Last week, patch-2.7.3 was released fixing CVE-2015-1196. Both Fedora 20 and Fedora 21 have testing updates: https://admin.fedoraproject.org/updates/FEDORA-2015-1165 https://admin.fedoraproject.org/updates/FEDORA-2015-1134
The fix prevents patches applying if they are for symbolic links with a target containing the ".." pathname component: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901#13 Please be aware that some legitimate patches may fail as a result, until a better fix can be found. Tim. */
signature.asc
Description: This is a digitally signed message part
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
