onsdag 17 april 2024 kl. 11:09:21 UTC+2 skrev jens.l...@gmail.com: Details on vulnerability can be found here:
https://nvd.nist.gov/vuln/detail/CVE-2024-31497 The description mentions specifically: "This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, *and TortoiseSVN through 1.14.6*." The release notes for 1.14.7 does not mention this vulnerability. Was that an oversight or has the vulnerability yet to be fixed? This was fixed by updating PuTTY/plink to version 0.81. Can you mention which release notes you are looking at? I think the "What's New in TortoiseSVN 1.14" page is seldom updated for patch-releases. The homepage news item "TortoiseSVN 1.14.7 released" does mention the security fix. The ChangeLog.txt doesn't mention the updated PuTTY Plink, but it frequently omit this completely. Kind regards, Daniel -- You received this message because you are subscribed to the Google Groups "TortoiseSVN" group. To unsubscribe from this group and stop receiving emails from it, send an email to tortoisesvn+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/tortoisesvn/ae4877f2-7cc5-4d91-9929-5c63e752e156n%40googlegroups.com.
