respect to your Visual Studio version:

• Users of Visual Studio 2022 should upgrade to VisualSVN 8.3.
• Users of Visual Studio 2019 should upgrade to VisualSVN 7.4.
• Users of Visual Studio 2017 should upgrade to VisualSVN 6.8.
• Users of Visual Studio 2015 or older should upgrade to VisualSVN 5.7.

The upgrade to OpenSSL 3.0 is the main change introduced in the new plug-in versions, with only VisualSVN 8.3.0 having several additional changes.

You can download an appropriate VisualSVN version from the official download page.

Upgrade and compatibility notes for the VisualSVN plug-in

The new VisualSVN plug-in versions are compatible with any Subversion server that supports TLS 1.2 or higher. If you have a reasonably up-to-date Subversion server, it can be expected to support the required version of the TLS protocol. VisualSVN Server supports TLS 1.2 starting from version 3.2.0.

Other than that requirement, the new plugin versions are fully compatible with all up-to-date versions of VisualSVN Server, regardless of the OpenSSL version used in the server. The new plugin versions are also fully compatible with any reasonably up-to-date version of TortoiseSVN.

End of Support for VisualSVN Server 5.1.x and 5.2.x

VisualSVN Server 5.1.x and 5.2.x versions will reach their End of Support on September 30th, 2023. We are ending support for these version families because they use OpenSSL 1.1.1, which is going to reach its End of Life on September 11th, 2023.

After September 11th, 2023, the 5.1.x and 5.2.x version families of VisualSVN Server will not receive any OpenSSL-related maintenance updates, but may still receive other maintenance updates until September 30th, 2023.

Maintenance updates for VisualSVN Server 5.1.x and 5.2.x

We recommend that you upgrade your VisualSVN Server directly to the latest VisualSVN Server 5.3.0. However, if you currently use VisualSVN Server 5.1.x or 5.2.x and cannot upgrade to VisualSVN Server 5.3.0 at the moment, you can opt for a smaller patch-level update to VisualSVN Server 5.1.6 or 5.2.1 respectively, depending on your current version.

The VisualSVN Server 5.1.6 and VisualSVN Server 5.2.1 versions are patch-level updates for the respective VisualSVN Server 5.1.x and 5.2.x version families, and contain a regular maintenance update to OpenSSL 1.1.1v, which fixes the CVE-2023-3817, CVE-2023-3446 vulnerabilities. Although these OpenSSL vulnerabilities do not affect up-to-date VisualSVN products, updating at least to these intermediary versions is recommended.