[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Note from Vibin Bruno to your Facebook Page Subversion.

From: Paul Greene <paul.greene.va_at_gmail.com>
Date: Tue, 22 Sep 2020 16:54:05 -0400

I'm going to guess that you do certification and accreditation, and
somebody evaluating your system presented you with a list of findings that
have to be addressed.
Typically with a commercial vendor, you can communicate with a technical
support team (that you pay a lot of money to every year to get that
support) that can help you address the findings.
However, SVN is not a commercial product - it is an open source product -
the product is developed by unpaid volunteers. This mailing list is made up
of people that are fellow users of the product who don't get paid for
participating in this list.
You can't really demand that anybody do anything for you.

On Tue, Sep 22, 2020 at 4:09 PM Vibin Bruno <vbruno165_at_gmail.com> wrote:

> Kindly help in resolving the below vulnerabilities
>
> On Mon, Sep 21, 2020, 02:06 Vibin Bruno <vbruno165_at_gmail.com> wrote:
>
>> Hi Team,
>>
>> Our security team has raised below vulnerabilities in SVN.
>>
>> 1. Concurrent login allowed in SVN console - same user can login to the
>> console same time using two machines.
>>
>> 2.
>> Brute Force attack - user should be locked after 3 incorrect login
>> attempts.
>>
>> Kindly help us in resolving the above vulnerabilities.
>>
>> Regards,
>> Micheal
>> 8655557405
>>
>
Received on 2020-09-22 22:54:19 CEST

This is an archived mail posted to the Subversion Users mailing list.