Savane - Summary
Savane is a Web-based Libre Software hosting system. It includes issue tracking (bugs, tasks, support, news and documentation), project member management by roles and individual account maintenance.
Versions:
- http://savannah.gnu.org/p/savane-cleanup : version 3.1 through Git
- http://savannah.gnu.org/p/savane : forsaken Python/Django rewrite attempt
- https://savannah.gnu.org/p/administration : local fork powering GNU Savannah
- https://gna.org/projects/savane/ : previous 3.0 code
Other Useful Links:
- Requirements
- Download Latest Release
- Debian Packages
- Install Guide
- Announce Mailing List (sysadmins should subscribe)
- Developers Must Read
Registration Date: Fri Jan 30 21:21:41 2004
License: GNU General Public License V2 or later
Development Status: 5 - Production/Stable
posted by beuc, Thu Feb 2 22:02:09 2017 - 0 replies
Sylvain Beucler discovered that Savane version >= 1.0.1 is vulnerable to restricted shell bypass in the sv_membersh default scp configuration, resulting in local access for registered users.
If you offer scp access to your users, we recommend you modify your /etc/membersh-conf.pl file with:
$regexp_scp = "^scp( -[pdrv])* -t (-- )?/srv/download";
Version 3.0+4 includes this fix.
posted by beuc, Wed Dec 2 22:24:18 2009 - 0 replies
Sylvain Beucler discovered that Savane, a 100% free software hosting platform, is vulnerable to a symlink attack on ~/.ssh user directories that may allow the attacker to gain access to other user accounts.
We forwarded the patch to gforge, which was also vulnerable, where it was identified as Debian-assigned CVE-2009-3304, disclosed today.
...
[Read more]
posted by yeupou, Mon Dec 4 09:38:30 2006 - 2 replies
Here comes a new Savane release. This release brings many improvements. A markup language (inspired by the commonly used in wikis) enables users to format content, for instance in item reports. Numerous anti-spam tools are now available: DNSbl, ...
[Read more]
posted by yeupou, Tue Oct 3 08:06:29 2006 - 2 replies
Here comes a new Savane release. This release brings many interface improvements. Most notably, the top menu now use dropdown submenus, which allow users to jump from any page to another with a single click. Note also that the "display criteria" boxes are minimized by default, to give more room to the results.
...
[Read more]
[Submit News]
[23 news in archive]