Format: 1.8
Date: Tue, 23 Jul 2019 09:17:32 -0300
Source: patch
Binary: patch
Architecture: amd64
Version: 2.7.5-1ubuntu0.16.04.2
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy01-amd64-006.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 patch      - Apply a diff file to an original
Changes:
 patch (2.7.5-1ubuntu0.16.04.2) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: Directory traversal
     - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
       --follow-symlinks is given in src/inp.c, src/util.c.
     - CVE-2019-13636
   * SECURITY UPDATE: Shell command injection
     - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
       using the shell in src/pch.c.
     - CVE-2019-13638
Checksums-Sha1:
 323e2f8bb62ce316fde4457cbf6eb02ce39f9981 140954 patch-dbgsym_2.7.5-1ubuntu0.16.04.2_amd64.ddeb
 3f8263871f26b229466502c99e4a88ecaa3e4a08 90766 patch_2.7.5-1ubuntu0.16.04.2_amd64.deb
Checksums-Sha256:
 95e307787e5c88adc9967c1f2d8c19c29ead748c935ce6a8fb459418f2445d72 140954 patch-dbgsym_2.7.5-1ubuntu0.16.04.2_amd64.ddeb
 c4bf81ecccf989c6b301aa062b4d9b5753156fe71f17fc040f3607504079b8f1 90766 patch_2.7.5-1ubuntu0.16.04.2_amd64.deb
Files:
 d7d998c27c63ca02e9af186667832ac0 140954 vcs extra patch-dbgsym_2.7.5-1ubuntu0.16.04.2_amd64.ddeb
 1bfd9331a3dab21cfa2c259e5372223f 90766 vcs standard patch_2.7.5-1ubuntu0.16.04.2_amd64.deb
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>