Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 01 Aug 2015 08:49:34 -0500
From: Mark Felder <feld@...d.me>
To: oss-security@...ts.openwall.com
Subject: Re: CVE-2015-1416: vulnerability in patch(1)



On Thu, Jul 30, 2015, at 07:05, Adam Maris wrote:
> Hello,
> 
> I'd like to know whether CVE-2015-1416 is BSD-only issue 
> (https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc) 
> or does it also affect upstream patch(1) utility?
> In that case, is it tracked in upstream?
> 
> Thank you
> 
> -- 
> Adam Maris / Red Hat Product Security
> 

Hi Adam,

Which upstream? There are a few different flavors of patch(1) out there.
The one in FreeBSD is a variant of Larry Wall's patch, not GNU patch.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ