Summary: | [GURU] <games-fps/chocolate-doom-3.0.1: Buffer overflow vulnerability (CVE-2020-14983) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | vilhelm.gray |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/chocolate-doom/chocolate-doom/issues/1293 | ||
See Also: |
https://github.com/chocolate-doom/chocolate-doom/issues/1293 https://github.com/gentoo/gentoo/pull/12011 |
||
Whiteboard: | ~3 [noglsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | |||
Bug Blocks: | 729220 |
Description
John Helmert III
2020-06-22 22:48:44 UTC
Has the version in GURU been updated yet? (In reply to Sam James from comment #1) > Has the version in GURU been updated yet? I've updated the GURU package to version 3.0.1 and removed the vulnerable 3.0.0 version: https://gitweb.gentoo.org/repo/proj/guru.git/commit/?h=dev&id=5db9d19b4860642fd5c98de8304e6286cdcb8223 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=5db9d19b4860642fd5c98de8304e6286cdcb8223 commit 5db9d19b4860642fd5c98de8304e6286cdcb8223 Author: William Breathitt Gray <vilhelm.gray@gmail.com> AuthorDate: 2020-07-15 22:45:03 +0000 Commit: William Breathitt Gray <vilhelm.gray@gmail.com> CommitDate: 2020-07-15 22:45:45 +0000 games-fps/chocolate-doom: Version bump to 3.0.1 Bug: https://bugs.gentoo.org/729214 Signed-off-by: William Breathitt Gray <vilhelm.gray@gmail.com> games-fps/chocolate-doom/Manifest | 2 +- .../chocolate-doom/chocolate-doom-3.0.0.ebuild | 33 - .../chocolate-doom/chocolate-doom-3.0.1.ebuild | 81 +++ ...pport-for-usr-share-doom-IWAD-search-path.patch | 27 + ...onfigure-options-for-bash-completion-doc-.patch | 171 +++++ ...tream-XML-files-to-current-0.11-standards.patch | 106 ++++ ...mentation-about-usr-share-doom-IWAD-locat.patch | 39 ++ ...atest-AppStream-formerly-AppData-standard.patch | 119 ++++ ...tion-Build-from-actual-shell-script-templ.patch | 53 ++ ...tion-always-install-into-datadir-bash-com.patch | 61 ++ ...ash-completion-run-docgen-with-z-argument.patch | 25 + ...doom-3.0.1-configure-add-AM_PROG_AR-macro.patch | 28 + ...1-further-manpage-substitutions-and-fixes.patch | 322 ++++++++++ ...pStream-metadata-into-the-proper-location.patch | 26 + ...om-3.0.1-overhaul-manpages-add-parameters.patch | 695 +++++++++++++++++++++ ...-DNS-naming-for-installing-.desktop-files.patch | 162 +++++ games-fps/chocolate-doom/metadata.xml | 3 + 17 files changed, 1919 insertions(+), 34 deletions(-) Thanks. Closing, cleanup is done. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee8b2f04fc1a9202e9541d1070ef50946854a0d1 commit ee8b2f04fc1a9202e9541d1070ef50946854a0d1 Author: William Breathitt Gray <vilhelm.gray@gmail.com> AuthorDate: 2019-05-13 15:54:49 +0000 Commit: James Le Cuirot <chewi@gentoo.org> CommitDate: 2020-08-26 16:03:35 +0000 games-fps/chocolate-doom: New package Closes: https://bugs.gentoo.org/147329 Bug: https://bugs.gentoo.org/729214 Signed-off-by: William Breathitt Gray <vilhelm.gray@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/12011 Signed-off-by: James Le Cuirot <chewi@gentoo.org> games-fps/chocolate-doom/Manifest | 1 + .../chocolate-doom/chocolate-doom-3.0.1.ebuild | 86 +++ ...pport-for-usr-share-doom-IWAD-search-path.patch | 27 + .../chocolate-doom-3.0.1-Fix-Python-check.patch | 54 ++ ...onfigure-options-for-bash-completion-doc-.patch | 171 +++++ ....1-Remove-redundant-demoextend-definition.patch | 28 + ...tream-XML-files-to-current-0.11-standards.patch | 106 ++++ ...mentation-about-usr-share-doom-IWAD-locat.patch | 39 ++ ...atest-AppStream-formerly-AppData-standard.patch | 119 ++++ ...tion-Build-from-actual-shell-script-templ.patch | 53 ++ ...tion-always-install-into-datadir-bash-com.patch | 61 ++ ...ash-completion-run-docgen-with-z-argument.patch | 25 + ...doom-3.0.1-configure-add-AM_PROG_AR-macro.patch | 28 + ...1-further-manpage-substitutions-and-fixes.patch | 322 ++++++++++ ...pStream-metadata-into-the-proper-location.patch | 26 + ...om-3.0.1-overhaul-manpages-add-parameters.patch | 695 +++++++++++++++++++++ ...-DNS-naming-for-installing-.desktop-files.patch | 162 +++++ games-fps/chocolate-doom/metadata.xml | 27 + 18 files changed, 2030 insertions(+) |