[Secure-testing-commits] r54614 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Fri Aug 11 12:17:27 UTC 2017
Author: carnil
Date: 2017-08-11 12:17:27 +0000 (Fri, 11 Aug 2017)
New Revision: 54614
Modified:
data/CVE/list
Log:
mercurial issues fixed in unstable
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-11 11:49:57 UTC (rev 54613)
+++ data/CVE/list 2017-08-11 12:17:27 UTC (rev 54614)
@@ -61,7 +61,7 @@
- git 1:2.14.1-1
NOTE: https://public-inbox.org/git/xmqqh8xf482j.fsf@gitster.mtv.corp.google.com/T/#u
CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
- - mercurial <unfixed> (bug #871710)
+ - mercurial 4.3.1-1 (bug #871710)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
NOTE: https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2
NOTE: https://www.mercurial-scm.org/repo/hg/rev/e10745311406
@@ -75,7 +75,7 @@
NOTE: https://www.mercurial-scm.org/repo/hg/rev/00a75672a9cb
NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
CVE-2017-1000115 [path traversal via symlink]
- - mercurial <unfixed> (bug #871709)
+ - mercurial 4.3.1-1 (bug #871709)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...)
NOT-FOR-US: NexusPHP
@@ -8692,7 +8692,7 @@
NOT-FOR-US: BigTree CMS
CVE-2017-9462 (In Mercurial before 4.1.3, "hg serve --stdio" allows remote ...)
{DLA-1005-1}
- - mercurial <unfixed> (bug #861243)
+ - mercurial 4.3.1-1 (bug #861243)
[stretch] - mercurial <no-dsa> (Minor issue)
[jessie] - mercurial <no-dsa> (Minor issue)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29
More information about the Secure-testing-commits
mailing list