Mercurial: Directory traversal — GLSA 200807-09

A directory traversal vulnerability in Mercurial allows for the renaming of arbitrary files.

Affected Packages

dev-util/mercurial on all architectures
Affected versions < 1.0.1-r2
Unaffected versions >= 1.0.1-r2

Background

Mercurial is a distributed Source Control Management system.

Description

Jakub Wilk discovered a directory traversal vulnerabilty in the applydiff() function in the mercurial/patch.py file.

Impact

A remote attacker could entice a user to import a specially crafted patch, possibly resulting in the renaming of arbitrary files, even outside the repository.

Workaround

There is no known workaround at this time.

Resolution

All Mercurial users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=dev-util/mercurial-1.0.1-r2"

References

Release Date
July 15, 2008

Latest Revision
July 15, 2008: 01

Severity
normal

Exploitable
remote

Bugzilla entries