18 matches found
SUSE CVE-2018-13348
The mpatchdecode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001...
EulerOS 2.0 SP3 : mercurial (EulerOS-SA-2022-1747)
According to the versions of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository...
Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2022-1747)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2022-1331)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Advisory ROSA-SA-2021-1918
Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...
SUSE: Security Advisory (SUSE-SU-2018:1998-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2293-1 : mercurial security update
Several vulnerabilities were discovered in mercurial, an easy-to-use, scalable distributed version control system. CVE-2017-17458 In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a...
Debian: Security Advisory (DLA-2293-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : mercurial (openSUSE-2019-541)
This update for mercurial fixes the following issues : Security issues fixed : - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...
SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2018:1998-1)
This update for mercurial fixes the following issues: Security issues fixed : - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...
openSUSE: Security Advisory for mercurial (openSUSE-SU-2018:2132-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : mercurial (openSUSE-2018-772)
This update for mercurial fixes the following issues : Security issues fixed : - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...
Security update for mercurial (moderate)
This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...
Security update for mercurial (moderate)
This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13348: Fix the mpatchdecode function in mpatch.c that mishandles certain situations where there should be at least 12 bytes remaining after thecurrent position in the patch data boo1100353. - CVE-2018-13347: F...
openSUSE Security Update : mercurial (openSUSE-2018-734)
This update for mercurial fixes the following issues : Security issues fixed : - CVE-2018-13348: Fix the mpatchdecode function in mpatch.c that mishandles certain situations where there should be at least 12 bytes remaining after thecurrent position in the patch data boo1100353. - CVE-2018-13347:...
openSUSE: Security Advisory for mercurial (openSUSE-SU-2018:2023-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2018:1996-1 Security update for mercurial
This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...
CVE-2018-13348
CVE-2018-13348 : In Mercurial, the mpatch_decode function in mpatch.c (pre-4.6.1) mishandles cases where there should be at least 12 bytes remaining in patch data but aren’t, potentially affecting patch processing with integrity impact. Affected: Mercurial versions before 4.6.1. Remediation: upgr...