Upstream information
Description
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 645293 [RESOLVED / FIXED]SUSE Security Advisories:
- openSUSE-SU-2010:1029-1
SUSE Timeline for this CVE
CVE page created: Fri Jun 28 07:41:51 2013CVE page last modified: Thu Dec 7 12:55:53 2023