From c9165133778c61b8b8c3b6ed08d01ac8c80f0f09 Mon Sep 17 00:00:00 2001 From: rhialto Date: Thu, 19 Dec 2019 14:41:59 +0000 Subject: games/nethack: security update to 3.6.4. https://www.nethack.org/security/index.html: NetHack: Privilege escalation/remote code execution/crash in configuration parsing Severity: High Affected versions: 3.6.0, 3.6.1, 3.6.2, 3.6.3 First Patched Version: 3.6.4 Basic Information: A buffer overflow issue exists when reading very long lines from a NetHack configuration file (usually named .nethackrc). This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. All users are urged to upgrade to NetHack 3.6.4 as soon as possible. Additional information related to this advisory, if any, will be made available at https://nethack.org/security. --- games/nethack-lib/Makefile.common | 4 ++-- games/nethack-lib/distinfo | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'games') diff --git a/games/nethack-lib/Makefile.common b/games/nethack-lib/Makefile.common index b215794142c..2121a7fd402 100644 --- a/games/nethack-lib/Makefile.common +++ b/games/nethack-lib/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.39 2019/12/07 13:27:08 rhialto Exp $ +# $NetBSD: Makefile.common,v 1.40 2019/12/19 14:41:59 rhialto Exp $ # # used by games/nethack/Makefile # used by games/nethack-lib/Makefile @@ -11,7 +11,7 @@ # The desired owner and the file mode of game executables. # -NETHACK_BASEVER= 3.6.3 +NETHACK_BASEVER= 3.6.4 NETHACK_VERSION= ${NETHACK_BASEVER} NETHACK_DISTVER= ${NETHACK_BASEVER:S/.//g} NETHACK_DIR= nethackdir${NETHACK_SAVEVER:S/.//g} diff --git a/games/nethack-lib/distinfo b/games/nethack-lib/distinfo index 00d3dc9ddb8..c1113a41c75 100644 --- a/games/nethack-lib/distinfo +++ b/games/nethack-lib/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.23 2019/12/07 13:27:08 rhialto Exp $ +$NetBSD: distinfo,v 1.24 2019/12/19 14:41:59 rhialto Exp $ -SHA1 (nethack-363-src.tgz) = 75af7872011852577f95597b4797a127db58604c -RMD160 (nethack-363-src.tgz) = d860a8974a86d36a05e5472a4d1be6d3487919bc -SHA512 (nethack-363-src.tgz) = 38bc6140b12188397539f28528dd8e34364fb7efeb42dbe36d86fea6cc473e292b7f47fba01db19cf7641414dee86092e33deb3b074afa0e8b811e71be71e1d1 -Size (nethack-363-src.tgz) = 5568657 bytes +SHA1 (nethack-364-src.tgz) = e8166806a65893d7b843718c37b8aa9e87cfcef1 +RMD160 (nethack-364-src.tgz) = 0af138fd481e6359f265d85423a36a160692dc92 +SHA512 (nethack-364-src.tgz) = c951f939d50027b4468ebd2e32f79771e696035df0918b814bf02899f5c1e89d462ebc3f63155c23f5c627e66ca74244512d666b102c380242df1500a2c0afa9 +Size (nethack-364-src.tgz) = 5573777 bytes SHA1 (patch-ai) = 73c5b2ea1227531089474705f2f18bc411366365 SHA1 (patch-include_config.h) = d3e054a8b30d628513dcb445b10ce586685c7ea6 SHA1 (patch-include_system.h) = b1b53f513c3f6983e0e56eace74c71875b5df3f2 -- cgit v1.2.3