Re: Mercurial: unauthorized access

[ Thread Index | Date Index ]


The good side of not being always up to date ...

Le samedi 19 juillet 2008 01:11:55 Christophe Lincoln, vous avez écrit :
> > Salut
>
> Hi,
>
> > Vulnerability Summary CVE-2008-2942
> > Directory traversal vulnerability in patch.py in Mercurial 1.0.1
>
> We are using 1.0 and are not affected.
>
> > allows user-assisted attackers to modify arbitrary files via
> > ".." (dot dot) sequences in a patch file.
> > http://checklists.nist.gov/nvd.cfm?cvename=CVE-2008-2942
> >
> > Unaffected versions, and resolution:
> > http://www.gentoo.org/security/en/glsa/glsa-200807-09.xml
> >
> > cooltaz
> > Powered by SliTaz
>
> - Christophe
>
> ---
> SliTaz GNU/Linux Mailing list.
> Web site : http://www.slitaz.org/



---
SliTaz GNU/Linux Mailing list.
Web site : http://www.slitaz.org/


Mail converted by MHonArc 2.6.18 http://listengine.tuxfamily.org/