Author: carnil
Date: 2017-08-10 20:26:14 +0000 (Thu, 10 Aug 2017)
New Revision: 54573

Modified:
   data/CVE/list
Log:
Add set of commits for mercurial issue

I'm not sure if all yet belong to CVE-2017-1000116 but all are related
to sanitize mercurial around command injection via malicious ssh URLs.

Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-08-10 20:05:45 UTC (rev 54572)
+++ data/CVE/list       2017-08-10 20:26:14 UTC (rev 54573)
@@ -4,6 +4,17 @@
 CVE-2017-1000116 [command injection on clients through malicious ssh URLs]
        - mercurial <unfixed> (bug #871710)
        NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/53224b1ffbc2
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/e10745311406
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/f93975a5ebe8
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/f9134e96ed0f
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/92b583e3e522
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/08cfc4baf3ba
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/55681baf4cf9
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/173ecccb9ee7
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/ca398a50ca00
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/00a75672a9cb
+       NOTE: https://www.mercurial-scm.org/repo/hg/rev/943c91326b23
 CVE-2017-1000115 [path traversal via symlink]
        - mercurial <unfixed> (bug #871709)
        NOTE: 
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

Reply via email to