Mercurial vulnerability? CVE-2010-4237

Dirkjan Ochtman dirkjan at ochtman.nl
Thu Dec 9 04:22:48 CST 2010


On Thu, Dec 9, 2010 at 11:03, timeless <timeless at gmail.com> wrote:
>> This appears to have something to do with our lacking checks on SSL
>> certificates. I didn't find anything in the WhatsNew, so I wonder if
>> this was addressed already at some point?
>
> That links to http://mercurial.selenic.com/bts/issue2407 which is resolved

So 1.7.2 is fine? That's good to hear...

Cheers,

Dirkjan


More information about the Mercurial-devel mailing list