On Sun, Mar 14, 2021 at 05:37:25PM -0400, Mark H Weaver wrote: > [email protected]: probably vulnerable to CVE-2019-13636, CVE-2019-13638, > CVE-2019-20633, CVE-2018-1000156, CVE-2018-20969, CVE-2018-6951, CVE- > 2018-6952
I tried building a "fixed" package of patch, cherry-picking bug fix patches from patch.git. Unfortunately, the patches largely don't apply to the most recent release of patch. Since there is no release fixing these bugs, and no clear advice about which patches to apply, I'm going to stop working on this for now.
