Bug 22951

Summary:	app-games/gnocatan
Product:	Gentoo Linux	Reporter:	Daniel Ahlberg (RETIRED) <aliz>
Component:	New packages	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	critical	CC:	cpwins, games, mr_bones_
Priority:	Highest
Version:	1.0
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---
Attachments:	gnocatan-0.7.1-r3.ebuild gnocatan-wijnen-patch.diff

Description Daniel Ahlberg (RETIRED) gentoo-dev

2003-06-16 13:41:54 UTC

[SECURITY] [DSA-315-1] New gnocatan packages fix buffer overflows, denial of service 
 
From:  
Matt Zimmerman <mdz@debian.org> 
 
 
To:  
debian-security-announce@lists.debian.org 
 
 
Date:  
Thursday 01.36.26 
 
 
 
Message was signed with unknown key 0x43E25D1E. 
The validity of the signature cannot be verified. 
 
 
-------------------------------------------------------------------------- 
Debian Security Advisory DSA 315-1                     security@debian.org 
http://www.debian.org/security/                             Matt Zimmerman 
June 11th, 2003                         http://www.debian.org/security/faq 
-------------------------------------------------------------------------- 
 
Package        : gnocatan 
Vulnerability  : buffer overflows, denial of service 
Problem-Type   : remote 
 
Bas Wijnen discovered that the gnocatan server is vulnerable to 
several buffer overflows which could be exploited to execute arbitrary 
code on the server system

Comment 1 Sybren Harmsma 2003-06-19 16:30:30 UTC

Here you go. See the attachments. I hope to address the stability issues some other time.

Comment 2 Sybren Harmsma 2003-06-19 16:31:56 UTC

Created attachment 13574 [details]
gnocatan-0.7.1-r3.ebuild

Comment 3 Sybren Harmsma 2003-06-19 16:32:45 UTC

Created attachment 13575 [details, diff]
gnocatan-wijnen-patch.diff

Comment 4 SpanKY gentoo-dev

2003-06-22 20:40:14 UTC

ill add this patch tomorrow

Comment 5 Daniel Ahlberg (RETIRED) gentoo-dev

2003-06-28 13:52:20 UTC

glsa sent