29 matches found
MiracleLinux 4 : mercurial-1.4-5.AXS4 (AXSA:2017-1710:01)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-1710:01 advisory. Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start:...
Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2017-1132)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NewStart CGSL MAIN 4.05 : mercurial Vulnerability (NS-SA-2019-0104)
The remote NewStart CGSL host, running version MAIN 4.05, has mercurial packages installed that are affected by a vulnerability: - A flaw was found in the way hg serve --stdio command in Mercurial handled command-line options. A remote, authenticated attacker could use this flaw to execute...
Debian: Security Advisory (DLA-1414-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3963-1 : mercurial - security update
Several issues were discovered in Mercurial, a distributed revision control system. - CVE-2017-9462 fixed in stretch only Jonathan Claudius of Mozilla discovered that repositories served over stdio could be tricked into granting authorized users access to the Python debugger. - CVE-2017-1000115...
[SECURITY] [DSA 3963-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3963-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...
EulerOS 2.0 SP2 : mercurial (EulerOS-SA-2017-1133)
According to the version of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Mercurial before 4.1.3, 'hg serve --stdio' allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary...
Virtuozzo 6 : emacs-mercurial / emacs-mercurial-el / mercurial / etc (VZLSA-2017-1576)
An update for mercurial is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: mercurial
Issue Overview: Python debugger accessible to authorized users: A flaw was found in the way "hg serve --stdio" command in Mercurial handled command-line options. A remote, authenticated attacker could use this flaw to execute arbitrary code on the Mercurial server by using specially crafted...
CentOS Update for emacs-mercurial CESA-2017:1576 centos7
Check the version of emacs-mercurial SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882746";...
[SECURITY] [DLA 1005-1] mercurial security update
Package : mercurial Version : 2.2.2-4+deb7u4 CVE ID : CVE-2017-9462 Debian Bug : 861243 In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. For Debian 7...
CentOS 6 / 7 : mercurial (CESA-2017:1576)
An update for mercurial is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CentOS Update for emacs-mercurial CESA-2017:1576 centos6
Check the version of emacs-mercurial SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882744";...
emacs, mercurial security update
CentOS Errata and Security Advisory CESA-2017:1576 An update for mercurial is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score...
Oracle Linux 6 / 7 : mercurial (ELSA-2017-1576)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1576 advisory. 1.4-5 - Fixes CVE-2017-9462 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...
Scientific Linux Security Update : mercurial on SL6.x, SL7.x i386/x86_64 (20170627)
Security Fixes : - A flaw was found in the way 'hg serve --stdio' command in Mercurial handled command-line options. A remote, authenticated attacker could use this flaw to execute arbitrary code on the Mercurial server by using specially crafted command-line options. CVE-2017-9462 %NASLMINLEVEL...
Important: Red Hat Security Advisory: mercurial security update
An update for mercurial is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
mercurial security update
1.4-5 - Fixes CVE-2017-9462...
Fedora 25 : mercurial (2017-62aacc1474)
Fixes CVE-2017-9462. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...