Mercurial vulnerability? CVE-2010-4237
dirkjan at ochtman.nl
Thu Dec 9 02:44:34 CST 2010
Without wanting to be alarmist, there's a note in this week's LWN
about security issue in Mercurial, found by Novell.
This appears to have something to do with our lacking checks on SSL
certificates. I didn't find anything in the WhatsNew, so I wonder if
this was addressed already at some point?
More information about the Mercurial-devel