Hi, The current package is for mercurial 3.5.1, but upstream have released 3.7.3 as a security release, with fixes for:
CVE-2016-3630 Mercurial: remote code execution in binary delta decoding CVE-2016-3068 Mercurial: arbitrary code execution with Git subrepos CVE-2016-3069 Mercurial: arbitrary code execution when converting Git repos Release announcement is here: http://permalink.gmane.org/gmane.comp.version-control.mercurial.general/37523 Can the cygwin mercurial maintainer please issue an updated package. Thanks, AndyM -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
