AVG-808 log
Package | patch |
Status | Fixed |
Severity | High |
Type | multiple issues |
Affected | 2.7.6-3 |
Fixed | 2.7.6-7 |
Current | 2.7.6-10 [core] |
Ticket | FS#57526 |
Created | Mon Nov 12 17:39:29 2018 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2018-1000156 | High | No | Arbitrary command execution | An arbitrary command execution vulnerability has been found in patch versions prior to 2.7.7 when applying ed-style patches. Due to insufficient... |
CVE-2018-6952 | Medium | No | Denial of service | A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. An attacker could potentially use this flaw to crash the patch... |
Date | Advisory | Package | Type |
---|---|---|---|
12 Nov 2018 | ASA-201811-14 | patch | multiple issues |
Notes |
---|
Patch for CVE-2018-1000156 and CVE-2018-6952 was not applied in AVG-619 therefor this group exists that addresses this issue properly. |