*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
Prboom-plus is vulnerable to buffer overflow while handling macro defined in
configuration file. It can by triggered only locally. I confirmed on Ubuntu
18.04:
prboom-plus:
Installed: 2:2.5.1.5+svn4531+dfsg1-1
Candidate: 2:2.5.1.5+svn4531+dfsg1-1
Version table:
*** 2:2.5.1.5+svn4531+dfsg1-1 500
500 http://pl.archive.ubuntu.com/ubuntu bionic/universe amd64 Packages
100 /var/lib/dpkg/status
Initially it was submitted here and it's already fixed:
- https://sourceforge.net/p/prboom-plus/bugs/254/
If you can assigne a CVE, please credit me as: MichaĆ Dardas from
LogicalTrust
** Affects: prboom-plus (Ubuntu)
Importance: Undecided
Status: New
--
buffer overflow in prboom-plus macro handling
https://bugs.launchpad.net/bugs/1878959
You received this bug notification because you are a member of Ubuntu Bugs,
which is subscribed to the bug report.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
