Category: security

News and posts from security category


Posted on 2014-12-23 by Sebastian Sdorra

CVE-2014-9390 affects git systems on case-insensitive filesystems, such as Windows and Mac OS. For more informations of CVE-2014-9390 please have a look at the git mailing list.

There are only two parts of SCM-Manager which are affected by CVE-2014-9390, the new import…

Posted in scm-manager, security

SCM-Manager and the POODLE vulnerability

Posted on 2014-10-18 by Sebastian Sdorra

If you are using scm-server with a configured https connector, please be sure that you exclude the SSLv3 protocol to avoid the POODLE vulnerability.

Add the following xml elements to your https connector in your server-config.xml:

  <New class="org.eclipse.jetty.http.ssl.SslContextFactory">
    <Set name="excludeProtocols">
      <Array type="java.lang.String">

The complete connector section should now be…

Posted in scm-manager, security