~ubuntu-branches/ubuntu/precise/mercurial/precise-security

Viewing all changes in revision 45.

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers, Jamie Strandboge, Marc Deslauriers
  • Date: 2015-06-17 13:27:17 UTC
  • Revision ID: package-import@ubuntu.com-20150617132717-jnkpv615dwh5bzox
Tags: 2.0.2-1ubuntu1.2
[ Jamie Strandboge ]
* SECURITY UPDATE: fix for improperly handling case-insensitive paths on
  Windows and OS X clients
  - http://selenic.com/repo/hg-stable/rev/885bd7c5c7e3
  - http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e
  - http://selenic.com/repo/hg-stable/rev/6dad422ecc5a
  - CVE-2014-9390
  - LP: #1404035

[ Marc Deslauriers ]
* SECURITY UPDATE: arbitrary command exection via crafted repository
  name in a clone command
  - d/p/from_upstream__sshpeer_more_thorough_shell_quoting.patch: add
    more thorough shell quoting to mercurial/sshrepo.py.
  - CVE-2014-9462

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: