You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ant.apache.org by "Xavier Hanin (JIRA)" <ji...@apache.org> on 2008/09/15 10:41:46 UTC
[jira] Resolved: (IVY-854) Evil behavior form resolve
latest.status: performs DOS attacks
[ https://issues.apache.org/jira/browse/IVY-854?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Xavier Hanin resolved IVY-854.
------------------------------
Resolution: Fixed
Fix Version/s: 2.0-RC1
Assignee: Maarten Coene
I mark this as fixed, with no fresh news on the fix. Feel free to reopen with more details if you encounter the same problem.
> Evil behavior form resolve latest.status: performs DOS attacks
> --------------------------------------------------------------
>
> Key: IVY-854
> URL: https://issues.apache.org/jira/browse/IVY-854
> Project: Ivy
> Issue Type: Bug
> Components: Core
> Affects Versions: 2.0.0-beta-2
> Environment: windows xp sp2, linux fedora core 9, running Ivy repository through http for remote resolving and Hudson CI server (publishing to the repo).
> Reporter: Hans Lund
> Assignee: Maarten Coene
> Fix For: 2.0-RC1
>
>
> Ivy is extremely aggressive towards repositories . This can result in
> resolving fails, even towards a healthy repository.
> The symptom:
> [ivy:resolve] 01-07-2008 13:16:24
> org.apache.commons.httpclient.HttpMethodDirector executeWithRetry
> [ivy:resolve] INFO: I/O exception (java.net.BindException) caught when
> processing request: Address already in use: connect.
> In effect this happens when Ivy has performed a successfully DOS attack against the repository.
> This is especially a problem when having large repositories (lost of revisions) and resolve against latest.status -> as this will fetch ivy.xml md5 and sha1 files for every revision.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.