173518 – games-strategy/warzone2100-2.0.6 : strncat buffer overflow

Bug 173518 - games-strategy/warzone2100-2.0.6 : strncat buffer overflow

Summary: games-strategy/warzone2100-2.0.6 : strncat buffer overflow

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High trivial (vote)
Assignee:	Gentoo Security

URL:	http://svn.gna.org/viewcvs/warzone?re...
Whiteboard:	~? [noglsa] jaervosz
Keywords:

Depends on:
Blocks:

Reported:	2007-04-05 23:17 UTC by Dennis Schridde
Modified:	2007-04-11 11:03 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Proposed patch (warzone2100-2.0.6-buffer-overflow.patch,573 bytes, patch) 2007-04-05 23:18 UTC, Dennis Schridde	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dennis Schridde 2007-04-05 23:17:33 UTC

Klaus Singvogel of SuSE Linux notified us of a possible security issue in Warzone 2100. An exploit is not known.
The proposed patch is attached.

Reproducible: Always

Steps to Reproduce:

Comment 1 Dennis Schridde 2007-04-05 23:18:37 UTC

Created attachment 115536 [details, diff]
Proposed patch

Comment 2 Tristan Heaven (RETIRED) gentoo-dev

2007-04-07 08:59:03 UTC

bumped to 2.0.6 with the patch and removed 2.0.5, thanks.

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2007-04-11 11:03:17 UTC

Thx for the fix.

Closing this one with no GLSA as it seems to never have been stable.