This script is Copyright (C) 2015 Tenable Network Security, Inc.
The remote Mandriva Linux host is missing a security update.
Updated patch package fixes security vulnerabilities :
It was reported that a crafted diff file can make patch eat memory and
later segfault (CVE-2014-9637).
It was reported that the versions of the patch utility that support
Git-style patches are vulnerable to a directory traversal flaw. This
could allow an attacker to overwrite arbitrary files by applying a
specially crafted patch, with the privileges of the user running patch
GNU patch before 2.7.4 allows remote attackers to write to arbitrary
files via a symlink attack in a patch file (CVE-2015-1196).
See also :
Update the affected patch package.
Risk factor :
Medium / CVSS Base Score : 4.3