CVE-2011-1411: OpenSAML library vulnerable to XML Signature wrapping attacks

gprestia gregoriogianluca.prestia at amadeus.com
Thu Jan 10 08:21:55 EST 2013


Yes I have indeed looked at that page, where I can navigate the source tree
via the browser.
But when I try to perform an SVN anonymous checkout to have the full source
base in local, I get errors as follows:

*** case 1: [redirect cycle error]
> svn co http://svn.shibboleth.net/view/java-opensaml2/

Redirecting to URL 'http://svn.shibboleth.net/view/java-opensaml2':
Redirecting to URL 'http://svn.shibboleth.net/view/java-opensaml2':
svn: E195019: Redirect cycle detected for URL
'http://svn.shibboleth.net/view/java-opensaml2'

*** case 2: [authentication is required]
> svn co https://svn.shibboleth.net/view/java-opensaml2/

Authentication realm: <https://svn.shibboleth.net:443> Shibboleth SVN
Repository
Password for 'gprestia':

*** case 3: [connection refused by server]
> svn co svn://svn.shibboleth.net/view/cpp-opensaml

svn: E730061: Unable to connect to a repository at URL
'svn://svn.shibboleth.net/view/cpp-opensaml'
svn: E730061: Can't connect to host 'svn.shibboleth.net': No connection
could be made because the target machine actively refused it.

-------
Being an open source project, I'm sure I can get the full source base
"anonymously" to do a local build, so I'm wondering what I'm doing wrong
with my SVN command...

Rgds
GP



--
View this message in context: http://shibboleth.1660669.n2.nabble.com/CVE-2011-1411-OpenSAML-library-vulnerable-to-XML-Signature-wrapping-attacks-tp6618773p7583959.html
Sent from the Shibboleth - Developers mailing list archive at Nabble.com.


More information about the dev mailing list