mainSavane - Summary

Show feedback again
Membership Info
Project Admin:
  - Beuc
19 active members

Group identification
Id: #116
System Name: savane
Name: Savane
Group Type: Programs

Search in this Group


Savane is a Web-based Libre Software hosting system. It includes issue tracking (bugs, tasks, support, news and documentation), project member management by roles and individual account maintenance.


Other Useful Links:

Registration Date: Fri Jan 30 21:21:41 2004
License: GNU General Public License V2 or later
Development Status: 5 - Production/Stable


Latest News 
Security fix: scp restricted shell bypass
     posted by beuc, Thu Feb 2 22:02:09 2017 - 0 replies

Sylvain Beucler discovered that Savane version >= 1.0.1 is vulnerable to restricted shell bypass in the sv_membersh default scp configuration, resulting in local access for registered users.

If you offer scp access to your users, we recommend you modify your /etc/ file with:
$regexp_scp = "^scp( -[pdrv])* -t (-- )?/srv/download";

Version 3.0+4 includes this fix.

New Savane release fixes symlink attack and privilege escalation
     posted by beuc, Wed Dec 2 22:24:18 2009 - 0 replies

Sylvain Beucler discovered that Savane, a 100% free software hosting platform, is vulnerable to a symlink attack on ~/.ssh user directories that may allow the attacker to gain access to other user accounts.

We forwarded the patch to gforge, which was also vulnerable, where it was identified as Debian-assigned CVE-2009-3304, disclosed today. ...

[Read more]
Release 3.0: markup language and anti-spam tools
     posted by yeupou, Mon Dec 4 09:38:30 2006 - 2 replies

Here comes a new Savane release. This release brings many improvements. A markup language (inspired by the commonly used in wikis) enables users to format content, for instance in item reports. Numerous anti-spam tools are now available: DNSbl, ...

[Read more]
Release 2.0: interface heavy improvements, bugfixes and cosmetics
     posted by yeupou, Tue Oct 3 08:06:29 2006 - 2 replies

Here comes a new Savane release. This release brings many interface improvements. Most notably, the top menu now use dropdown submenus, which allow users to jump from any page to another with a single click. Note also that the "display criteria" boxes are minimized by default, to give more room to the results. ...

[Read more]
[Submit News]
[23 news in archive]

Communication Tools
Mailing Lists Mailing Lists (2 public mailing-lists)

Show feedback again

Back to the top

Powered by Savane 3.1-cleanup