Change log for patch package in Ubuntu
1 → 46 of 46 results | First • Previous • Next • Last |
patch (2.7.6-7build3) noble; urgency=high * No change rebuild for 64-bit time_t and frame pointers. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 18:15:08 +0200
Available diffs
Superseded in noble-release |
Published in mantic-release |
Published in lunar-release |
Obsolete in kinetic-release |
Published in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
patch (2.7.6-7build2) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Thu, 24 Mar 2022 17:22:21 +0100
Available diffs
- diff from 2.7.6-7 (in Debian) to 2.7.6-7build2 (628 bytes)
- diff from 2.7.6-7build1 (in Ubuntu) to 2.7.6-7build2 (579 bytes)
Superseded in jammy-release |
Deleted in jammy-proposed (Reason: Moved to jammy) |
Deleted in impish-proposed (Reason: Moved to jammy) |
patch (2.7.6-7build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:22:08 +0200
Available diffs
- diff from 2.7.6-7 (in Debian) to 2.7.6-7build1 (321 bytes)
Superseded in jammy-release |
Obsolete in impish-release |
Obsolete in hirsute-release |
Deleted in hirsute-proposed (Reason: moved to Release) |
patch (2.7.6-7) unstable; urgency=medium * Backport upstream fixes: - avoid invalid memory access in context format diffs, - fix failed assertion 'outstate->after_newline'. * Update packaging bits. * Update Standards-Version to 4.5.1 . -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 09 Jan 2021 09:58:08 +0100
Available diffs
- diff from 2.7.6-6 to 2.7.6-7 (1.8 KiB)
Superseded in hirsute-release |
Obsolete in groovy-release |
Published in focal-release |
Obsolete in eoan-release |
Deleted in eoan-proposed (Reason: moved to release) |
patch (2.7.6-6) unstable; urgency=high * Fix CVE-2018-1000156 regression, temporary file leak on failed ed-style patches (closes: #933140). -- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 26 Jul 2019 22:10:00 +0000
Available diffs
- diff from 2.7.6-5 to 2.7.6-6 (2.4 KiB)
patch (2.7.6-3ubuntu0.1) disco-security; urgency=medium * SECURITY UPDATE: Directory traversal - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless --follow-symlinks is given in src/inp.c, src/util.c. - CVE-2019-13636 * SECURITY UPDATE: Shell command injection - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of using the shell in src/pch.c. - CVE-2019-13638 -- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Jul 2019 09:08:11 -0300
Available diffs
patch (2.7.6-2ubuntu1.1) bionic-security; urgency=medium * SECURITY UPDATE: Directory traversal - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless --follow-symlinks is given in src/inp.c, src/util.c. - CVE-2019-13636 * SECURITY UPDATE: Shell command injection - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of using the shell in src/pch.c. - CVE-2019-13638 -- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Jul 2019 09:12:54 -0300
Available diffs
patch (2.7.5-1ubuntu0.16.04.2) xenial-security; urgency=medium * SECURITY UPDATE: Directory traversal - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless --follow-symlinks is given in src/inp.c, src/util.c. - CVE-2019-13636 * SECURITY UPDATE: Shell command injection - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of using the shell in src/pch.c. - CVE-2019-13638 -- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Jul 2019 09:17:32 -0300
Available diffs
patch (2.7.6-5) unstable; urgency=high * Fix CVE-2019-13636: mishandled following of symlinks (closes: #932401). * Fix CVE-2019-13638: shell command injection. -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 21 Jul 2019 12:20:38 +0000
Available diffs
- diff from 2.7.6-4 to 2.7.6-5 (2.4 KiB)
patch (2.7.6-4) unstable; urgency=medium * Backport upstream fixes: - abort when cleaning up fails (closes: #890746), - don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY. -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 29 Jun 2019 20:00:12 +0000
Available diffs
- diff from 2.7.6-3 to 2.7.6-4 (2.2 KiB)
Superseded in eoan-release |
Obsolete in disco-release |
Obsolete in cosmic-release |
Deleted in cosmic-proposed (Reason: moved to release) |
patch (2.7.6-3) unstable; urgency=medium * Use short debhelper rules format (closes: #905486). * Change package priority to optional. * Update Standards-Version to 4.1.5 . * Sync with Ubuntu. [ Marc Deslauriers <email address hidden> ] * debian/patches/0001-Fix-ed-style-test-failure.patch: fix ed-style test. -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 05 Aug 2018 11:10:39 +0000
Available diffs
patch (2.6.1-3ubuntu0.2) precise-security; urgency=medium * SECURITY UPDATE: Out-of-bounds access - debian/patches/CVE-2016-10713.patch: fix in src/pch.c. - CVE-2016-10713 * SECURITY UPDATE: Input validation vulnerability - debian/patches/CVE-2018-1000156.patch: fix in src/pch.c adding tests in Makefile.in, tests/ed-style. - CVE-2018-1000156 -- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Apr 2018 09:34:21 -0300
Available diffs
Superseded in cosmic-release |
Published in bionic-release |
Deleted in bionic-proposed (Reason: moved to release) |
patch (2.7.6-2ubuntu1) bionic; urgency=medium * debian/patches/0001-Fix-ed-style-test-failure.patch: fix ed-style test. -- Marc Deslauriers <email address hidden> Tue, 10 Apr 2018 19:07:29 -0400
Available diffs
patch (2.7.1-4ubuntu2.4) trusty-security; urgency=medium * SECURITY UPDATE: Out-of-bounds access - debian/patches/CVE-2016-10713.patch: fix in src/pch.c. - CVE-2016-10713 * SECURITY UPDATE: Input validation vulnerability - debian/patches/CVE-2018-1000156.patch: fix in src/pch.c adding tests in Makefile.in, tests/ed-style. - debian/patches/0001-Fix-ed-style-test-failure.patch: - CVE-2018-1000156 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2018-6951.patch: fix in src/pch.c. - CVE-2018-6951 -- <email address hidden> (Leonidas S. Barbosa) Mon, 09 Apr 2018 11:14:01 -0300
Available diffs
patch (2.7.5-1ubuntu0.16.04.1) xenial-security; urgency=medium * SECURITY UPDATE: Out-of-bounds access - debian/patches/CVE-2016-10713.patch: fix in src/pch.c. - CVE-2016-10713 * SECURITY UPDATE: Input validation vulnerability - debian/patches/CVE-2018-1000156.patch: fix in src/pch.c adding tests in Makefile.in, tests/ed-style. - debian/patches/0001-Fix-ed-style-test-failure.patch: fix test. - CVE-2018-1000156 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2018-6951.patch: fix in src/pch.c. - CVE-2018-6951 * Adds dh_autoreconf to asure it will use the right automake, also adding dh_autoreconf as build-depend. -- <email address hidden> (Leonidas S. Barbosa) Mon, 09 Apr 2018 12:16:54 -0300
Available diffs
patch (2.7.5-1ubuntu0.2) artful-security; urgency=medium * SECURITY UPDATE: Out-of-bounds access - debian/patches/CVE-2016-10713.patch: fix in src/pch.c. - CVE-2016-10713 * SECURITY UPDATE: Input validation vulnerability - debian/patches/CVE-2018-1000156.patch: fix in src/pch.c adding tests in Makefile.in, tests/ed-style. - debian/patches/0001-Fix-ed-style-test-failure.patch: fix test. - CVE-2018-1000156 * SECURITY UPDATE: NULL pointer dereference - debian/patches/CVE-2018-6951.patch: fix in src/pch.c. - CVE-2018-6951 * Adds dh_autoreconf to asure it will use the right automake, also adding dh_autoreconf as build-depend. -- <email address hidden> (Leonidas S. Barbosa) Mon, 09 Apr 2018 16:26:20 -0300
Available diffs
- diff from 2.7.5-1ubuntu0.1 to 2.7.5-1ubuntu0.2 (820 bytes)
patch (2.7.6-2) unstable; urgency=high * Backport patches from upstream Git tree: - fix NULL pointer read with mangled rename, - allow input files to be missing for ed-style patches, - CVE-2018-1000156: fix arbitrary command execution in ed-style patches (closes: #894993). * Disable Vcs-* fields for now. -- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 06 Apr 2018 15:20:36 +0000
Available diffs
- diff from 2.7.6-1 to 2.7.6-2 (3.6 KiB)
patch (2.7.6-1) unstable; urgency=medium * New upstream release: - don't allow a hunk to overlap with the previous one (closes: #717782). * Mark historical changelog entries as is. * Update debhelper level to 11 . * Update Standards-Version to 4.1.3 . -- Laszlo Boszormenyi (GCS) <email address hidden> Wed, 14 Feb 2018 18:14:46 +0000
Available diffs
- diff from 2.7.5-1build1 (in Ubuntu) to 2.7.6-1 (454.1 KiB)
Superseded in bionic-release |
Obsolete in artful-release |
Deleted in artful-proposed (Reason: moved to release) |
patch (2.7.5-1build1) artful; urgency=medium * No-change rebuild to pick up -fPIE compiler default in static libraries -- Steve Langasek <email address hidden> Fri, 21 Apr 2017 20:53:40 +0000
Available diffs
- diff from 2.7.5-1 (in Debian) to 2.7.5-1build1 (332 bytes)
patch (2.7.1-5ubuntu0.3) utopic-security; urgency=medium * SECURITY UPDATE: Denial of service via crafted patch - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory allocation failures - CVE-2014-9637 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point outside of the current directory - CVE-2015-1196 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames during a rename or copy - CVE-2015-1395 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point outside of the current directory. This patch corrects the incomplete fix for CVE-2015-1196. - CVE-2015-1396 * debian/rules: Fix FTBFS caused by ed check. Based on Debian change suggested by Simon McVittie. * debian/control: Add automake1.11 as a build-depends since some of the patches adjust Makefile.am files -- Tyler Hicks <email address hidden> Mon, 22 Jun 2015 14:34:29 -0500
Available diffs
patch (2.7.1-4ubuntu2.3) trusty-security; urgency=medium * SECURITY UPDATE: Denial of service via crafted patch - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory allocation failures - CVE-2014-9637 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point outside of the current directory - CVE-2015-1196 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames during a rename or copy - CVE-2015-1395 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point outside of the current directory. This patch corrects the incomplete fix for CVE-2015-1196. - CVE-2015-1396 * debian/control: Add automake1.11 as a build-depends since some of the patches adjust Makefile.am files -- Tyler Hicks <email address hidden> Mon, 22 Jun 2015 14:33:17 -0500
Available diffs
patch (2.6.1-3ubuntu0.1) precise-security; urgency=medium * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2010-4651.patch: Restrict file creation to the current directory and its subdirectories - CVE-2010-4651 * SECURITY UPDATE: Denial of service via crafted patch - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory allocation failures - CVE-2014-9637 -- Tyler Hicks <email address hidden> Thu, 11 Jun 2015 20:33:29 -0500
Available diffs
patch (2.7.1-4ubuntu2) trusty-proposed; urgency=medium * Fix the check for ed to be more robust against compiler optimizations. Fixes the build failure seen in trusty-updates. LP: #1435353. See Debian #729132 for the proposed fix. -- Matthias Klose <email address hidden> Mon, 23 Mar 2015 15:22:31 +0100
Available diffs
- diff from 2.7.1-4ubuntu1 to 2.7.1-4ubuntu2 (632 bytes)
Superseded in artful-release |
Obsolete in zesty-release |
Obsolete in yakkety-release |
Published in xenial-release |
Obsolete in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
patch (2.7.5-1) unstable; urgency=medium * New upstream release. * Fix symlink directory regression (closes: #777122). * Update Standards-Version to 3.9.6 . -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 07 Mar 2015 06:27:14 +0000
Available diffs
- diff from 2.7.4-2 to 2.7.5-1 (48.3 KiB)
patch (2.7.4-2) unstable; urgency=low * Backport test suite fixes. -- Laszlo Boszormenyi (GCS) <email address hidden> Wed, 04 Feb 2015 22:33:38 +0000
Available diffs
- diff from 2.7.4-1 to 2.7.4-2 (5.4 KiB)
patch (2.7.4-1) unstable; urgency=high * New upstream release. * Fix symlink handling (closes: #776257). * Fix infinite loop with fuzzed diff (closes: #776271). -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 31 Jan 2015 21:43:36 +0000
Available diffs
- diff from 2.7.3-1 to 2.7.4-1 (124.8 KiB)
patch (2.7.3-1) unstable; urgency=high * New upstream release with security fixes: - fix all cases of CVE-2015-1196 (closes: #775873, #775901), - fix infinite loop while applying patch, CVE-2014-9637. * Remove outdated disable-update-version and add_manpage_time.patch Debian patches. * Add homepage field. * Add watch file. -- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 23 Jan 2015 20:27:32 +0000
Available diffs
- diff from 2.7.1-7 to 2.7.3-1 (213.2 KiB)
patch (2.7.1-7) unstable; urgency=high * Backport patches from upstream Git tree: - fix CVE-2015-119: directory traversal via symlinks (closes: #775227), - infinite loop while applying patch (closes: #775540), - segmentation fault while applying corrupted patch (closes: #775793). -- Laszlo Boszormenyi (GCS) <email address hidden> Tue, 20 Jan 2015 19:34:19 +0000
Available diffs
- diff from 2.7.1-6 to 2.7.1-7 (4.9 KiB)
patch (2.7.1-6) unstable; urgency=medium * Fix ed check during build (closes: #721429, #729132). -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 10 Aug 2014 18:05:47 +0000
Available diffs
- diff from 2.7.1-5 to 2.7.1-6 (504 bytes)
patch (2.7.1-4ubuntu1) trusty-proposed; urgency=low [ James Hunt <email address hidden> ] * Fix segfault due to incorrect usage (LP: #1306412). -- Brian Murray <email address hidden> Thu, 01 May 2014 09:24:26 -0700
Available diffs
- diff from 2.7.1-4 (in Debian) to 2.7.1-4ubuntu1 (883 bytes)
Superseded in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
patch (2.7.1-5) unstable; urgency=low * Add watch file. [ James Hunt <email address hidden> ] * Fix segfault due to incorrect usage (closes: #742470). -- Laszlo Boszormenyi (GCS) <email address hidden> Mon, 14 Apr 2014 18:31:53 +0200
Available diffs
- diff from 2.7.1-4 to 2.7.1-5 (797 bytes)
Superseded in utopic-release |
Published in trusty-release |
Deleted in trusty-proposed (Reason: moved to release) |
patch (2.7.1-4) unstable; urgency=low * New maintainer (closes: #728664). * Add manual last change date (closes: #674052). * Update Standards-Version to 3.9.5 . -- Laszlo Boszormenyi (GCS) <email address hidden> Mon, 04 Nov 2013 12:36:11 +0000
Available diffs
- diff from 2.7.1-3 to 2.7.1-4 (1.5 KiB)
Superseded in trusty-release |
Obsolete in saucy-release |
Deleted in saucy-proposed (Reason: moved to release) |
patch (2.7.1-3) unstable; urgency=low * Call 'ed' without a path. Closes: #714423. * Update copyright for GPL v3. Closes: #664640. -- Christoph Berg <email address hidden> Sun, 30 Jun 2013 16:14:19 +0200
Available diffs
Superseded in saucy-release |
Obsolete in raring-release |
Deleted in raring-proposed (Reason: moved to release) |
patch (2.6.1-3ubuntu2) raring; urgency=low * Call configure with ac_cv_func_strnlen_working=yes until such time as we get an upstream tarball built with Autoconf >= 2.68. -- Colin Watson <email address hidden> Thu, 03 Jan 2013 17:05:47 +0000
Available diffs
- diff from 2.6.1-3ubuntu1 to 2.6.1-3ubuntu2 (568 bytes)
patch (2.6.1-3ubuntu1) quantal; urgency=low * Update config.guess,sub for aarch64 -- Wookey <email address hidden> Mon, 01 Oct 2012 12:56:37 +0100
Available diffs
patch (2.6.1-3) unstable; urgency=low * 3.0 (quilt). * Fix Suggests broken in the last upload. -- Christoph Berg <email address hidden> Wed, 25 Jan 2012 15:00:41 +0100
Available diffs
- diff from 2.6.1-2.1 to 2.6.1-3 (60.5 KiB)
patch (2.6.1-2.1) unstable; urgency=low * NMU with maintainer approval * Set patch as Multi-Arch: foreign to allow use when cross-compiling -- Riku Voipio <email address hidden> Mon, 16 Jan 2012 14:13:59 +0200
Available diffs
- diff from 2.6.1-2 (in Ubuntu) to 2.6.1-2.1 (491 bytes)
patch (2.6.1-2) unstable; urgency=low * Use dh_auto_test. Closes: #627196 -- Ubuntu Archive Auto-Sync <email address hidden> Sat, 21 May 2011 09:03:54 +0000
Available diffs
- diff from 2.6.1-1 to 2.6.1-2 (540 bytes)
patch (2.6.1-1) unstable; urgency=low * New upstream version. + Improved CR stripping heuristics. Closes: #484539 + Fixes: creates files and directories instead of asking for the file location. Closes: #568248 * Remove lenny compatibility options -U --unified-reject-files and --global-reject-file. -- Ubuntu Archive Auto-Sync <email address hidden> Sat, 30 Apr 2011 13:30:03 +0000
Available diffs
- diff from 2.6-3 to 2.6.1-1 (64.0 KiB)
patch (2.6-3) unstable; urgency=low * Enable -m short option for --merge as documented in help and manpage. Closes: #597305. -- Benjamin Drung <email address hidden> Wed, 22 Sep 2010 21:41:30 +0200
Available diffs
- diff from 2.6-2ubuntu1 to 2.6-3 (790 bytes)
patch (2.6-2ubuntu1) lucid; urgency=low * Build with -fno-stack-protector on sparc to pass the testsuite. LP: #534459. -- Matthias Klose <email address hidden> Mon, 05 Apr 2010 03:18:36 +0200
Available diffs
- diff from 2.6-2 to 2.6-2ubuntu1 (458 bytes)
patch (2.6-2) unstable; urgency=low * Update watch file. * Section: vcs. * Suggests: diffutils-doc instead of diff-doc, thanks Christoph Anton Mitterer for spotting. Closes: #558974.
Available diffs
- diff from 2.5.9-5 to 2.6-2 (408.8 KiB)
Superseded in lucid-release |
Obsolete in karmic-release |
Obsolete in jaunty-release |
Obsolete in intrepid-release |
patch (2.5.9-5) unstable; urgency=low * Convert packaging to quilt. * Tell lintian that part of the changelog is in a different format. * Bump Standards-Version. -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 02:21:58 +0100
Superseded in intrepid-release |
Obsolete in hardy-release |
Obsolete in gutsy-release |
Obsolete in feisty-release |
Obsolete in edgy-release |
patch (2.5.9-4) unstable; urgency=low * New maintainer (Closes: #349323). * Use dpatch, add patches: + unified-reject-files: write unified reject files (Closes: #26675). + global-reject-file: write a global reject file. + manpage-char: fix weird character. * Suggests: diff-doc. * Bump Standards-Version.
Superseded in edgy-release |
Obsolete in dapper-release |
Superseded in dapper-release |
Obsolete in breezy-release |
Obsolete in hoary-release |
patch (2.5.9-2) unstable; urgency=low * Standards-Version 3.6.1 (no changes required). * Applied upstream patch to fix CR stripping. (Closes: #196297) * Applied a patch from SUSE to prevent previously created backup files from being overwritten. (Closes: #248950) * Ran aclocal and autoconf to make the above patch work. * Touch aclocal.m4 and configure during build to prevent the usual time-skew problems. * Removed emacs vars from changelog. -- Michael Fedrowitz <email address hidden> Sun, 18 Jul 2004 12:56:02 +0200
patch (2.5.9-1) unstable; urgency=low * New upstream release: - Handles filenames with spaces. (closes: #99808) - Don't try to stat output file after skipping a patch. (closes: #157232) - CR in hunk header doesn't trigger CR stripping. (closes: #192272) * Standards-Version 3.5.10 (no changes required). * Remove obsolete CFLAGS. (closes: #193403) * Update copyright file. -- Michael Fedrowitz <email address hidden> Tue, 20 May 2003 21:13:37 +0200
1 → 46 of 46 results | First • Previous • Next • Last |