18 matches found
Ubuntu 16.04 ESM : Mercurial vulnerabilities (USN-5102-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-2 advisory. USN-5102-1 fixed vulnerabilities in Mercurial. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
SUSE CVE-2018-17983
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry...
Mageia: Security Advisory (MGASA-2018-0442)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5102-1: Mercurial vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in Mercurial. CVEs contained in this USN include: CVE-2018-17983, CVE-2019-3902. Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted...
Ubuntu: Security Advisory (USN-5102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5102-1: Mercurial vulnerabilities
It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...
Ubuntu 18.04 LTS : Mercurial vulnerabilities (USN-5102-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-1 advisory. It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the targets...
Advisory ROSA-SA-2021-1918
Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...
SUSE: Security Advisory (SUSE-SU-2018:3430-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : mercurial (openSUSE-2019-864)
This update for mercurial fixes the following issues : - CVE-2018-17983: Fix an out-of-bounds read during parsing of a malformed manifest entry bsc1110899. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2018:3430-1)
This update for mercurial fixes the following issues : CVE-2018-17983: Fix an out-of-bounds read during parsing of a malformed manifest entry bsc1110899. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempte...
Updated mercurial packages fix security vulnerability
An out-of-bounds read during parsing of a malformed manifest entry CVE-2018-17983...
openSUSE Security Update : mercurial (openSUSE-2018-1297)
This update for mercurial fixes the following issues : - CVE-2018-17983: Fix an out-of-bounds read during parsing of a malformed manifest entry bsc1110899. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...
Security update for mercurial (moderate)
This update for mercurial fixes the following issues: - CVE-2018-17983: Fix an out-of-bounds read during parsing of a malformed manifest entry bsc1110899. This update was imported from the SUSE:SLE-15:Update update project...
openSUSE: Security Advisory for mercurial (openSUSE-SU-2018:3517-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2018:3430-1 Security update for mercurial
This update for mercurial fixes the following issues: - CVE-2018-17983: Fix an out-of-bounds read during parsing of a malformed manifest entry bsc1110899...
CVE-2018-17983
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry...
CVE-2018-17983
CVE-2018-17983 is an out-of-bounds read in Mercurial’s manifest parsing. The flaw exists in cext/manifest.c in Mercurial prior to 4.7.2 and is triggered while parsing a malformed manifest entry. Public references in the connected documents align this issue with Mercurial vulnerability advisories ...