ELSA-2017-2489

Опубликовано: 17 авг. 2017

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2017-2489: mercurial security update (IMPORTANT)

[2.6.2-8]

Fix CVE-2017-1000115 and CVE-2017-1000116

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

emacs-mercurial

2.6.2-8.el7_4

emacs-mercurial-el

2.6.2-8.el7_4

mercurial

2.6.2-8.el7_4

mercurial-hgk

2.6.2-8.el7_4

Oracle Linux x86_64

emacs-mercurial

2.6.2-8.el7_4

emacs-mercurial-el

2.6.2-8.el7_4

mercurial

2.6.2-8.el7_4

mercurial-hgk

2.6.2-8.el7_4

Связанные CVE

CVE-2017-1000116

CVE-2017-1000115

Ссылки на источники

Связанные уязвимости

SUSE-SU-2017:2251-1

suse-cvrf

около 8 лет назад

Security update for mercurial

SUSE-SU-2017:2250-1

suse-cvrf

около 8 лет назад

Security update for mercurial

CVE-2017-1000115

CVSS3: 7.5

ubuntu

около 8 лет назад

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

CVE-2017-1000115

CVSS3: 5.4

redhat

больше 8 лет назад

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

CVE-2017-1000115

CVSS3: 7.5

nvd

около 8 лет назад

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository