mercurial-2.6.2-7.el7
エラータID: AXEA:2017-1725:01
Release date:
Thursday, June 29, 2017 - 14:49
Subject:
mercurial-2.6.2-7.el7
Affected Channels:
Asianux Server 7 for x86_64
Severity:
N/A
Solution:
Update packages.
CVEs:
CVE-2017-9462
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
Additional Info:
N/A
Download:
SRPMS
- mercurial-2.6.2-7.el7.src.rpm
MD5: f88f789e28dae68dd2387977450d6dd9
SHA-256: 209b0adef04f161f85f463ccdb7c2ae37b3bcbc6b915a064df471db2aeab1807
Size: 3.59 MB
Asianux Server 7 for x86_64
- mercurial-2.6.2-7.el7.x86_64.rpm
MD5: 16b891a39ed49984bc1f10c29f393c1a
SHA-256: 41aa7778974d0310b54e29ea76d83fa693d6343f50dea637b906c07519d6ae71
Size: 2.60 MB