Red Hat Bugzilla – Bug 1594090
CVE-2018-13346 mercurial: Missing check for fragment start position in mpatch.c:mpatch_apply()
Last modified: 2018-09-30 18:13:32 EDT
Mercurial before version 4.6.1 has a missing check for fragment start position in mpatch.c:mpatch_apply() Upstream Changelog: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29 Upstream Patch: https://www.mercurial-scm.org/repo/hg/rev/faa924469635
This is related to CVE-2018-13347: this issue is reading past the end of input where the other writes before the output buffer. In mercurial 2.6.2, it is present in the apply() function.
Created mercurial tracking bugs for this issue: Affects: fedora-all [bug 1594088]