Bug 221399

Summary: devel/mercurial: Update to 4.3.1
Product: Ports & Packages Reporter: Olivier Duchateau <duchateau.olivier>
Component: Individual Port(s)Assignee: Po-Chuan Hsieh <sunpoet>
Status: Closed FIXED    
Severity: Affects Only Me Keywords: patch-ready
Priority: --- Flags: bugzilla: maintainer-feedback? (python)
duchateau.olivier: merge-quarterly?
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
patch to update devel/mercurial
none
patch security/vuxml
none
patch to update devel/mercurial to 4.3.1 none

Description Olivier Duchateau 2017-08-10 20:39:05 UTC 
Created attachment 185243 [details]
patch to update devel/mercurial

- Update to 4.3 (4.2.3 is also available)
- Fix 2 vulnerabilities (CVE-2017-1000115 and CVE-2017-1000116)
Comment 1 Olivier Duchateau 2017-08-10 20:41:36 UTC 
Created attachment 185244 [details]
patch security/vuxml

Document 2 vulnerabilities discovered in Mercurial prior to 4.3
Comment 2 Olivier Duchateau 2017-08-11 02:28:28 UTC 
(In reply to Olivier Duchateau from comment #1)

It's wrong range, it should be 4.2.3.
Comment 3 Olivier Duchateau 2017-08-11 17:39:20 UTC 
Created attachment 185294 [details]
patch to update devel/mercurial to 4.3.1

4.3 does not contains security patches correctly.

Upgrade to 4.3.1
Comment 4 Po-Chuan Hsieh freebsd_committer freebsd_triage 2017-08-12 19:29:37 UTC 
Updated to 4.3.1 in r447854. Thanks!