[Secure-testing-commits] r54573 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Thu Aug 10 20:26:14 UTC 2017
Author: carnil
Date: 2017-08-10 20:26:14 +0000 (Thu, 10 Aug 2017)
New Revision: 54573
Modified:
data/CVE/list
Log:
Add set of commits for mercurial issue
I'm not sure if all yet belong to CVE-2017-1000116 but all are related
to sanitize mercurial around command injection via malicious ssh URLs.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-10 20:05:45 UTC (rev 54572)
+++ data/CVE/list 2017-08-10 20:26:14 UTC (rev 54573)
@@ -4,6 +4,17 @@
CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
- mercurial <unfixed> (bug #871710)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/e10745311406
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/f93975a5ebe8
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/f9134e96ed0f
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/92b583e3e522
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/08cfc4baf3ba
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/55681baf4cf9
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/173ecccb9ee7
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/ca398a50ca00
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/00a75672a9cb
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
CVE-2017-1000115 [path traversal via symlink]
- mercurial <unfixed> (bug #871709)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
More information about the Secure-testing-commits
mailing list