5 matches found
automated-security-code-review
...
DLA-459-1 mercurial - security update
Bulletin has no description...
mercurial: arbitrary code execution
Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This is a further side-effect of Git CVE-2015-7545. Reported and fixed by Blake...
DSA-3570-1 mercurial - security update
Bulletin has no description...
Vulnerability in Facebook discloses Primary Email Address of any account
When you sign up on Facebook, you have to enter an email address and that email address becomes your primary email address on Facebook. In a recent disclosure by a Security researcher, Stephen Sclafani - The Social Networking site Facebook was vulnerable to disclosure of primary email address of...