diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2017-08-10 20:26:14 +0000 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2017-08-10 20:26:14 +0000 |
commit | e3ed3b28941d43d26b4909493055d4412dc4dcda (patch) | |
tree | e6cb54fbdf198eede233d22b557e153068d06fb5 | |
parent | 5d4f2fc8e570fccf5d2413ce36af1487df7c5c38 (diff) |
Add set of commits for mercurial issue
I'm not sure if all yet belong to CVE-2017-1000116 but all are related
to sanitize mercurial around command injection via malicious ssh URLs.
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@54573 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index d2709459e0..4dc1d23779 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -4,6 +4,17 @@ CVE-2017-1000117 CVE-2017-1000116 [command injection on clients through malicious ssh URLs] - mercurial <unfixed> (bug #871710) NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/e10745311406 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/f93975a5ebe8 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/f9134e96ed0f + NOTE: https://www.mercurial-scm.org/repo/hg/rev/92b583e3e522 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/08cfc4baf3ba + NOTE: https://www.mercurial-scm.org/repo/hg/rev/55681baf4cf9 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/173ecccb9ee7 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/ca398a50ca00 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/00a75672a9cb + NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23 CVE-2017-1000115 [path traversal via symlink] - mercurial <unfixed> (bug #871709) NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29 |