FS#49239 - [mercurial] CVE-2016-3105: arbitrary code execution in mercurial < 3.8

Attached to Project: Arch Linux
Opened by Remi Gacogne (rgacogne) - Friday, 06 May 2016, 21:28 GMT
Last edited by Antonio Rojas (arojas) - Friday, 06 May 2016, 21:33 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To No-one
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Hi,

A security issue leading to arbitrary code execution [1] has been fixed in mercurial 3.8 [2], and could be remotely exploited in some setups.
It would be nice if we could upgrade to 3.8.1 (released immediately after 3.8 to correct a release oversight).

Thanks!

[1]: https://bugzilla.redhat.com/show_bug.cgi?id=1332945
[2]: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29
This task depends upon

Closed by  Antonio Rojas (arojas)
Friday, 06 May 2016, 21:33 GMT
Reason for closing:  Fixed

Loading...