Download
| Alert*
oval:org.secpod.oval:def:2101923
An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. oval:org.secpod.oval:def:1601070 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 , but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.GNU patch through 2.7.6 is vulnerable to OS shell command injectio ... oval:org.secpod.oval:def:3300548 SUSE Security Update: Security update for patch oval:org.secpod.oval:def:2000299 A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. oval:org.secpod.oval:def:115302 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... oval:org.secpod.oval:def:503272 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Security Fix ... oval:org.secpod.oval:def:115244 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... oval:org.secpod.oval:def:1700246 do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638 , but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.GNU patch through 2.7.6 is vulnerable to OS shell command injectio ... oval:org.secpod.oval:def:89046369 This update for patch fixes the following issues: Security fixes: - CVE-2019-13636: Fixed mishandled following of symlinks in certain cases other than input files . - CVE-2018-6952: Fixed double free of memory in pch.c:another_hunk . Bugfixes: - Pass the correct stat to backup files . - Fix temporar ... oval:org.secpod.oval:def:205346 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Security Fix ... oval:org.secpod.oval:def:1504217 [2.7.1-11] - Fixed CVE-2016-10713 - Out-of-bounds access in pch_write_line function - Fixed CVE-2018-6952 - Double free of memory - Resolves: #1626473, honor new file mode 100755 when applying patches - Resolves: #1653294, Added virtual provides for bundled gnulib library oval:org.secpod.oval:def:89047477 This update for patch fixes the following issues: Security issues fixed: - CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches . - CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leadin ... oval:org.secpod.oval:def:1900094 A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. oval:org.secpod.oval:def:115257 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... oval:org.secpod.oval:def:114379 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... oval:org.secpod.oval:def:114022 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... oval:org.secpod.oval:def:114375 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... oval:org.secpod.oval:def:114161 The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file . Patch should ... |