Mercurial vulnerability? CVE-2010-4237
Dirkjan Ochtman
dirkjan at ochtman.nl
Thu Dec 9 02:44:34 CST 2010
Without wanting to be alarmist, there's a note in this week's LWN
about security issue in Mercurial, found by Novell.
https://bugzilla.novell.com/show_bug.cgi?id=645293
This appears to have something to do with our lacking checks on SSL
certificates. I didn't find anything in the WhatsNew, so I wonder if
this was addressed already at some point?
Cheers,
Dirkjan
More information about the Mercurial-devel
mailing list