Re: Mercurial: unauthorized access

[ Thread Index | Date Index | More lists.tuxfamily.org/slitaz Archives ]

To: slitaz@xxxxxxxxxxxxxxxxxxx
Subject: Re: Mercurial: unauthorized access
From: Christophe Lincoln <pankso@xxxxxxxxxx>
Date: Sat, 19 Jul 2008 01:11:55 +0200
Organization: SliTaz

> Salut

Hi,

> Vulnerability Summary CVE-2008-2942
> Directory traversal vulnerability in patch.py in Mercurial 1.0.1

We are using 1.0 and are not affected.

> allows user-assisted attackers to modify arbitrary files via
> ".." (dot dot) sequences in a patch file.
> http://checklists.nist.gov/nvd.cfm?cvename=CVE-2008-2942
> 
> Unaffected versions, and resolution:
> http://www.gentoo.org/security/en/glsa/glsa-200807-09.xml
> 
> cooltaz
> Powered by SliTaz

- Christophe

---
SliTaz GNU/Linux Mailing list.
Web site : http://www.slitaz.org/

Follow-Ups:
- Re: Mercurial: unauthorized access
  - From: Julien Rabier

References:
- Mercurial: unauthorized access
  - From: cooltaz

Messages sorted by: [ date | thread ]
Prev by Date: Mercurial: unauthorized access
Next by Date: Re: Mercurial: unauthorized access
Previous by thread: Mercurial: unauthorized access
Next by thread: Re: Mercurial: unauthorized access

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/