Ubuntu
patch package

patch 2.7.1-4ubuntu2.3 source package in Ubuntu

Changelog

patch (2.7.1-4ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service via crafted patch
    - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
      allocation failures
    - CVE-2014-9637
  * SECURITY UPDATE: Directory traversal via crafted patch
    - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
      outside of the current directory
    - CVE-2015-1196
  * SECURITY UPDATE: Directory traversal via crafted patch
    - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
      during a rename or copy
    - CVE-2015-1395
  * SECURITY UPDATE: Directory traversal via crafted patch
    - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
      outside of the current directory. This patch corrects the incomplete fix
      for CVE-2015-1196.
    - CVE-2015-1396
  * debian/control: Add automake1.11 as a build-depends since some of the
    patches adjust Makefile.am files

 -- Tyler Hicks <email address hidden>  Mon, 22 Jun 2015 14:33:17 -0500

Upload details

Uploaded by:
Tyler Hicks
Uploaded to:
Trusty
Original maintainer:
Ubuntu Developers
Architectures:
any
Section:
vcs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
patch_2.7.1.orig.tar.bz2 781.8 KiB aae676de9e95051f425af4507fcc9a019941a2a1f78405e7dbd40bccf786aa11
patch_2.7.1-4ubuntu2.3.debian.tar.gz 25.8 KiB 2398cee37ab0d82ebcbd6ba670f9d6e1c161366d8508bc179133ac7e988944d5
patch_2.7.1-4ubuntu2.3.dsc 1.8 KiB 3cb5ef3a6d802d0f4abbc2318403b882cb2a73a9d2157e97454201d31f2184f1

View changes file

Binary packages built by this source

patch: Apply a diff file to an original

 Patch will take a patch file containing any of the four forms
 of difference listing produced by the diff program and apply
 those differences to an original file, producing a patched
 version.

patch-dbgsym: debug symbols for package patch

 Patch will take a patch file containing any of the four forms
 of difference listing produced by the diff program and apply
 those differences to an original file, producing a patched
 version.