[Secure-testing-commits] r55158 - data/CVE
Antoine Beaupré
anarcat at moszumanska.debian.org
Mon Aug 28 15:36:09 UTC 2017
Author: anarcat
Date: 2017-08-28 15:36:09 +0000 (Mon, 28 Aug 2017)
New Revision: 55158
Modified:
data/CVE/list
Log:
add possible fixes for mercurial path transversal
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-08-28 15:26:00 UTC (rev 55157)
+++ data/CVE/list 2017-08-28 15:36:09 UTC (rev 55158)
@@ -2651,6 +2651,8 @@
- mercurial 4.3.1-1 (bug #871709)
NOTE: SUSE has patches for 2.3, 2.8, 3.8 and 4.2: https://www.suse.com/security/cve/CVE-2017-1000116/
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/47ea28293d30 (test)
+ NOTE: https://www.mercurial-scm.org/repo/hg/rev/377e8ddaebef (fix)
CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...)
NOT-FOR-US: NexusPHP
CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...)
More information about the Secure-testing-commits
mailing list