[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [TSVN] Security Vulnerability in Putty affecting TortoiseSVN

From: SteveKing <steveking_at_gmx.ch>
Date: 2004-08-07 13:47:20 CEST

Laurens Blankers wrote:

>>I don't think it's very urgent. The vulnerability can only be exploited
>>from a server.
>
>
> Or by someone impersonating the server, because the bug can be exploited
> before host authentication. I think it is urgent and people using SVN+SSH
> would proberly appreciate a release.

"someone impersonating the server" would mean that this "someone" would
have to hack your DNS server. And if that ever happens, you really have
other things to worry about than TortoisePlink.

But if you really want: the fixed TortoisePlink is on the website.
Download it from there and copy it in the TSVN installation folder.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Sat Aug 7 14:51:29 2004

This is an archived mail posted to the TortoiseSVN Dev mailing list.