Subject: CVS commit: [netbsd-2] src/games/tetris
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <email@example.com>
Date: 06/08/2006 22:27:57
Module Name: src
Committed By: tron
Date: Thu Jun 8 22:27:57 UTC 2006
src/games/tetris [netbsd-2]: scores.c
Pull up following revision(s) (requested by dan in ticket #10641):
games/tetris/scores.c: revision 1.14
Better check data read from tetris.scores before use as array indices etc.
This is CVE-2006-1539, files against Gentoo Linux, the patch is from
A standard NetBSD installation is not as much risk because tetris is
sgid "games", and users shouldn't be in that group.
To generate a diff of this commit:
cvs rdiff -r1.13 -r126.96.36.199 src/games/tetris/scores.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.