From ${URL} : There is a directory traversal flaw via file rename. It was reported to the Debian BTS as #775873[1] and is different from #775227, which was a directory traversal via symlinks and got CVE-2015-1196. [1] https://bugs.debian.org/775873 [2] https://savannah.gnu.org/bugs/?44059 @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
This is fixed in =sys-devel/patch-2.7.3. Stabilization of that version is handled in bug #536614.
Maintainer(s), Thank you for you for cleanup. GLSA Vote: No
GLSA vote: no. Closing as [noglsa]