SUSE-SU-2022:1925-1 -- SLES patchID: oval:org.secpod.oval:def:89047477 | Date: (C)2022-06-14 (M)2023-12-20 |
Class: PATCH | Family: unix |
This update for patch fixes the following issues: Security issues fixed: - CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches . - CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash . Bugfixes: - Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn"t apply, leading to a segmentation fault . - Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply .
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP3 |