Oval Definition:oval:org.opensuse.security:def:93301
Revision Date:2022-06-02Version:1
Title: (Moderate)
Description:

This update for patch fixes the following issues:

Security issues fixed:

- CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041). - CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985).

Bugfixes:

- Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572). - Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106).
Family:unixClass:patch
Status:Reference(s):1080985
1111572
1142041
1174075
1176708
1178801
1178969
1180243
1180401
1181730
1181732
1198106
CVE-2018-6952
CVE-2019-13636
CVE-2020-15257
CVE-2021-21284
CVE-2021-21285
SUSE-SU-2021:0435-1
Platform(s):Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure is installed
  • AND patch-2.7.6-150000.5.3.1 is installed
    • Definition Synopsis
  • SUSE Manager Server 4.0 is installed
  • AND Package Information
  • containerd-1.3.9-5.29.3 is installed
  • OR docker-19.03.15_ce-6.43.3 is installed
  • OR docker-bash-completion-19.03.15_ce-6.43.3 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2908_55e924b8a842-4.28.3 is installed
  • OR docker-runc-1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 is installed
    • BACK