Bug 453550 - (CVE-2008-2942) CVE-2008-2942 mercurial: insufficient input validationn allowing file renames out of repository
CVE-2008-2942 mercurial: insufficient input validationn allowing file renames...
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
http://nvd.nist.gov/nvd.cfm?cvename=C...
source=vendor-sec,reported=20080630,p...
: Security
Depends On: 464632
Blocks:
  Show dependency treegraph
 
Reported: 2008-07-01 05:50 EDT by Tomas Hoger
Modified: 2016-03-04 07:56 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-04-15 03:17:36 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2008-07-01 05:50:11 EDT
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-2942 to the following vulnerability:

Directory traversal vulnerability in patch.py in Mercurial 1.0.1
allows user-assisted attackers to modify arbitrary files via ".." (dot
dot) sequences in a patch file.

Upstream patch (+ test case):
http://www.selenic.com/hg/rev/87c704ac92d4

References:
http://www.openwall.com/lists/oss-security/2008/06/30/1
Comment 1 Tomas Hoger 2008-07-01 05:54:12 EDT
Test case from upstream commit:

echo % 'test paths outside repo root'
mkdir outside
touch outside/foo
hg init inside
cd inside
hg import - <<EOF
diff --git a/a b/b
rename from ../outside/foo
rename to bar
EOF
cd ..

This should affect all Fedora / EPEL versions.  Security implications are quite
minimal though (see also oss-security thread).
Comment 2 Dennis Gilmore 2009-03-19 15:38:40 EDT
mercurial-1.2-2.el4.1 and mercurial-1.2-2.el5.1  built and on the way to testing

Note You need to log in before you can comment on or make changes to this bug.