oss-security post: https://www.openwall.com/lists/oss-security/2022/08/05/1 "Just released freeciv-2.6.7 & freeciv-3.0.3 fix buffer overflow in Modpack Installer utility's handling of the modpack URL. Specially crafted URLs, without any '/' -characters would result in an underflowing length (unsigned)(-1) string copy, i.e., all of the NULL-terminated string given as "URL" would get written beyond the buffer reserved for it." Please bump to 3.0.3.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=24750791aaf556f3c73166243f0c5417df1c71a8 commit 24750791aaf556f3c73166243f0c5417df1c71a8 Author: Matt Jolly <Matt.Jolly@footclan.ninja> AuthorDate: 2023-12-17 19:33:43 +0000 Commit: Matt Jolly <kangie@gentoo.org> CommitDate: 2024-02-10 21:15:11 +0000 games-strategy/freeciv: add 3.0.10 - gtk client -> gtk3.22 client - drop ipv6 use - remove superfluous sed Closes: https://bugs.gentoo.org/872353 Bug: https://bugs.gentoo.org/863848 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Matt Jolly <kangie@gentoo.org> games-strategy/freeciv/Manifest | 1 + games-strategy/freeciv/freeciv-3.0.10.ebuild | 193 +++++++++++++++++++++++++++ 2 files changed, 194 insertions(+)
commit bcee564b25eecdc46e385bc51cd2b43a320ea80f Author: Matt Jolly <Matt.Jolly@footclan.ninja> Date: Sat Feb 10 18:32:27 2024 +1000 games-strategy/freeciv: drop 3.0.1-r1 Signed-off-by: Matt Jolly <Matt.Jolly@footclan.ninja> Signed-off-by: Matt Jolly <kangie@gentoo.org>