Linux News
The world is talking about GNU/Linux and Free/Open Source Software

Login

If you don't have an account yet, visit the registration page to sign up.

If you already have an account, you may login here:

Today's Big Story

Why I Ditched Linux for Samsung DeX

LXer Features

Linux That's Small

Encryption, Trust, and the Hidden Dangers of Vendor-Controlled Data

My Linux Mint Tribute

How I Turned My Chromebook Into A "Mintbook"

Adventures With My New Chromebook

My Linux Laptop

Have something to say?

Ready to be published? LXer is read by around 350,000 individuals each month, and is an excellent place for you to publish your ideas, thoughts, reviews, complaints, etc. Do you have something to say to the Linux community?

Publish it here.

DaniWeb Linux Community
An exciting professional discussion group about software development, php, shell scripting, networking, ruby, and more.

Latest Discussions

Good Advice

Straight frwd run archinstall 3.0.0 crashes in pipewiire section

Hyprland 0.45.0 has just been released for Arch Linux based

See Activation Cube feature on Fedora 41 KDE Spin in VENV

You don't need AI to know how this goes

Should be a SNL skit

Please add https to lxer.com

Anyone remember Distrotest.net? I found a new one!

Site Menu

Other News

- LWN.net
Their weekly coverage of Linux news is unmatched in this community.

- LinuxGizmos.com
Excellent news for embedded Linux.

- LinuxQuestions.org
Discussion forums for Linux users.

LinuxQuestions.org is a friendly and active Linux Community with forums, reviews, a hardware compatibility list, a wiki, tutorials, a download site, a podcast and more.

Debian alert: New omega-rpg packages fix local games exploit

Posted by dave on Nov 11, 2003 2:03 AM EDT
Mailing list

Mail this story
Print this story

Steve Kemp discovered a buffer overflow in the commandline and environment variable handling of omega-rpg, a text-based rogue-style game of dungeon exploration, which could lead a local attacker to gain unauthorised access to the group games.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 400-1                     security@debian.org
http://www.debian.org/security/                             Martin Schulze
November 11th, 2003                     http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : omega-rpg
Vulnerability  : buffer overlow
Problem-Type   : local
Debian-specific: no
CVE Id         : CAN-2003-0932

Steve Kemp discovered a buffer overflow in the commandline and
environment variable handling of omega-rpg, a text-based rogue-style
game of dungeon exploration, which could lead a local attacker to gain
unauthorised access to the group games.

For the stable distribution (woody) this problem has been fixed in
version 0.90-pa9-7woody1.

For the unstable distribution (sid) this problem has been fixed in
version 0.90-pa9-11.

We recommend that you upgrade your omega-rpg package.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1.dsc
      Size/MD5 checksum:      616 ec09d79e6db8d2a26b2419118c82b6d9
    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1.diff.gz
      Size/MD5 checksum:     9264 9a1c91a88685a9a3ebbd3d303d9af458
    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9.orig.tar.gz
      Size/MD5 checksum:   425670 decf9c9c5e217a243d87c5693069016f

  Alpha architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_alpha.deb
      Size/MD5 checksum:   433086 e0b2fab139c48fd165856261346509ea

  ARM architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_arm.deb
      Size/MD5 checksum:   329224 8821937e31ffdeb13ca7707be44f2ee2

  Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_i386.deb
      Size/MD5 checksum:   313176 5f6e8d376c2dcf9eec749a6589410090

  Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_ia64.deb
      Size/MD5 checksum:   499828 aa1d2895cf9bf64ee15e4632286f819c

  HP Precision architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_hppa.deb
      Size/MD5 checksum:   367390 bf3008b562d94d34af03cbcecc90e99f

  Motorola 680x0 architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_m68k.deb
      Size/MD5 checksum:   295016 70d31cc87a332a44155ef356ad8e41b5

  Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_mips.deb
      Size/MD5 checksum:   373454 39d6c1c8570fe8aae62a9c7e1c970c6a

  Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_mipsel.deb
      Size/MD5 checksum:   372138 c21602808847f8edf799d7ee4e562899

  PowerPC architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_powerpc.deb
      Size/MD5 checksum:   355306 3b6e082c0568bc3e090b017d1366bf97

  IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_s390.deb
      Size/MD5 checksum:   330438 90c057f921d7861f3a511b684d22a630

  Sun Sparc architecture:

    http://security.debian.org/pool/updates/main/o/omega-rpg/omega-rpg_0.90-pa9-7woody1_sparc.deb
      Size/MD5 checksum:   347386 40762ef4e8f790f1260c7c84bfd24809


  These files will probably be moved into the stable distribution on
  its next revision.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQE/sMHzW5ql+IAeqTIRAgiwAJ9+iZ3mCSywugABAb9JSk1M2l2nygCfedBS
30HMH0KEpVY20cqWaCNSx48=
=Wk3s
-----END PGP SIGNATURE-----

Linux NewsThe world is talking about GNU/Linux and Free/Open Source Software