patch(1): fix arbitrary code execution bug

This is the combination of two NetBSD patches committed by Christos
Zoulas, based on the findings and Bitrig patch by Martin Natano.
The NetBSD log messages read:

  From Martin Natano @bitrig: Use execve(2) instead of system to
  apply patches that require rcs command execution instead system(3)
  to avoid malicious filenames in patches causing bad things to
  happen. In the process, lose SCCS support. It is not like we are
  shipping sccs commands for that to work.

And:

  Use absolute paths for RCS commands (Martin Natano)

Change-Id: Id44bd59a5a6bc6cd95d1e1fae468bd718cfff2db

0 files changed, 0 insertions, 0 deletions