Comment 1 Stefan Cornelius (RETIRED) 2006-02-04 16:02:12 UTC

games team please bump, plasmaroo was so nice and provided a patch, which can be found here: http://dev.gentoo.org/~plasmaroo/stuff/bomberclone-fix-kaboom.patch

Comment 2 SpanKY 2006-02-04 21:59:17 UTC

has said patch come from upstream ?  gone to upstream ?

Comment 3 Stefan Cornelius (RETIRED) 2006-02-04 22:12:26 UTC

i think plasmaroo mailed it upstream.

Comment 4 Thierry Carrez (RETIRED) 2006-02-11 13:45:11 UTC

<plasmaroo> His reply was very sucky along the lines of "kthx, incvs, bye"
* plasmaroo checks WebCVS
<plasmaroo> Nice covert commit... doesn't even say what the patch does... fun.
<plasmaroo> But it has now gone upstream, yes.

Comment 5 Thierry Carrez (RETIRED) 2006-02-12 10:50:29 UTC

Games team, please apply patch.

Comment 6 SpanKY 2006-02-12 14:02:51 UTC

0.11.6.2-r1 in portage w/patch

Comment 7 Thierry Carrez (RETIRED) 2006-02-13 10:39:43 UTC

I suppose this is worth a GLSA ?

Comment 8 SpanKY 2006-02-13 16:01:31 UTC

remote execution over the network, i'd think so ...

Comment 9 Thierry Carrez (RETIRED) 2006-02-14 09:55:41 UTC

Let's go then.

Comment 10 Thierry Carrez (RETIRED) 2006-02-14 09:56:53 UTC

DerCorny: care to forward to vendor-sec@lst.de ?

Comment 11 Thierry Carrez (RETIRED) 2006-02-15 12:49:45 UTC

CVE-2006-0460

Comment 12 Thierry Carrez (RETIRED) 2006-02-16 13:43:41 UTC

GLSA 200602-09