USN-4071-2: Patch vulnerabilities

USN-4071-2: Patch vulnerabilities

patch vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 14.04 ESM

Summary

Several security issues were fixed in Patch.

Software Description

• patch – Apply a diff file to an original

Details

USN-4071-1 fixed several vulnerabilities in Patch. This update provides
the corresponding update for Ubuntu 14.04 ESM.

Original advisory details:

It was discovered that Patch incorrectly handled certain files.
An attacker could possibly use this issue to access sensitive information.
(CVE-2019-13636)

It was discovered that Patch incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2019-13638)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 ESM

patch – 2.7.1-4ubuntu2.4+esm1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References

• USN-4071-1
• CVE-2019-13636
• CVE-2019-13638

Source: USN-4071-2: Patch vulnerabilities