6 matches found
Updated mercurial packages fix security vulnerability
This update fixes possible arbitrary code execution when converting Git repos. Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This...
mercurial: arbitrary code execution
Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This is a further side-effect of Git CVE-2015-7545. Reported and fixed by Blake...
RHEL 7 : mercurial (RHSA-2016:0706)
An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
Important: Red Hat Security Advisory: mercurial security update
An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
DSA-3435-1 git - security update
Bulletin has no description...
Ubuntu 14.04 LTS : Git vulnerability (USN-2835-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2835-1 advisory. Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this...