Format: 1.8 Date: Tue, 23 Jul 2019 09:12:54 -0300 Source: patch Binary: patch Architecture: i386 Version: 2.7.6-2ubuntu1.1 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: patch - Apply a diff file to an original Changes: patch (2.7.6-2ubuntu1.1) bionic-security; urgency=medium . * SECURITY UPDATE: Directory traversal - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless --follow-symlinks is given in src/inp.c, src/util.c. - CVE-2019-13636 * SECURITY UPDATE: Shell command injection - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of using the shell in src/pch.c. - CVE-2019-13638 Checksums-Sha1: 078e4d06fd086259a0ebc5a418e9dd70fc76ed2b 187096 patch-dbgsym_2.7.6-2ubuntu1.1_i386.ddeb 3ac2d8bd53d63fcc31c54490b68e4d0d1c789080 5319 patch_2.7.6-2ubuntu1.1_i386.buildinfo 45a4c2d55f78ce1fe5650f4f95ab2d98093f4398 117852 patch_2.7.6-2ubuntu1.1_i386.deb Checksums-Sha256: 4962a5542be9600d61c7591286128af052907c359ae98bf08044909b1474e2af 187096 patch-dbgsym_2.7.6-2ubuntu1.1_i386.ddeb ec2f182d4577bf4d07f8fec24701da822c68b3354a86d5d6ba757287b55967c2 5319 patch_2.7.6-2ubuntu1.1_i386.buildinfo abbd312644056f4c04e8c827e6cd76e72ecae1e52dbe6582b9e4febbb936e72d 117852 patch_2.7.6-2ubuntu1.1_i386.deb Files: 014597ec381a0c31163bcd4fff3c6485 187096 debug optional patch-dbgsym_2.7.6-2ubuntu1.1_i386.ddeb 79b2cb25c60052a464bc11b20d3f09f4 5319 vcs standard patch_2.7.6-2ubuntu1.1_i386.buildinfo fc97e1375721d9c9a53317f05088099b 117852 vcs standard patch_2.7.6-2ubuntu1.1_i386.deb Original-Maintainer: Laszlo Boszormenyi (GCS)