Описание
Security update for mercurial
This update for mercurial fixes the following issues:
- Fix HTTP server permissions bypass (CVE-2018-1000132, bsc#1085211):
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP3
mercurial-2.8.2-15.10.1
Ссылки
- Link for SUSE-SU-2018:0933-1
- E-Mail link for SUSE-SU-2018:0933-1
- SUSE Security Ratings
- SUSE Bug 1085211
- SUSE CVE CVE-2018-1000132 page
Описание
Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP3:mercurial-2.8.2-15.10.1
Ссылки
- CVE-2018-1000132
- SUSE Bug 1085211