Mercurial vulnerability? CVE-2010-4237

Dirkjan Ochtman dirkjan at
Thu Dec 9 02:44:34 CST 2010

Without wanting to be alarmist, there's a note in this week's LWN
about security issue in Mercurial, found by Novell.

This appears to have something to do with our lacking checks on SSL
certificates. I didn't find anything in the WhatsNew, so I wonder if
this was addressed already at some point?



More information about the Mercurial-devel mailing list