Description: "An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c." URLs: * https://logicaltrust.net/blog/2019/10/prboom1.html * https://sourceforge.net/p/prboom-plus/bugs/252/ * https://sourceforge.net/p/prboom-plus/bugs/253/
This version of prboom-plus is based on the Debian fork. Upstream bug reports for this package should go here: https://bugs.debian.org/prboom-plus I went ahead and filed a bug report to the Debian upstream for this issue: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961031 I'll update the ebuild to integrate any patches from upstream once this issue is resolved.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f20f45785c4b7d8ac3a146749238dd42ecdbe12a commit f20f45785c4b7d8ac3a146749238dd42ecdbe12a Author: William Breathitt Gray <vilhelm.gray@gmail.com> AuthorDate: 2020-06-06 18:22:03 +0000 Commit: James Le Cuirot <chewi@gentoo.org> CommitDate: 2020-06-07 11:26:22 +0000 games-fps/prboom-plus: Bump to version 2.5.1.7.82 Closes: https://bugs.gentoo.org/723862 Signed-off-by: William Breathitt Gray <vilhelm.gray@gmail.com> Closes: https://github.com/gentoo/gentoo/pull/16089 Signed-off-by: James Le Cuirot <chewi@gentoo.org> games-fps/prboom-plus/Manifest | 2 +- ....1.4-Remove-nonstandard-gamesdir-variable.patch | 33 ----------- ...plus-2.5.1.7.82-Add-CMake-install-targets.patch | 59 ++++++++++++++++++++ games-fps/prboom-plus/metadata.xml | 3 +- .../prboom-plus/prboom-plus-2.5.1.5.4540.1.ebuild | 64 ---------------------- .../prboom-plus/prboom-plus-2.5.1.7.82.ebuild | 64 ++++++++++++++++++++++ 6 files changed, 126 insertions(+), 99 deletions(-)
Sorry, didn't mean to close this.
(In reply to James Le Cuirot from comment #3) > Sorry, didn't mean to close this. No worries! We're all done anyway. Thank you both.
