173518 2007-04-05 23:17 0000 games-strategy/warzone2100-2.0.6 : strncat buffer overflow 2007-04-11 11:03:17 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://svn.gna.org/viewcvs/warzone?rev=1022&view=rev ~? [noglsa] jaervosz P2 trivial --- 1 devurandom@gmx.net security@gentoo.org games@gentoo.org devurandom@gmx.net 2007-04-05 23:17:33 0000 Klaus Singvogel of SuSE Linux notified us of a possible security issue in Warzone 2100. An exploit is not known. The proposed patch is attached. Reproducible: Always Steps to Reproduce: devurandom@gmx.net 2007-04-05 23:18:37 0000 Created an attachment (id=115536) Proposed patch nyhm@gentoo.org 2007-04-07 08:59:03 0000 bumped to 2.0.6 with the patch and removed 2.0.5, thanks. jaervosz@gentoo.org 2007-04-11 11:03:17 0000 Thx for the fix. Closing this one with no GLSA as it seems to never have been stable. 115536 2007-04-05 23:18 0000 Proposed patch warzone2100-2.0.6-buffer-overflow.patch text/plain SW5kZXg6IHNyYy9tdWx0aXBsYXkuYwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBzcmMvbXVsdGlwbGF5LmMJKHJl dmlzaW9uIDEwMjEpCisrKyBzcmMvbXVsdGlwbGF5LmMJKHdvcmtpbmcgY29weSkKQEAgLTEzNDAs NyArMTM0MCw3IEBACiAJc3RyY3B5KG1zZyxOZXRQbGF5LnBsYXllcnNbaV0ubmFtZSk7CiAJc3Ry Y2F0KG1zZywiIDogIik7CQkJCQkJCQkvLyBzZXBlcmF0b3IKIAkvL3N0cmNhdChtc2csICYocE1z Zy0+Ym9keVs0XSkpOwkJCQkJLy8gYWRkIG1lc3NhZ2UKLQlzdHJuY2F0KG1zZywgJihwTXNnLT5i b2R5WzRdKSwgTUFYX0NPTlNPTEVfU1RSSU5HX0xFTkdUSCk7CQkJCQkvLyBhZGQgbWVzc2FnZQor CXN0cm5jYXQobXNnLCAmKHBNc2ctPmJvZHlbNF0pLCBNQVhfQ09OU09MRV9TVFJJTkdfTEVOR1RI LXN0cmxlbihtc2cpLTEpOy8vIGFkZCBtZXNzYWdlCiAJYWRkQ29uc29sZU1lc3NhZ2UoKGNoYXIg KikmbXNnLERFRkFVTFRfSlVTVElGWSk7CiAKIAkvL211bHRpcGxheWVyIG1lc3NhZ2UgY2FsbGJh Y2sK