Index: publish/faq.html =================================================================== --- publish/faq.html (revision 1801149) +++ publish/faq.html (working copy) @@ -61,8 +61,8 @@ For older questions, see
  • How is Subversion affected by changes in Daylight Savings Time (DST)?
    • -
  • How do I protect my repository from the SHA-1 - Shattered vulnerability?
    • +
  • How is Subversion affected by SHA-1 hash + collisions?

    • How-to:

    @@ -748,28 +748,30 @@ for DST.

    -

    How do I protect my repository from the SHA-1 Shattered vulnerability? +

    How is Subversion affected by SHA-1 hash collisions?

    -

    Subversion's use of SHA-1 in how it processes content is subject to hashing -collisions as identified by Google. One of -Subversions's key assumptions in processing content is that SHA-1 is unique for -all objects.

    -Subversion has two main areas of vulnerability. -
    +

    Publication of the first known SHA-1 collision by +Google and CWI unveiled a couple of related issues in the Subversion's use +of SHA-1. The Subversion's core does not rely on SHA-1 for content indexing, +but it was being used for such purposes in the following supplementary features: +

    -

    -To prevent different content with identical SHA-1 from being stored, upgrade -to 1.9.6 or 1.8.18 which, by default, prevent storing data with such collisions. -See our SHA1 advisory for details. +

    Speaking of the repository data deduplication feature, this can result in +inability to access files with colliding SHA-1 values or cause data loss for +such files. To prevent different content with identical SHA-1 from being stored +in a repository, upgrade to 1.9.6 or 1.8.18 which, by default, prevent storing +data with such collisions. See our SHA-1 +advisory for details.

    -Until these new releases are available, Unix-based servers can use the pre-commit hook found +Until the upgrade to these new releases is available, Unix-based servers +can use the pre-commit hook found here. As an aside, we welcome Windows developers to submit a pre-commit @@ -777,19 +779,18 @@ script for the Windows platform. More information here.

    -The working copy/RA layer uses SHA-1 for de-duplication of content stored in -the working copy, and for performance reasons clients using the HTTP protocol -will avoid fetching content with a SHA-1 checksum which has been fetched -previously. There is no known workaround for this vector except to prevent -storage of the colliding objects in the first place, via upgrade to 1.9.6 or -installation of the aforementioned pre-commit script. +The working copy uses SHA-1 for deduplication of the stored content, and for +performance reasons a client will avoid fetching content with the same SHA-1 +checksum. The workaround for this issue is to prevent storage of the colliding +objects in the first place, via upgrade to 1.9.6 or installation of the +aforementioned pre-commit script.

    -Storing content with SHA1 collisions it not a supported use case. If you have -repositories with colliding SHA-1 content, we suggest you transform it via -gzip before committing it to avoid the collision altogether. Moreover an -upgrade to 1.9.6 to prevent future insertion of duplicates is highly -recommended.

    +Storing content with SHA-1 collisions it not a supported use case. If you have +content with colliding SHA-1 hash values, we suggest you transform it via gzip +before committing it to avoid the collision altogether. Moreover, an upgrade +to 1.9.6 to prevent future insertion of duplicates is highly recommended. +