Author: anarcat Date: 2017-08-28 15:36:09 +0000 (Mon, 28 Aug 2017) New Revision: 55158
Modified: data/CVE/list Log: add possible fixes for mercurial path transversal Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-28 15:26:00 UTC (rev 55157) +++ data/CVE/list 2017-08-28 15:36:09 UTC (rev 55158) @@ -2651,6 +2651,8 @@ - mercurial 4.3.1-1 (bug #871709) NOTE: SUSE has patches for 2.3, 2.8, 3.8 and 4.2: https://www.suse.com/security/cve/CVE-2017-1000116/ NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29 + NOTE: https://www.mercurial-scm.org/repo/hg/rev/47ea28293d30 (test) + NOTE: https://www.mercurial-scm.org/repo/hg/rev/377e8ddaebef (fix) CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...) NOT-FOR-US: NexusPHP CVE-2017-12776 (SQL injection vulnerability in reports.php in NexusPHP 1.5 allows ...) _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits