oss-sec mailing list archives
Re: CVE Request (mercurial)
From: Robert Buchholz <rbu () gentoo org>
Date: Mon, 29 Sep 2008 16:56:59 +0200
On Monday 29 September 2008, Ludwig Nussel wrote:
Josh Bressers wrote:Looks like there's one more flaw in Mercurial we missed: http://www.selenic.com/mercurial/wiki/index.cgi/WhatsNew#head-905b8 adb3420a77d92617e06590055bd8952e02b * hgweb: fix "allowpull" permission being ignored when pulling from hgwebDid anyone assign a CVE number for this issue yet? cu Ludwig
Yes, only recently: CVE-2008-4297 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-4297): Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request. Robert
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE Request (mercurial) Josh Bressers (Sep 17)
- Re: CVE Request (mercurial) Ludwig Nussel (Sep 29)
- Re: CVE Request (mercurial) Robert Buchholz (Sep 29)
- Re: CVE Request (mercurial) Christian Hoffmann (Sep 29)
- Re: CVE Request (mercurial) Ludwig Nussel (Sep 29)