Back to mercurial PTS page

Accepted mercurial 2.2.2-4+deb7u2 (source all amd64) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 01 Apr 2016 22:51:48 +0200
Source: mercurial
Binary: mercurial-common mercurial
Architecture: source all amd64
Version: 2.2.2-4+deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Python Applications Packaging Team <python-apps-team@lists.alioth.debian.org>
Changed-By: Julien Cristau <jcristau@debian.org>
Description: 
 mercurial  - easy-to-use, scalable distributed version control system
 mercurial-common - easy-to-use, scalable distributed version control system (common
Closes: 819504
Changes: 
 mercurial (2.2.2-4+deb7u2) wheezy-security; urgency=high
 .
   * CVE-2016-3630:
     + mpatch: rewrite pointer overflow checks (prerequisite for the following)
     + parsers: fix list sizing rounding error
     + parsers: detect short records
   * CVE-2016-3068:
     + subrepo: set GIT_ALLOW_PROTOCOL to limit git clone protocols
   * CVE-2016-3069:
     + convert: add new, non-clowny interface for shelling out to git
     + convert: rewrite calls to Git to use the new shelling mechanism
     + convert: dead code removal - old git calling functions
     + convert: rewrite gitpipe to use common.commandline
     + convert: test for shell injection in git calls
   Closes: #819504
Checksums-Sha1: 
 312521447cfbf886d168441b61df63c2202efd0b 2164 mercurial_2.2.2-4+deb7u2.dsc
 2454b00f21ac9676da89600b004bae0e294d5d7a 50657 mercurial_2.2.2-4+deb7u2.debian.tar.gz
 4713d1438c1f4ed810089ade7a8c662df0bbdf51 2324960 mercurial-common_2.2.2-4+deb7u2_all.deb
 15332c9fdb6439d7974c12cdb29d47b2d06617cd 93336 mercurial_2.2.2-4+deb7u2_amd64.deb
Checksums-Sha256: 
 7e7f259ce8b9690d5e7ff1b5d6c9fb8bdc32daef412f3bfa876a8d02782d8d39 2164 mercurial_2.2.2-4+deb7u2.dsc
 765a1c55b1f44ee21c22d3defa5499499199888145bb4d0ba724e83fd95235fb 50657 mercurial_2.2.2-4+deb7u2.debian.tar.gz
 4fc801b8c827d9ad7d2f2de6fe46fc3b4b85680eda6283544cc8208607390d10 2324960 mercurial-common_2.2.2-4+deb7u2_all.deb
 726874d1d91fd78e91e3a81faf58675292d4d64a51b24897816bec3622bdf5f8 93336 mercurial_2.2.2-4+deb7u2_amd64.deb
Files: 
 effd7642cb0a60494740790fb81ff436 2164 vcs optional mercurial_2.2.2-4+deb7u2.dsc
 06c072a5f1be9a71eb53fc82af782f1e 50657 vcs optional mercurial_2.2.2-4+deb7u2.debian.tar.gz
 4d5de4fb9280473937204150504ddaaa 2324960 vcs optional mercurial-common_2.2.2-4+deb7u2_all.deb
 1ce86af92568a418bddf9db911f01eed 93336 vcs optional mercurial_2.2.2-4+deb7u2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXAvE+AAoJEJ2wI1VW+M+tuGwQAIOumNfqB/jEqxvYY6cpdw1o
qIZoYp01CIcAptg+sSfGoYjFUUGtB6AJJiot3lEMm0BB/D+LfqpxewyyqIq/mwlR
tk9AIOfb/oaFP7QzOgKYBolqdYdWF0njXzV5xnGMOUjJh+9lE2dvgULnLVY/7Fa8
FfzMbO8YYvVYE9PDAERZoi+GTD65uzzNJCHo5GkXCWl58Z1hIi7HZux21nNw5XDX
3RI4RT8bCoj5bGEp7Be6R/PiuvUsWCF9f6+ShV2aDvFOSCZXW4iGETffN8EX4yr/
TXL5uG6NBi1FT9cajupLSr7s/A+RoBkyPc5fR1mJOu7nxVANJkU8Sg6btADBWqY2
qYEo2xSxF+QDdPh0DAlOWyHYm6leJRwhJH547POL0Obn7x6kftfqCzKv3AylvK1D
1FPuVdQsGF9Ut+ItNCg9FC0f2rypjIu6cvBnsXkzp2RVFcNwYD2o7CXEYWD0Ws2i
Nn6EYEFWXThMl9pxJLA/juRDV8aZkOGmKh414gKhRn5ZSjohdluaJcrrLrqVYQJk
093+t6cG80RpPB5U0+0MhXWuSAftJur++gdQyJ3U7vwqENoKVJpACWwa/PNo1tfx
uQ/SEaFNb61RzZrtJjxsmpjU10mm1ovBLvi8yZwfKbZY4/naAWRMXEn1+mjPPawh
4xVFpje1/6L7+gVkM2ZI
=Wn53
-----END PGP SIGNATURE-----