From 1253e60fd8a6754539add664cf0a5f9a33c1862ea5867ae845c92c02727c0ce9 Mon Sep 17 00:00:00 2001
From: Andreas Stieger <andreas.stieger@gmx.de>
Date: Tue, 15 Nov 2016 12:32:01 +0000
Subject: [PATCH] Accepting request 440378 from
 home:AndreasStieger:branches:games

gnuchess 6.2.4
    fixing CVE-2015-8972: user input buffer overflow (boo#1010143)

OBS-URL: https://build.opensuse.org/request/show/440378
OBS-URL: https://build.opensuse.org/package/show/games/gnuchess?expand=0&rev=23
---
 gnuchess-6.2.3.tar.gz     |  3 ---
 gnuchess-6.2.3.tar.gz.sig | 11 -----------
 gnuchess-6.2.4.tar.gz     |  3 +++
 gnuchess-6.2.4.tar.gz.sig | 11 +++++++++++
 gnuchess.changes          |  8 ++++++++
 gnuchess.spec             |  2 +-
 6 files changed, 23 insertions(+), 15 deletions(-)
 delete mode 100644 gnuchess-6.2.3.tar.gz
 delete mode 100644 gnuchess-6.2.3.tar.gz.sig
 create mode 100644 gnuchess-6.2.4.tar.gz
 create mode 100644 gnuchess-6.2.4.tar.gz.sig

diff --git a/gnuchess-6.2.3.tar.gz b/gnuchess-6.2.3.tar.gz
deleted file mode 100644
index 23d2fed..0000000
--- a/gnuchess-6.2.3.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:78999176b2f2b5e0325bcc69749b7b2cefb7b1ef4f02d101fa77ae24a1b31b82
-size 757846
diff --git a/gnuchess-6.2.3.tar.gz.sig b/gnuchess-6.2.3.tar.gz.sig
deleted file mode 100644
index 1b43ee6..0000000
--- a/gnuchess-6.2.3.tar.gz.sig
+++ /dev/null
@@ -1,11 +0,0 @@
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v2.0.21 (Darwin)
-
-iQEcBAABAgAGBQJX4DGpAAoJEKiriTrkAlHZgBYH/2wQUL3ZqkV+OOuG08NOw0AK
-0UHKaRSPCmCSuqV2JSpmTpsaOe9lWbzC8MeXYk07IPZ0Tt3503x5XVjsX6C8QB9m
-6+cPDOHrSRQ9iku+nvKb7iWAN/A4jS9+pHDHHlH5BjVMiQrvdMy15c/C70jaR+V7
-/DQJyAvaE1QbwClD3kG2JKxsfLpsuxnE5/OMRefxRnvPeFSziY/lrPnmqLbCGMI4
-l6Ehpu/6TqYgIjHP8X8PYz5OHmPVTdf8F744PvFMDcxsgjWg03Y4Liwtt+PIEXYP
-r1axv/SmyRfjff+1VfdGBbsWTr24lrsD4NmZBZrrl1OwzcAaYbk6Pff+RYkSdYY=
-=N9bq
------END PGP SIGNATURE-----
diff --git a/gnuchess-6.2.4.tar.gz b/gnuchess-6.2.4.tar.gz
new file mode 100644
index 0000000..0937b90
--- /dev/null
+++ b/gnuchess-6.2.4.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3c425c0264f253fc5cc2ba969abe667d77703c728770bd4b23c456cbe5e082ef
+size 757985
diff --git a/gnuchess-6.2.4.tar.gz.sig b/gnuchess-6.2.4.tar.gz.sig
new file mode 100644
index 0000000..ab759d6
--- /dev/null
+++ b/gnuchess-6.2.4.tar.gz.sig
@@ -0,0 +1,11 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.21 (Darwin)
+
+iQEcBAABAgAGBQJYFGvwAAoJEKiriTrkAlHZOUcH/37eEtJ9WaggZAg8SvmjSwSh
+5iH6iB/cmJGUFJ9LihF2i2kQGDIV/pZnHnts0Or8c4AIn+iQp244mrksSCEaF/Un
+OZt34c7OPXGJEFoAxcFUqz1ooqHSqJMqMYYXkl6+8yOg+4ym9njmS0DhF7/aFrv8
+yz6KaEVcjxcIg5hBrOWBtdHtGoMcgE+G0JoZMc/i+4uRVzqTH0/phP+MCzWEWH2P
+GFl1qv+v5KRUxHnF435F6uNXA6ingNxC9Wq2mioHq2+vN/FNRUmvyg9CLy7h7E8j
+XJ62tWSFHJ6dUscxTit7kFbUC3MJefoHBklP9dJQLGvvV6zKfff8XlWRwnScz84=
+=IrSM
+-----END PGP SIGNATURE-----
diff --git a/gnuchess.changes b/gnuchess.changes
index d682148..b860abc 100644
--- a/gnuchess.changes
+++ b/gnuchess.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Tue Nov 15 12:29:25 UTC 2016 - astieger@suse.com
+
+- gnuchess 6.2.4:
+  * Print error for invalid move.
+  * Truncate user input if longer than 128 characters
+    fixing CVE-2015-8972: user input buffer overflow (boo#1010143)
+
 -------------------------------------------------------------------
 Fri Oct 28 18:39:04 UTC 2016 - astieger@suse.com
 
diff --git a/gnuchess.spec b/gnuchess.spec
index c971251..9250030 100644
--- a/gnuchess.spec
+++ b/gnuchess.spec
@@ -17,7 +17,7 @@
 
 
 Name:           gnuchess
-Version:        6.2.3
+Version:        6.2.4
 Release:        0
 Summary:        GNU Chess Program
 License:        GPL-3.0+