-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 20 Mar 2025 13:56:44 +0100 Source: mercurial Binary: mercurial mercurial-dbgsym Architecture: amd64 Version: 6.3.2-1+deb12u1 Distribution: bookworm-security Urgency: high Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) Changed-By: Julien Cristau Description: mercurial - easy-to-use, scalable distributed version control system Closes: 1100899 Changes: mercurial (6.3.2-1+deb12u1) bookworm-security; urgency=high . * CVE-2025-2361: reflected XSS in hgweb (closes: #1100899) * patchbomb: don't test ambiguous address (fixes FTBFS after python's fix for CVE-2023-27043). Checksums-Sha1: effd31f88da6b74022ef8a3bf40083e5a19bf3cf 1703828 mercurial-dbgsym_6.3.2-1+deb12u1_amd64.deb c424b2a5c6fc1009e860093f8f24d40077a4712b 7447 mercurial_6.3.2-1+deb12u1_amd64-buildd.buildinfo 7a6e4d640226848a1a10d39b73dc7ced0a8b9836 335176 mercurial_6.3.2-1+deb12u1_amd64.deb Checksums-Sha256: 5cb12d6798a96ddf8f24bbd2c0f644625091531903055d3fbeb08fb9fa506173 1703828 mercurial-dbgsym_6.3.2-1+deb12u1_amd64.deb 7e0141c878f2a9a9870c3d67e4aa6693aa9b6b836a382ef5a582e78de9c6536f 7447 mercurial_6.3.2-1+deb12u1_amd64-buildd.buildinfo d2cbdb636a3650d8f8a9326e8a32b2b76e2cafcd69e237ec4ba8e4ea9816fe9e 335176 mercurial_6.3.2-1+deb12u1_amd64.deb Files: ba7092988f26023493165ce832630e3c 1703828 debug optional mercurial-dbgsym_6.3.2-1+deb12u1_amd64.deb 5ac4b4163bfabef36954898f2bba6eaa 7447 vcs optional mercurial_6.3.2-1+deb12u1_amd64-buildd.buildinfo 019b76d7c8e8fd5cd6df5d03b44a160a 335176 vcs optional mercurial_6.3.2-1+deb12u1_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEnw0rdzqckKx6dwRTEbCLukZn24oFAmfcSRkACgkQEbCLukZn 24o2dw/+IWlxrQBJC4b1vQYkAVgfiaWzUuSO2aAkXVzdwSdJeewyHauG7QfxVWy9 ttexgXaY0AeEwYMtqP5rMb0s4mn1bAgHf1XefBimwS7mIqK8OqfVKgYFzBU0UdgB dSvjNBi4ts+LII54yhMHnCMgnt2Jf0D7rw2NOLGIsrXv2EPzo+skyraS99c4QxE3 y+fjoOIbx9WODNxDy7XhKce2vGd43fZhsSlPeEfXfd4ue0kEx6WmPGF+DHIxJick 76V3pnSnemTzjjy3hOx3mVLwoU++FChkijWxTZI6lKoc1LcOWFGIN+2gD4Mtk1ye Okx19NM+lZm+/N/Vt46yo/do1iiHZDqIdTklbAdZZVRPdswLbny+DUGlR5/UUrui nb7DjPpgLFZpYFtAJJduqYOYJdmcLxWGVSBiW5TP319H8bkb4VYVOxHIA432JNUM yrJSO38wjGKH/NoH0GVKQVhIuHUZc55kQC942wm8hYjvLXHpOmiIjOsUJPezcRQU Z4sfJR/8kET7bcu/e2nxCPq6HDOzhFxCdYAQhSg1HB5YD3SQVmNxcIaK7nt/XIXr t6lAlTcfD/CgZYsOCZqtElg9uASJwSK/+4eaVIsBVl/Mnqe3Tzal3Hj+gvjyz2Ri zWq0eWOPUssDtGm1wbVNTRST5lyiMWV6xXLMVbTspA+p2RxUSIM= =1eks -----END PGP SIGNATURE-----