Re: [SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass

To: Michael Tautschnig <mt@debian.org>, debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass
From: Nico Golde <debian-security+ml@ngolde.de>
Date: Fri, 8 Oct 2010 23:54:24 +0200
Message-id: <[🔎] 20101008215424.GD19714@ngolde.de>
Mail-followup-to: Michael Tautschnig <mt@debian.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20101008213740.GJ71716@laptop165.dbai.tuwien.ac.at>
References: <20101008212153.GA11476@ngolde.de> <[🔎] 20101008213740.GJ71716@laptop165.dbai.tuwien.ac.at>

Hi,
* Michael Tautschnig <mt@debian.org> [2010-10-08 23:41]:
[...] 
> > As a workaround it is also possible to set SVNPathAuthz to "on" but be
> > advised that this can result in a performance decrease for large
> > repositories.
> > 
> 
> Is it still necessary to apply such a workaround, despite this update?

No.

> [...]
> > We recommend that you upgrade your samba packages.
> > 
>                                      ^^^^^ - this is always a good idea, yes :-)

Whoops :D
Cheers
Nico
-- 
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0xA0A0AAAA
For security reasons, all text in this mail is double-rot13 encrypted.

Attachment: pgpCL3mntsO_Z.pgp
Description: PGP signature

Reply to:

References:
- Re: [SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass
  - From: Michael Tautschnig <mt@debian.org>

Prev by Date: Re: [SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass
Next by Date: Michael Baumgartner/bam/SFS ist außer Haus.
Previous by thread: Re: [SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass
Next by thread: Re: [SECURITY] [DSA 2118-1] New subversion packages fix authentication bypass
Index(es):
- Date
- Thread