Now
MAIN commitmail json YAML
games/nethack: security update to 3.6.4.
https://www.nethack.org/security/index.html:
NetHack: Privilege escalation/remote code execution/crash in
configuration parsing
Severity: High
Affected versions: 3.6.0, 3.6.1, 3.6.2, 3.6.3
First Patched Version: 3.6.4
Basic Information:
A buffer overflow issue exists when reading very long lines from a
NetHack configuration file (usually named .nethackrc).
This vulnerability affects systems that have NetHack installed suid/sgid
and shared systems that allow users to upload their own configuration
files.
All users are urged to upgrade to NetHack 3.6.4 as soon as possible.
Additional information related to this advisory, if any, will be made
available at https://nethack.org/security.
https://www.nethack.org/security/index.html:
NetHack: Privilege escalation/remote code execution/crash in
configuration parsing
Severity: High
Affected versions: 3.6.0, 3.6.1, 3.6.2, 3.6.3
First Patched Version: 3.6.4
Basic Information:
A buffer overflow issue exists when reading very long lines from a
NetHack configuration file (usually named .nethackrc).
This vulnerability affects systems that have NetHack installed suid/sgid
and shared systems that allow users to upload their own configuration
files.
All users are urged to upgrade to NetHack 3.6.4 as soon as possible.
Additional information related to this advisory, if any, will be made
available at https://nethack.org/security.