source-changes: CVS commit: [netbsd-3-0] src/games/tetris

Subject: CVS commit: [netbsd-3-0] src/games/tetris
To: None <source-changes@NetBSD.org>
From: Matthias Scheler <tron@netbsd.org>
List: source-changes
Date: 06/08/2006 22:20:42

Module Name:	src
Committed By:	tron
Date:		Thu Jun  8 22:20:42 UTC 2006

Modified Files:
	src/games/tetris [netbsd-3-0]: scores.c

Log Message:
Pull up following revision(s) (requested by dan in ticket #1368):
	games/tetris/scores.c: revision 1.14
Better check data read from tetris.scores before use as array indices etc.
This is CVE-2006-1539, files against Gentoo Linux, the patch is from
Gentoo.
A standard NetBSD installation is not as much risk because tetris is
sgid "games", and users shouldn't be in that group.


To generate a diff of this commit:
cvs rdiff -r1.13 -r1.13.10.1 src/games/tetris/scores.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.