NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds.
{
"binaries": [
{
"binary_name": "nethack-common",
"binary_version": "3.4.3-15build1"
},
{
"binary_name": "nethack-console",
"binary_version": "3.4.3-15build1"
},
{
"binary_name": "nethack-lisp",
"binary_version": "3.4.3-15build1"
},
{
"binary_name": "nethack-x11",
"binary_version": "3.4.3-15build1"
}
]
}{
"binaries": [
{
"binary_name": "nethack-common",
"binary_version": "3.6.6-2build1"
},
{
"binary_name": "nethack-console",
"binary_version": "3.6.6-2build1"
},
{
"binary_name": "nethack-qt",
"binary_version": "3.6.6-2build1"
},
{
"binary_name": "nethack-x11",
"binary_version": "3.6.6-2build1"
}
]
}{
"binaries": [
{
"binary_name": "nethack-common",
"binary_version": "3.6.7-1build3"
},
{
"binary_name": "nethack-console",
"binary_version": "3.6.7-1build3"
},
{
"binary_name": "nethack-qt",
"binary_version": "3.6.7-1build3"
},
{
"binary_name": "nethack-x11",
"binary_version": "3.6.7-1build3"
}
]
}{
"binaries": [
{
"binary_name": "nethack-common",
"binary_version": "3.6.7-2build1"
},
{
"binary_name": "nethack-console",
"binary_version": "3.6.7-2build1"
},
{
"binary_name": "nethack-qt",
"binary_version": "3.6.7-2build1"
},
{
"binary_name": "nethack-x11",
"binary_version": "3.6.7-2build1"
}
]
}