Описание
Security update for mercurial
This update for mercurial fixes the following issues:
Security issue fixed:
- CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos (bsc#1133035).
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP5
mercurial-2.8.2-15.18.4
Ссылки
- Link for SUSE-SU-2020:3003-1
- E-Mail link for SUSE-SU-2020:3003-1
- SUSE Security Ratings
- SUSE Bug 1133035
- SUSE CVE CVE-2019-3902 page
Описание
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP5:mercurial-2.8.2-15.18.4
Ссылки
- CVE-2019-3902
- SUSE Bug 1133035