Overview

File _patchinfo of Package patchinfo.5472

<patchinfo incident="5472">
  <issue id="1053344" tracker="bnc">VUL-0: CVE-2017-1000115: mercurial: path traversal via symlink</issue>
  <issue id="1052696" tracker="bnc">VUL-0: CVE-2017-1000116: mercurial: client-side code execution via argument injection in SSH URLs</issue>
  <issue id="2017-1000116" tracker="cve" />
  <issue id="2017-1000115" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>tiwai</packager>
  <description>This update for mercurial fixes the following issues:

  - CVE-2017-1000115: path traversal via symlink could lead to unauthorized access (bsc#1053344)
  - CVE-2017-1000116: argument injection in SSH URLs could lead to client-side code execution (bsc#1052696)

 </description>
  <summary>Security update for mercurial</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places