Author: carnil Date: 2017-08-10 20:05:45 +0000 (Thu, 10 Aug 2017) New Revision: 54572
Modified: data/CVE/list Log: Add reported bugs for mercurial Modified: data/CVE/list =================================================================== --- data/CVE/list 2017-08-10 19:50:33 UTC (rev 54571) +++ data/CVE/list 2017-08-10 20:05:45 UTC (rev 54572) @@ -1,11 +1,11 @@ CVE-2017-1000117 - git 1:2.14.1-1 NOTE: https://public-inbox.org/git/xmqqh8xf482j....@gitster.mtv.corp.google.com/T/#u -CVE-2017-1000116 - - mercurial <unfixed> +CVE-2017-1000116 [command injection on clients through malicious ssh URLs] + - mercurial <unfixed> (bug #871710) NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29 -CVE-2017-1000115 - - mercurial <unfixed> +CVE-2017-1000115 [path traversal via symlink] + - mercurial <unfixed> (bug #871709) NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.282017-08-10.29 CVE-2017-12777 (Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via some ...) NOT-FOR-US: NexusPHP _______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits