- Official website: http://www.usvn.info
- Official instalation instructions: https://github.com/usvn/usvn/wiki/Installation
Requirements:
- Virtualbox (https://www.virtualbox.org/wiki/Downloads)
- Vagrant (http://www.vagrantup.com)
To run:
vagrant up
To suspend execution:
vagrant suspend
To destroy virtual machine:
vagrant destroy
vagrant destroy <-- destroy virtual machine
make <-- remove instalation files
The project is not maintain. But if you find a security issue or want to contribute we are happy to help.
- Force SameSite Strict on cookies to prevent CSRF CVE-2020-25070 (Report by Jomar & Serizao)
- Prevent shell code execution in the commit view CVE-2020-25069 (Report by Jomar & Serizao)
- Minimum recommended PHP version 7.3
- Fix XSS in SVN logs. Credit to Sysdream
- Solve some problems about binary file, locale and mysql importing.
- Add X-Forwarded-Proto variable check on protocol check
- Added error_log for fail2ban capture by apache-auth filter
- Solve the key length error reported by mysql when import the sql.
- Set the locale by system.locale in the config file.
- Fix JVN#73794686 Cross-site scripting vulnerability