Re: [TSVN] Security Vulnerability in Putty affecting TortoiseSVN

From: SteveKing <steveking_at_gmx.ch>
Date: 2004-08-07 13:47:20 CEST

Laurens Blankers wrote:

>>I don't think it's very urgent. The vulnerability can only be exploited
>>from a server.
>
>
> Or by someone impersonating the server, because the bug can be exploited
> before host authentication. I think it is urgent and people using SVN+SSH
> would proberly appreciate a release.

"someone impersonating the server" would mean that this "someone" would
have to hack your DNS server. And if that ever happens, you really have
other things to worry about than TortoisePlink.

But if you really want: the fixed TortoisePlink is on the website.
Download it from there and copy it in the TSVN installation folder.

Stefan

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tortoisesvn.tigris.org
For additional commands, e-mail: dev-help@tortoisesvn.tigris.org
Received on Sat Aug 7 14:51:29 2004

This message: [ Message body ]
Next message: Ricardo David: "[TSVN] Version 1.0.8 under NT4"
Previous message: Laurens Blankers: "Re: [TSVN] Security Vulnerability in Putty affecting TortoiseSVN"
In reply to: Laurens Blankers: "Re: [TSVN] Security Vulnerability in Putty affecting TortoiseSVN"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]