Information on source package patch

Available versions

ReleaseVersion
jessie2.7.5-1+deb8u3
stretch2.7.5-1+deb9u2
buster2.7.6-3+deb10u1
bullseye2.7.6-7
bookworm2.7.6-7
trixie2.7.6-7
sid2.7.6-7

Open unimportant issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2021-45261vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn Invalid Pointer vulnerability exists in GNU patch 2.7 via the anoth ...
CVE-2018-6952vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableA double free exists in the another_hunk function in pch.c in GNU patc ...
CVE-2018-6951vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in GNU patch through 2.7.6. There is a segment ...
CVE-2016-10713vulnerablevulnerablefixedfixedfixedfixedfixedAn issue was discovered in GNU patch before 2.7.6. Out-of-bounds acces ...
CVE-2010-4651vulnerablevulnerablevulnerablevulnerablevulnerablevulnerablevulnerableDirectory traversal vulnerability in util.c in GNU patch 2.6.1 and ear ...

Resolved issues

BugDescription
TEMP-0776271-06C3A9Infinite loop in patch
CVE-2019-20633GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vul ...
CVE-2019-13638GNU patch through 2.7.6 is vulnerable to OS shell command injection th ...
CVE-2019-13636In GNU patch through 2.7.6, the following of symlinks is mishandled in ...
CVE-2018-1000156GNU Patch version 2.7.6 contains an input validation vulnerability whe ...
CVE-2018-20969do_ed_script in pch.c in GNU patch through 2.7.6 does not block string ...
CVE-2015-1416Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 ...
CVE-2015-1396A Directory Traversal vulnerability exists in the GNU patch before 2.7 ...
CVE-2015-1395Directory traversal vulnerability in GNU patch versions which support ...
CVE-2015-1196GNU patch 2.7.1 allows remote attackers to write to arbitrary files vi ...
CVE-2014-9637GNU patch 2.7.2 and earlier allows remote attackers to cause a denial ...

Security announcements

DSA / DLADescription
DSA-4489-1patch - security update
DLA-1864-1patch - security update
ELA-147-1patch - security update
DLA-1856-1patch - security update
ELA-144-1patch - security update
DLA-1348-1patch - security update

Search for package or bug name: Reporting problems