[arch-security] [ASA-201605-10] mercurial: arbitrary code execution
Arch Linux Security Advisory ASA-201605-10 ========================================== Severity: Critical Date : 2016-05-06 CVE-ID : CVE-2016-3105 Package : mercurial Type : arbitrary code execution Remote : Yes Link : https://wiki.archlinux.org/index.php/CVE Summary ======= The package mercurial before version 3.8.1-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 3.8.1-1. # pacman -Syu "mercurial>=3.8.1-1" The problem has been fixed upstream in version 3.8. Workaround ========== None. Description =========== Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This is a further side-effect of Git CVE-2015-7545. Reported and fixed by Blake Burkhart. Impact ====== A remote attacker can execute arbitrary code on the affected host by having a local user convert a crafted git repository. References ========== https://bugs.archlinux.org/task/49239 https://selenic.com/hg/rev/a56296f55a5e https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-... https://access.redhat.com/security/cve/CVE-2016-3105
participants (1)
-
Remi Gacogne