Ubuntu
mercurial package

Change log for mercurial package in Ubuntu

175 of 186 results FirstPreviousLast
Published in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
mercurial (6.7.2-1ubuntu2) noble; urgency=medium

  * Add some tests to the blacklist, failing on the buildds:
    - test-profile.t test, HTTP server timeout.
    - test-clone-stream.t,
      mercurial/worker.py:207: DeprecationWarning: This process (pid=36904)
      is multi-threaded, use of fork() may lead to deadlocks in the child.
    - test-http-bad-server.t
      s390x: OSError: [Errno 107] Transport endpoint is not connected.

 -- Matthias Klose <email address hidden>  Wed, 17 Apr 2024 12:54:14 +0200
Superseded in noble-proposed 
mercurial (6.7.2-1ubuntu1) noble; urgency=medium

  * Blacklist the test-profile.t test, failing on the buildds.

 -- Matthias Klose <email address hidden>  Wed, 17 Apr 2024 10:03:34 +0200
Superseded in noble-proposed 
mercurial (6.7.2-1) unstable; urgency=medium

  * New upstream bugfix release.

 -- Julien Cristau <email address hidden>  Sun, 31 Mar 2024 15:25:51 +0200

Available diffs

Superseded in noble-proposed 
mercurial (6.6.3-1) unstable; urgency=medium

  * New upstream bugfix release
    - histedit-ncurses.patch: remove, applied upstream

 -- Julien Cristau <email address hidden>  Tue, 27 Feb 2024 15:03:16 +0100

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
mercurial (6.6.1-2) unstable; urgency=medium

  * histedit: remove superfluous echo() and endwin() calls.  Fixes
    incompatibility with ncurses patch level 20231111, see #1058041.
    Thanks, Sven Joachim!

 -- Julien Cristau <email address hidden>  Tue, 12 Dec 2023 13:28:02 +0100

Available diffs

Superseded in noble-proposed 
mercurial (6.6.1-1) unstable; urgency=medium

  * New upstream bugfix release.
  * Mark test-copies-chain-merge as slow, so it's skipped.

 -- Julien Cristau <email address hidden>  Mon, 11 Dec 2023 14:23:00 +0100

Available diffs

Superseded in noble-proposed 
mercurial (6.6-1) unstable; urgency=medium

  * New upstream release.

 -- Julien Cristau <email address hidden>  Tue, 05 Dec 2023 15:17:28 +0100

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
mercurial (6.5.3-1) unstable; urgency=medium

  * New upstream bugfix release.
  * Delete mercurial.egg-info/ on clean.
  * Pass DEB_PYTHON_INSTALL_LAYOUT to make install to work around
    distutils/setuptools being a mess.

 -- Julien Cristau <email address hidden>  Thu, 16 Nov 2023 17:57:14 +0100
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble) 
mercurial (6.5.2-2ubuntu3) noble; urgency=medium

  * Build-depend on python3-zombie-imp
  * Fix install changes in python3

 -- Gianfranco Costamagna <email address hidden>  Tue, 07 Nov 2023 11:23:54 +0100
Superseded in noble-proposed 
mercurial (6.5.2-2ubuntu2) noble; urgency=medium

  * Build-depend on python3-zombie-imp
  * Fix install changes in python3

 -- Gianfranco Costamagna <email address hidden>  Tue, 07 Nov 2023 11:23:54 +0100

Available diffs

Superseded in noble-proposed 
mercurial (6.5.2-2ubuntu1) noble; urgency=medium

  * Build-depend on python3-zombie-imp
  * Fix install changes in python3

 -- Gianfranco Costamagna <email address hidden>  Tue, 07 Nov 2023 11:23:54 +0100

Available diffs

Superseded in noble-proposed 
mercurial (6.5.2-2build1) noble; urgency=medium

  * No-change rebuild with Python 3.12 as supported version

 -- Graham Inggs <email address hidden>  Tue, 31 Oct 2023 17:08:57 +0000
Superseded in noble-proposed 
mercurial (6.5.2-2) unstable; urgency=medium

  * Fix test-clone-stream.t failure causing FTBFS on big endian

 -- Julien Cristau <email address hidden>  Wed, 27 Sep 2023 10:27:49 +0200
Superseded in noble-release
Published in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
mercurial (6.4.4-2) unstable; urgency=medium

  * Team upload
  * Remove retired uploader

  [ Julien Cristau ]
  * Skip test-convert-darcs.t and test-convert-svn-branches.t.
  * Re-enable test-http-bad-server.t (upstream bug was fixed)

 -- Bastian Germann <email address hidden>  Thu, 13 Jul 2023 14:29:24 +0200

Available diffs

Superseded in mantic-release
Deleted in mantic-proposed (Reason: Moved to mantic) 
mercurial (6.4.4-1) unstable; urgency=medium

  * New upstream release
    - chg-environ.patch: dropped, fixed upstream

 -- Julien Cristau <email address hidden>  Fri, 16 Jun 2023 15:14:31 +0200

Available diffs

Superseded in mantic-release
Published in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
mercurial (6.3.2-1) sid; urgency=medium

  * New upstream bugfix release.
  * from_upstream_stable.patch: pull in upstream changes up to changeset 812a9fbf4380
  * cgitb.patch: stop importing cgitb to avoid deprecation warnings
  * Skip test-remotefilelog-gc.t.
  * This fixes compatibility with python 3.11 (closes: #1028815)
  * Bump test timeout to 1800 because riscv64 is apparently even slower than
    mips (closes: #1024867).

 -- Julien Cristau <email address hidden>  Mon, 20 Feb 2023 18:44:46 +0100

Available diffs

Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
mercurial (6.3.1-2) sid; urgency=medium

  * Fix FTBFS on 32-bit (closes: #1025621)

 -- Julien Cristau <email address hidden>  Wed, 07 Dec 2022 13:59:55 +0100

Available diffs

Superseded in lunar-proposed 
mercurial (6.3.1-1) sid; urgency=medium

  * New upstream release
    - add python3-packaging to build-deps and autopkgtest dependencies for
      run-tests, replacing
      py310/2_run_tests__silence_distutils_deprecation_warning.patch
  * test-hghave-testrepo.patch: new patch, to make test-hghave.t pass outside a
    hg repo.

 -- Julien Cristau <email address hidden>  Tue, 06 Dec 2022 11:57:31 +0100

Available diffs

Superseded in lunar-proposed 
mercurial (6.2.2-1build1) lunar; urgency=medium

  * No-change rebuild with Python 3.11 as supported

 -- Graham Inggs <email address hidden>  Wed, 02 Nov 2022 10:27:53 +0000
Superseded in lunar-release
Deleted in lunar-proposed (Reason: Moved to lunar) 
mercurial (6.2.3-1) sid; urgency=medium

  * New upstream bugfix release.

 -- Julien Cristau <email address hidden>  Fri, 07 Oct 2022 14:26:54 +0200
Superseded in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
mercurial (6.2.2-1) sid; urgency=medium

  * New upstream bugfix release
    - fixed fsmonitor extension (closes: #1014817)

 -- Julien Cristau <email address hidden>  Fri, 02 Sep 2022 14:08:12 +0200

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
mercurial (6.2-1) sid; urgency=medium

  * New upstream release
    - Update patch stack

 -- Julien Cristau <email address hidden>  Mon, 11 Jul 2022 15:19:13 +0200

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
mercurial (6.1.3-1) sid; urgency=medium

  * Blocklist test-convert-cvs-synthetic.t.
  * New upstream bugfix release.

 -- Julien Cristau <email address hidden>  Tue, 07 Jun 2022 20:53:46 +0200

Available diffs

Superseded in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic) 
mercurial (6.1.2-1) sid; urgency=medium

  * Add zsh_completion to debian/copyright (closes: #1004341)
  * New upstream bugfix release
  * Fix test failures with openssl 3 (closes: #1011076)

 -- Julien Cristau <email address hidden>  Mon, 23 May 2022 12:21:07 +0200
Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
mercurial (6.1.1-1ubuntu1) jammy; urgency=medium

  * Skip test-https.t again since it tries to
    test TLS 1.0/1.1 which are disabled in Ubuntu

 -- Graham Inggs <email address hidden>  Tue, 12 Apr 2022 19:05:02 +0000
Superseded in jammy-proposed 
mercurial (6.1.1-1) sid; urgency=medium

  * New upstream bugfix release.
  * Fix test failures with python 3.10 (closes: #1008747).

 -- Julien Cristau <email address hidden>  Mon, 11 Apr 2022 14:08:09 +0200

Available diffs

Superseded in jammy-proposed 
mercurial (6.1-4) sid; urgency=medium

  * Upload to unstable.

 -- Julien Cristau <email address hidden>  Thu, 24 Mar 2022 20:39:34 +0100

Available diffs

Superseded in jammy-proposed 
mercurial (6.0.2-1build1) jammy; urgency=medium

  * No-change rebuild with Python 3.10 only

 -- Graham Inggs <email address hidden>  Thu, 17 Mar 2022 19:29:35 +0000
Superseded in jammy-proposed 
mercurial (6.0.2-1) unstable; urgency=medium

  * Blocklist test-git-interop.t since we don't ship the corresponding
    extension.
  * New upstream bugfix release.

 -- Julien Cristau <email address hidden>  Thu, 03 Feb 2022 11:01:46 +0100

Available diffs

Superseded in jammy-proposed 
mercurial (6.0.1-3) unstable; urgency=medium

  * Use upstream's Makefile to build/install chg and man pages.

 -- Julien Cristau <email address hidden>  Thu, 13 Jan 2022 16:23:32 +0100

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
mercurial (6.0.1-1) unstable; urgency=medium

  * Add Raphaël Gomès' key to the known set.
  * New upstream release.
    + deb_specific__test_zstd_s390x.patch: dropped, merged upstream
  * Upload to unstable.

 -- Julien Cristau <email address hidden>  Thu, 06 Jan 2022 10:16:00 +0100

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
mercurial (6.0-1) experimental; urgency=medium

  * New upstream release

 -- Julien Cristau <email address hidden>  Tue, 23 Nov 2021 20:37:36 +0100

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
mercurial (5.9.3-1) unstable; urgency=medium

  * New upstream release.
    + proposed_upstream__revlog_s390x_part[12].patch: dropped, merged upstream
    + deb_specific__test_zstd_s390x.patch: updated

 -- Julien Cristau <email address hidden>  Thu, 28 Oct 2021 22:22:46 +0200
Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy) 
mercurial (5.6.1-4build1) jammy; urgency=medium

  * No-change rebuild to add python3.10.

 -- Matthias Klose <email address hidden>  Sat, 16 Oct 2021 06:57:04 +0000
Published in bionic-updates
Published in bionic-security 
mercurial (4.5.3-1ubuntu2.2) bionic-security; urgency=medium

  * SECURITY UPDATE: OOB reads
    - debian/patches/CVE-2018-17983.patch: fix OOB read of corrupted manifest
      entry in mercurial/cext/manifest.c.
    - CVE-2018-17983
  * SECURITY UPDATE: Write to arbitrary files outside a repository by using
    symlinks in subrepositories
    - debian/patches/CVE-2019-3902-pre.patch: subrepo: extend path auditing test
      to include more weird patterns (SEC)
    - debian/patches/CVE-2019-3902-1.patch: subrepo: prohibit variable
      expansion on creation of hg subrepo (SEC)
    - debian/patches/CVE-2019-3902-3.patch: subrepo: reject potentially unsafe
      subrepo paths (BC) (SEC)
    - CVE-2019-3902

 -- Leonidas Da Silva Barbosa <email address hidden>  Fri, 01 Oct 2021 11:32:41 -0300
Superseded in jammy-proposed 
mercurial (5.9-3) unstable; urgency=medium

  * Further adjust tests for endianness-related variations.
  * Silence yet another test warning about `which`.

 -- Julien Cristau <email address hidden>  Wed, 25 Aug 2021 19:54:04 +0200
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
mercurial (5.6.1-4) unstable; urgency=medium

  * Revert -mno-lra workaround on mips64el, #871514 was fixed. Fixes
    occasional FTBFS on mips64el.

 -- Stefano Rivera <email address hidden>  Sun, 23 May 2021 08:37:06 -0400

Available diffs

Superseded in impish-release
Deleted in impish-proposed (Reason: Moved to impish) 
mercurial (5.6.1-3) unstable; urgency=medium

  * Team upload.

  [ Helmut Grohne ]
  * Annotate test dependencies <!nocheck> (closes: #980337).

  [ Stefano Rivera ]
  * python-3.9.2.patch: Use "&" instead of ";" as query string separator
    in test-archive.t to fix FTBFS with Python 3.9.2, which changed its
    urllib.parse.parse_qsl() behavior to only accept "&" as a separator by
    default. (closes: #986514)

 -- Stefano Rivera <email address hidden>  Fri, 21 May 2021 12:06:47 -0400
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
mercurial (5.6.1-2ubuntu1) hirsute; urgency=medium

  * d/p/python-3.9.2.patch: Use "&" instead of ";" as query string separator
    in test-archive.t to fix FTBFS with Python 3.9.2, which changed its
    urllib.parse.parse_qsl() behavior to only accept "&" as a separator by
    default.

 -- Logan Rosen <email address hidden>  Tue, 02 Mar 2021 23:00:41 -0500
Superseded in hirsute-proposed 
mercurial (5.6.1-2) unstable; urgency=medium

  * tests: make test-subrepo-git.t compatible with git's master->main
    rename (closes: #980576).

 -- Julien Cristau <email address hidden>  Mon, 01 Feb 2021 17:47:09 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
mercurial (5.6.1-1ubuntu2) hirsute; urgency=medium

  * Use master, not main, as the default branch name for consistency with
    existing output.

 -- Steve Langasek <email address hidden>  Sun, 31 Jan 2021 15:14:40 -0800
Superseded in hirsute-proposed 
mercurial (5.6.1-1ubuntu1) hirsute; urgency=medium

  * debian/patches/git-2.30.0-test-compat.patch: make test cases
    compatible with git 2.30.0.  Closes: #980576.

 -- Steve Langasek <email address hidden>  Sat, 30 Jan 2021 17:04:28 -0800
Superseded in hirsute-proposed 
mercurial (5.6.1-1) unstable; urgency=medium

  * New upstream release.
  * Update Uploaders: remove vicho and vdanjean, add jcristau.  With
    thanks for their past contributions!

 -- Julien Cristau <email address hidden>  Fri, 08 Jan 2021 17:16:53 +0100
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
mercurial (5.5.2-1build1) hirsute; urgency=medium

  * No-change rebuild to drop python3.8 extensions.

 -- Matthias Klose <email address hidden>  Mon, 07 Dec 2020 18:40:55 +0100
Superseded in hirsute-proposed 
mercurial (5.5.1-1build1) hirsute; urgency=medium

  * No-change rebuild to build with python3.9 as supported.

 -- Matthias Klose <email address hidden>  Sat, 24 Oct 2020 10:53:07 +0200
Superseded in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release) 
mercurial (5.5.2-1) unstable; urgency=medium

  [ Ondřej Nový ]
  * d/control: Update Maintainer field with new Debian Python Team
    contact address.
  * d/control: Update Vcs-* fields with new Debian Python Team Salsa
    layout.

  [ Julien Cristau ]
  * New upstream bugfix release

 -- Julien Cristau <email address hidden>  Wed, 14 Oct 2020 14:45:55 +0200
Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
mercurial (5.5.1-1) unstable; urgency=medium

  * Team upload.
  * New upstream bugfix release.

 -- Julien Cristau <email address hidden>  Wed, 02 Sep 2020 10:26:16 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
mercurial (5.5-2) unstable; urgency=medium

  * (Hopefully) fix flakiness in test-stdio.py.

 -- Tristan Seligmann <email address hidden>  Mon, 17 Aug 2020 10:33:16 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
mercurial (5.4.1-2ubuntu1) groovy; urgency=medium

  * Merge with Debian unstable (LP: #1873682), remaining change:
    - Blacklist for test-wireproto-exchangev2-shallow.t for occasional
      failures.
  * Comment out black in autopkgtest dependencies, to disable check-format
    test. The source code does not exist where that test expects it to be.
    Black was commented out in the previous uploads, but wrongly uncommented
    as part of the Python 3 switch.

 -- Dmitry Shachnev <email address hidden>  Mon, 20 Jul 2020 20:07:00 +0300
Superseded in groovy-proposed 
mercurial (5.4.1-1+exp1ubuntu1) groovy; urgency=medium

  * Blacklist for test-wireproto-exchangev2-shallow.t for occasional
    failures.

 -- Dimitri John Ledkov <email address hidden>  Fri, 10 Jul 2020 02:05:50 +0100
Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
mercurial (5.4.1-1ubuntu2) groovy; urgency=medium

  * Blacklist for test-wireproto-exchangev2-shallow.t for occasional failures.

 -- Brian Murray <email address hidden>  Wed, 01 Jul 2020 11:14:26 -0700

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
mercurial (5.4.1-1ubuntu1) groovy; urgency=low

  * Merge with Debian; remaining changes:
    - Explictly call python2 instead of python

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release) 
mercurial (5.4-1ubuntu1) groovy; urgency=medium

  * Merge with Debian; remaining changes:
    - Explictly call python2 instead of python
Superseded in groovy-proposed 
mercurial (5.4-1) unstable; urgency=medium

  * Team upload.

  [ Philippe Pepiot ]
  * Ship the chg binary (closes: #926384).  chg can be used as an
    alternative "hg" command, it spawns a mercurial server and uses a
    lightweight client written in C.

  [ Julien Cristau ]
  * Add Pulkit Goyal's key (EB851395B4223EE2F7BA0B28DA54740BF08732BA) to
    the keyring for upstream tarball signatures.
  * New upstream release.
  * Fix test-doctest.py now assuming it's being run from a hg repo.
  * autopkgtests: explicitly run the testsuite with python2.

 -- Julien Cristau <email address hidden>  Thu, 21 May 2020 12:35:06 +0200
Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
mercurial (5.3.1-1ubuntu1) focal; urgency=medium

  * Merge with Debian; remaining changes:
    - Explictly call python2 instead of python

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
mercurial (5.2.2-1ubuntu4) focal; urgency=medium

  * No-change rebuild with fixed binutils on arm64.

 -- Matthias Klose <email address hidden>  Mon, 10 Feb 2020 08:23:15 +0100

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
mercurial (5.2.2-1ubuntu3) focal; urgency=medium

  * Use python2 in te autopkg testsuite.

 -- Matthias Klose <email address hidden>  Tue, 14 Jan 2020 11:32:47 +0100

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
mercurial (5.2.2-1ubuntu2) focal; urgency=medium

  * Explictly call python2 instead of python

 -- Gianfranco Costamagna <email address hidden>  Fri, 10 Jan 2020 09:14:48 +0100
Superseded in focal-proposed 
mercurial (5.2.2-1ubuntu1) focal; urgency=medium

  * Explictly call python2 instead of python

 -- Gianfranco Costamagna <email address hidden>  Fri, 10 Jan 2020 09:14:48 +0100
Superseded in focal-proposed 
mercurial (5.2.2-1) unstable; urgency=medium

  * Team upload.
  * New upstream release
  * Remove test-remotefilelog-bgprefetch.t from the blacklist, it's
    hopefully more reliable now.

 -- Julien Cristau <email address hidden>  Thu, 09 Jan 2020 16:06:17 +0100

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
mercurial (4.8.2-1ubuntu5) focal; urgency=medium

  * No-change rebuild to generate dependencies on python2.

 -- Matthias Klose <email address hidden>  Tue, 17 Dec 2019 12:36:31 +0000

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release) 
mercurial (5.2.1-1) unstable; urgency=medium

  * New upstream bugfix release.
  * for_upstream__dont_rm_usr_bin_python_when_running_testsuite.patch: drop,
    obsolete since 2014.
  * autopkgtest: add clang-format dependency, list other optional dependencies
    that are currently disabled.
  * Replace deb_specific__use_sensible-editor.patch with a config snippet that
    sets default values for ui.editor and pager.pager.
  * Bump hgsubversion Breaks.

 -- Julien Cristau <email address hidden>  Fri, 06 Dec 2019 15:47:38 +0100
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to release) 
mercurial (4.8.2-1ubuntu4) eoan; urgency=medium

  * SECURITY UPDATE: Write to arbitrary files outside a repository by using
    symlinks in subrepositories
    - debian/patches/CVE-2019-3902-1.patch: subrepo: extend path auditing test
      to include more weird patterns (SEC)
    - debian/patches/CVE-2019-3902-2.patch: subrepo: prohibit variable
      expansion on creation of hg subrepo (SEC)
    - debian/patches/CVE-2019-3902-3.patch: subrepo: reject potentially unsafe
      subrepo paths (BC) (SEC)
    - CVE-2019-3902

 -- Mike Salvatore <email address hidden>  Tue, 30 Jul 2019 15:42:49 -0400

Available diffs

Obsolete in disco-updates
Obsolete in disco-security 
mercurial (4.8.2-1ubuntu3.19.04.1) disco-security; urgency=medium

  * SECURITY UPDATE: Write to arbitrary files outside a repository by using
    symlinks in subrepositories
    - debian/patches/CVE-2019-3902-1.patch: subrepo: extend path auditing test
      to include more weird patterns (SEC)
    - debian/patches/CVE-2019-3902-2.patch: subrepo: prohibit variable
      expansion on creation of hg subrepo (SEC)
    - debian/patches/CVE-2019-3902-3.patch: subrepo: reject potentially unsafe
      subrepo paths (BC) (SEC)
    - CVE-2019-3902

 -- Mike Salvatore <email address hidden>  Tue, 30 Jul 2019 15:42:49 -0400
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release) 
mercurial (4.8.2-1ubuntu3) disco; urgency=medium

  * Drop test dependency on monotone (Closes: #919924)

 -- Graham Inggs <email address hidden>  Tue, 05 Mar 2019 06:33:36 +0000
Deleted in disco-proposed (Reason: Breaking hg-git reverse-dependency) 
mercurial (4.9-2ubuntu1) disco; urgency=medium

  * Merge with Debian; remaining changes:

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release) 
mercurial (4.8.2-1ubuntu2) disco; urgency=medium

  * Use --jobs 4 in autopkgtest to speed it up
  * Fix Breaks to mercurial-git (<< 0.8.12-1~) as intended in the previous
    upload. Thanks to Graham Inggs.

 -- Balint Reczey <email address hidden>  Wed, 16 Jan 2019 15:42:22 +0700
Superseded in disco-proposed 
mercurial (4.8.2-1ubuntu1) disco; urgency=medium

  * Blacklist tests failing on Ubuntu LXC autopkgtest runners
  * Bump versioned Breaks on mercurial-git (<< 0.8.12-1~)

 -- Graham Inggs <email address hidden>  Fri, 11 Jan 2019 16:51:02 +0000
Superseded in disco-proposed 
mercurial (4.8.2-1) unstable; urgency=medium

  * Team upload.
  * New upstream bugfix release.
  * Drop proposed_upstream__test-http-bad-server.patch, merged upstream.

 -- Julien Cristau <email address hidden>  Tue, 08 Jan 2019 12:28:46 +0100

Available diffs

Superseded in disco-proposed 
mercurial (4.8.1-3) unstable; urgency=medium

  * Add less to debian/test/control as well to fix test-logtoprocess.t
    (closes: #918558).  Thanks, Graham Inggs!

 -- Julien Cristau <email address hidden>  Mon, 07 Jan 2019 13:51:50 +0100
Published in xenial-updates
Published in xenial-security 
mercurial (3.7.3-1ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Refresh CVE-2018-13347-extras.patch as it was
    missing part of the fix. Also updated CVE-2018-13346.patch and
    CVE-2018-13348.patch to correctly reflect the correct lines.

 -- Eduardo Barretto <email address hidden>  Tue, 27 Nov 2018 11:54:57 -0200
Superseded in bionic-updates
Superseded in bionic-security 
mercurial (4.5.3-1ubuntu2.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Integer underflow and overflow.
    - debian/patches/CVE-2018-13347.patch: Protect against underflow.
    - debian/patches/CVE-2018-13347-extras.patch: Protect against overflow.
    - CVE-2018-13347
  * SECURITY UPDATE: Able to start fragment past of the end of original data.
    - debian/patches/CVE-2018-13346.patch: Ensure fragment start is not past
      then end of orig.
    - CVE-2018-13346
  * SECURITY UPDATE: Data mishandling in certain situations.
    - debian/patches/CVE-2018-13348.patch: Be more careful about parsing
      binary patch data.
    - CVE-2018-13348

 -- Eduardo Barretto <email address hidden>  Mon, 26 Nov 2018 17:38:17 -0200
Published in trusty-updates
Published in trusty-security 
mercurial (2.8.2-1ubuntu1.4) trusty-security; urgency=medium

  * SECURITY UPDATE: Remote attackers can execute arbitrary code via a
    crafted git ext:: URL when cloning a subrepository.
    - debian/patches/CVE-2016-3068.patch: set GIT_ALLOW_PROTOCOL to limit
      git clone protocols.
    - CVE-2016-3068
  * SECURITY UPDATE: Remote attackers can execute arbitrary code via a crafted
    name when converting a Git repository.
    - debian/patches/CVE-2016-3069_part1.patch: add new, non-clowny interface
      for shelling out to git.
    - debian/patches/CVE-2016-3069_part2.patch: rewrite calls to Git to use
      the new shelling mechanism.
    - debian/patches/CVE-2016-3069_part3.patch: dead code removal - old git
      calling functions
    - debian/patches/CVE-2016-3069_part4.patch: test for shell injection in
      git calls
    - CVE-2016-3069
  * SECURITY UPDATE: The convert extension might allow attackers to
    execute arbitrary code via a crafted git repository name.
    - debian/patches/CVE-2016-3105.patch: Pass absolute paths to git.
    - CVE-2016-3105
  * SECURITY UPDATE: Remote attackers can execute arbitrary code via a clone,
    push or pull command because of a list sizing rounding error and short
    records.
    - debian/patches/CVE-2016-3630_part1.patch: fix list sizing rounding
      error.
    - debian/patches/CVE-2016-3630_part2.patch: detect short records
    - CVE-2016-3630
  * SECURITY UPDATE: hg server --stdio allows remote authenticated users
    to launch the Python debugger and execute arbitrary code.
    - debian/patches/CVE-2017-9462.patch: Protect against malicious hg
      serve --stdio invocations.
    - CVE-2017-9462
  * SECURITY UPDATE: A specially malformed repository can cause GIT
    subrepositories to run arbitrary code.
    - debian/patches/CVE-2017-17458_part1.patch: add test-audit-subrepo.t
      testcase.
    - debian/patches/CVE-2017-17458_part2.patch: disallow symlink
      traversal across subrepo mount point.
    - CVE-2017-17458
  * SECURITY UPDATE: Missing symlink check could be abused to write to files
    outside the repository.
    - debian/patches/CVE-2017-1000115.patch: Fix symlink traversal.
    - CVE-2017-1000115
  * SECURITY UPDATE: Possible shell-injection attack from not adequately
    sanitizing hostnames passed to ssh.
    - debian/patches/CVE-2017-1000116.patch: Sanitize hostnames passed to ssh.
    - CVE-2017-1000116
  * SECURITY UPDATE: Integer underflow and overflow.
    - debian/patches/CVE-2018-13347.patch: Protect against underflow.
    - debian/patches/CVE-2018-13347-extras.patch: Protect against overflow.
    - CVE-2018-13347
  * SECURITY UPDATE: Able to start fragment past of the end of original data.
    - debian/patches/CVE-2018-13346.patch: Ensure fragment start is not past
      then end of orig.
    - CVE-2018-13346
  * SECURITY UPDATE: Data mishandling in certain situations.
    - debian/patches/CVE-2018-13348.patch: Be more careful about parsing
      binary patch data.
    - CVE-2018-13348
  * SECURITY UPDATE: Vulnerability in Protocol server can result in
    unauthorized data access.
    - debian/patches/CVE-2018-1000132.patch: Always perform permissions
      checks on protocol commands.
    - CVE-2018-1000132

 -- Eduardo Barretto <email address hidden>  Fri, 16 Nov 2018 16:16:59 -0200
Superseded in xenial-updates
Superseded in xenial-security 
mercurial (3.7.3-1ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: The convert extension might allow attackers to
    execute arbitrary code via a crafted git repository name.
    - debian/patches/CVE-2016-3105.patch: Pass absolute paths to git.
    - CVE-2016-3105
  * SECURITY UPDATE: hg server --stdio allows remote authenticated users
    to launch the Python debugger and execute arbitrary code.
    - debian/patches/CVE-2017-9462.patch: Protect against malicious hg
      serve --stdio invocations.
    - CVE-2017-9462
  * SECURITY UPDATE: A specially malformed repository can cause GIT
    subrepositories to run arbitrary code.
    - debian/patches/CVE-2017-17458_part1.patch: add test-audit-subrepo.t
      testcase.
    - debian/patches/CVE-2017-17458_part2.patch: disallow symlink
      traversal across subrepo mount point.
    - CVE-2017-17458
  * SECURITY UPDATE: Missing symlink check could be abused to write to files
    outside the repository.
    - debian/patches/CVE-2017-1000115.patch: Fix symlink traversal.
    - CVE-2017-1000115
  * SECURITY UPDATE: Possible shell-injection attack from not adequately
    sanitizing hostnames passed to ssh.
    - debian/patches/CVE-2017-1000116.patch: Sanitize hostnames passed to ssh.
    - CVE-2017-1000116
  * SECURITY UPDATE: Integer underflow and overflow.
    - debian/patches/CVE-2018-13347.patch: Protect against underflow.
    - debian/patches/CVE-2018-13347-extras.patch: Protect against overflow.
    - CVE-2018-13347
  * SECURITY UPDATE: Able to start fragment past of the end of original data.
    - debian/patches/CVE-2018-13346.patch: Ensure fragment start is not past
      then end of orig.
    - CVE-2018-13346
  * SECURITY UPDATE: Data mishandling in certain situations.
    - debian/patches/CVE-2018-13348.patch: Be more careful about parsing
      binary patch data.
    - CVE-2018-13348
  * SECURITY UPDATE: Vulnerability in Protocol server can result in
    unauthorized data access.
    - debian/patches/CVE-2018-1000132.patch: Always perform permissions
      checks on protocol commands.
    - CVE-2018-1000132

 -- Eduardo Barretto <email address hidden>  Tue, 13 Nov 2018 16:10:13 -0200
Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release) 
mercurial (4.6.1-1ubuntu1) cosmic; urgency=medium

  * Merge with Debian; remaining changes:
    - Mark the test-convert-bzr-merges.t as failing (timeout arm64 autopkg
      test).
    - Mark the test-http-bad-server.t as failing (Ubuntu ppc64el autopkg test).
175 of 186 results FirstPreviousLast