Subject: CVS commit: [netbsd-2-0] src/games/tetris
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <firstname.lastname@example.org>
Date: 06/08/2006 22:28:05
Module Name: src
Committed By: tron
Date: Thu Jun 8 22:28:05 UTC 2006
src/games/tetris [netbsd-2-0]: scores.c
Pull up following revision(s) (requested by dan in ticket #10641):
games/tetris/scores.c: revision 1.14
Better check data read from tetris.scores before use as array indices etc.
This is CVE-2006-1539, files against Gentoo Linux, the patch is from
A standard NetBSD installation is not as much risk because tetris is
sgid "games", and users shouldn't be in that group.
To generate a diff of this commit:
cvs rdiff -r1.13 -r188.8.131.52 src/games/tetris/scores.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.