Mercurial > kallithea
diff .hgtags @ 7397:3ee4ac068369 stable
hg: explicit handling of the 'batch' protocol command - consider it a "push" command if any of the batch commands are
This change mitigates some privilege escalation problems like CVE-2018-1000132
which was fixed in Mercurial 4.5.1 and currently is described on
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29 .
author | Mads Kiilerich <mads@kiilerich.com> |
---|---|
date | Sun, 21 Oct 2018 15:18:43 +0200 |
parents | 42788d5f5967 |
children | d85ce8c88f0d |