[Secure-testing-commits] r55157 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Mon Aug 28 15:26:00 UTC 2017
Author: anarcat
Date: 2017-08-28 15:26:00 +0000 (Mon, 28 Aug 2017)
New Revision: 55157
Modified:
data/CVE/list
Log:
document Suse patches for mercurial
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-28 15:21:29 UTC (rev 55156)
+++ data/CVE/list 2017-08-28 15:26:00 UTC (rev 55157)
@@ -2634,6 +2634,7 @@
NOTE: https://public-inbox.org/git/xmqqh8xf482j.fsf@gitster.mtv.corp.google.com/T/#u
CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
- mercurial 4.3.1-1 (bug #871710)
+ NOTE: SUSE has patches for 2.3, 2.8, 3.8 and 4.2: https://www.suse.com/security/cve/CVE-2017-1000116/
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
NOTE: https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2
NOTE: https://www.mercurial-scm.org/repo/hg/rev/e10745311406
@@ -2648,6 +2649,7 @@
NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
CVE-2017-1000115 [path traversal via symlink]
- mercurial 4.3.1-1 (bug #871709)
+ NOTE: SUSE has patches for 2.3, 2.8, 3.8 and 4.2: https://www.suse.com/security/cve/CVE-2017-1000116/
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...)
NOT-FOR-US: NexusPHP
More information about the Secure-testing-commits
mailing list