Mercurial vulnerability? CVE-2010-4237

timeless timeless at
Thu Dec 9 04:03:46 CST 2010

On Thu, Dec 9, 2010 at 10:44 AM, Dirkjan Ochtman <dirkjan at> wrote:
> Without wanting to be alarmist, there's a note in this week's LWN
> about security issue in Mercurial, found by Novell.
> This appears to have something to do with our lacking checks on SSL
> certificates. I didn't find anything in the WhatsNew, so I wonder if
> this was addressed already at some point?

That links to which is resolved

More information about the Mercurial-devel mailing list