Wind River Support Network

HomeDefectsLIN9-6547

Fixed

LIN9-6547 : Security Advisory - mercurial - CVE-2018-1000132

Created: Mar 15, 2018 Updated: Dec 3, 2018

Resolved Date: Jul 24, 2018

Found In Version: 9.0.0.14

Fix Version: 9.0.0.17

Severity: Standard

Applicable for: Wind River Linux 9

Component/s: Userspace

Description

Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.

https://nvd.nist.gov/vuln/detail/CVE-2018-1000132

Other Downloads

Wind River Linux 9.0.0.17
Wind River Linux 9.0.0.18
Wind River Linux 9.0.0.19
Wind River Linux 9.0.0.20
Wind River Linux 9.0.0.21
Wind River Linux 9.0.0.22
Wind River Linux 9.0.0.23
Wind River Linux 9.0.0.24
Wind River Linux 9.0.0.25
Wind River Linux 9.0.0.26

CVEs

CVE-2018-1000132