MGASA-2021-0250

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2021-0250.html

Import Source

https://advisories.mageia.org/MGASA-2021-0250.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2021-0250

Related

CVE-2021-30184

Published

2021-06-13T21:32:39Z

Modified

2021-06-13T20:17:04Z

Summary

Updated gnuchess package fix a security vulnerability

Details

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN (Portable Game Notation) data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmdpgnload and cmdpgnreplay functions in frontend/cmd.cc. (CVE-2021-30184).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / gnuchess

Package

Name: gnuchess
Purl: pkg:rpm/mageia/gnuchess?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.2.6-1.1.mga7

Ecosystem specific

{
    "section": "core"
}

Mageia:8 / gnuchess

Package

Name: gnuchess
Purl: pkg:rpm/mageia/gnuchess?arch=source&distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.2.7-1.1.mga8

Ecosystem specific

{
    "section": "core"
}