Subject: CVS commit: [netbsd-3] src/games/tetris
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <email@example.com>
Date: 06/08/2006 22:20:37
Module Name: src
Committed By: tron
Date: Thu Jun 8 22:20:37 UTC 2006
src/games/tetris [netbsd-3]: scores.c
Pull up following revision(s) (requested by dan in ticket #1368):
games/tetris/scores.c: revision 1.14
Better check data read from tetris.scores before use as array indices etc.
This is CVE-2006-1539, files against Gentoo Linux, the patch is from
A standard NetBSD installation is not as much risk because tetris is
sgid "games", and users shouldn't be in that group.
To generate a diff of this commit:
cvs rdiff -r1.13 -r18.104.22.168 src/games/tetris/scores.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.