Wind River Support Network

HomeDefectsLIN7-3469

Fixed

LIN7-3469 : Security Advisory - mercurial - CVE-2014-9462

Created: Apr 17, 2015 Updated: Sep 8, 2018

Resolved Date: Jun 3, 2015

Found In Version: 7.0.0.3

Fix Version: 7.0.0.7

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. 

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9462

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2014-9462