These are all security issues fixed in the mercurial-5.9.1-2.1 package on the GA media of openSUSE Tumbleweed.
{ "binaries": [ { "mercurial-lang": "5.9.1-2.1", "mercurial-tests": "5.9.1-2.1", "mercurial": "5.9.1-2.1" } ] }