Format: 1.8
Date: Tue, 23 Jul 2019 09:17:32 -0300
Source: patch
Binary: patch
Architecture: i386
Version: 2.7.5-1ubuntu0.16.04.2
Distribution: xenial
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-035.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 patch      - Apply a diff file to an original
Changes:
 patch (2.7.5-1ubuntu0.16.04.2) xenial-security; urgency=medium
 .
   * SECURITY UPDATE: Directory traversal
     - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
       --follow-symlinks is given in src/inp.c, src/util.c.
     - CVE-2019-13636
   * SECURITY UPDATE: Shell command injection
     - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
       using the shell in src/pch.c.
     - CVE-2019-13638
Checksums-Sha1:
 af5ad882d32929e99891fc4d360bbb605f9c4beb 130686 patch-dbgsym_2.7.5-1ubuntu0.16.04.2_i386.ddeb
 13cc12d0a40d37d1790b8c7b020e8e25a4aef04a 99678 patch_2.7.5-1ubuntu0.16.04.2_i386.deb
Checksums-Sha256:
 db5292da8b1dc65b972bb01d778de878d8a03e86c7b719e6415044917864e584 130686 patch-dbgsym_2.7.5-1ubuntu0.16.04.2_i386.ddeb
 59d5025430ea5d2c38f96b086ab57b92d5b7d9271d054bdbd30273ee3c4122b7 99678 patch_2.7.5-1ubuntu0.16.04.2_i386.deb
Files:
 bf0867bdc8cd1cb34005432aac7ea866 130686 vcs extra patch-dbgsym_2.7.5-1ubuntu0.16.04.2_i386.ddeb
 f82842ed45f9fc4584125c84b1d929b6 99678 vcs standard patch_2.7.5-1ubuntu0.16.04.2_i386.deb
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>