|

»

»

tigris - websvn

»

CVE-2007-3056

View: New views

6 Messages — Rating Filter: Alert me

	CVE-2007-3056 by Gunnar Wrobel-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi! Gentoo provides websvn as a package and we are currently wondering about the status of this security issue: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 Is this a relevant issue? Has it been fixed? Or should we remove the package from our distribution? You can find our corresponding bug here: http://bugs.gentoo.org/show_bug.cgi?id=180879 Thanks! -- Gunnar Wrobel Gentoo Developer __________________C_o_n_t_a_c_t__________________ Mail: wrobel@... WWW: http://www.gunnarwrobel.de IRC: #gentoo-web at freenode.org _________________________________________________ --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@... For additional commands, e-mail: dev-help@...
	Re: CVE-2007-3056 by Bugzilla from boards@gmail.com :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message On Thursday 09 August 2007, Gunnar Wrobel wrote: > Hi! > > Gentoo provides websvn as a package and we are currently wondering > about the status of this security issue: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 > > Is this a relevant issue? Has it been fixed? Or should we remove the > package from our distribution? > > You can find our corresponding bug here: > > http://bugs.gentoo.org/show_bug.cgi?id=180879 > > Thanks! Eh, this is kind of an old bug. I'm not sure if it was ever fixed since it would require a bit of a change in the code to do so. I'd just wait to see what Tim has to say perhaps. -- Matt Sicker attachment0 (196 bytes) Download Attachment
	Re: CVE-2007-3056 by Timothy Armes :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Seb's preparing a patch. On 11/08/07, Matt Sicker <boards@...> wrote: On Thursday 09 August 2007, Gunnar Wrobel wrote: > Hi! > > Gentoo provides websvn as a package and we are currently wondering > about the status of this security issue: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 > > Is this a relevant issue? Has it been fixed? Or should we remove the > package from our distribution? > > You can find our corresponding bug here: > > http://bugs.gentoo.org/show_bug.cgi?id=180879 > > Thanks! Eh, this is kind of an old bug. I'm not sure if it was ever fixed since it would require a bit of a change in the code to do so. I'd just wait to see what Tim has to say perhaps. -- Matt Sicker -- http://www.timothyarmes.com
	Re: CVE-2007-3056 by Sebastian Petters / 4wd media :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I'm currently doing some kind of security review using an automatic tool to find similar XSS and other security risks. Most of the issues i found so far could be solved easily. The tests take some time, i'll send a patch when i'm finished. Sebastian Timothy Armes schrieb: > Seb's preparing a patch. > > > On 11/08/07, Matt Sicker <boards@... <mailto:boards@...>> > wrote: > > On Thursday 09 August 2007, Gunnar Wrobel wrote: > > Hi! > > > > Gentoo provides websvn as a package and we are currently wondering > > about the status of this security issue: > > > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 > > > > Is this a relevant issue? Has it been fixed? Or should we remove the > > package from our distribution? > > > > You can find our corresponding bug here: > > > > http://bugs.gentoo.org/show_bug.cgi?id=180879 > > > > Thanks! > > Eh, this is kind of an old bug. I'm not sure if it was ever fixed since > it would require a bit of a change in the code to do so. I'd just wait > to see what Tim has to say perhaps. > > -- > Matt Sicker > > > > > -- > http://www.timothyarmes.com -- Sebastian Petters www.4wdmedia.de --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@... For additional commands, e-mail: dev-help@...
	Re: CVE-2007-3056 by Sebastian Petters / 4wd media :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Gunnar, this and several other security issues have been fixed in WebSVN version 2.0, which has been released today. I recommend strongly to upgrade to this version. Sebastian Gunnar Wrobel schrieb: > Hi! > > Gentoo provides websvn as a package and we are currently wondering > about the status of this security issue: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3056 > > Is this a relevant issue? Has it been fixed? Or should we remove the > package from our distribution? > > You can find our corresponding bug here: > > http://bugs.gentoo.org/show_bug.cgi?id=180879 > > Thanks! > > -- Sebastian Petters www.4wdmedia.de --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@... For additional commands, e-mail: dev-help@...
	Re: CVE-2007-3056 by Gunnar Wrobel-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Sebastian Petters / 4wd media <sebastian.petters@...> writes: > Hi Gunnar, > > this and several other security issues have been fixed in WebSVN > version 2.0, which has been released today. I recommend strongly to > upgrade to this version. > > Sebastian > Cool! Thanks for the quick response. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@... For additional commands, e-mail: dev-help@...