Format: 1.8
Date: Tue, 23 Jul 2019 09:17:32 -0300
Source: patch
Binary: patch
Architecture: armhf
Version: 2.7.5-1ubuntu0.16.04.2
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-arm64-052.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 patch      - Apply a diff file to an original
Changes:
 patch (2.7.5-1ubuntu0.16.04.2) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: Directory traversal
     - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
       --follow-symlinks is given in src/inp.c, src/util.c.
     - CVE-2019-13636
   * SECURITY UPDATE: Shell command injection
     - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
       using the shell in src/pch.c.
     - CVE-2019-13638
Checksums-Sha1:
 16ba856e841e33ef25463df3f10b34d28db0e9ba 138588 patch-dbgsym_2.7.5-1ubuntu0.16.04.2_armhf.ddeb
 6f7a2afeed176f4a6086bc07cdd6c4673dd1445e 82028 patch_2.7.5-1ubuntu0.16.04.2_armhf.deb
Checksums-Sha256:
 893c15182f44728eafaa29d0d1826e92720fe2a50ad3eb8eef7e330fdf820190 138588 patch-dbgsym_2.7.5-1ubuntu0.16.04.2_armhf.ddeb
 f4d6466e6ba452d7ab203ac08ea5a427799a1309ca9cbf19b1d2e864381ccfb7 82028 patch_2.7.5-1ubuntu0.16.04.2_armhf.deb
Files:
 e5723cd05f793118972b2131b9429a11 138588 vcs extra patch-dbgsym_2.7.5-1ubuntu0.16.04.2_armhf.ddeb
 002711a8685c288195da91b4b1fc668b 82028 vcs standard patch_2.7.5-1ubuntu0.16.04.2_armhf.deb
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>