[ubuntu/trusty-security] mercurial 2.8.2-1ubuntu1.3 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jun 17 20:25:28 UTC 2015

Previous message: [ubuntu/trusty-proposed] qemu 2.0.0+dfsg-2ubuntu1.14 (Accepted)
Next message: [ubuntu/trusty-updates] mercurial 2.8.2-1ubuntu1.3 (Accepted)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

mercurial (2.8.2-1ubuntu1.3) trusty-security; urgency=medium

  [ Jamie Strandboge ]
  * SECURITY UPDATE: fix for improperly handling case-insensitive paths on
    Windows and OS X clients
    - http://selenic.com/repo/hg-stable/rev/885bd7c5c7e3
    - http://selenic.com/repo/hg-stable/rev/c02a05cc6f5e
    - http://selenic.com/repo/hg-stable/rev/6dad422ecc5a
    - CVE-2014-9390
    - LP: #1404035

  [ Marc Deslauriers ]
  * SECURITY UPDATE: arbitrary command exection via crafted repository
    name in a clone command
    - d/p/from_upstream__sshpeer_more_thorough_shell_quoting.patch: add
      more thorough shell quoting to mercurial/sshpeer.py.
    - CVE-2014-9462
  * debian/patches/fix_ftbfs_patchbomb_test.patch: fix patchbomb test.

Date: 2015-06-17 19:31:17.859667+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/mercurial/2.8.2-1ubuntu1.3
-------------- next part --------------
Sorry, changesfile not available.

Previous message: [ubuntu/trusty-proposed] qemu 2.0.0+dfsg-2ubuntu1.14 (Accepted)
Next message: [ubuntu/trusty-updates] mercurial 2.8.2-1ubuntu1.3 (Accepted)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Trusty-changes mailing list