[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: svn commit: r1818724 - /subversion/site/staging/faq.html

From: Stefan <luke1410_at_posteo.de>
Date: Tue, 26 Dec 2017 22:21:06 +0100

On 20/12/2017 01:08, Daniel Shahaf wrote:
> Stefan wrote on Tue, 19 Dec 2017 23:39 +0100:
> [...]
>> Since I never calculated the CVSS score for a Subversion vulnerability
>> before,
> If you're interested, you could go through the more recent advisories
> (the security/ directories in the site and in the private repository),
> read the patches that fixed them, compute a CVSSv2 or CVSSv3 vector
> based on that (only, without reading the in-advisory analysis), and then
> compare the one you computed with the one in the advisory.
>
> This way, when the next vulnerability is reported, you'd be better able
> to help compute / review a CVSS vector for it.
Good hint. I'll eventually get more familiar with it.
For the time being I however will focus on cleaning up the remaining
dead links throughout our webpage, put together the hackathon page, and
then get on signing/testing the 1.10 RC1 builds as well as releasing new
MaxSVN builds (at least that's my current priority list).

Regards,
Stefan
Received on 2017-12-26 22:21:19 CET

This is an archived mail posted to the Subversion Dev mailing list.