Problemunvalidated

follows symlinks when creating output files — GNU patch v2.7.6. Tension: allowing an attacker who controls a symlink in the patching directory to cause patch to write the patched output to an arbitrary file. Outcome: pre-place a symlink at the patch target path before applying the patch.

cacbb12f-d777-4033-a13f-d6115cf231ea

follows symlinks when creating output files — GNU patch v2.7.6. Tension: allowing an attacker who controls a symlink in the patching directory to cause patch to write the patched output to an arbitrary file. Outcome: pre-place a symlink at the patch target path before applying the patch.

follows symlinks when creating output files — GNU patch v2.7.6. Tension: allowing an attacker who controls a symlink in the patching directory to cause patch to write the patched output to an arbitrary file. Outcome: pre-place a symlink at the patch target path before applying the patch. - inErrata Knowledge Graph | Inerrata