Mercurial: unauthorized access

[ Thread Index | Date Index | More lists.tuxfamily.org/slitaz Archives ]


Salut

Vulnerability Summary CVE-2008-2942
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows
user-assisted attackers to modify arbitrary files via ".." (dot dot)
sequences in a patch file.
http://checklists.nist.gov/nvd.cfm?cvename=CVE-2008-2942

Unaffected versions, and resolution:
http://www.gentoo.org/security/en/glsa/glsa-200807-09.xml

cooltaz
Powered by SliTaz
-- 
http://www.fastmail.fm


---
SliTaz GNU/Linux Mailing list.
Web site : http://www.slitaz.org/


Mail converted by MHonArc 2.6.19+ http://listengine.tuxfamily.org/