MiracleLinux 7 : mercurial-2.6.2-10.el7 (AXSA:2019-4114:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4114:01 advisory. mercurial: Buffer underflow in mpatch.c:mpatchapply CVE-2018-13347 mercurial: HTTP server permissions bypass CVE-2018-1000132 mercurial: Missing che...

EUVD-2018-0096

Malware in sbrugna...

SUSE CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

Mercurial mishandles integer addition and subtraction

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2019-2214)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.04 / MAIN 5.04 : mercurial Multiple Vulnerabilities (NS-SA-2019-0216)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mercurial packages installed that are affected by multiple vulnerabilities: - Mercurial version 4.5 and earlier contains a Incorrect Access Control CWE-285 vulnerability in Protocol server that can result in Unauthorized da...

openSUSE Security Update : mercurial (openSUSE-2019-541)

This update for mercurial fixes the following issues : Security issues fixed : - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...

SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2018:1998-1)

This update for mercurial fixes the following issues: Security issues fixed : - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...

openSUSE: Security Advisory for mercurial (openSUSE-SU-2018:2132-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for mercurial (moderate)

This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13346: Fix mpatchapply function in mpatch.c that incorrectly proceeds in cases where the fragment start is past the end of the original data bsc1100354. - CVE-2018-13347: Fix mpatch.c that mishandles integer...

Security update for mercurial (moderate)

This update for mercurial fixes the following issues: Security issues fixed: - CVE-2018-13348: Fix the mpatchdecode function in mpatch.c that mishandles certain situations where there should be at least 12 bytes remaining after thecurrent position in the patch data boo1100353. - CVE-2018-13347: F...

CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

DEBIAN-CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

Authentication flaw

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

PYSEC-2018-89

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002...

CVE-2018-13347

CVE-2018-13347 concerns Mercurial’s mpatch.c: before 4.6.1, the code path mishandles integer addition and subtraction. Mitigation in public docs points to upgrading Mercurial to 4.6.1 or later. Connected advisories in the provided documents corroborate the vulnerability and link patches in Mercur...

CVE-2018-13346

CVE-2018-13346 affects Mercurial’s mpatch_apply in mpatch.c: Mercurial before 4.6.1 incorrectly proceeds when the fragment start is past the end of the original data. This is evidenced in multiple advisories, e.g., Debian DLA-2293-1 and various OSS advisories, all linking this CVE to Mercurial ve...