File _patchinfo of Package patchinfo.6939

<patchinfo incident="6939">
  <issue id="1080951" tracker="bnc">VUL-1: CVE-2018-6951 patch: NULL pointer dereference in pch.c:intuit_diff_type() causes a crash</issue>
  <issue id="1080918" tracker="bnc">VUL-1: CVE-2016-10713: patch: Out-of-bounds access in pch_write_line() in pch.c can to DoS</issue>
  <issue id="1088420" tracker="bnc">VUL-0: CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands</issue>
  <issue id="2018-1000156" tracker="cve" />
  <issue id="2016-10713" tracker="cve" />
  <issue id="2018-6951" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jdelvare</packager>
  <description>This update for patch fixes the following issues:

Security issues fixed:

- CVE-2018-1000156: Malicious patch files cause ed to execute arbitrary commands (bsc#1088420).
- CVE-2018-6951: Fixed NULL pointer dereference in the intuit_diff_type function in pch.c (bsc#1080918).
- CVE-2016-10713: Fixed out-of-bounds access within pch_write_line() in pch.c (bsc#1080918).

</description>
  <summary>Security update for patch</summary>
</patchinfo>
Places

File _patchinfo of Package patchinfo.6939

Places
