CVSROOT:        /cvs
Module name:    ports
Changes by: 2017/08/10 13:40:58

Modified files:
        devel/mercurial: Makefile distinfo 

Log message:
Update to mercurial 4.2.3.


Mercurial's symlink auditing was incomplete prior to 4.3, and could be abused
to write to files outside the repository.


Mercurial was not sanitizing hostnames passed to ssh, allowing shell injection
attacks by specifying a hostname starting with -oProxyCommand.

Reply via email to