GLSA-201612-12 : Patch: Denial of Service
Medium Nessus Plugin ID 95527
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201612-12 (Patch: Denial of Service)
Due to a flaw in Patch, the application can enter an infinite loop when processing a specially crafted diff file.
A local attacker could pass a specially crafted diff file to Patch, possibly resulting in a Denial of Service condition.
There is no known workaround at this time.
SolutionAll patch users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=sys-devel/patch-2.7.4'