[Python-apps-team] Bug#783237: CVE-2014-9462
Javi Merino
vicho at debian.org
Fri May 1 18:16:07 UTC 2015
On Fri, Apr 24, 2015 at 01:21:56PM +0200, Moritz Muehlenhoff wrote:
> Package: mercurial
> Severity: important
> Tags: security
>
> Please see
> http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
>
> Fix:
> http://selenic.com/hg/rev/e3f30068d2eb
I've prepared a fix for this, find the diff attached. Can I upload it
to stable-security?
Cheers,
Javi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix_cve_2014_9462.patch
Type: text/x-diff
Size: 2541 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/python-apps-team/attachments/20150501/bdbd121c/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/python-apps-team/attachments/20150501/bdbd121c/attachment.sig>
More information about the Python-apps-team
mailing list