Bug#961031: prboom-plus: Heap buffer overflow in UDP code (CVE-2019-20797)
William Breathitt Gray
vilhelm.gray at gmail.com
Tue May 19 15:12:22 BST 2020
Package: prboom-plus
Version: 2:2.5.1.5+svn4540+dfsg1-1build1
Severity: normal
Dear Maintainer,
Description:
"An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer
overflow in client and server code responsible for handling received UDP
packets, as demonstrated by I_SendPacket or I_SendPacketTo in
i_network.c."
URLs:
* https://logicaltrust.net/blog/2019/10/prboom1.html
* https://sourceforge.net/p/prboom-plus/bugs/251/
* https://sourceforge.net/p/prboom-plus/bugs/252/
* https://sourceforge.net/p/prboom-plus/bugs/253/
-- System Information:
Debian Release: bullseye/sid
APT prefers focal-updates
APT policy: (500, 'focal-updates'), (500, 'focal-security'), (500,
'focal'), (100, 'focal-backports')
Architecture: amd64 (x86_64)
Kernel: Linux 5.4.0-29-generic (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages prboom-plus depends on:
ii libc6 2.31-0ubuntu9
ii libdumb1 1:0.9.3-6build1
ii libfluidsynth2 2.1.1-2
ii libgl1 1.3.1-1
ii libglu1-mesa [libglu1] 9.0.1-1build1
ii libmad0 0.15.1b-10ubuntu1
ii libpcre3 2:8.39-12build1
ii libportmidi0 1:217-6
ii libsdl2-2.0-0 2.0.10+dfsg1-3
ii libsdl2-image-2.0-0 2.0.5+dfsg1-2
ii libsdl2-mixer-2.0-0 2.0.4+dfsg1-2build1
ii libsdl2-net-2.0-0 2.0.1+dfsg1-4
ii libvorbisfile3 1.3.6-2ubuntu1
Versions of packages prboom-plus recommends:
ii freedoom 0.12.1-1
Versions of packages prboom-plus suggests:
pn mkvtoolnix <none>
ii timgm6mb-soundfont [sf3-soundfont-gm] 1.3-3
pn vorbis-tools <none>
pn x264 <none>
-- no debconf information
More information about the Pkg-games-devel
mailing list