LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Important: patch security update
Advisory ID:       SLSA-2018:1200-1
Issue Date:        2018-04-23
CVE Numbers:       CVE-2018-1000156
--

Patch should be installed because it is a common way of upgrading
applications.

Security Fix(es):

* patch: Malicious patch files cause ed to execute arbitrary commands
(CVE-2018-1000156)
--

SL7
  x86_64
    patch-2.7.1-10.el7_5.x86_64.rpm
    patch-debuginfo-2.7.1-10.el7_5.x86_64.rpm

- Scientific Linux Development Team