CVE-2016-3068
Blake Burkhart discovered that Mercurial allows URLs for Git
subrepositories that could result in arbitrary code execution on
clone.
CVE-2016-3069
Blake Burkhart discovered that Mercurial allows arbitrary code
execution when converting Git repositories with specially
crafted names.
CVE-2016-3630
It was discovered that Mercurial does not properly perform bounds-
checking in its binary delta decoder, which may be exploitable for
remote code execution via clone, push or pull.
One can build pcl with vtk, qt4, and libXt set to null iff libpng is
explicitly listed as a dependency.
pcl's build system is happy to proceed without those GUI-related
packages as long as libpng is available.
It's not by any means exhaustive, but we're still going to change the
implementation, so let's just use this as a starting point.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
These values match against the client IDs only, so let's rename it to
something that actually reflects that. Having client.cert in the same
namespace also could lead to confusion, because the client.cert setting
is for the *debugging* client only.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
Referring to the GnuTLS documentation isn't very nice if the user has to
use a search engine to find that documentation. So let's directly link
to it.
The type was "str" before, but it's actually a colon-separated string,
so if we set options in multiple modules, the result is one concatenated
string.
I know there is types.envVar, which does the same as separatedString ":"
but I found that it could confuse the reader of the Taskserver module.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
We already document that we allow special values such as "all" and
"none", but the type doesn't represent that. So let's use an enum in
conjuction with a loeOf type so that this becomes clear.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
This reverts commit b0adde8f8a5f22cf45f32df64bba149f326dec85.
Doesn't fix the issue for grsec kernels.
(cherry picked from commit 22bd9c12fec43bf914cdbec4c3a11cd0d964912a)
Signed-off-by: Domen Kožar <domen@dev.si>
