Bug#947005: nethack: buffer overflow when parsing config files
Reiner Herrmann
reiner at reiner-h.de
Thu Dec 19 10:57:42 GMT 2019
Source: nethack
Version: 3.6.0-1
Severity: grave
Tags: security
X-Debbugs-Cc: team at security.debian.org
Hi,
a new version of NetHack has been released that fixes a privilege
escalation issue introduced in 3.6.0 [0] [1]:
> A buffer overflow issue exists when reading very long lines from a
> NetHack configuration file (usually named .nethackrc).
>
> This vulnerability affects systems that have NetHack installed suid/sgid
> and shared systems that allow users to upload their own configuration
> files.
>
> All users are urged to upgrade to NetHack 3.6.4 as soon as possible.
As the Debian packages ship setgid binaries, I think they are affected by it.
At least these two commits look related:
https://github.com/NetHack/NetHack/commit/f4a840a
https://github.com/NetHack/NetHack/commit/f001de7
Regards,
Reiner
[0] https://nethack.org/security/index.html
[1] https://nethack.org/v364/release.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-games-devel/attachments/20191219/795db788/attachment.sig>
More information about the Pkg-games-devel
mailing list