4 matches found
openSUSE Security Update : mercurial (mercurial-75)
This update of mercurial improves the input validation. Prior to this patch it was possible to touch files as root. CVE-2008-2942 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update mercurial-75...
Gentoo Security Advisory GLSA 200807-09 (mercurial)
The remote host is missing updates announced in advisory GLSA 200807-09. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mercurial patch.py文件目录遍历漏洞
BUGTRAQ ID: 30072 CVECAN ID: CVE-2008-2942 Mercurial是分布式的源码管理控制系统。 Mercurial的mercurial/patch.py文件中没有正确地过滤对applydiff函数的输入参数,如果远程攻击者提交了恶意请求的话,就可以通过目录遍历攻击重新命名代码库外任意文件的名称。 Mercurial 1.0.1 Gentoo ------ Gentoo已经为此发布了一个安全公告(GLSA-200807-09)以及相应补丁: GLSA-200807-09:Mercurial: Directory traversal...
rPSA-2008-0211-1 mercurial mercurial-hgk
rPath Security Advisory: 2008-0211-1 Published: 2008-07-03 Products: rPath Linux 2 Rating: Major Exposure Level Classification: Indirect User Deterministic Unauthorized Access Updated Versions: mercurial=conary.rpath.com@rpl:2/1.0.1-1-0.1 mercurial-hgk=conary.rpath.com@rpl:2/1.0.1-1-0.1 rPath Iss...