[ubuntu/utopic-security] mercurial 3.1.1-1ubuntu0.2 (Accepted)

Marc Deslauriers Wed, 17 Jun 2015 13:26:38 -0700

mercurial (3.1.1-1ubuntu0.2) utopic-security; urgency=medium

  [ Jamie Strandboge ]
  * SECURITY UPDATE: fix for improperly handling case-insensitive paths on
    Windows and OS X clients
    - http://selenic.com/repo/hg-stable/rev/885bd7c5c7e3
    - http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e
    - http://selenic.com/repo/hg-stable/rev/6dad422ecc5a
    - CVE-2014-9390
    - LP: #1404035


  [ Marc Deslauriers ]
  * SECURITY UPDATE: arbitrary command exection via crafted repository
    name in a clone command
    - d/p/from_upstream__sshpeer_more_thorough_shell_quoting.patch: add
      more thorough shell quoting to mercurial/sshpeer.py.
    - CVE-2014-9462

Date: 2015-06-17 17:49:13.737398+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/mercurial/3.1.1-1ubuntu0.2

Sorry, changesfile not available.

-- 
Utopic-changes mailing list
Utopic-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.canonical.com/mailman/listinfo/utopic-changes

[ubuntu/utopic-security] mercurial 3.1.1-1ubuntu0.2 (Accepted)

Reply via email to