CVE-2016-10713

CVE-2016-10713 affects GNU patch up to version 2.7.6, with an out-of-bounds access in pch_write_line() in pch.c that can cause a DoS via a crafted patch file. Several connected advisories note fixes/patches (e.g., Oracle Linux ELSA-2019-2033, EulerOS advisories) and reference that the vulnerable ...

CVE-2015-1396

GNU patch before 2.7.4 is vulnerable to a directory-traversal via a symlink attack in a patch file, allowing remote write of arbitrary files. Root cause: incomplete fix for CVE-2015-1196. Affected: GNU patch (up to 2.7.3). Remediation: upgrade to 2.7.4 or later; no further details provided in the...