FS#49239 : [mercurial] CVE-2016-3105: arbitrary code execution in mercurial

FS#49239 - [mercurial] CVE-2016-3105: arbitrary code execution in mercurial < 3.8

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Friday, 06 May 2016, 21:28 GMT
Last edited by Antonio Rojas (arojas) - Friday, 06 May 2016, 21:33 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Hi,

A security issue leading to arbitrary code execution [1] has been fixed in mercurial 3.8 [2], and could be remotely exploited in some setups.
It would be nice if we could upgrade to 3.8.1 (released immediately after 3.8 to correct a release oversight).

Thanks!

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1332945
[2]: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29

This task depends upon

Closed by Antonio Rojas (arojas)
Friday, 06 May 2016, 21:33 GMT
Reason for closing: Fixed

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#49239 - [mercurial] CVE-2016-3105: arbitrary code execution in mercurial < 3.8

Details

Loading...