[Secure-testing-commits] r55433 - data/CVE
security tracker role
sectracker at moszumanska.debian.org
Mon Sep 4 09:10:15 UTC 2017
Author: sectracker
Date: 2017-09-04 09:10:15 +0000 (Mon, 04 Sep 2017)
New Revision: 55433
Modified:
data/CVE/list
Log:
automatic update
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-09-04 07:09:34 UTC (rev 55432)
+++ data/CVE/list 2017-09-04 09:10:15 UTC (rev 55433)
@@ -3733,7 +3733,7 @@
- git 1:2.14.1-1
NOTE: https://public-inbox.org/git/xmqqh8xf482j.fsf@gitster.mtv.corp.google.com/T/#u
CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
- {DLA-1072-1}
+ {DSA-3963-1 DLA-1072-1}
- mercurial 4.3.1-1 (bug #871710)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
NOTE: 11 patches need to be applied, the following are for 4.2:
@@ -3751,7 +3751,7 @@
NOTE: 3.7 and 4.1 backports also available at https://bitbucket.org/atlassian/mercurial/commits/branch/sec-3.7
NOTE: and https://bitbucket.org/octobus/mercurial-backport/branch/backport-4.1
CVE-2017-1000115 [path traversal via symlink]
- {DLA-1072-1}
+ {DSA-3963-1 DLA-1072-1}
- mercurial 4.3.1-1 (bug #871709)
NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
NOTE: https://www.mercurial-scm.org/repo/hg/rev/47ea28293d30 (test)
More information about the Secure-testing-commits
mailing list