Synopsis: Important: patch security update Advisory ID: SLSA-2019:2964-1 Issue Date: 2019-10-03 CVE Numbers: None -- Security Fix(es): * patch: do_ed_script in pch.c does not block strings beginning with a ! character (CVE-2018-20969) * patch: OS shell command injection when processing crafted patch files (CVE-2019-13638) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. -- SL7 x86_64 patch-2.7.1-12.el7_7.x86_64.rpm patch-debuginfo-2.7.1-12.el7_7.x86_64.rpm - Scientific Linux Development Team