package/patch/patch.hash

# Locally calculated after checking pgp signature
sha256	ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd	patch-2.7.6.tar.xz
# Locally calculated
sha256	8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903	COPYING
patch: security bump to version 2.7.3 Fixes CVE-2015-1196 - allows remote attackers to write to arbitrary files via a symlink attack in a patch file. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2015-01-23 07:47:56 -03:00			`# Locally calculated after checking pgp signature`
patch: security bump to version 2.7.6 Fixes CVE-2016-10713: Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. Add upstream patch fixing CVE-2018-6951: There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. This bump does NOT fix CVE-2018-6952. See upstream bug #53133 (https://savannah.gnu.org/bugs/index.php?53133). Add license file hash. Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2018-02-23 07:22:31 +02:00			`sha256 ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd patch-2.7.6.tar.xz`
			`# Locally calculated`
			`sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING`