Source: mercurial Version: 3.1.2-1 Severity: grave Tags: security upstream Hi,
the following vulnerability was published for mercurial. CVE-2018-1000132[0]: | Mercurial version 4.5 and earlier contains a Incorrect Access Control | (CWE-285) vulnerability in Protocol server that can result in | Unauthorized data access. This attack appear to be exploitable via | network connectivity. This vulnerability appears to have been fixed in | 4.5.1. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2018-1000132 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000132 [1] https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29 Regards, Salvatore