patch

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description A utility to apply patch files to original sources
Version 2.7.6-10 [core]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-808 2.7.6-3 2.7.6-7 High Fixed FS#57526
AVG-619 2.7.6-1 2.7.6-3 High Fixed FS#57526
AVG-618 2.7.5-1 2.7.6-1 Low Fixed
Issue Group Severity Remote Type Description
CVE-2018-1000156 AVG-619 High No Arbitrary command execution
An arbitrary command execution vulnerability has been found in patch versions prior to 2.7.7 when applying ed-style patches. Due to insufficient...
CVE-2018-1000156 AVG-808 High No Arbitrary command execution
An arbitrary command execution vulnerability has been found in patch versions prior to 2.7.7 when applying ed-style patches. Due to insufficient...
CVE-2018-6952 AVG-619 Medium No Denial of service
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. An attacker could potentially use this flaw to crash the patch...
CVE-2018-6952 AVG-808 Medium No Denial of service
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. An attacker could potentially use this flaw to crash the patch...
CVE-2018-6951 AVG-619 Low No Denial of service
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of...
CVE-2016-10713 AVG-618 Low No Denial of service
An issue was discovered in GNU patch before 2.7.6. An out-of-bounds access within pch_write_line() in pch.c can possibly lead to denial of service via a...

Advisories

Date Advisory Group Severity Type
12 Nov 2018 ASA-201811-14 AVG-808 High multiple issues
09 Oct 2018 ASA-201810-8 AVG-619 High multiple issues