Bugzilla – Bug 915328
VUL-1: CVE-2015-1395: patch: directory traversal via file rename
Last modified: 2016-10-05 06:37:28 UTC
rh#1184490 It was reported [1] that the versions of the patch utility that support Git-style patches are vulnerable to a directory traversal flaw. This could allow an attacker to overwrite arbitrary files by applying a specially crafted patch, with the privileges of the user running patch. A reproducer for this issue is available in [1]. Upstream bugreport: http://savannah.gnu.org/bugs/?44059 [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873 References: https://bugzilla.redhat.com/show_bug.cgi?id=1184490 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1395 http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-1395.html
bugbot adjusting priority
As far as I can see this is fixed since GNU patch version 2.7.3, presumably by commit "For renames and copies, make sure that both file names are valid": http://git.savannah.gnu.org/cgit/patch.git/commit/?id=17953b5893f7c9835f0dd2a704ba04e0371d2cbd
This is an autogenerated message for OBS integration: This bug (915328) was mentioned in https://build.opensuse.org/request/show/309612 13.2+13.1 / patch
SUSE-SU-2015:1019-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (moderate) Bug References: 904519,913678,915328,915329 CVE References: CVE-2015-1196,CVE-2015-1395,CVE-2015-1396 Sources used: SUSE Linux Enterprise Server 12 (src): patch-2.7.5-7.1 SUSE Linux Enterprise Desktop 12 (src): patch-2.7.5-7.1
Fixed long ago, closing.