Petyovský Petr wrote on Thu, Dec 15, 2011 at 18:47:51 +0100: > Hello. > I have some reports of the svnserve daemon dying under vanilla fedora 15. > > My story is simple... > I was need svn repository for my students on the course C/C++ > programming, like each semester. > So, I installed vanilla Fedora 15, configure and start vanilla svn > 1.6.17 with svn:// (svnserve) scheme. > > Everything going ok (students are happy, commiting, checkouting etc.), > but it's a third times when svnserve daemon died without any reason. > > Maybe I did something wrong in configuration... > Maybe is something wrong on the students svn clients (tortoise svn)... > But result is always same, svnserve sometimes dying. And this isn't good. >
There is no such thing as "without any reason". What is the exit code? Is there anything in syslog? In the --log-file? In stderr? Did it catch a signal? Was it serving connections when it died? Did it just accept a new one? > I don't want start some "fire", but maybe is something wrong in svnserve > itself. > Because svnserve log after dying is very strange? > > Can you please contact me with some developer which response of > svnserve security. This looks like strange vulnerability in svn daemon. > If possible, please follow up on the public us...@subversion.apache.org mailing list. (Several developers follow that list regularly.) If you believe you know of a way to cause an svnserve daemon to crash, please report it privately (by private email to me, or by email security[at]apache[dot]org). I'll note, though, that svnserve hasn't had a security issue in years, and that not every crash is a security vulnerability. > I have svnserve logs and effort to solve this problem... > Thanks for your answer. > > Regards, > Petr > Thanks, Daniel > PS: sorry for my english. ;-) > > Ing. Petr Petyovsky > Faculty of Electrical Engineering and Communication > Department of Control and Instrumentation > Kolejni 4, 612 00 Brno > Czech Republic >
