DoS? With the old code: the client died. With the new code: the client
dies. No change that I'm aware of, other than a nicer error message.
It seems the justification would be, "nicer error message" rather than
anything about DoS.
Cheers,
-g
On Feb 9, 2012 6:46 PM, <danielsh_at_apache.org> wrote:
> Author: danielsh
> Date: Thu Feb 9 23:46:06 2012
> New Revision: 1242608
>
> URL: http://svn.apache.org/viewvc?rev=1242608&view=rev
> Log:
> Nominate r1242607.
>
> Modified:
> subversion/branches/1.7.x/STATUS
>
> Modified: subversion/branches/1.7.x/STATUS
> URL:
> http://svn.apache.org/viewvc/subversion/branches/1.7.x/STATUS?rev=1242608&r1=1242607&r2=1242608&view=diff
>
> ==============================================================================
> --- subversion/branches/1.7.x/STATUS (original)
> +++ subversion/branches/1.7.x/STATUS Thu Feb 9 23:46:06 2012
> @@ -85,6 +85,13 @@ Candidate changes:
> Votes:
> +1: philip
>
> + * r1242607
> + Convert ra_serf assertions to errors.
> + Justification:
> + Malicious server can DoS clients.
> + Votes:
> + +1: danielsh
> +
> Veto-blocked changes:
> =====================
>
>
>
>
Received on 2012-02-10 04:15:31 CET