There's a big push within Apache to adopt Subversion, and I suppose it will get to us in the near future. However, if we go there, I don't think it would be for this reason primarily. What are the security vulnerabilities of SVN? Nobody knows yet, and SVN has not been targeted. At least there is a major focus on security issues now with CVS. You could ask on [EMAIL PROTECTED] about the security status of Apache's CVS server and the relative security of SVN. All CVS updates are SSH tunnelled, AFAIK.


Clay Leeds wrote:
I don't know who this should go to (they probably already know), but according to Reuters[1], the CVS system has some fairly significant holes. I know Forrest moved to SVN not too long ago. Have we thought of doing it ourselves?

-- Peter B. West <>

Reply via email to