ALT-PU-2015-1846-1
Closed vulnerabilities
BDU:2017-02046
Уязвимость компонента, поддерживаемого Git-style, программной Unix-утилиты GNU Patch операционных систем Ubuntu, Fedora, позволяющая нарушителю изменять произвольные файлы
BDU:2017-02048
Уязвимость программной Unix-утилиты GNU Patch операционных систем Ubuntu, Fedora и Linux-дистрибутива Mageia, позволяющая нарушителю вызвать отказ в обслуживании при помощи специально созданного diff-файла
Modified: 2024-11-21
CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service (memory consumption and segmentation fault) via a crafted diff file.
- http://advisories.mageia.org/MGASA-2015-0068.html
- http://advisories.mageia.org/MGASA-2015-0068.html
- FEDORA-2015-1165
- FEDORA-2015-1165
- FEDORA-2015-1134
- FEDORA-2015-1134
- [oss-security] 20150122 Re: CVE request: directory traversal flaw in patch
- [oss-security] 20150122 Re: CVE request: directory traversal flaw in patch
- 72286
- 72286
- USN-2651-1
- USN-2651-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1185262
- https://bugzilla.redhat.com/show_bug.cgi?id=1185262
- https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944
- https://git.savannah.gnu.org/cgit/patch.git/commit/?id=0c08d7a902c6fdd49b704623a12d8d672ef18944
- https://savannah.gnu.org/bugs/?44051
- https://savannah.gnu.org/bugs/?44051
Modified: 2024-11-21
CVE-2015-1196
GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file.
- http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3
- http://git.savannah.gnu.org/cgit/patch.git/commit/?id=4e9269a5fc1fe80a1095a92593dd85db871e1fd3
- openSUSE-SU-2015:0199
- openSUSE-SU-2015:0199
- [oss-security] 20150118 Re: CVE request: directory traversal flaw in patch
- [oss-security] 20150118 Re: CVE request: directory traversal flaw in patch
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
- 72074
- 72074
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775227
- https://bugzilla.redhat.com/show_bug.cgi?id=1182154
- https://bugzilla.redhat.com/show_bug.cgi?id=1182154
- gnupatch-unspecified-symlink(99967)
- gnupatch-unspecified-symlink(99967)
Modified: 2024-11-21
CVE-2015-1395
Directory traversal vulnerability in GNU patch versions which support Git-style patching before 2.7.3 allows remote attackers to write to arbitrary files with the permissions of the target user via a .. (dot dot) in a diff file name.
- FEDORA-2015-1165
- FEDORA-2015-1165
- FEDORA-2015-1134
- FEDORA-2015-1134
- [oss-security] 20150127 Re: CVE Request: patch: directory traversal via file rename
- [oss-security] 20150127 Re: CVE Request: patch: directory traversal via file rename
- 72846
- 72846
- USN-2651-1
- USN-2651-1
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
- https://bugzilla.redhat.com/show_bug.cgi?id=1184490
- https://bugzilla.redhat.com/show_bug.cgi?id=1184490
- https://git.savannah.gnu.org/cgit/patch.git/commit/?id=17953b5893f7c9835f0dd2a704ba04e0371d2cbd
- https://git.savannah.gnu.org/cgit/patch.git/commit/?id=17953b5893f7c9835f0dd2a704ba04e0371d2cbd
- https://savannah.gnu.org/bugs/?44059
- https://savannah.gnu.org/bugs/?44059
Modified: 2024-11-21
CVE-2015-1396
A Directory Traversal vulnerability exists in the GNU patch before 2.7.4. A remote attacker can write to arbitrary files via a symlink attack in a patch file. NOTE: this issue exists because of an incomplete fix for CVE-2015-1196.
- http://www.openwall.com/lists/oss-security/2015/01/27/29
- http://www.openwall.com/lists/oss-security/2015/01/27/29
- [oss-security] 20150127 Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196?
- [oss-security] 20150127 Re: CVE Request: patch: CVE needed for incomplete fix for CVE-2015-1196?
- http://www.securityfocus.com/bid/75358
- http://www.securityfocus.com/bid/75358
- 75358
- 75358
- http://www.ubuntu.com/usn/USN-2651-1
- http://www.ubuntu.com/usn/USN-2651-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1186764
- https://bugzilla.redhat.com/show_bug.cgi?id=1186764