mercurial 4.8.2-1ubuntu3.19.04.1 source package in Ubuntu

Changelog

mercurial (4.8.2-1ubuntu3.19.04.1) disco-security; urgency=medium

  * SECURITY UPDATE: Write to arbitrary files outside a repository by using
    symlinks in subrepositories
    - debian/patches/CVE-2019-3902-1.patch: subrepo: extend path auditing test
      to include more weird patterns (SEC)
    - debian/patches/CVE-2019-3902-2.patch: subrepo: prohibit variable
      expansion on creation of hg subrepo (SEC)
    - debian/patches/CVE-2019-3902-3.patch: subrepo: reject potentially unsafe
      subrepo paths (BC) (SEC)
    - CVE-2019-3902

 -- Mike Salvatore <email address hidden>  Tue, 30 Jul 2019 15:42:49 -0400

Upload details

Uploaded by:
Mike Salvatore on 2019-08-05
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
vcs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Disco updates on 2019-08-06 universe devel
Disco security on 2019-08-06 universe devel

Downloads

File Size SHA-256 Checksum
mercurial_4.8.2.orig.tar.gz 6.6 MiB 6c202cb9cf05e63b86477ebf84d6475eb10b4022ac2cd3a7481fb36d9c45fdb2
mercurial_4.8.2.orig.tar.gz.asc 833 bytes ceaf75242740acfd06a96aae53d8a40f3b3f3c4a7119bb53224d0bf6efa65254
mercurial_4.8.2-1ubuntu3.19.04.1.debian.tar.xz 64.7 KiB 0def6e25cb60fe7a18bd6c21cbd0925e5da5758cc7226426607ac4e21e34f043
mercurial_4.8.2-1ubuntu3.19.04.1.dsc 2.7 KiB bf1ea01a14b6a727683e2fcdee22b20cd11aec9f10bba7b1e9562f61774e0c5f

View changes file

Binary packages built by this source

mercurial: easy-to-use, scalable distributed version control system

 Mercurial is a fast, lightweight Source Control Management system designed
 for efficient handling of very large distributed projects.
 .
 Its features include:
  * O(1) delta-compressed file storage and retrieval scheme
  * Complete cross-indexing of files and changesets for efficient exploration
    of project history
  * Robust SHA1-based integrity checking and append-only storage model
  * Decentralized development model with arbitrary merging between trees
  * High-speed HTTP-based network merge protocol
  * Easy-to-use command-line interface
  * Integrated stand-alone web interface
  * Small Python codebase
 .
 This package contains the architecture dependent files.

mercurial-common: easy-to-use, scalable distributed version control system (common files)

 Mercurial is a fast, lightweight Source Control Management system designed
 for efficient handling of very large distributed projects.
 .
 This package contains the architecture independent components of Mercurial,
 and is generally useless without the mercurial package.

mercurial-dbgsym: debug symbols for mercurial