On Thu, Jul 15, 2004 at 07:54:05PM -0700, Ben Reser wrote:
> On Thu, Jul 15, 2004 at 10:07:41PM -0400, Garrett Rooney wrote:
> > breser@tigris.org wrote:
> >
> > >Author: breser
> > >Date: Thu Jul 15 20:46:07 2004
> > >New Revision: 10325
> > >
> > >Modified:
> > > branches/1.0.x/STATUS
> > > branches/1.0.x/subversion/include/svn_config.h
> > > branches/1.0.x/subversion/libsvn_subr/config.c
> > > branches/1.0.x/subversion/mod_authz_svn/mod_authz_svn.c
> > >Log:
> > >Merge r10183, r10184, r10216 onto 1.0.x
> > >
> > >mod_authz_svn security hole: check access on *whole tree* when authorizing
> > > COPY or DELETE requests.
> > >
> > >Approvedy by: +1: striker, breser, sussman
> >
> > Sorry, this didn't occur to me before now, but can we merge this to
> > 1.0.x? It adds a new function, svn_config_enumerate_sections. Isn't
> > that against our backwards compatability policy because it means you can
> > no longer roll back from 1.0.6 to 1.0.5 because something linking
> > against 1.0.6 might rely on that function?
>
> You're right we can't. Sander would you write a version of this against
> 1.0.x without r10325 that doesn't add a new function? I'd do it myself
> but I figure you have a better setup for testing this.
Attached is a copy of a PATCH of this merge that renames the
enumerate_sections function to be out of our public API. Can people
please review and I'll cut 1.0.6. :)
--
Ben Reser <ben@reser.org>
http://ben.reser.org
"Conscience is the inner voice which warns us somebody may be looking."
- H.L. Mencken
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jul 16 22:22:07 2004