Hi, I've to tell you about this: http://www.tuxedo-es.org/seguridad/GForge-1.xhtml Its a security audit almost finished of the latest GForge source. I am avalaible for help you about how to fix that issues. Please , after you've fixed GForge and released the patchs , i want to have permission for publish this in some security lists ( FD, bugtraq, wep app sec ) just to tell people and advice that they need to patch, is it o.k. ? Thanks in advance, Cheers PS: I am resending this message to some people of GNU , AFAIK there was an idea of migrating from Savannah/Savane to GForge because "Sava was not secure enough" , and i looked at your code just for know how secure is GForge and it presents AFAIK the same types of security problems of Savane. -------------------------------------- Lorenzo Hernandez Garcia-Hierro -----BEGIN GEEK CODE BLOCK----- Version: 3.1 G d>-- s>:() a---- C++++(++++)>++++ UL>++++ P++(++)>++ L++(++)>+++ E()>- W+++(+++)>+++ N+(+)>+ o+(+)>+ K-(-)>- w++(++)>+++ !O !M !V PS+(+)>+ PE+(+)>+ Y()> PGP++(++)>++ t++(++)>++ !5 X++++(++++)>++++ R++(++)>++ tv+(+)>+ b++++(++++)>++++ DI+(+)>+ D+(+)>+ G+(+)>+ e()> h++(++)>++ r++(++)>++ y-(-)>- ------END GEEK CODE BLOCK------ PGP: Keyfingerprint: 4ACC D892 05F9 74F1 F453 7D62 6B4E B53E 9180 5F5B ID: 0x91805F5B http://www.tuxedo-es.org ______________________________________
[Savane-dev] Security report of GForge 3.3
Lorenzo Hernandez Garcia-Hierro Mon, 12 Apr 2004 12:33:06 +0200
- [Savane-dev] Security report of GForge 3.3 Lorenzo Hernandez Garcia-Hierro
- [Savane-dev] Re: Security report of G... Lorenzo Hernandez Garcia-Hierro
- [Savane-dev] Re: Security report of G... Lorenzo Hernandez Garcia-Hierro
- [Savane-dev] Re: Security report of G... Christian BAYLE
- Re: [Savane-dev] Re: Security rep... Elfyn McBratney
- Re: [Savane-dev] Re: Security... Tim Perdue
- Re: [Savane-dev] Re: Secu... Mathieu Roy
- Re: [Savane-dev] Re:... Tim Perdue
- Re: [Savane-dev]... Mathieu Roy
- Re: [Savane-... Tim Perdue
- Re: [Savane-... Sylvain Beucler
