14 DAY TRIAL // Details about GNU patch vulnerabilities that have been found and fixed in Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS have now been published by Canonical in a security notification.
Ubuntu maintainers have been quick to integrate the latest changes for GNU Patch, which is an important component in the operating system. It's worth noting that Ubuntu 15.04 hasn't been affected but this issue. In any case, if you have any of the aforementioned OSes, this would be a good time to update.
"Jakub Wilk discovered that GNU patch did not correctly handle symbolic links in git style patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10," reads the security notice.
This is just one of the problems that have been identified and corrected with this particular update. For a more detailed description of the problems, you can see Canonical's security notification. Users have been advised to upgrade their systems as soon as possible.
The problems can be repaired if you upgrade your system to the latest patch package specific to each distribution. To apply the patch, users will have to run the Update Manager application. A reboot of the system is not required.