On Fri, Feb 24, 2017 at 11:47:46PM +0100, Jakub Narębski wrote: > I have just read on ArsTechnica[1] that while Git repository could be > corrupted (though this would require attackers to spend great amount > of resources creating their own collision, while as said elsewhere > in this thread allegedly easy to detect), putting two proof-of-concept > different PDFs with same size and SHA-1 actually *breaks* Subversion. > Repository can become corrupt, and stop accepting new commits.
From what I understood in the thread[1], it was the combination of svn + git-svn together. I think Arstechnica may be a little bit sensationalistic here. Cheers! -Santiago. [1] https://bugs.webkit.org/show_bug.cgi?id=168774#c27
signature.asc
Description: PGP signature
