[Secure-testing-commits] r32961 - data/CVE

[Salvatore Bonaccorso]

Author: carnil
Date: 2015-03-18 12:03:28 +0000 (Wed, 18 Mar 2015)
New Revision: 32961

Modified:
   data/CVE/list
Log:
Add new mercurial issue

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2015-03-18 12:01:40 UTC (rev 32960)
+++ data/CVE/list	2015-03-18 12:03:28 UTC (rev 32961)
@@ -5481,8 +5481,12 @@
 	NOT-FOR-US: Microweber CMS
 CVE-2014-9463
 	RESERVED
-CVE-2014-9462
+CVE-2014-9462 [Command Injection]
 	RESERVED
+	- mercurial <unfixed>
+	[experimental] - mercurial 3.3~rc1-1
+	NOTE: http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
+	NOTE: http://selenic.com/hg/rev/e3f30068d2eb
 CVE-2014-9461 (Directory traversal vulnerability in models/Cart66.php in the Cart66 ...)
 	NOT-FOR-US: Cart66 Lite plugin for WordPress
 CVE-2014-9460 (Multiple cross-site request forgery (CSRF) vulnerabilities in the ...)