Bug 23999

Summary:	app-games/xblockout
Product:	Gentoo Security	Reporter:	Daniel Ahlberg (RETIRED) <aliz>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	critical	CC:	games
Priority:	Highest
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Daniel Ahlberg (RETIRED) gentoo-dev

2003-07-06 13:38:04 UTC

-------------------------------------------------------------------------- 
Debian Security Advisory DSA 327-1                     security@debian.org 
http://www.debian.org/security/                             Matt Zimmerman 
June 19th, 2003                         http://www.debian.org/security/faq 
-------------------------------------------------------------------------- 
 
Package        : xbl 
Vulnerability  : buffer overflows 
Problem-Type   : local 
Debian-specific: no 
 
Steve Kemp discovered several buffer overflows in xbl, a game, which 
can be triggered by long command line arguments.  This vulnerability 
could be exploited by a local attacker to gain gid 'games'.

Comment 1 Gerardo Di Giacomo 2003-10-06 08:52:36 UTC

It's impossible to emerge the current xblockout in the portage list because
the author has released a new version (1.1.2, not vulnerable) and has erased
the version that is in the ebuild (1.1.1).

Comment 2 SpanKY gentoo-dev

2003-10-06 09:19:07 UTC

1.1.2 is now in portage

Comment 3 Chris Gianelloni (RETIRED) gentoo-dev

2003-10-07 03:48:28 UTC

This looks to be resolved

Comment 4 solar (RETIRED) gentoo-dev

2003-10-11 13:11:04 UTC

changing resolution to FIXED