Strange download link on the web page [was: Re: Subversion 1.10.2 Checksum (SHA512)]

From: Branko Čibej <brane_at_apache.org>
Date: Sat, 22 Sep 2018 16:29:30 +0200

On 22.09.2018 16:22, Branko Čibej wrote:
> On 22.09.2018 16:13, Daniel Shahaf wrote:
>> Please don't download the artifacts from www*.apache.org but from a
>> mirror. I think there is a redirector CGI somewhere that automatically
>> redirects you to a mirror close to you, but I can't find it :(
> http://subversion.apache.org/download.cgi
>
> Linked from our main page.

[The original thread is on users@]

I just noticed that when I click the 'Source Download' link in the
navigation tab on our web page, I get:

http://subversion.apache.org/download.cgi?update=201708081800

instead of plain

http://subversion.apache.org/download.cgi

Can anyone remember why that is? It seems wrong, and also doesn't appear
to do anything, since the page contents and especially download links
appear to be the same in both cases.

It was done in r1804690, the log message is:

Release Subversion 1.9.7 with a fix for CVE-2017-9800.

So it's possible that we forgot to clean that up after the security fix
release ... and also that the ?update= parameter doesn't appear to work
properly (any more).

-- Brane
Received on 2018-09-22 16:29:38 CEST

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]