[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Attention: Rolling 1.3.0 rc3 in 24-36h

From: <kfogel_at_collab.net>
Date: 2005-11-17 20:38:53 CET

David James <james@cs.toronto.edu> writes:
> On 11/15/05, Daniel Berlin <dberlin@dberlin.org> wrote:
> > If you have changes, now would be the time to put them in STATUS.

I just added r17358 to STATUS:

  * r17358 (Issue #2423)
    mod_dav_svn should escape paths with ":" in their names for browsing
    Justification: Theoretical exploit possible, though none reported.
      +1: kfogel

I wouldn't be heartbroken if it were moved into 1.3.1 instead of
1.3.0. I only put it in 1.3.0 first because of the (theoretical)
exploit possibility. Thanks to Michael Sinz for bringing the issue to
my attention, by the way.


To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Nov 17 21:59:56 2005

This is an archived mail posted to the Subversion Dev mailing list.