[Secure-testing-commits] r54614 - data/CVE

Salvatore Bonaccorso carnil at moszumanska.debian.org
Fri Aug 11 12:17:27 UTC 2017


Author: carnil
Date: 2017-08-11 12:17:27 +0000 (Fri, 11 Aug 2017)
New Revision: 54614

Modified:
   data/CVE/list
Log:
mercurial issues fixed in unstable

Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-08-11 11:49:57 UTC (rev 54613)
+++ data/CVE/list	2017-08-11 12:17:27 UTC (rev 54614)
@@ -61,7 +61,7 @@
 	- git 1:2.14.1-1
 	NOTE: https://public-inbox.org/git/xmqqh8xf482j.fsf@gitster.mtv.corp.google.com/T/#u
 CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
-	- mercurial <unfixed> (bug #871710)
+	- mercurial 4.3.1-1 (bug #871710)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/e10745311406
@@ -75,7 +75,7 @@
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/00a75672a9cb
 	NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
 CVE-2017-1000115 [path traversal via symlink]
-	- mercurial <unfixed> (bug #871709)
+	- mercurial 4.3.1-1 (bug #871709)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
 CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...)
 	NOT-FOR-US: NexusPHP
@@ -8692,7 +8692,7 @@
 	NOT-FOR-US: BigTree CMS
 CVE-2017-9462 (In Mercurial before 4.1.3, "hg serve --stdio" allows remote ...)
 	{DLA-1005-1}
-	- mercurial <unfixed> (bug #861243)
+	- mercurial 4.3.1-1 (bug #861243)
 	[stretch] - mercurial <no-dsa> (Minor issue)
 	[jessie] - mercurial <no-dsa> (Minor issue)
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29




More information about the Secure-testing-commits mailing list