Ubuntu
patch package

Change logs for patch source package in Trusty

  1. Trusty (14.04)
  2. Change log 
  • patch (2.7.1-4ubuntu2.4) trusty-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds access
    - debian/patches/CVE-2016-10713.patch: fix in
      src/pch.c.
    - CVE-2016-10713
  * SECURITY UPDATE: Input validation vulnerability
    - debian/patches/CVE-2018-1000156.patch: fix in
      src/pch.c adding tests in Makefile.in, tests/ed-style.
    - debian/patches/0001-Fix-ed-style-test-failure.patch:
    - CVE-2018-1000156
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2018-6951.patch: fix in src/pch.c.
    - CVE-2018-6951

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 09 Apr 2018 11:14:01 -0300
  • patch (2.7.1-4ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Denial of service via crafted patch
    - debian/patches/CVE-2014-9637.patch: Detect and exit upon memory
      allocation failures
    - CVE-2014-9637
  * SECURITY UPDATE: Directory traversal via crafted patch
    - debian/patches/CVE-2015-1196.patch: Don't allow symlink targets to point
      outside of the current directory
    - CVE-2015-1196
  * SECURITY UPDATE: Directory traversal via crafted patch
    - debian/patches/CVE-2015-1395.patch: Check the validity of both filenames
      during a rename or copy
    - CVE-2015-1395
  * SECURITY UPDATE: Directory traversal via crafted patch
    - debian/patches/CVE-2015-1396.patch: Don't allow symlink targets to point
      outside of the current directory. This patch corrects the incomplete fix
      for CVE-2015-1196.
    - CVE-2015-1396
  * debian/control: Add automake1.11 as a build-depends since some of the
    patches adjust Makefile.am files

 -- Tyler Hicks <email address hidden>  Mon, 22 Jun 2015 14:33:17 -0500
  • patch (2.7.1-4ubuntu2) trusty-proposed; urgency=medium

  * Fix the check for ed to be more robust against compiler optimizations.
    Fixes the build failure seen in trusty-updates. LP: #1435353.
    See Debian #729132 for the proposed fix.
 -- Matthias Klose <email address hidden>   Mon, 23 Mar 2015 15:22:31 +0100
  • patch (2.7.1-4ubuntu1) trusty-proposed; urgency=low

  [ James Hunt <email address hidden> ]
  * Fix segfault due to incorrect usage (LP: #1306412).
 -- Brian Murray <email address hidden>   Thu, 01 May 2014 09:24:26 -0700
  • patch (2.7.1-4) unstable; urgency=low


  * New maintainer (closes: #728664).
  * Add manual last change date (closes: #674052).
  * Update Standards-Version to 3.9.5 .

 -- Laszlo Boszormenyi (GCS) <email address hidden>  Mon, 04 Nov 2013 12:36:11 +0000
  • patch (2.7.1-3) unstable; urgency=low


  * Call 'ed' without a path. Closes: #714423.
  * Update copyright for GPL v3. Closes: #664640.

 -- Christoph Berg <email address hidden>  Sun, 30 Jun 2013 16:14:19 +0200