[ubuntu/trusty-security] mercurial 2.8.2-1ubuntu1.4 (Accepted)
Eduardo dos Santos Barretto
eduardo.barretto at canonical.com
Thu Nov 22 21:09:23 UTC 2018
mercurial (2.8.2-1ubuntu1.4) trusty-security; urgency=medium
* SECURITY UPDATE: Remote attackers can execute arbitrary code via a
crafted git ext:: URL when cloning a subrepository.
- debian/patches/CVE-2016-3068.patch: set GIT_ALLOW_PROTOCOL to limit
git clone protocols.
- CVE-2016-3068
* SECURITY UPDATE: Remote attackers can execute arbitrary code via a crafted
name when converting a Git repository.
- debian/patches/CVE-2016-3069_part1.patch: add new, non-clowny interface
for shelling out to git.
- debian/patches/CVE-2016-3069_part2.patch: rewrite calls to Git to use
the new shelling mechanism.
- debian/patches/CVE-2016-3069_part3.patch: dead code removal - old git
calling functions
- debian/patches/CVE-2016-3069_part4.patch: test for shell injection in
git calls
- CVE-2016-3069
* SECURITY UPDATE: The convert extension might allow attackers to
execute arbitrary code via a crafted git repository name.
- debian/patches/CVE-2016-3105.patch: Pass absolute paths to git.
- CVE-2016-3105
* SECURITY UPDATE: Remote attackers can execute arbitrary code via a clone,
push or pull command because of a list sizing rounding error and short
records.
- debian/patches/CVE-2016-3630_part1.patch: fix list sizing rounding
error.
- debian/patches/CVE-2016-3630_part2.patch: detect short records
- CVE-2016-3630
* SECURITY UPDATE: hg server --stdio allows remote authenticated users
to launch the Python debugger and execute arbitrary code.
- debian/patches/CVE-2017-9462.patch: Protect against malicious hg
serve --stdio invocations.
- CVE-2017-9462
* SECURITY UPDATE: A specially malformed repository can cause GIT
subrepositories to run arbitrary code.
- debian/patches/CVE-2017-17458_part1.patch: add test-audit-subrepo.t
testcase.
- debian/patches/CVE-2017-17458_part2.patch: disallow symlink
traversal across subrepo mount point.
- CVE-2017-17458
* SECURITY UPDATE: Missing symlink check could be abused to write to files
outside the repository.
- debian/patches/CVE-2017-1000115.patch: Fix symlink traversal.
- CVE-2017-1000115
* SECURITY UPDATE: Possible shell-injection attack from not adequately
sanitizing hostnames passed to ssh.
- debian/patches/CVE-2017-1000116.patch: Sanitize hostnames passed to ssh.
- CVE-2017-1000116
* SECURITY UPDATE: Integer underflow and overflow.
- debian/patches/CVE-2018-13347.patch: Protect against underflow.
- debian/patches/CVE-2018-13347-extras.patch: Protect against overflow.
- CVE-2018-13347
* SECURITY UPDATE: Able to start fragment past of the end of original data.
- debian/patches/CVE-2018-13346.patch: Ensure fragment start is not past
then end of orig.
- CVE-2018-13346
* SECURITY UPDATE: Data mishandling in certain situations.
- debian/patches/CVE-2018-13348.patch: Be more careful about parsing
binary patch data.
- CVE-2018-13348
* SECURITY UPDATE: Vulnerability in Protocol server can result in
unauthorized data access.
- debian/patches/CVE-2018-1000132.patch: Always perform permissions
checks on protocol commands.
- CVE-2018-1000132
Date: 2018-11-22 18:19:46.418758+00:00
Changed-By: Eduardo dos Santos Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/mercurial/2.8.2-1ubuntu1.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list