Format: 1.8
Date: Tue, 23 Jul 2019 09:08:11 -0300
Source: patch
Binary: patch
Architecture: amd64
Version: 2.7.6-3ubuntu0.1
Distribution: disco
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lgw01-amd64-036.buildd>
Changed-By: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Description:
 patch      - Apply a diff file to an original
Changes:
 patch (2.7.6-3ubuntu0.1) disco-security; urgency=medium
 .
   * SECURITY UPDATE: Directory traversal
     - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless
       --follow-symlinks is given in src/inp.c, src/util.c.
     - CVE-2019-13636
   * SECURITY UPDATE: Shell command injection
     - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of
       using the shell in src/pch.c.
     - CVE-2019-13638
Checksums-Sha1:
 164ed11fc37d575416c7945e2f4c7de6e63bd18f 242312 patch-dbgsym_2.7.6-3ubuntu0.1_amd64.ddeb
 8875dfc6860a34849a9df632942ba74dabd04eb8 5100 patch_2.7.6-3ubuntu0.1_amd64.buildinfo
 e2220c5f679bba68133bb66417e6e6a8ce852090 104680 patch_2.7.6-3ubuntu0.1_amd64.deb
Checksums-Sha256:
 70038c7bc1e0efa5830ef949b9bad325383939ce2b26e9dfc5eee7c40a942986 242312 patch-dbgsym_2.7.6-3ubuntu0.1_amd64.ddeb
 0305c9d51931028e84da3cdc527b0c068083a1b726c41192204eb606ffd41df5 5100 patch_2.7.6-3ubuntu0.1_amd64.buildinfo
 36e15e14cc9b6a3b52ca5e37e49817767923645ebca0918a9803d48a3c8c7f3a 104680 patch_2.7.6-3ubuntu0.1_amd64.deb
Files:
 a3b61bb49e3ee21b6834e3a79a7012b2 242312 debug optional patch-dbgsym_2.7.6-3ubuntu0.1_amd64.ddeb
 c2b0a45bc628455ee64489923be90be6 5100 vcs optional patch_2.7.6-3ubuntu0.1_amd64.buildinfo
 f79c3460a41ea4fabe8027bafe4d420d 104680 vcs optional patch_2.7.6-3ubuntu0.1_amd64.deb
Original-Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>