Apply a patch from Debian to fix CVE-2006-2971. Bump PKGREVISION to 1.

3 files changed, 17 insertions, 2 deletions

diff --git a/games/0verkill/Makefile b/games/0verkill/Makefile
index 905b6e80758..1a29a6b8dec 100644
--- a/games/0verkill/Makefile
+++ b/games/0verkill/Makefile
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.6 2008/03/04 06:59:03 jlam Exp $
+# $NetBSD: Makefile,v 1.7 2009/08/15 06:01:13 snj Exp $
 
 DISTNAME=	0verkill-0.16
+PKGREVISION=	1
 CATEGORIES=	games
 MASTER_SITES=	http://artax.karlin.mff.cuni.cz/~brain/0verkill/release/
 EXTRACT_SUFX=	.tgz
diff --git a/games/0verkill/distinfo b/games/0verkill/distinfo
index 688fad4fb6e..129fbfc5839 100644
--- a/games/0verkill/distinfo
+++ b/games/0verkill/distinfo
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.5 2006/09/07 05:39:37 adam Exp $
+$NetBSD: distinfo,v 1.6 2009/08/15 06:01:13 snj Exp $
 
 SHA1 (0verkill-0.16.tgz) = 6ce4152f20709175e0bad80cc79ec00e2064a100
 RMD160 (0verkill-0.16.tgz) = fdf7a132dfa0312d8d732b2bf2999e7264685eec
 Size (0verkill-0.16.tgz) = 276579 bytes
 SHA1 (patch-aa) = 76aabb51290a414298dcb4a9c954b0f41467ca3f
 SHA1 (patch-ab) = 01793413fb1f2eafeaed2dc5d7532b2269a8d38a
+SHA1 (patch-ac) = 96e065dd3e6e6d9e8a26fda1294dfc1633ab600b
diff --git a/games/0verkill/patches/patch-ac b/games/0verkill/patches/patch-ac
new file mode 100644
index 00000000000..61e0be12adc
--- /dev/null
+++ b/games/0verkill/patches/patch-ac
@@ -0,0 +1,13 @@
+$NetBSD: patch-ac,v 1.1 2009/08/15 06:01:13 snj Exp $
+
+--- net.c.orig	2009-08-14 22:29:07.000000000 -0700
++++ net.c	2009-08-14 22:30:17.000000000 -0700
+@@ -91,7 +91,7 @@ client has: sender_server 1, recipient m
+ 	r=p[8]+(p[9]<<8)+(p[10]<<16)+(p[11]<<24);
+ 	mem_free(p);
+ 	if (retval==-1)return -1;
+-	if (crc!=crc32(packet,retval-12))return -1;
++	if (retval < 12 || crc!=crc32(packet,retval-12))return -1;
+ 	if (r!=recipient)return -1;
+ 	if (sender_server&&s)return -1;
+ 	return retval-12;