Format: 1.8 Date: Thu, 11 Jun 2015 20:25:30 -0500 Source: patch Binary: patch Architecture: armhf Version: 2.7.1-5ubuntu0.1 Distribution: utopic Urgency: medium Maintainer: Ubuntu/armhf Build Daemon Changed-By: Tyler Hicks Description: patch - Apply a diff file to an original Changes: patch (2.7.1-5ubuntu0.1) utopic-security; urgency=medium . * SECURITY UPDATE: Denial of service via crafted patch - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory allocation failures - CVE-2014-9637 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point outside of the current directory - CVE-2015-1196 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames during a rename or copy - CVE-2015-1395 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point outside of the current directory. This patch corrects the incomplete fix for CVE-2015-1196. - CVE-2015-1396 * debian/rules: Fix FTBFS caused by ed check. Based on Debian change suggested by Simon McVittie. * debian/control: Add automake1.11 as a build-depends since some of the patches adjust Makefile.am files Checksums-Sha1: 9171520695e5d955395a215675e9612c2d2f3952 80736 patch_2.7.1-5ubuntu0.1_armhf.deb 8c7035e58b88ebb4ada13c2201cfd4b52a5004a1 132406 patch-dbgsym_2.7.1-5ubuntu0.1_armhf.ddeb Checksums-Sha256: 790bf334e6a403526d086d9f396c1467c0b714cdac8d247632b02cd1f8d7d728 80736 patch_2.7.1-5ubuntu0.1_armhf.deb 7c3f5498c0f449da36be5dbf11931f6368e594c36e623f72a2c7eac5755c87a4 132406 patch-dbgsym_2.7.1-5ubuntu0.1_armhf.ddeb Files: 4b71dd62bfc7a9019eeefbf26fb11d2c 80736 vcs standard patch_2.7.1-5ubuntu0.1_armhf.deb ed1e5f0a8ec46aaf5d6a93f2958d6383 132406 vcs extra patch-dbgsym_2.7.1-5ubuntu0.1_armhf.ddeb Original-Maintainer: Laszlo Boszormenyi (GCS)