openSUSE-SU-2016:1336-1

Опубликовано: 18 мая 2016

Источник: suse-cvrf

Описание

Security update for mercurial

This update for mercurial fixes the following issues:

Security issue fixed:

CVE-2016-3105: Fixed arbitrary code execution whenusing the convert extension on Git repo. (boo#978391)

mercurial-3.5.1-6.1

mercurial-lang-3.5.1-6.1

The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.

openSUSE Leap 42.1:mercurial-3.5.1-6.1

openSUSE Leap 42.1:mercurial-lang-3.5.1-6.1