[slackware-security] mercurial (SSA:2017-223-03)

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 [slackware-security] mercurial (SSA:2017-223-03) New mercurial packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--+

[SECURITY] [DSA 3940-1] iortcw security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3940-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 13, 2017

[SECURITY] [DSA 3937-1] zabbix security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3937-1 secur...@debian.org https://www.debian.org/security/ Moritz Muehlenhoff August 12, 2017

CVE-2017-9802: Apache Sling XSS vulnerability

CVE-2017-9802: Apache Sling XSS vulnerability Severity: Important Vendor: The Apache Software Foundation Versions Affected: Apache Sling Servlets Post 2.3.20 Description: The Javascript method Sling.evalString() uses the javascript `eval` function to parse input strings, which allows for XSS

[CVE-2017-9767] Quali CloudShell (v7.1.0.6508 Patch 6) Multiple Stored Cross Site Scripting Vulnerability

# Vulnerability type: Multiple Stored Cross Site Scripting # Vendor: Quali # Product: CloudShell # Affected version: v7.1.0.6508 (Patch 6) # Patched version: v8 and up # Credit: Benjamin Lee # CVE ID: CVE-2017-9767 == # Overview Quali