-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : patch Version : 2.7.5-1+deb8u3 CVE ID : CVE-2019-13638
An issue with quoting has been found in patch, a tool to apply a diff file to an original, when invoking ed. In order to avoid this, ed is now directly started instead of calling a shell which starts ed.
For Debian 8 "Jessie", this problem has been fixed in version 2.7.5-1+deb8u3. We recommend that you upgrade your patch packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl06GOtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEcmYA//bPNSyNc8hnm65rA8lf6010Lu85oZUPbasF1apmGYUGvgvbMoxVLvcKK7 7ypngSMo3utyZt8zdV56nWW4Z2MPD3LnNWP465+8AMkXHhFBRWAQ0KWxTjENbBn8 52jxJmBytw34brsU6pPVNkgQ25B+DFCEC3DcSSJAoRveZbDBlQdu/6k4ByWppfMO SUcYytcHCUHQl6zEdMOhY7K/Cb9PkkvjlC8K0HF2fGDF45Nh8Bo1YXBCUZcOhepw uf6MxjgNYOYACPm6Wo7aUlBz41BbK9UNgmjRhJ0Bj3/ke4N24O7o/HlKdTfzUwNm X8SLVb0PAHhnbT+Z9tHxWqHPO7R2+QWZZ+2PJPo/F6tNnfZ6zdeLN+16EhajzucT qa++T7qb1MxHgNNa+hMCp6j0XZat6Z45wIJEBd25c0+P4edsWWwMMMakhPrMqVZu TO7w3ipfUFjjooH3+mClBSJhq07pgs31xR+PXTGAh4Z8SDPT1cVhkiMEiCpIRvip lcGI/WfTR+Bm6kktJu6KPSBpyhuVDv25/GjXqVVPDfE0KTD3dxWpbhDsKGoJDuQH S7Ic8S7dwNabVbKzBmDi984rs/G/Qr8mjdi+6e+XgN6rhzqtk4xAagqIyF0YrHCC KHbsXedb+jRKQRf5/8cxN64K9L5WFCidqx6ZfbdxGkTERBf8bm0= =Ruoe -----END PGP SIGNATURE-----
