[Bug 918058] New: GNU patch update breaks legitimate use of symbolic links
http://bugzilla.opensuse.org/show_bug.cgi?id=918058 Bug ID: 918058 Summary: GNU patch update breaks legitimate use of symbolic links Classification: openSUSE Product: openSUSE 13.1 Version: Final Hardware: All OS: openSUSE 13.1 Status: NEW Severity: Normal Priority: P5 - None Component: Development Assignee: bnc-team-screening@forge.provo.novell.com Reporter: jdelvare@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- The security fix for bug #913678 breaks legitimate use cases of relative symbolic links. Upstream has reverted the security hot fix: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=290ffcb488bea5caec6d76... And instead implemented a secure way of handling symbolic links: http://git.savannah.gnu.org/cgit/patch.git/commit/?id=025a54b789bd88ed15430f... http://git.savannah.gnu.org/cgit/patch.git/commit/?id=71a3172c7ecb1fad796584... This new approach no longer breaks legitimate use cases. This is all in GNU patch version 2.7.4, so I think we want to trigger another maintenance update. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=918058
Jean Delvare
http://bugzilla.opensuse.org/show_bug.cgi?id=918058
--- Comment #1 from Jean Delvare
http://bugzilla.opensuse.org/show_bug.cgi?id=918058
--- Comment #2 from Jean Delvare
participants (1)
-
bugzilla_noreply@novell.com