Accepting request 440378 from home:AndreasStieger:branches:games

gnuchess 6.2.4 fixing CVE-2015-8972: user input buffer overflow (boo#1010143) OBS-URL: https://build.opensuse.org/request/show/440378 OBS-URL: https://build.opensuse.org/package/show/games/gnuchess?expand=0&rev=23
2016-11-15 12:32:01 +00:00 · 2016-11-15 12:32:01 +00:00 · 1253e60fd8
commit 1253e60fd8
parent de954265be
6 changed files with 23 additions and 15 deletions
--- a/gnuchess-6.2.3.tar.gz
+++ b/gnuchess-6.2.3.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:78999176b2f2b5e0325bcc69749b7b2cefb7b1ef4f02d101fa77ae24a1b31b82
-size 757846
--- a/gnuchess-6.2.3.tar.gz.sig
+++ b/gnuchess-6.2.3.tar.gz.sig
@ -1,11 +0,0 @@
-----BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.21 (Darwin)
-
-iQEcBAABAgAGBQJX4DGpAAoJEKiriTrkAlHZgBYH/2wQUL3ZqkV+OOuG08NOw0AK
-0UHKaRSPCmCSuqV2JSpmTpsaOe9lWbzC8MeXYk07IPZ0Tt3503x5XVjsX6C8QB9m
-6+cPDOHrSRQ9iku+nvKb7iWAN/A4jS9+pHDHHlH5BjVMiQrvdMy15c/C70jaR+V7
-/DQJyAvaE1QbwClD3kG2JKxsfLpsuxnE5/OMRefxRnvPeFSziY/lrPnmqLbCGMI4
-l6Ehpu/6TqYgIjHP8X8PYz5OHmPVTdf8F744PvFMDcxsgjWg03Y4Liwtt+PIEXYP
-r1axv/SmyRfjff+1VfdGBbsWTr24lrsD4NmZBZrrl1OwzcAaYbk6Pff+RYkSdYY=
-=N9bq
-----END PGP SIGNATURE-----
--- a/gnuchess-6.2.4.tar.gz
+++ b/gnuchess-6.2.4.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3c425c0264f253fc5cc2ba969abe667d77703c728770bd4b23c456cbe5e082ef
+size 757985
--- a/gnuchess-6.2.4.tar.gz.sig
+++ b/gnuchess-6.2.4.tar.gz.sig
@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.21 (Darwin)
+
+iQEcBAABAgAGBQJYFGvwAAoJEKiriTrkAlHZOUcH/37eEtJ9WaggZAg8SvmjSwSh
+5iH6iB/cmJGUFJ9LihF2i2kQGDIV/pZnHnts0Or8c4AIn+iQp244mrksSCEaF/Un
+OZt34c7OPXGJEFoAxcFUqz1ooqHSqJMqMYYXkl6+8yOg+4ym9njmS0DhF7/aFrv8
+yz6KaEVcjxcIg5hBrOWBtdHtGoMcgE+G0JoZMc/i+4uRVzqTH0/phP+MCzWEWH2P
+GFl1qv+v5KRUxHnF435F6uNXA6ingNxC9Wq2mioHq2+vN/FNRUmvyg9CLy7h7E8j
+XJ62tWSFHJ6dUscxTit7kFbUC3MJefoHBklP9dJQLGvvV6zKfff8XlWRwnScz84=
+=IrSM
+-----END PGP SIGNATURE-----
--- a/gnuchess.changes
+++ b/gnuchess.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Nov 15 12:29:25 UTC 2016 - astieger@suse.com
+
+- gnuchess 6.2.4:
+  * Print error for invalid move.
+  * Truncate user input if longer than 128 characters
+    fixing CVE-2015-8972: user input buffer overflow (boo#1010143)
+
 -------------------------------------------------------------------
 Fri Oct 28 18:39:04 UTC 2016 - astieger@suse.com

--- a/gnuchess.spec
+++ b/gnuchess.spec
@ -17,7 +17,7 @@


 Name:           gnuchess
-Version:        6.2.3
+Version:        6.2.4
 Release:        0
 Summary:        GNU Chess Program
 License:        GPL-3.0+