9 matches found
[SECURITY] [DLA 4094-1] mercurial security update
Debian LTS Advisory DLA-4094-1 [email protected] https://www.debian.org/lts/security/ Andreas Henriksson March 27, 2025 https://wiki.debian.org/LTS Package : mercurial Version : 5.6.1-4+deb11u1 CVE ID : CVE-2025-2361 Debian Bug : 1100899 A cross-site scripting vulnerability was discover...
[SECURITY] [DSA 5883-1] mercurial security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5883-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 22, 2025 https://www.debian.org/security/faq -...
Debian dsa-5883 : mercurial - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5883 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5883-1 [email protected] https://www.debian.org/security/ Moritz...
RHSA-2017:1576 Red Hat Security Advisory: mercurial security update
Bulletin has no description...
RHSA-2016:0706 Red Hat Security Advisory: mercurial security update
Bulletin has no description...
SUSE-SU-2018:0127-1 Security update for mercurial
This update for mercurial fixes the following issues: - CVE-2017-17458: In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of...
SUSE-SU-2017:2251-1 Security update for mercurial
This update for mercurial fixes the following issues: - CVE-2017-1000115: path traversal via symlink could lead to unauthorized access bsc1053344 - CVE-2017-1000116: argument injection in SSH URLs could lead to client-side code execution bsc1052696...
MGASA-2017-0182 Updated mercurial packages fix security vulnerability
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name...
SUSE-SU-2016:1442-1 Security update for mercurial
This update for mercurial fixes the following issues: Security issues fixed: - CVE-2016-3105: Versionsprior to 3.8 allowed arbitrary code execution when using the convert extension on Git repo. bsc978391...