Security update for patch
This update for patch fixes the following issues:
Security issues fixed:
- CVE-2018-1000156: Malicious patch files cause ed to execute arbitrary commands (bsc#1088420).
- CVE-2018-6951: Fixed NULL pointer dereference in the intuit_diff_type function in pch.c (bsc#1080918).
- CVE-2016-10713: Fixed out-of-bounds access within pch_write_line() in pch.c (bsc#1080918).
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Jean Delvare (jdelvare)
Fixed bugs
bnc#1080951
VUL-1: CVE-2018-6951 patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash
bnc#1080918
VUL-1: CVE-2016-10713: patch: Out-of-bounds access in pch_write_line() in pch.c can to DoS
bnc#1088420
VUL-0: CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands
