CVE-2006-6226 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6226): Multiple format string vulnerabilities in NeoEngine 0.8.2 and earlier, and CVS 3422, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) Console::Render in neoengine/console.cpp and (2) TextArea::Render in neowtk/textarea.cpp. CVE-2006-6227 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6227): The Core::Receive function in neonet/core.cpp for NeoEngine 0.8.2 and earlier, and CVS 3422, allow remote attackers to cause a denial of service (engine crash) via a message with a large uiMessageLength that produces a failed memory allocation and a null pointer dereference.
There appears to be no fix for this. Only rdep is neotools. I'm fine with p.mask or removal. @games: thoughts?
it looks dead. Go ahead and punt them both.
# Chris Reffett <creffett@gentoo.org> (03 Sep 2012) # Dead upstream, outstanding security bug #260956. # Masked for removal in 30 days. dev-games/neoengine dev-games/neotools
Punted from tree.