On Sat, Oct 16, 2010 at 10:00 AM, Stefan Sperling wrote:
> It should be noted that, in our community, contributing towards such
> goals will also require compromise. Which people concerned about security
> are rarely willing to make ("good enough" isn't good enough, it needs to
> be as good and s
On Sat, Oct 16, 2010 at 10:54 AM, Les Mikesell wrote:
> On 10/16/10 8:53 AM, Nico Kadel-Garcia wrote:
>
>>
>> And I'd like a pony. More seriously, "doesn't introduce additional
>> setup requirements" is an amazingly high bar for real world security.
>> The small vulnerabilities stack up to a far t
Daniel Shahaf wrote on Sun, Oct 17, 2010 at 05:09:37 +0200:
> Index: subversion/libsvn_wc/copy.c
> ===
> --- subversion/libsvn_wc/copy.c (revision 1023400)
> +++ subversion/libsvn_wc/copy.c (working copy)
> @@ -238,6 +238,1
Stefan Sperling wrote on Sat, Oct 16, 2010 at 15:40:46 +0200:
> On Fri, Oct 15, 2010 at 10:13:48PM +0200, Paul Maier wrote:
> > svn cp should always make the target file read-write in the
> > working copy.
>
> No. A plain copy should carry file permissions of its source along,
> just like a normal
On Oct 16, 2010, at 13:17, Nelson Cabral wrote:
> If I only do make and not make install, there should be no risk, right?
Agreed.
> make fails to compile, here is the make output (short), any idea ?
[snip]
> /volume2/@tmp/subversion-1.6.13/libtool: line 465: tr: not found
Your server appears
If I only do make and not make install, there should be no risk, right?
make fails to compile, here is the make output (short), any idea ?
CubeStation> make
-- making all in apr
make[1]: Entering directory `/volume2/@tmp/subversion-1.6.13/apr'
make[2]: Entering directory `/volume2/@tmp/subver
On 10/16/10 8:53 AM, Nico Kadel-Garcia wrote:
And I'd like a pony. More seriously, "doesn't introduce additional
setup requirements" is an amazingly high bar for real world security.
The small vulnerabilities stack up to a far too common, vulnerable set
up that exists world wide.
If you are w
On Oct 16, 2010, at 09:01, Nelson Cabral wrote:
> Nope. Find doesn't return files with such names.
>
> When ipkg says that apr-util-1.3.9-1 is installed. Does the '-1' at
> the end means something ?
>
> I'm currently downloading required sources supposing 1.3.9-1 means 1.3.9.
"apr-util-1.3.9-1
Nope. Find doesn't return files with such names.
When ipkg says that apr-util-1.3.9-1 is installed. Does the '-1' at
the end means something ?
I'm currently downloading required sources supposing 1.3.9-1 means 1.3.9.
2010/10/16 Ryan Schmidt :
>
> On Oct 16, 2010, at 08:54, Nelson Cabral wrote:
>
On Sat, Oct 16, 2010 at 10:43:01AM +0200, Erik Huelsmann wrote:
> Hi Nico,
>
> > I'd love to see this deployed, and love to see the protocol updated
> > enough to block the use of the older, less secure clients. But 1.7 has
> > already blown well past its release date of "this summer. If it's not
On Oct 16, 2010, at 08:54, Nelson Cabral wrote:
> The installed version of apr-util is 1.3.9, can i download sources of
> 1.3.10 instead ? I cannot find the 1.3.9 tar file.
I wouldn't mix and match versions.
1.3.9 and all other old versions are available here:
http://archive.apache.org/dist/ap
The installed version of apr-util is 1.3.9, can i download sources of
1.3.10 instead ? I cannot find the 1.3.9 tar file.
Nelson
2010/10/16 Ryan Schmidt :
>
> On Oct 16, 2010, at 08:31, Nelson Cabral wrote:
>
>> So has mod_dav_svn could be installed previously without apr-devel,
>> are you sure i
On Sat, Oct 16, 2010 at 4:43 AM, Erik Huelsmann wrote:
> Hi Nico,
>
>> I'd love to see this deployed, and love to see the protocol updated
>> enough to block the use of the older, less secure clients. But 1.7 has
>> already blown well past its release date of "this summer. If it's not
>> in featur
On Fri, Oct 15, 2010 at 10:13:48PM +0200, Paul Maier wrote:
> Hi Stefan!
>
> Thank you for having responded.
>
> Of course, after the commit, the file is read-only.
>
> Sorry. I don't know how to implement this. But it pains me a lot.
You'd need to be able to read and write C code.
> So I need
On Oct 16, 2010, at 08:31, Nelson Cabral wrote:
> So has mod_dav_svn could be installed previously without apr-devel,
> are you sure i need it now?
Subversion requires APR. If you just want to run a pre-compiled Subversion or
mod_dav_svn, all you need are the compiled APR libraries. But if you
The previous firmware (which must be a distro), came without apache2.
You could install svn, apache2 and svn over apache2 with ipkg (here
the wiki page
http://forum.synology.com/wiki/index.php/Enable_HTTP_and_HTTPS_access_for_Subversion).
I can safely suppose that the previous version had a apache
On Sat, Oct 16, 2010 at 3:23 PM, Nelson Cabral wrote:
> Does the default Apache2 config includes apr-devel ?
Normally it doesn't.
Bye,
Erik.
Does the default Apache2 config includes apr-devel ?
2010/10/16 Ryan Schmidt :
> On Oct 16, 2010, at 07:41, Nelson Cabral wrote:
>> Ryan Schmidt wrote:
>>> On Oct 13, 2010, at 12:35, Nelson Cabral wrote:
My NAS comes with an Apache2 instance without mod_dav_svn. I would
like to compile m
On Oct 16, 2010, at 07:41, Nelson Cabral wrote:
> Ryan Schmidt wrote:
>> On Oct 13, 2010, at 12:35, Nelson Cabral wrote:
>>> My NAS comes with an Apache2 instance without mod_dav_svn. I would
>>> like to compile mod_dav_svn.so but I don't know how to get the sources
>>> and how to compile it proper
I don't know how to write the --with-apr option, can the result of
this command help ?
CubeStation> find / -iname apr*
/volume1/@optware/lib/ipkg/info/apr.list
/volume1/@optware/lib/ipkg/info/apr-util.list
/volume1/@optware/lib/ipkg/info/apr-util.control
/volume1/@optware/lib/ipkg/info/apr.control
Hi Nico,
> I'd love to see this deployed, and love to see the protocol updated
> enough to block the use of the older, less secure clients. But 1.7 has
> already blown well past its release date of "this summer. If it's not
> in feature freeze, I'll be pleasantly surprised to see such a feature.
>
21 matches
Mail list logo
