Found read-only security hole in svnserve

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2003-12-01 08:27:11 CET

svnserve's compatibility code for old clients was allowing clients to
read a repository even if anon-access was set to "none". I've fixed
this in r7888. This probably warrants an 0.33.2 if at all possible.

Sorry about that.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Dec 1 08:27:41 2003

This message: [ Message body ]
Next message: Erik Huelsmann: "svn_io_read_lenth declared in svn_io.h but implemented in hash.c"
Previous message: Jennifer Bevan: "Feedback on Subversion Book"
Next in thread: Erik Huelsmann: "Re: Found read-only security hole in svnserve"
Reply: Erik Huelsmann: "Re: Found read-only security hole in svnserve"
Reply: Greg Stein: "Re: Found read-only security hole in svnserve"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]