20 matches found
SUSE: Security Advisory (SUSE-SU-2018:1162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1225)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.2.0 : patch (EulerOS-SA-2020-1225)
According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead t...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-2645)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2019-2428)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : patch (SUSE-SU-2018:1162-1)
This update for patch fixes several issues. These security issues were fixed : - CVE-2018-1000156: patch: Malicious patch files cause ed to execute arbitrary commands bsc1088420. - CVE-2014-9637: Prevent DoS by remote attackers memory consumption and segmentation fault via a crafted diff file...
CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file...
CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file...
CVE-2014-9637
CVE-2014-9637 affects GNU patch up to version 2.7.2 and earlier. The root cause is a crafted diff file triggering a denial of service via memory consumption and a segmentation fault. The vulnerability is cited across multiple advisories (EulerOS, Huawei EulerOS, OpenVAS/Nessus entries) as part of...
CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file...
USN-2651-1: GNU patch vulnerabilities
Jakub Wilk discovered that GNU patch did not correctly handle file paths in patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. CVE-2010-4651 László...
Fedora 20 : patch-2.7.5-1.fc20 (2015-1165)
Security fixes for CVE-2014-9637, CVE-2015-1196, and an infinite loop with a crafted diff. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora Update for patch FEDORA-2015-3556
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : patch (MDVSA-2015:050)
Updated patch package fixes security vulnerabilities : It was reported that a crafted diff file can make patch eat memory and later segfault CVE-2014-9637. It was reported that the versions of the patch utility that support Git-style patches are vulnerable to a directory traversal flaw. This coul...
[ MDVSA-2015:050 ] patch
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:050 http://www.mandriva.com/en/support/security/ Package : patch Date : March 2, 2015 Affected: Business Server 1.0 Problem Description: Updated patch package fixes security vulnerabilities: It was reported...
Fedora Update for patch FEDORA-2015-1553
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : patch-2.7.3-1.fc21 (2015-1134)
Security fixes for CVE-2014-9637 and CVE-2015-1196. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
patch: multiple issues
CVE-2015-1196 directory traversal A directory traversal flaw was discovered that allows remote attackers to write to arbitrary files via a symlink attack in a patch file. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch, with the privileges of the...
CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file...
UBUNTU-CVE-2014-9637
GNU patch 2.7.2 and earlier allows remote attackers to cause a denial of service memory consumption and segmentation fault via a crafted diff file...