mercurial-2.6.2-6.el7
エラータID: AXSA:2016-223:01
Release date:
Monday, May 2, 2016 - 20:41
Subject:
mercurial-2.6.2-6.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
High
Description:
Mercurial is a fast, lightweight source control management system designed
for efficient handling of very large distributed projects.
Quick start: http://www.selenic.com/mercurial/wiki/index.cgi/QuickStart
Tutorial: http://www.selenic.com/mercurial/wiki/index.cgi/Tutorial
Extensions: http://www.selenic.com/mercurial/wiki/index.cgi/CategoryExtension
Security issues fixed with this release:
CVE-2016-3068
Mercurial before 3.7.3 allows remote attackers to execute arbitrary
code via a crafted git ext:: URL when cloning a subrepository.
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary
code via a crafted name when converting a Git repository.
Solution:
Update packages.
CVEs:
CVE-2016-3068
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
CVE-2016-3069
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
Additional Info:
N/A
Download:
SRPMS
- mercurial-2.6.2-6.el7.src.rpm
MD5: 1a0941bb18c8f1a13f042a8bfe77d3d3
SHA-256: da4d52a87d1fcfb6f4cdf433513d7f80b4036b2fc65dfe91ad837028dd2addc4
Size: 3.59 MB
Asianux Server 7 for x86_64
- mercurial-2.6.2-6.el7.x86_64.rpm
MD5: 2640c384c606f9f18c2e06e9c80a398b
SHA-256: 55fa6599a893642d06ebfccae865a788502d3873b7a4f3085bf43594ba889b0b
Size: 2.60 MB