[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security Breach Alert - CVS Home File Download Area Compromised
From: |
Mark D. Baushke |
Subject: |
Re: Security Breach Alert - CVS Home File Download Area Compromised |
Date: |
Wed, 26 Jan 2005 14:31:32 -0800 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Of possible interest...
When I got to the cvs-1.11.18-Darwin-7.7.0-powerpc.gz.sig link using
'w3m' (a text-based browser) it seems to have the wrong Content-Encoding
(of 'gzip') for the .sig files in the macosx directory.
This is likely what is confusing a number of browsers out there. I am
not sure of the right way to tell the CollabNet servlets to fix the
problem.
Folks should be able to use tools like 'wget' and 'curl' to fetch files
given the URLs. It may also be possible to tell your browser to NOT try
to do any decoding of the file on the fly, but I am not sure how easy
that is for things like IE.
-- Mark
w3m output:
Information about current page
Title cvs-1.11.18-Darwin-7.7.0-powerpc.gz.sig
Current URL https://www.cvshome.org/files/documents/19/678/
cvs-1.11.18-Darwin-7.7.0-powerpc.gz.sig
Document Type text/plain
Last Modified Mon, 17 Jan 2005 20:08:27 GMT
Number of lines 2
Transferred bytes 35
---------------------------------------
Header information
HTTP/1.1 200 OK
Date: Wed, 26 Jan 2005 22:26:18 GMT
Server: Apache/2.0.47 (Unix) mod_ssl/2.0.47 OpenSSL/0.9.6b DAV/2 mod_auth_mda/
2.0 mod_jk/1.2.0 SVN/0.23.0 mod_auth_svn/0.1
Last-Modified: Mon, 17 Jan 2005 20:08:27 GMT
ETag: "250148-42-f28104c0"
Accept-Ranges: bytes
Content-Length: 66
Connection: close
Content-Type: text/plain
Content-Encoding: gzip
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (FreeBSD)
iD8DBQFB+BpE3x41pRYZE/gRAtVqAJsGE5o0t+ENVeAOaqn110fdnL5CpACfQQjA
TAGLqa1ibGo8HJShwFJDDmQ=
=pT/l
-----END PGP SIGNATURE-----
- RE: Security Breach Alert - CVS Home File Download Area Compromised, (continued)
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Bernd Petrovitsch, 2005/01/26
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
- Re: Security Breach Alert - CVS Home File Download Area Compromised, Derek Price, 2005/01/26
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
- Re: Security Breach Alert - CVS Home File Download Area Compromised, Arno Schuring, 2005/01/26
- Re: Security Breach Alert - CVS Home File Download Area Compromised, Todd Denniston, 2005/01/26
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
- Re: Security Breach Alert - CVS Home File Download Area Compromised, Mark D. Baushke, 2005/01/26
- Re: Security Breach Alert - CVS Home File Download Area Compromised,
Mark D. Baushke <=
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
- Re: Security Breach Alert - CVS Home File Download Area Compromised, Larry Jones, 2005/01/26
- RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/26
RE: Security Breach Alert - CVS Home File Download Area Compromised, Conrad T. Pino, 2005/01/28