Security update for mercurial

SUSE Security Update: Security update for mercurial

Announcement ID:	SUSE-SU-2017:1606-1
Rating:	important
References:	#1043063
Affected Products:	SUSE Linux Enterprise Software Development Kit 12-SP2

An update that fixes one vulnerability is now available.

Description:

This update for mercurial fixes the following issues:

Security issue fixed:

- CVE-2017-9462: Fix the arbitrary code exec by remote users via "hg serve
--stdio" (bsc#1043063):

Patch Instructions:

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

SUSE Linux Enterprise Software Development Kit 12-SP2:
zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-981=1

To bring your system up-to-date, use "zypper patch".

Package List:

SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64):
- mercurial-2.8.2-14.1
- mercurial-debuginfo-2.8.2-14.1
- mercurial-debugsource-2.8.2-14.1

References:

https://www.suse.com/security/cve/CVE-2017-9462.html
https://bugzilla.suse.com/1043063

Security update for mercurial

Description:

Patch Instructions:

Package List:

References:

Business-Critical Linux

Enterprise Container Management

Edge

Soluciones

Industries

Ofertas de asistencia

Servicios globales de SUSE

Recursos de asistencia

Partners

Communities

Acerca de