Re: svn commit: r1818724 - /subversion/site/staging/faq.html
On 20/12/2017 01:08, Daniel Shahaf wrote:
> Stefan wrote on Tue, 19 Dec 2017 23:39 +0100:
>> Since I never calculated the CVSS score for a Subversion vulnerability
> If you're interested, you could go through the more recent advisories
> (the security/ directories in the site and in the private repository),
> read the patches that fixed them, compute a CVSSv2 or CVSSv3 vector
> based on that (only, without reading the in-advisory analysis), and then
> compare the one you computed with the one in the advisory.
> This way, when the next vulnerability is reported, you'd be better able
> to help compute / review a CVSS vector for it.
Good hint. I'll eventually get more familiar with it.
For the time being I however will focus on cleaning up the remaining
dead links throughout our webpage, put together the hackathon page, and
then get on signing/testing the 1.10 RC1 builds as well as releasing new
MaxSVN builds (at least that's my current priority list).
Received on 2017-12-26 22:21:19 CET
This is an archived mail posted to the Subversion Dev