Debian Linux Security Advisory 4489-1 - Imre Rad discovered several vulnerabilities in GNU patch, leading to shell command injection or escape from the working directory and access and overwrite files, if specially crafted patch files are processed.
629bdd444567253abe16946a2abbf219c2b6e287a64661215bc9b20cf3983ebc