Date: Sun, 18 Jan 2009 22:00:03 +0100 From: Florian Weimer <fw@...eb.enyo.de> To: oss-security@...ts.openwall.com Subject: CVE request: WebSVN WebSVN 2.0 does not properly implement access control checks, allowing authenticated users to access files with known paths. (This is fixed in version 2.1. I think this feature was only included in the 1.7 betas, and no released 1.x version before that. Relevant fixes are probably in r635, r636, r649.)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.