[Python-apps-team] Bug#901050: mercurial: New security fixes release (4.6.1)
Salvatore Bonaccorso
carnil at debian.org
Fri Jul 6 05:20:56 BST 2018
Control: retitle -1 mercurial: CVE-2018-13346 CVE-2018-13347 CVE-2018-13348
Control: found -1 3.1.2-1
Hi,
On Fri, Jun 08, 2018 at 02:31:50PM +0200, Salvatore Bonaccorso wrote:
> Source: mercurial
> Version: 4.6-2
> Severity: grave
> Tags: security upstream
>
> For tracking purposes: mercurial 4.6.1 contains security fixes as
> denoted in:
>
> https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29
>
> > 1.1. Security Fixes
> >
> > Multiple issues found in mpatch.c with a fuzzer:
> >
> > OVE-20180430-0001
> > OVE-20180430-0002
> > OVE-20180430-0004
> >
> > With the following fixes:
> >
> > mpatch: be more careful about parsing binary patch data (SEC)
> > mpatch: protect against underflow in mpatch_apply (SEC)
> > mpatch: ensure fragment start isn't past the end of orig (SEC)
> > mpatch: fix UB in int overflows in gather() (SEC)
> > mpatch: fix UB integer overflows in discard() (SEC)
> > mpatch: avoid integer overflow in mpatch_decode (SEC)
> > mpatch: avoid integer overflow in combine() (SEC)
> >
> > No exploits are known at the time, however, it is highly recommended that all
> > users upgrade.
>
> No CVEs are yet assigned.
CVEs were now assigned (CVE-2018-13346, CVE-2018-13347 and
CVE-2018-13348).
Note that CVE-2018-13347 this covers not only a single patch. See
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13347
references for details.
Regards,
Salvatore
More information about the Python-apps-team
mailing list