CVE-2014-9462

Publication date 31 March 2015

Last updated 24 July 2024


Ubuntu priority

The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.

Status

Package Ubuntu Release Status
mercurial 15.04 vivid
Fixed 3.1.2-2+deb8u1build0.15.04.2
14.10 utopic
Fixed 3.1.1-1ubuntu0.2
14.04 LTS trusty
Fixed 2.8.2-1ubuntu1.3
12.04 LTS precise
Fixed 2.0.2-1ubuntu1.2
10.04 LTS lucid Ignored end of life