From b5090036134f0b0d481296b180630dc53d8b762f Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sun, 31 May 2020 20:34:23 +0200 Subject: Several nethack issues fixed via unstable upload --- data/CVE/list.2019 | 2 +- data/CVE/list.2020 | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index b36fc48179..b84614ca49 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -2321,7 +2321,7 @@ CVE-2019-19906 (cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write le CVE-2019-16787 REJECTED CVE-2019-19905 (NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability ...) - - nethack (unimportant; bug #947005) + - nethack 3.6.6-1 (unimportant; bug #947005) NOTE: https://github.com/NetHack/NetHack/commit/f4a840a48f4bcf11757b3d859e9d53cc9d5ef226 NOTE: https://github.com/NetHack/NetHack/commit/f001de79542b8c38b1f8e6d7eaefbbd28ab94b47 NOTE: Negligible security impact diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index cb7b343a42..967b83eb9e 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -19216,7 +19216,7 @@ CVE-2020-5255 (In Symfony before versions 4.4.7 and 5.0.7, when a `Response` doe NOTE: https://symfony.com/blog/cve-2020-5255-prevent-cache-poisoning-via-a-response-content-type-header NOTE: https://github.com/symfony/symfony/commit/dca343442e6a954f96a2609e7b4e9c21ed6d74e6 CVE-2020-5254 (In NetHack before 3.6.6, some out-of-bound values for the hilite_statu ...) - - nethack (bug #953978) + - nethack 3.6.6-1 (bug #953978) [buster] - nethack (Minor issue) [stretch] - nethack (Vulnerable code introduced in 3.6.1) [jessie] - nethack (Vulnerable code introduced in 3.6.1) @@ -19347,28 +19347,28 @@ CVE-2020-5216 (In Secure Headers (RubyGem secure_headers), a directive injection CVE-2020-5215 (In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Pytho ...) - tensorflow (bug #804612) CVE-2020-5214 (In NetHack before 3.6.5, detecting an unknown configuration file optio ...) - - nethack (unimportant) + - nethack 3.6.6-1 (unimportant) NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-p8fw-rq89-xqx6 NOTE: Negligible security impact CVE-2020-5213 (In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ...) - - nethack (unimportant) + - nethack 3.6.6-1 (unimportant) NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-rr25-4v34-pr7v NOTE: Negligible security impact CVE-2020-5212 (In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ...) - - nethack (unimportant) + - nethack 3.6.6-1 (unimportant) NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-g89f-m829-4m56 NOTE: Negligible security impact CVE-2020-5211 (In NetHack before 3.6.5, an invalid extended command in value for the ...) - - nethack (unimportant) + - nethack 3.6.6-1 (unimportant) NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-r788-4jf4-r9f7 NOTE: Negligible security impact CVE-2020-5210 (In NetHack before 3.6.5, an invalid argument to the -w command line op ...) - - nethack (unimportant) + - nethack 3.6.6-1 (unimportant) NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-v5pg-hpjg-9rpp NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77 NOTE: Negligible security impact CVE-2020-5209 (In NetHack before 3.6.5, unknown options starting with -de and -i can ...) - - nethack (unimportant) + - nethack 3.6.6-1 (unimportant) NOTE: https://github.com/NetHack/NetHack/security/advisories/GHSA-fw72-r8xm-45p8 NOTE: https://github.com/NetHack/NetHack/commit/f3def5c0b999478da2d0a8f0b6a7c370a2065f77 NOTE: Negligible security impact -- cgit v1.2.3