Your message dated Sat, 11 Apr 2009 10:47:04 +0000
with message-id <[email protected]>
and subject line Bug#514463: fixed in gfpoken 0.32-1
has caused the Debian Bug report #514463,
regarding Poor bounds checking causes abnormal exits or crashes
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
514463: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514463
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gfpoken
Version: 0.31-2
There are small regions to the right of and below the grid that cause
gfpoken to fail when they are clicked, due to poor bounds checking in
the click event handlers.
For example:
1. Clicking the right region in line with the top row of the grid
manipulates the second cell in the second row of the grid; in a grid
with five columns numbered 0-4, that click tried to manipulate column
*6* which wrapped in the linear array in memory.
2. Clicking the right region in line with the bottom row, or the bottom
region in line with any of the columns, results in an exit with
"BUG: unknown case in nextobj" or a SEGV. In this case, it tried to
manipulate a cell off the edge of the grid and hence off the end of
the memory array.
3. Clicking either region in line with the "ball rolling" areas results
in corrupted graphics (as if a ball is rolling through the
out-of-bounds region) followed by an exit with a "Hash overrun"
message.
It seems the mouse button event handlers need to do better checking for
out-of-bounds values, and/or the grid widget needs to size itself
correctly so these regions don't exist.
--- End Message ---
--- Begin Message ---
Source: gfpoken
Source-Version: 0.32-1
We believe that the bug you reported is fixed in the latest version of
gfpoken, which is due to be installed in the Debian FTP archive:
gfpoken_0.32-1.diff.gz
to pool/main/g/gfpoken/gfpoken_0.32-1.diff.gz
gfpoken_0.32-1.dsc
to pool/main/g/gfpoken/gfpoken_0.32-1.dsc
gfpoken_0.32-1_i386.deb
to pool/main/g/gfpoken/gfpoken_0.32-1_i386.deb
gfpoken_0.32.orig.tar.gz
to pool/main/g/gfpoken/gfpoken_0.32.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Bas Wijnen <[email protected]> (supplier of updated gfpoken package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 11 Apr 2009 11:20:07 +0200
Source: gfpoken
Binary: gfpoken
Architecture: source i386
Version: 0.32-1
Distribution: unstable
Urgency: low
Maintainer: Debian Games Team <[email protected]>
Changed-By: Bas Wijnen <[email protected]>
Description:
gfpoken - Recreate a grid of mirrors from clues given by tests
Closes: 514463
Changes:
gfpoken (0.32-1) unstable; urgency=low
.
[ Bas Wijnen ]
* New upstream release.
* Add bounds check for button press events. (Closes: #514463)
* Updated standards version to 3.8.0 (no changes needed).
* Changed Vcs-Browser to point to gfpoken files.
.
[ Peter De Wachter ]
* Added watch file.
Checksums-Sha1:
adbe46abeb22de9d43c0c032103b5fa1c2c2da42 1294 gfpoken_0.32-1.dsc
498bfd93214403bba68ed04425bb40c2d2f583ad 409842 gfpoken_0.32.orig.tar.gz
f6d9b2ae96fd8f349f48e1a05c96e41c750ffd24 4441 gfpoken_0.32-1.diff.gz
833c7a03f5d2dca11422d4435df5748d54297f14 228556 gfpoken_0.32-1_i386.deb
Checksums-Sha256:
0fea54f68ad65c7c80a427ca1090c52a8396a2a125c55bda9a675069708bbe0c 1294
gfpoken_0.32-1.dsc
e5573809ee2263b4a93eea9677b34397e6d2bdf1169dc1ebdb07da04d54991ff 409842
gfpoken_0.32.orig.tar.gz
39a5147e9fd49c74dd099980dd72781b627f27d37ba57d84aa4be73a7b7db5f7 4441
gfpoken_0.32-1.diff.gz
fdb387b73d401d959963a6ef1ad4837b6a234dc98bfad84db3d973dde3483268 228556
gfpoken_0.32-1_i386.deb
Files:
0e1d3038417812d6978a0ac0dee39475 1294 games optional gfpoken_0.32-1.dsc
ea5103fb3220cbbb70d2364bb7993bba 409842 games optional gfpoken_0.32.orig.tar.gz
d840f7bc3e531421eac895fde3079046 4441 games optional gfpoken_0.32-1.diff.gz
b46b29cbcfd51e29371a97f9bb377a25 228556 games optional gfpoken_0.32-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkngcNMACgkQFShl+2J8z5VbJwCcDNJ9SGkBUrlaZiky1Ps6ZAFe
5zUAoL91H6Hw+ikYk/05jcwAmxjru9eg
=OTLJ
-----END PGP SIGNATURE-----
--- End Message ---
