possible security vulnerability on gnucash.org
Damian Dimmich
djd20 at kent.ac.uk
Tue Oct 27 06:44:17 EDT 2009
Hi,
One easy way to get around this is to add the following at the start of
your apache config:
RewriteEngine On
RewriteRule ^(.*/)?\.svn/ - [R=404,L]
and making sure that you have mod_rewrite enabled.
Cheers,
Damian
Konstantin Leonov wrote:
> Hi there.
>
> I guess this info should not be available: http://gnucash.org/.svn/entries
> If you'd like to fix that, remove site contents from svn or:
> 1. copy stuff to other location
> 2. commit it with svn.
> Putting site root under svn will result in all files to be shown in
> .svn/entries for each directory included in repo.
>
> Konstantin.
>
>
More information about the gnucash-devel
mailing list