To patch a chroot'ed environment the only solution I see is to install the patch in the non-chrooted environment and to replace (manually again !!) the vulnerable libraries, executable and configuration files.
This is of course a very long and fastidious task.
Does it exist some tools to help the admin to do this more easily and to avoid to start "so to speak , from scratch" each time a security hole is found ?
Thanks for your info !