Mercurial vulnerability? CVE-2010-4237

Dirkjan Ochtman dirkjan at ochtman.nl
Thu Dec 9 02:44:34 CST 2010

Previous message: [PATCH] hook: assume relative path to hook is given from repo root
Next message: Mercurial vulnerability? CVE-2010-4237
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Without wanting to be alarmist, there's a note in this week's LWN
about security issue in Mercurial, found by Novell.

https://bugzilla.novell.com/show_bug.cgi?id=645293

This appears to have something to do with our lacking checks on SSL
certificates. I didn't find anything in the WhatsNew, so I wonder if
this was addressed already at some point?

Cheers,

Dirkjan

Previous message: [PATCH] hook: assume relative path to hook is given from repo root
Next message: Mercurial vulnerability? CVE-2010-4237
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Mercurial-devel mailing list