Skip to content
Snippets Groups Projects
Select Git revision
  • fix-ccache
  • devel default protected
  • pppd-pppoe
  • jani-remove-obsolete-kernel-options
  • Bug_7366
  • release-6.4
  • docker-nodejs-system-bump-fixuid
  • agnau-ex400-old-binutils
  • econet-devel
  • jani-boot-fallback
  • agnau-nvg578lx
  • cjndm-6.4
  • arjo_dna0332tls
  • cjndm-6.4-lxc
  • feature-wl-impl87-integration
  • cjndm-6.4-flowoffload-blog-skip
  • agnau-bcmlinux-update
  • container
  • update_cwmp_runtime_data
  • master
  • 6.4.1
  • 6.4.1RC5
  • 6.4.1RC4
  • 6.4.1RC3
  • 6.5.0ALPHA3
  • 6.4.1RC2
  • 6.4.1RC1
  • 6.5.0ALPHA2
  • 6.4.1BETA3
  • 6.4.1BETA2
  • 6.5.0ALPHA1
  • 6.4.1BETA1
  • 6.4.0
  • 6.4.0RC3
  • 6.4.0RC2
  • 6.4.0RC1
  • 6.4.0BETA3
  • 6.4.0BETA2
  • 6.4.0BETA1
  • 6.4.0ALPHA3
40 results
Compare
Forked from IOPSYS / IOWRT
22486 commits behind the upstream repository.
user avatar
tools/patch: apply upstream patch for cve-2019-13638
Russell Senior authored 
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638



Signed-off-by: default avatarRussell Senior <russell@personaltelco.net>
(cherry picked from commit bcfd1d76)
46e9a9b0
History
user avatar 46e9a9b0
History
Name Last commit Last update
..
patches
Makefile