You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Carl Karsten <ca...@personnelware.com> on 2004/09/18 21:25:27 UTC
security issue in 1.1
Where is the proper place/person to alert if I have found an exploit?
Carl K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: security issue in 1.1
Posted by David James <st...@gmail.com>.
I'd suggest sending it directly to one of the core maintainers. Try
sending it to the following people:
- Karl Fogel <kf...@tigris.org>
- Greg Stein <gs...@tigris.org>
- Ben Collins-Sussman <su...@red-bean.com>
- C. Michael Pilato <cm...@collab.net>
Cheers,
David
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
dumb me was : security issue in 1.1
Posted by Carl Karsten <ca...@personnelware.com>.
Never mind. It is documented:
anon-access = read The example settings are, in fact, the default values of the
variables, should you forget to define them.
I was thiking if I changed anon-access to auth-access it should 'drop' the anon
access, but it just goes to it's default, which is read.
Carl K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Re: security issue in 1.1
Posted by Carl Karsten <ca...@personnelware.com>.
> > Where is the proper place/person to alert if I have found an exploit?
>
> See the "Security" link in the sidebar on http://subversion.tigris.org
>
Very good. Thank you.
"... the address has been encoded..." It is only a matter of time... I am
surprised it isn't an image.
Carl K
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
RE: security issue in 1.1
Posted by Arild Fines <ar...@broadpark.no>.
Carl Karsten wrote:
> Where is the proper place/person to alert if I have found an exploit?
See the "Security" link in the sidebar on http://subversion.tigris.org
--
Arild
AnkhSVN: http://ankhsvn.tigris.org
Blog: http://ankhsvn.com/blog
IRC: irc://irc.freenode.net/ankhsvn
"Weaseling out of things is good. It's what separates us from the other
animals....except weasels." -- Homer Simpson
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org