========================================================================== Ubuntu Security Notice USN-3624-1 April 10, 2018 patch vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in Patch. Software Description: - patch: Apply a diff file to an original Details: It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. (CVE-2016-10713) It was discovered that Patch incorrectly handled certain input validation. An attacker could possibly use this to execute arbitrary code. (CVE-2018-1000156) It was discovered that Patch incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. (CVE-2018-6951) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.10: patch 2.7.5-1ubuntu0.2 Ubuntu 16.04 LTS: patch 2.7.5-1ubuntu0.16.04.1 Ubuntu 14.04 LTS: patch 2.7.1-4ubuntu2.4 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/usn/usn-3624-1 CVE-2016-10713, CVE-2018-1000156, CVE-2018-6951 Package Information: https://launchpad.net/ubuntu/+source/patch/2.7.5-1ubuntu0.2 https://launchpad.net/ubuntu/+source/patch/2.7.5-1ubuntu0.16.04.1 https://launchpad.net/ubuntu/+source/patch/2.7.1-4ubuntu2.4