Comment 1 Ulrich Müller 2010-04-08 09:48:30 UTC

Reported upstream, see URL.

Comment 2 Ulrich Müller 2010-04-17 18:01:24 UTC

Fixed in CVS upstream:
<http://alioth.debian.org/scm/viewvc.php/XEmacs/packages/xemacs-packages/games/snake.el?root=xemacs&r1=1.4&r2=1.5>

Comment 3 Hans de Graaff 2010-08-13 13:46:12 UTC

This is fixed with app-xemacs/games-1.20 which got added to the tree today.

Comment 4 Stefan Behte (RETIRED) 2010-09-22 22:53:37 UTC

Arches, please test and mark stable:
=app-xemacs/games-1.20
Target keywords : "alpha amd64 ppc ppc64 sparc x86"

Comment 5 Markos Chandras (RETIRED) 2010-09-23 20:16:25 UTC

amd64 done

Comment 6 Markus Meier 2010-09-26 09:16:58 UTC

x86 stable

Comment 7 Tobias Klausmann (RETIRED) 2010-09-26 15:55:35 UTC

Stable on alpha.

Comment 8 Raúl Porcel (RETIRED) 2010-10-10 17:06:24 UTC

sparc stable

Comment 9 Brent Baude (RETIRED) 2010-10-15 12:47:50 UTC

ppc done

Comment 10 Mark Loeser (RETIRED) 2010-10-25 22:19:15 UTC

ppc64 done

Comment 11 Tim Sammut (RETIRED) 2010-11-19 18:22:17 UTC

GLSA Vote: Yes, reluctantly.

Comment 12 Stefan Behte (RETIRED) 2010-11-21 17:10:53 UTC

I think this would usually get a GLSA, but this symlink vulnerability would only be relevant on a shared system, and why would you install games there in the first place? It also needs X ... I think this will never be exploited IRL. 

Closing noglsa, feel free to reopen.