Package: patch / 2.7.5-1+deb8u1

Metadata

Package Version Patches format
patch 2.7.5-1+deb8u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
path_max | (download)

src/util.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 
---
558485 backupmode | (download)

patch.man | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

 
---
m merge | (download)

src/patch.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
---
patch bug 1306412.diff | (download)

src/patch.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 
---
Fix_arbitrary_command_execution_in_ed style_patches.patch | (download)

src/pch.c | 89 66 + 23 - 0 !
tests/Makefile.am | 3 2 + 1 - 0 !
tests/Makefile.in | 10 9 + 1 - 0 !
tests/ed-style | 41 41 + 0 - 0 !
4 files changed, 118 insertions(+), 25 deletions(-)

 
 fix arbitrary command execution in ed-style patches
 (CVE-2018-1000156)

* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.
Fix_ed style_test_failure.patch | (download)

tests/ed-style | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 
 fix 'ed-style' test failure.

* tests/ed-style: Remove '?' line from expected output.