Change log for patch package in Ubuntu
| 1 → 46 of 46 results | First • Previous • Next • Last |
patch (2.7.6-7build3) noble; urgency=high * No change rebuild for 64-bit time_t and frame pointers. -- Julian Andres Klode <email address hidden> Mon, 08 Apr 2024 18:15:08 +0200
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Published in lunar-release |
| Obsolete in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
patch (2.7.6-7build2) jammy; urgency=high * No change rebuild for ppc64el baseline bump. -- Julian Andres Klode <email address hidden> Thu, 24 Mar 2022 17:22:21 +0100
Available diffs
- diff from 2.7.6-7 (in Debian) to 2.7.6-7build2 (628 bytes)
- diff from 2.7.6-7build1 (in Ubuntu) to 2.7.6-7build2 (579 bytes)
| Superseded in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
| Deleted in impish-proposed (Reason: Moved to jammy) |
patch (2.7.6-7build1) impish; urgency=medium * No-change rebuild to build packages with zstd compression. -- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:22:08 +0200
Available diffs
- diff from 2.7.6-7 (in Debian) to 2.7.6-7build1 (321 bytes)
| Superseded in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
patch (2.7.6-7) unstable; urgency=medium
* Backport upstream fixes:
- avoid invalid memory access in context format diffs,
- fix failed assertion 'outstate->after_newline'.
* Update packaging bits.
* Update Standards-Version to 4.5.1 .
-- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 09 Jan 2021 09:58:08 +0100
Available diffs
- diff from 2.7.6-6 to 2.7.6-7 (1.8 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Published in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to release) |
patch (2.7.6-6) unstable; urgency=high
* Fix CVE-2018-1000156 regression, temporary file leak on failed ed-style
patches (closes: #933140).
-- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 26 Jul 2019 22:10:00 +0000
Available diffs
- diff from 2.7.6-5 to 2.7.6-6 (2.4 KiB)
patch (2.7.6-3ubuntu0.1) disco-security; urgency=medium
* SECURITY UPDATE: Directory traversal
- debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
--follow-symlinks is given in src/inp.c, src/util.c.
- CVE-2019-13636
* SECURITY UPDATE: Shell command injection
- debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
using the shell in src/pch.c.
- CVE-2019-13638
-- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Jul 2019 09:08:11 -0300
Available diffs
patch (2.7.6-2ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: Directory traversal
- debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
--follow-symlinks is given in src/inp.c, src/util.c.
- CVE-2019-13636
* SECURITY UPDATE: Shell command injection
- debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
using the shell in src/pch.c.
- CVE-2019-13638
-- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Jul 2019 09:12:54 -0300
Available diffs
patch (2.7.5-1ubuntu0.16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: Directory traversal
- debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
--follow-symlinks is given in src/inp.c, src/util.c.
- CVE-2019-13636
* SECURITY UPDATE: Shell command injection
- debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
using the shell in src/pch.c.
- CVE-2019-13638
-- <email address hidden> (Leonidas S. Barbosa) Tue, 23 Jul 2019 09:17:32 -0300
Available diffs
patch (2.7.6-5) unstable; urgency=high * Fix CVE-2019-13636: mishandled following of symlinks (closes: #932401). * Fix CVE-2019-13638: shell command injection. -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 21 Jul 2019 12:20:38 +0000
Available diffs
- diff from 2.7.6-4 to 2.7.6-5 (2.4 KiB)
patch (2.7.6-4) unstable; urgency=medium
* Backport upstream fixes:
- abort when cleaning up fails (closes: #890746),
- don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY.
-- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 29 Jun 2019 20:00:12 +0000
Available diffs
- diff from 2.7.6-3 to 2.7.6-4 (2.2 KiB)
| Superseded in eoan-release |
| Obsolete in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
patch (2.7.6-3) unstable; urgency=medium * Use short debhelper rules format (closes: #905486). * Change package priority to optional. * Update Standards-Version to 4.1.5 . * Sync with Ubuntu. [ Marc Deslauriers <email address hidden> ] * debian/patches/0001-Fix-ed-style-test-failure.patch: fix ed-style test. -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 05 Aug 2018 11:10:39 +0000
Available diffs
patch (2.6.1-3ubuntu0.2) precise-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds access
- debian/patches/CVE-2016-10713.patch: fix in
src/pch.c.
- CVE-2016-10713
* SECURITY UPDATE: Input validation vulnerability
- debian/patches/CVE-2018-1000156.patch: fix in
src/pch.c adding tests in Makefile.in, tests/ed-style.
- CVE-2018-1000156
-- <email address hidden> (Leonidas S. Barbosa) Mon, 16 Apr 2018 09:34:21 -0300
Available diffs
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
patch (2.7.6-2ubuntu1) bionic; urgency=medium * debian/patches/0001-Fix-ed-style-test-failure.patch: fix ed-style test. -- Marc Deslauriers <email address hidden> Tue, 10 Apr 2018 19:07:29 -0400
Available diffs
patch (2.7.1-4ubuntu2.4) trusty-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds access
- debian/patches/CVE-2016-10713.patch: fix in
src/pch.c.
- CVE-2016-10713
* SECURITY UPDATE: Input validation vulnerability
- debian/patches/CVE-2018-1000156.patch: fix in
src/pch.c adding tests in Makefile.in, tests/ed-style.
- debian/patches/0001-Fix-ed-style-test-failure.patch:
- CVE-2018-1000156
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2018-6951.patch: fix in src/pch.c.
- CVE-2018-6951
-- <email address hidden> (Leonidas S. Barbosa) Mon, 09 Apr 2018 11:14:01 -0300
Available diffs
patch (2.7.5-1ubuntu0.16.04.1) xenial-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds access
- debian/patches/CVE-2016-10713.patch: fix in
src/pch.c.
- CVE-2016-10713
* SECURITY UPDATE: Input validation vulnerability
- debian/patches/CVE-2018-1000156.patch: fix in
src/pch.c adding tests in Makefile.in, tests/ed-style.
- debian/patches/0001-Fix-ed-style-test-failure.patch:
fix test.
- CVE-2018-1000156
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2018-6951.patch: fix in src/pch.c.
- CVE-2018-6951
* Adds dh_autoreconf to asure it will use the right automake, also adding
dh_autoreconf as build-depend.
-- <email address hidden> (Leonidas S. Barbosa) Mon, 09 Apr 2018 12:16:54 -0300
Available diffs
patch (2.7.5-1ubuntu0.2) artful-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds access
- debian/patches/CVE-2016-10713.patch: fix in
src/pch.c.
- CVE-2016-10713
* SECURITY UPDATE: Input validation vulnerability
- debian/patches/CVE-2018-1000156.patch: fix in
src/pch.c adding tests in Makefile.in, tests/ed-style.
- debian/patches/0001-Fix-ed-style-test-failure.patch:
fix test.
- CVE-2018-1000156
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2018-6951.patch: fix in src/pch.c.
- CVE-2018-6951
* Adds dh_autoreconf to asure it will use the right automake, also adding
dh_autoreconf as build-depend.
-- <email address hidden> (Leonidas S. Barbosa) Mon, 09 Apr 2018 16:26:20 -0300
Available diffs
- diff from 2.7.5-1ubuntu0.1 to 2.7.5-1ubuntu0.2 (820 bytes)
patch (2.7.6-2) unstable; urgency=high
* Backport patches from upstream Git tree:
- fix NULL pointer read with mangled rename,
- allow input files to be missing for ed-style patches,
- CVE-2018-1000156: fix arbitrary command execution in ed-style patches
(closes: #894993).
* Disable Vcs-* fields for now.
-- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 06 Apr 2018 15:20:36 +0000
Available diffs
- diff from 2.7.6-1 to 2.7.6-2 (3.6 KiB)
patch (2.7.6-1) unstable; urgency=medium
* New upstream release:
- don't allow a hunk to overlap with the previous one (closes: #717782).
* Mark historical changelog entries as is.
* Update debhelper level to 11 .
* Update Standards-Version to 4.1.3 .
-- Laszlo Boszormenyi (GCS) <email address hidden> Wed, 14 Feb 2018 18:14:46 +0000
Available diffs
- diff from 2.7.5-1build1 (in Ubuntu) to 2.7.6-1 (454.1 KiB)
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
patch (2.7.5-1build1) artful; urgency=medium
* No-change rebuild to pick up -fPIE compiler default in static
libraries
-- Steve Langasek <email address hidden> Fri, 21 Apr 2017 20:53:40 +0000
Available diffs
- diff from 2.7.5-1 (in Debian) to 2.7.5-1build1 (332 bytes)
patch (2.7.1-5ubuntu0.3) utopic-security; urgency=medium
* SECURITY UPDATE: Denial of service via crafted patch
- debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
allocation failures
- CVE-2014-9637
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
outside of the current directory
- CVE-2015-1196
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
during a rename or copy
- CVE-2015-1395
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
outside of the current directory. This patch corrects the incomplete fix
for CVE-2015-1196.
- CVE-2015-1396
* debian/rules: Fix FTBFS caused by ed check. Based on Debian change
suggested by Simon McVittie.
* debian/control: Add automake1.11 as a build-depends since some of the
patches adjust Makefile.am files
-- Tyler Hicks <email address hidden> Mon, 22 Jun 2015 14:34:29 -0500
Available diffs
patch (2.7.1-4ubuntu2.3) trusty-security; urgency=medium
* SECURITY UPDATE: Denial of service via crafted patch
- debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
allocation failures
- CVE-2014-9637
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
outside of the current directory
- CVE-2015-1196
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
during a rename or copy
- CVE-2015-1395
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
outside of the current directory. This patch corrects the incomplete fix
for CVE-2015-1196.
- CVE-2015-1396
* debian/control: Add automake1.11 as a build-depends since some of the
patches adjust Makefile.am files
-- Tyler Hicks <email address hidden> Mon, 22 Jun 2015 14:33:17 -0500
Available diffs
patch (2.6.1-3ubuntu0.1) precise-security; urgency=medium
* SECURITY UPDATE: Directory traversal via crafted patch
- debian/patches/CVE-2010-4651.patch: Restrict file creation to the
current directory and its subdirectories
- CVE-2010-4651
* SECURITY UPDATE: Denial of service via crafted patch
- debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
allocation failures
- CVE-2014-9637
-- Tyler Hicks <email address hidden> Thu, 11 Jun 2015 20:33:29 -0500
Available diffs
patch (2.7.1-4ubuntu2) trusty-proposed; urgency=medium
* Fix the check for ed to be more robust against compiler optimizations.
Fixes the build failure seen in trusty-updates. LP: #1435353.
See Debian #729132 for the proposed fix.
-- Matthias Klose <email address hidden> Mon, 23 Mar 2015 15:22:31 +0100
Available diffs
- diff from 2.7.1-4ubuntu1 to 2.7.1-4ubuntu2 (632 bytes)
| Superseded in artful-release |
| Obsolete in zesty-release |
| Obsolete in yakkety-release |
| Published in xenial-release |
| Obsolete in wily-release |
| Obsolete in vivid-release |
| Deleted in vivid-proposed (Reason: moved to release) |
patch (2.7.5-1) unstable; urgency=medium * New upstream release. * Fix symlink directory regression (closes: #777122). * Update Standards-Version to 3.9.6 . -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 07 Mar 2015 06:27:14 +0000
Available diffs
- diff from 2.7.4-2 to 2.7.5-1 (48.3 KiB)
patch (2.7.4-2) unstable; urgency=low * Backport test suite fixes. -- Laszlo Boszormenyi (GCS) <email address hidden> Wed, 04 Feb 2015 22:33:38 +0000
Available diffs
- diff from 2.7.4-1 to 2.7.4-2 (5.4 KiB)
patch (2.7.4-1) unstable; urgency=high * New upstream release. * Fix symlink handling (closes: #776257). * Fix infinite loop with fuzzed diff (closes: #776271). -- Laszlo Boszormenyi (GCS) <email address hidden> Sat, 31 Jan 2015 21:43:36 +0000
Available diffs
- diff from 2.7.3-1 to 2.7.4-1 (124.8 KiB)
patch (2.7.3-1) unstable; urgency=high
* New upstream release with security fixes:
- fix all cases of CVE-2015-1196 (closes: #775873, #775901),
- fix infinite loop while applying patch, CVE-2014-9637.
* Remove outdated disable-update-version and add_manpage_time.patch
Debian patches.
* Add homepage field.
* Add watch file.
-- Laszlo Boszormenyi (GCS) <email address hidden> Fri, 23 Jan 2015 20:27:32 +0000
Available diffs
- diff from 2.7.1-7 to 2.7.3-1 (213.2 KiB)
patch (2.7.1-7) unstable; urgency=high
* Backport patches from upstream Git tree:
- fix CVE-2015-119: directory traversal via symlinks (closes: #775227),
- infinite loop while applying patch (closes: #775540),
- segmentation fault while applying corrupted patch (closes: #775793).
-- Laszlo Boszormenyi (GCS) <email address hidden> Tue, 20 Jan 2015 19:34:19 +0000
Available diffs
- diff from 2.7.1-6 to 2.7.1-7 (4.9 KiB)
patch (2.7.1-6) unstable; urgency=medium * Fix ed check during build (closes: #721429, #729132). -- Laszlo Boszormenyi (GCS) <email address hidden> Sun, 10 Aug 2014 18:05:47 +0000
Available diffs
- diff from 2.7.1-5 to 2.7.1-6 (504 bytes)
patch (2.7.1-4ubuntu1) trusty-proposed; urgency=low [ James Hunt <email address hidden> ] * Fix segfault due to incorrect usage (LP: #1306412). -- Brian Murray <email address hidden> Thu, 01 May 2014 09:24:26 -0700
Available diffs
- diff from 2.7.1-4 (in Debian) to 2.7.1-4ubuntu1 (883 bytes)
| Superseded in vivid-release |
| Obsolete in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
patch (2.7.1-5) unstable; urgency=low * Add watch file. [ James Hunt <email address hidden> ] * Fix segfault due to incorrect usage (closes: #742470). -- Laszlo Boszormenyi (GCS) <email address hidden> Mon, 14 Apr 2014 18:31:53 +0200
Available diffs
- diff from 2.7.1-4 to 2.7.1-5 (797 bytes)
| Superseded in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
patch (2.7.1-4) unstable; urgency=low * New maintainer (closes: #728664). * Add manual last change date (closes: #674052). * Update Standards-Version to 3.9.5 . -- Laszlo Boszormenyi (GCS) <email address hidden> Mon, 04 Nov 2013 12:36:11 +0000
Available diffs
- diff from 2.7.1-3 to 2.7.1-4 (1.5 KiB)
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Deleted in saucy-proposed (Reason: moved to release) |
patch (2.7.1-3) unstable; urgency=low * Call 'ed' without a path. Closes: #714423. * Update copyright for GPL v3. Closes: #664640. -- Christoph Berg <email address hidden> Sun, 30 Jun 2013 16:14:19 +0200
Available diffs
| Superseded in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
patch (2.6.1-3ubuntu2) raring; urgency=low
* Call configure with ac_cv_func_strnlen_working=yes until such time as we
get an upstream tarball built with Autoconf >= 2.68.
-- Colin Watson <email address hidden> Thu, 03 Jan 2013 17:05:47 +0000
Available diffs
- diff from 2.6.1-3ubuntu1 to 2.6.1-3ubuntu2 (568 bytes)
patch (2.6.1-3ubuntu1) quantal; urgency=low * Update config.guess,sub for aarch64 -- Wookey <email address hidden> Mon, 01 Oct 2012 12:56:37 +0100
Available diffs
patch (2.6.1-3) unstable; urgency=low * 3.0 (quilt). * Fix Suggests broken in the last upload. -- Christoph Berg <email address hidden> Wed, 25 Jan 2012 15:00:41 +0100
Available diffs
- diff from 2.6.1-2.1 to 2.6.1-3 (60.5 KiB)
patch (2.6.1-2.1) unstable; urgency=low * NMU with maintainer approval * Set patch as Multi-Arch: foreign to allow use when cross-compiling -- Riku Voipio <email address hidden> Mon, 16 Jan 2012 14:13:59 +0200
Available diffs
- diff from 2.6.1-2 (in Ubuntu) to 2.6.1-2.1 (491 bytes)
patch (2.6.1-2) unstable; urgency=low * Use dh_auto_test. Closes: #627196 -- Ubuntu Archive Auto-Sync <email address hidden> Sat, 21 May 2011 09:03:54 +0000
Available diffs
- diff from 2.6.1-1 to 2.6.1-2 (540 bytes)
patch (2.6.1-1) unstable; urgency=low
* New upstream version.
+ Improved CR stripping heuristics. Closes: #484539
+ Fixes: creates files and directories instead of asking for the file
location. Closes: #568248
* Remove lenny compatibility options -U --unified-reject-files and
--global-reject-file.
-- Ubuntu Archive Auto-Sync <email address hidden> Sat, 30 Apr 2011 13:30:03 +0000
Available diffs
- diff from 2.6-3 to 2.6.1-1 (64.0 KiB)
patch (2.6-3) unstable; urgency=low
* Enable -m short option for --merge as documented in help and manpage.
Closes: #597305.
-- Benjamin Drung <email address hidden> Wed, 22 Sep 2010 21:41:30 +0200
Available diffs
- diff from 2.6-2ubuntu1 to 2.6-3 (790 bytes)
patch (2.6-2ubuntu1) lucid; urgency=low
* Build with -fno-stack-protector on sparc to pass the testsuite.
LP: #534459.
-- Matthias Klose <email address hidden> Mon, 05 Apr 2010 03:18:36 +0200
Available diffs
- diff from 2.6-2 to 2.6-2ubuntu1 (458 bytes)
patch (2.6-2) unstable; urgency=low
* Update watch file.
* Section: vcs.
* Suggests: diffutils-doc instead of diff-doc, thanks Christoph Anton
Mitterer for spotting. Closes: #558974.
Available diffs
- diff from 2.5.9-5 to 2.6-2 (408.8 KiB)
| Superseded in lucid-release |
| Obsolete in karmic-release |
| Obsolete in jaunty-release |
| Obsolete in intrepid-release |
patch (2.5.9-5) unstable; urgency=low * Convert packaging to quilt. * Tell lintian that part of the changelog is in a different format. * Bump Standards-Version. -- Ubuntu Archive Auto-Sync <email address hidden> Fri, 02 May 2008 02:21:58 +0100
| Superseded in intrepid-release |
| Obsolete in hardy-release |
| Obsolete in gutsy-release |
| Obsolete in feisty-release |
| Obsolete in edgy-release |
patch (2.5.9-4) unstable; urgency=low
* New maintainer (Closes: #349323).
* Use dpatch, add patches:
+ unified-reject-files: write unified reject files (Closes: #26675).
+ global-reject-file: write a global reject file.
+ manpage-char: fix weird character.
* Suggests: diff-doc.
* Bump Standards-Version.
| Superseded in edgy-release |
| Obsolete in dapper-release |
| Superseded in dapper-release |
| Obsolete in breezy-release |
| Obsolete in hoary-release |
patch (2.5.9-2) unstable; urgency=low
* Standards-Version 3.6.1 (no changes required).
* Applied upstream patch to fix CR stripping. (Closes: #196297)
* Applied a patch from SUSE to prevent previously created backup files
from being overwritten. (Closes: #248950)
* Ran aclocal and autoconf to make the above patch work.
* Touch aclocal.m4 and configure during build to prevent the usual
time-skew problems.
* Removed emacs vars from changelog.
-- Michael Fedrowitz <email address hidden> Sun, 18 Jul 2004 12:56:02 +0200
patch (2.5.9-1) unstable; urgency=low
* New upstream release:
- Handles filenames with spaces. (closes: #99808)
- Don't try to stat output file after skipping a patch. (closes: #157232)
- CR in hunk header doesn't trigger CR stripping. (closes: #192272)
* Standards-Version 3.5.10 (no changes required).
* Remove obsolete CFLAGS. (closes: #193403)
* Update copyright file.
-- Michael Fedrowitz <email address hidden> Tue, 20 May 2003 21:13:37 +0200
| 1 → 46 of 46 results | First • Previous • Next • Last |
