Package: patch / 2.7.5-1+deb9u2

Metadata

Package Version Patches format
patch 2.7.5-1+deb9u2 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
path_max | (download)

src/util.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

 
---
558485 backupmode | (download)

patch.man | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

 
---
m merge | (download)

src/patch.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
---
patch bug 1306412.diff | (download)

src/patch.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 
---
Fix_arbitrary_command_execution_in_ed style_patches.patch | (download)

src/pch.c | 89 66 + 23 - 0 !
tests/Makefile.am | 3 2 + 1 - 0 !
tests/Makefile.in | 10 9 + 1 - 0 !
tests/ed-style | 41 41 + 0 - 0 !
4 files changed, 118 insertions(+), 25 deletions(-)

 
 fix arbitrary command execution in ed-style patches
 (CVE-2018-1000156)

* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.
Fix_ed style_test_failure.patch | (download)

tests/ed-style | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 
 fix 'ed-style' test failure.

* tests/ed-style: Remove '?' line from expected output.
0001 CVE 2019 13636.patch | (download)

src/inp.c | 12 10 + 2 - 0 !
src/util.c | 14 11 + 3 - 0 !
2 files changed, 21 insertions(+), 5 deletions(-)

 
 don't follow symlinks unless --follow-symlinks is given

* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file,
append_to_file): Unless the --follow-symlinks option is given, open files with
the O_NOFOLLOW flag to avoid following symlinks.  So far, we were only doing
that consistently for input files.
* src/util.c (create_backup): When creating empty backup files, (re)create them
with O_CREAT | O_EXCL to avoid following symlinks in that case as well.
0002 CVE 2019 13638.patch | (download)

src/pch.c | 6 2 + 4 - 0 !
1 file changed, 2 insertions(+), 4 deletions(-)

 
 invoke ed directly instead of using the shell

* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.
0003 Do_not_leak_temporary_file.patch | (download)

src/common.h | 2 2 + 0 - 0 !
src/patch.c | 1 1 + 0 - 0 !
src/pch.c | 11 5 + 6 - 0 !
3 files changed, 8 insertions(+), 6 deletions(-)

 
 don't leak temporary file on failed ed-style patch

Now that we write ed-style patches to a temporary file before we
apply them, we need to ensure that the temporary file is removed
before we leave, even on fatal error.

* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
  tmpname. Don't unlink the file directly, instead tag it for removal
  at exit time.
* src/patch.c (cleanup): Unlink TMPEDNAME at exit.

This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820

Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
0004 Do_not_leak_temporary_file_on_failed_multi file.patch | (download)

src/patch.c | 1 1 + 0 - 0 !
tests/ed-style | 31 31 + 0 - 0 !
2 files changed, 32 insertions(+)

 
 don't leak temporary file on failed multi-file ed-style patch

The previous fix worked fine with single-file ed-style patches, but
would still leak temporary files in the case of multi-file ed-style
patch. Fix that case as well, and extend the test case to check for
it.

* src/patch.c (main): Unlink TMPEDNAME if needed before moving to
  the next file in a patch.

This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820

Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")