Re: Mercurial: unauthorized access |
[ Thread Index |
Date Index
| More lists.tuxfamily.org/slitaz Archives
]
- To: slitaz@xxxxxxxxxxxxxxxxxxx
- Subject: Re: Mercurial: unauthorized access
- From: Julien Rabier <julien.rabier@xxxxxxxxx>
- Date: Sat, 19 Jul 2008 01:14:29 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:references:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:message-id; bh=9JelzBmLbmvAQzENqDrLFxnYP5ybOW07e2ajVjAJxLQ=; b=YUVk3BEh+pbO1X7vS7q54OdIk6cKvRudapwx53uWiflWxXkCtU2KTjVSHm6HAIuA1Z f+p1jrj9YFYOOzA4eTtJlDhy88HFdn9cYH85TZPl9ydv3zmhclxa1k0Gh3gYiDb48VIt z/aoT8Q3Eolgmm0EU3K4F/No/sppdwQxW/ptc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :message-id; b=VyiYFte4bC0Ayk3BYG8YFpmSoM0F5J8+xjZEASgcS0x0nJIKdqJ/8YAap8W0EIJcSw pAtuKmn1wsFRX36/XUFmrlUbORvQkEwtj8Xa5VgCr1yuzPNtj312t6XFD9SiNbsNvVqD EiYYSU/aJnr/LPJSqqNGaQ5Syg82EZuGXe9ok=
The good side of not being always up to date ...
Le samedi 19 juillet 2008 01:11:55 Christophe Lincoln, vous avez écrit :
> > Salut
>
> Hi,
>
> > Vulnerability Summary CVE-2008-2942
> > Directory traversal vulnerability in patch.py in Mercurial 1.0.1
>
> We are using 1.0 and are not affected.
>
> > allows user-assisted attackers to modify arbitrary files via
> > ".." (dot dot) sequences in a patch file.
> > http://checklists.nist.gov/nvd.cfm?cvename=CVE-2008-2942
> >
> > Unaffected versions, and resolution:
> > http://www.gentoo.org/security/en/glsa/glsa-200807-09.xml
> >
> > cooltaz
> > Powered by SliTaz
>
> - Christophe
>
> ---
> SliTaz GNU/Linux Mailing list.
> Web site : http://www.slitaz.org/
---
SliTaz GNU/Linux Mailing list.
Web site : http://www.slitaz.org/