Deploy Mercurial 3.2.3

RESOLVED FIXED

Status

Product:
Developer Services
Component:
Mercurial: hg.mozilla.org
Status:
RESOLVED FIXED
Reported:
4 years ago
Modified:
4 years ago

People

(Reporter: gps, Unassigned)

Tracking

Details
(Reporter)

Description

4 years ago 
A Git/Mercurial security vulnerability was released today. Issue deals with path normalization and character folding.

It isn't clear that deploying 3.2.3 to the server will prevent malicious pushes. But having 3.2.3 on the server is still a good idea, to prevent us from client-side exposure to the issue.
(Reporter)

Comment 1

4 years ago 
hg.mozilla.org is now running 3.2.3.

That was easy.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.