Updated package needed for mercurial 3.7.3 security update

Andy Moreton andrewjmoreton@gmail.com
Sat Apr 2 17:52:00 GMT 2016


The current package is for mercurial 3.5.1, but upstream have released
3.7.3 as a security release, with fixes for:

CVE-2016-3630 Mercurial: remote code execution in binary delta decoding
CVE-2016-3068 Mercurial: arbitrary code execution with Git subrepos
CVE-2016-3069 Mercurial: arbitrary code execution when converting Git repos

Release announcement is here:

Can the cygwin mercurial maintainer please issue an updated package.



Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

More information about the Cygwin mailing list