Format: 1.8 Date: Thu, 18 Jun 2015 15:56:29 -0500 Source: patch Binary: patch Architecture: ppc64el Version: 2.7.1-5ubuntu0.2 Distribution: utopic Urgency: medium Maintainer: Ubuntu Build Daemon Changed-By: Tyler Hicks Description: patch - Apply a diff file to an original Changes: patch (2.7.1-5ubuntu0.2) utopic-security; urgency=medium . * SECURITY UPDATE: Denial of service via crafted patch - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory allocation failures - CVE-2014-9637 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point outside of the current directory - CVE-2015-1196 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames during a rename or copy - CVE-2015-1395 * SECURITY UPDATE: Directory traversal via crafted patch - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point outside of the current directory. This patch corrects the incomplete fix for CVE-2015-1196. - CVE-2015-1396 * debian/rules: Fix FTBFS caused by ed check. Based on Debian change suggested by Simon McVittie. * debian/control: Add automake1.11 as a build-depends since some of the patches adjust Makefile.am files Checksums-Sha1: 8cf191e0d9322bd0cd481cea02216262678446eb 82896 patch_2.7.1-5ubuntu0.2_ppc64el.deb e5c5577c016e12db141e06587943fd70e69ee46c 139806 patch-dbgsym_2.7.1-5ubuntu0.2_ppc64el.ddeb Checksums-Sha256: 4c7e2234c337437333760ca40b4ee0096293d735fbe27cba462296b3c8e0a281 82896 patch_2.7.1-5ubuntu0.2_ppc64el.deb 5e0692ada68da7b61d9fdd41ef82e6baf837ffb5d2348af74064951bf79585c6 139806 patch-dbgsym_2.7.1-5ubuntu0.2_ppc64el.ddeb Files: 13578c09fb20975bb96b4f5958a2d454 82896 vcs standard patch_2.7.1-5ubuntu0.2_ppc64el.deb 348b742a218d8c9d4fa39f4b73a6506a 139806 vcs extra patch-dbgsym_2.7.1-5ubuntu0.2_ppc64el.ddeb Original-Maintainer: Laszlo Boszormenyi (GCS)