This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for mercurial fixes the following issues :
Mercurial was updated to 4.2.3, a security fix update for
- CVE-2017-1000115: Incomplete symlink auditing allowed
writing to files outside of the repository (boo#1053344)
- CVE-2017-1000116: Client-side code execution via
argument injection in SSH URLs (boo#1052696)
See also :
Update the affected mercurial packages.
Risk factor :
High / CVSS Base Score : 7.5