Fedora alert FEDORA-2016-79604dde9f (mercurial)
| From: | updates@fedoraproject.org | |
| To: | package-announce@lists.fedoraproject.org | |
| Subject: | [SECURITY] Fedora 22 Update: mercurial-3.5.2-1.fc22 | |
| Date: | Thu, 7 Apr 2016 15:51:07 +0000 (UTC) | |
| Message-ID: | <20160407155107.CB9C960C37E7@bastion01.phx2.fedoraproject.org> |
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-79604dde9f 2016-04-07 12:06:06.791542 -------------------------------------------------------------------------------- Name : mercurial Product : Fedora 22 Version : 3.5.2 Release : 1.fc22 URL : http://www.selenic.com/mercurial/ Summary : Mercurial -- a distributed SCM Description : Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Quick start: http://www.selenic.com/mercurial/wiki/index.cgi/QuickStart Tutorial: http://www.selenic.com/mercurial/wiki/index.cgi/Tutorial Extensions: http://www.selenic.com/mercurial/wiki/index.cgi/CategoryE... -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2016-3630, CVE-2016-3068, CVE-2016-3069 and minor upgrade -------------------------------------------------------------------------------- References: [ 1 ] Bug #1322267 - CVE-2016-3069 mercurial: arbitrary code execution when converting Git repos https://bugzilla.redhat.com/show_bug.cgi?id=1322267 [ 2 ] Bug #1322266 - CVE-2016-3068 mercurial: arbitrary code execution with Git subrepos https://bugzilla.redhat.com/show_bug.cgi?id=1322266 [ 3 ] Bug #1322264 - CVE-2016-3630 mercurial: remote code execution in binary delta decoding https://bugzilla.redhat.com/show_bug.cgi?id=1322264 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update mercurial' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-...