Format: 1.8 Date: Tue, 23 Jul 2019 09:08:11 -0300 Source: patch Binary: patch Architecture: s390x Version: 2.7.6-3ubuntu0.1 Distribution: disco Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: patch - Apply a diff file to an original Changes: patch (2.7.6-3ubuntu0.1) disco-security; urgency=medium . * SECURITY UPDATE: Directory traversal - debian/patches/CVE-2019-13636.patch: Don't follow symlinks unless --follow-symlinks is given in src/inp.c, src/util.c. - CVE-2019-13636 * SECURITY UPDATE: Shell command injection - debian/patches/CVE-2019-13638.patch: Invoke ed directly instead of using the shell in src/pch.c. - CVE-2019-13638 Checksums-Sha1: 01867c79c48458075f7c4d8b4240024c61503e1e 249408 patch-dbgsym_2.7.6-3ubuntu0.1_s390x.ddeb c8bd19564576ed53caa7fabf0e1a8915aa827d2a 4958 patch_2.7.6-3ubuntu0.1_s390x.buildinfo 42d2f3cd4519902a9158b7002caf4654f30a6c24 102324 patch_2.7.6-3ubuntu0.1_s390x.deb Checksums-Sha256: 3d77406e45bfa9fc1aaeacd29e958b329588b6253c8e3761c81a786df6d8e196 249408 patch-dbgsym_2.7.6-3ubuntu0.1_s390x.ddeb 88b52c0876ed0cb8e19d385f96f8f2f4dd81988bed8f2674fc34aa14262bc61f 4958 patch_2.7.6-3ubuntu0.1_s390x.buildinfo 375d11074726e31bca2d0c9d89b931853c806668b94354045ffb28c9233f432f 102324 patch_2.7.6-3ubuntu0.1_s390x.deb Files: 8b63909d9c67b4ff24449b87b2f2ac36 249408 debug optional patch-dbgsym_2.7.6-3ubuntu0.1_s390x.ddeb 02df3209156fcb1ff3cf7be2302392bf 4958 vcs optional patch_2.7.6-3ubuntu0.1_s390x.buildinfo 4e9c2561e7bf46faa4d083a73dd69121 102324 vcs optional patch_2.7.6-3ubuntu0.1_s390x.deb Original-Maintainer: Laszlo Boszormenyi (GCS)