Date: Sat, 01 Aug 2015 08:49:34 -0500 From: Mark Felder <feld@...d.me> To: oss-security@...ts.openwall.com Subject: Re: CVE-2015-1416: vulnerability in patch(1) On Thu, Jul 30, 2015, at 07:05, Adam Maris wrote: > Hello, > > I'd like to know whether CVE-2015-1416 is BSD-only issue > (https://www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc) > or does it also affect upstream patch(1) utility? > In that case, is it tracked in upstream? > > Thank you > > -- > Adam Maris / Red Hat Product Security > Hi Adam, Which upstream? There are a few different flavors of patch(1) out there. The one in FreeBSD is a variant of Larry Wall's patch, not GNU patch.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ