Files
@ ba444b73e01a
Branch filter:
Location: kallithea/docs/changelog.rst - annotation
ba444b73e01a
200 B
text/prs.fallenstein.rst
hg: make protocol access control more explicit
Enumerate all currently known commands, and default to require 'push' access
for all unknown commands.
This change mitigates some privilege escalation problems like CVE-2018-1000132
which was fixed in Mercurial 4.5.1 and currently is described on
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29 .
Enumerate all currently known commands, and default to require 'push' access
for all unknown commands.
This change mitigates some privilege escalation problems like CVE-2018-1000132
which was fixed in Mercurial 4.5.1 and currently is described on
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29 .