Publishing details

• Published on 2019-09-07

Changelog

patch (2.7.6-3+deb10u1) buster-security; urgency=high

  * Fix CVE-2019-13636: mishandled following of symlinks (closes: #932401).
  * Fix CVE-2019-13638: shell command injection.
  * Fix CVE-2018-1000156 regression, temporary file leak on failed ed-style
    patches (closes: #933140).

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Fri, 26 Jul 2019 10:58:07 +0000

Builds

Package files

• patch_2.7.6-3+deb10u1.debian.tar.xz (12.9 KiB)
• patch_2.7.6-3+deb10u1.dsc (1.7 KiB)
• patch_2.7.6.orig.tar.xz (765.4 KiB)