[Secure-testing-commits] [Git][security-tracker-team/security-tracker][master] Add notes for CVE-2018-1000132/mercurial

Wed Mar 14 21:24:39 UTC 2018

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4666c9d8 by Salvatore Bonaccorso at 2018-03-14T22:24:15+01:00
Add notes for CVE-2018-1000132/mercurial

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================

--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1217,6 +1217,10 @@ CVE-2018-8110
 CVE-2018-1000132 (Mercurial version 4.5 and earlier contains a Incorrect Access Control ...)
 	- mercurial <unfixed>
 	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29
+	NOTE: https://www.mercurial-scm.org/repo/hg/rev/2ecb0fc535b1 (4.5.2)
+	NOTE: Backports for older branches in https://hg.mozilla.org/users/gszorc_mozilla.com/hg
+	NOTE: 4.4: 4843835c835::7cf827e5f8af
+	NOTE: 4.3: db527ae12671::86f9a022ccb8
 CVE-2018-1000131 (Pradeep Makone wordpress Support Plus Responsive Ticket System version ...)
 	TODO: check
 CVE-2018-1000130 (A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4666c9d8c57bb8417ffa7b3fbe820579f5d00621

---
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/4666c9d8c57bb8417ffa7b3fbe820579f5d00621
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/secure-testing-commits/attachments/20180314/cc2c34e6/attachment.html>
