[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2019-3902/mercurial
Salvatore Bonaccorso
carnil at debian.org
Fri Apr 19 07:41:34 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b9b818ff by Salvatore Bonaccorso at 2019-04-19T06:39:49Z
Add CVE-2019-3902/mercurial
- - - - -
5db892a5 by Salvatore Bonaccorso at 2019-04-19T06:40:54Z
Add fixed version for CVE-2019-3902/mercurial in unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18219,8 +18219,10 @@ CVE-2019-3904
RESERVED
CVE-2019-3903
RESERVED
-CVE-2019-3902
+CVE-2019-3902 [path-checking logic bypass vie symlinks and subrepositories]
RESERVED
+ - mercurial 4.9-1
+ NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.9_.282019-02-01.29
CVE-2019-3901
RESERVED
CVE-2019-3900
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e3a6adbaf7fa7c75ca8017dfd50130d8d812d3f1...5db892a5ba364c16e97ad376db3d944e9d3fd076
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/e3a6adbaf7fa7c75ca8017dfd50130d8d812d3f1...5db892a5ba364c16e97ad376db3d944e9d3fd076
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190419/ffcb1832/attachment.html>
More information about the debian-security-tracker-commits
mailing list