bug-cvs
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Security Breach Alert - CVS Home File Download Area Compromised

From: Conrad T. Pino
Subject: RE: Security Breach Alert - CVS Home File Download Area Compromised
Date: 2005年1月26日 15:12:35 -0800 
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Mark,
> From: Mark D. Baushke
>
> When I got to the cvs-1.11.18-Darwin-7.7.0-powerpc.gz.sig link using
> 'w3m' (a text-based browser) it seems to have the wrong Content-Encoding
> (of 'gzip') for the .sig files in the macosx directory.
>
> This is likely what is confusing a number of browsers out there. I am
> not sure of the right way to tell the CollabNet servlets to fix the
> problem.
See prior message regarding Java servlet redirecting to file URL delivered
by Apache 2.0.47 server.
> Folks should be able to use tools like 'wget' and 'curl' to fetch files
> given the URLs.
Folks with tools like the above don't need binary files. Such folks I
expect can compile the source for themselves.
> It may also be possible to tell your browser to NOT try
> to do any decoding of the file on the fly, but I am not sure how easy
> that is for things like IE.
I've been doing "right click" using "Save Target As..." option which
works correctly with "*.gz" files from Apache Jakarta where I tried
downloading Tomcat 4.1.31 with no problem.
Don't forget "*.tar.gz.sig", "*.tar.bz2.sig" and "*.zip.sig" files work
on CVS Home. Can you check the difference between them & "*.gz.sig"?
Here's what Microsoft said about IE and MIME types:
http://msdn.microsoft.com/workshop/networking/moniker/overview/appendix_a.asp
> -- Mark
Conrad
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
iQA/AwUBQfgj4rNM28ubzTo9EQKPEACghW72fratZvKpSYM0FvBE6gOzUrUAoJ2Y
gyrA0T5g6s1Qex1RKF8RAclG
=xTPU
-----END PGP SIGNATURE-----
reply via email to
[Prev in Thread] Current Thread [Next in Thread]

AltStyle によって変換されたページ (->オリジナル) /