From $URL: "The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack." The member of the chocolate-doom Github organization that self-assigned the chocolate-doom Github issue is the maintainer of the crispy-doom repository, so I imagine the same response applies - will commit the fix when CVE is assigned.
Upstream issue tracker: https://github.com/chocolate-doom/chocolate-doom/issues/1293
security team does not cover the GURU repo.
Crispy Doom version 5.9.0 was released today and contains the CVE-2020-14983: https://github.com/fabiangreffrath/crispy-doom/releases/tag/crispy-doom-5.9.0 I have pushed a commit to the GURU dev branch removing the vulnerable crispy-doom packages and adding a new one for the fixed crispy-doom 5.9.0 version.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=d15be3e5318904110322c031dd2325b004db82e4 commit d15be3e5318904110322c031dd2325b004db82e4 Author: William Breathitt Gray <vilhelm.gray@gmail.com> AuthorDate: 2020-08-19 12:34:56 +0000 Commit: William Breathitt Gray <vilhelm.gray@gmail.com> CommitDate: 2020-08-19 12:34:56 +0000 games-fps/cripsy-doom: Version bump to 5.9.0 Bug: https://bugs.gentoo.org/729216 Signed-off-by: William Breathitt Gray <vilhelm.gray@gmail.com> games-fps/crispy-doom/Manifest | 3 +- games-fps/crispy-doom/crispy-doom-5.7.2.ebuild | 42 ---------------------- ...-doom-5.8.0.ebuild => crispy-doom-5.9.0.ebuild} | 33 ++++++++++++++--- games-fps/crispy-doom/metadata.xml | 1 + 4 files changed, 31 insertions(+), 48 deletions(-)
Thanks. All done.
