Untriaged
Mercurial before 1.6.4 fails to verify the Common Name field …
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
References
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4237 x_refsource_CONFIRM
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598841 x_refsource_MISC
- https://bz.mercurial-scm.org/show_bug.cgi?id=2407 x_refsource_CONFIRM
- https://security-tracker.debian.org/tracker/CVE-2010-4237 x_refsource_MISC
- https://security-tracker.debian.org/tracker/CVE-2010-4237 x_transferred x_refsource_MISC
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4237 x_transferred x_refsource_CONFIRM
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598841 x_transferred x_refsource_MISC
- https://bz.mercurial-scm.org/show_bug.cgi?id=2407 x_transferred x_refsource_CONFIRM
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4237 x_refsource_CONFIRM
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598841 x_refsource_MISC
- https://bz.mercurial-scm.org/show_bug.cgi?id=2407 x_refsource_CONFIRM
- https://security-tracker.debian.org/tracker/CVE-2010-4237 x_refsource_MISC
- https://security-tracker.debian.org/tracker/CVE-2010-4237 x_transferred x_refsource_MISC
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4237 x_transferred x_refsource_CONFIRM
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=598841 x_transferred x_refsource_MISC
- https://bz.mercurial-scm.org/show_bug.cgi?id=2407 x_transferred x_refsource_CONFIRM
Affected products
mercurial
- ==1.6.4
Matching in nixpkgs
pkgs.mercurial
Fast, lightweight SCM system for very large distributed projects
pkgs.mercurialFull
Fast, lightweight SCM system for very large distributed projects
pkgs.python312Packages.mercurial
Fast, lightweight SCM system for very large distributed projects
pkgs.python313Packages.mercurial
Fast, lightweight SCM system for very large distributed projects
pkgs.python314Packages.mercurial
Fast, lightweight SCM system for very large distributed projects
Package maintainers
-
@techknowlogick techknowlogick <techknowlogick@gitea.com>
-
@lukegb Luke Granger-Brown <nix@lukegb.com>
-
@pacien euxane <r9uhdi.nixpkgs@euxane.eu>